Results 1 to 4 of 4
  1. #1
    DisOwned's Avatar
    Join Date
    Oct 2013
    Gender
    male
    Posts
    233
    Reputation
    109
    Thanks
    681

    Red face BlackCipher Bypass Just Update the Addy/Bytes

    Code:
    #include <windows.h>
    #include <TlHelp32.h>
    
    BOOL isRunning( CONST CHAR *name )
    {
        HANDLE SnapShot = CreateToolhelp32Snapshot( TH32CS_SNAPPROCESS, 0 );
    
        if( SnapShot == INVALID_HANDLE_VALUE )
            return FALSE;
    
        PROCESSENTRY32 procEntry;
        procEntry.dwSize = sizeof( PROCESSENTRY32 );
    
        if( !Process32First( SnapShot, &procEntry ) )
            return FALSE;
    
        do
        {
            if( strcmp( procEntry.szExeFile, name ) == 0 )
                return TRUE;
        }
        while( Process32Next( SnapShot, &procEntry ) );
    
        return FALSE;
    }
    
    DWORD GetProcessID( CHAR *name )
    {
        PROCESSENTRY32 pe = { sizeof( PROCESSENTRY32 ) };
        HANDLE hand = CreateToolhelp32Snapshot( TH32CS_SNAPPROCESS, 0 );
    
        if( Process32First( hand, &pe ) )
        {
            while( Process32Next( hand, &pe ) )
            {
                if( !strcmp( pe.szExeFile, name ) )
                    return pe.th32ProcessID;
            }
        }
        CloseHandle( hand );
    }
    
    DWORD GetModuleAddress( DWORD proc, CONST CHAR *modname )
    {
        HANDLE snapshot = CreateToolhelp32Snapshot( TH32CS_SNAPMODULE, proc );
    
        if( snapshot == INVALID_HANDLE_VALUE )
            return 0;
    
        MODULEENTRY32 mod;
        mod.dwSize = sizeof( MODULEENTRY32 );
    
        if( Module32First( snapshot, &mod ) )
        {
            if( strcmp( mod.szModule, modname ) == 0 )
                return ( DWORD )mod.modBaseAddr;
    
            while( Module32Next( snapshot, &mod ) )
            {
                if( strcmp( mod.szModule, modname ) == 0 )
                    return ( DWORD )mod.modBaseAddr;
            }
    
            return 0;
        }
        else
            return 0;
    }
    
    BOOL bBlackCipherProcessOpened = FALSE; HANDLE hCipherInstanceProcess; DWORD dwCipherPID;
    void WriteBlackCipherBypass( )
    {
        BYTE MOVAL0RET[6] = { 0xB0, 0x00, 0xC2, 0x04, 0x00 };
    
        while( TRUE )
        {
            if( !bBlackCipherProcessOpened )
            {
                if( isRunning( "BlackCipher.aes" ) )
                {
                    if( !bBlackCipherProcessOpened )
                    {
                        dwCipherPID = GetProcessID( "BlackCipher.aes" );
                        hCipherInstanceProcess = OpenProcess( PROCESS_QUERY_INFORMATION | PROCESS_CREATE_THREAD | PROCESS_VM_OPERATION | PROCESS_VM_WRITE | PROCESS_VM_READ, 0, dwCipherPID );
                        bBlackCipherProcessOpened = TRUE;
                    }
                }
            }
            else
            {
                DWORD dwEHSvcModule = GetModuleAddress( dwCipherPID, "EHSvc.dll" );
    
                if( dwEHSvcModule != 0 )
                {
                    WriteProcessMemory( hCipherInstanceProcess, ( LPVOID )0x0042DBF0, MOVAL0RET, 5, 0 );
                    CloseHandle( hCipherInstanceProcess );
                    ExitThread( 0 );
                }
            }
            Sleep( 200 );
        }
    }


    Credits to DisaV0w/Donoob


    Enjoy

  2. #2
    B4NDiT26's Avatar
    Join Date
    Apr 2012
    Gender
    male
    Posts
    1,010
    Reputation
    26
    Thanks
    32
    My Mood
    Shocked
    Thanks, is tested right ?

  3. #3
    DisOwned's Avatar
    Join Date
    Oct 2013
    Gender
    male
    Posts
    233
    Reputation
    109
    Thanks
    681
    Quote Originally Posted by B4NDiT26 View Post
    Thanks, is tested right ?

    ive been busy i havent updated it my self but if its updated it should work

  4. #4
    Flengo's Avatar
    Join Date
    May 2010
    Gender
    male
    Location
    Ontario, Canada
    Posts
    15,695
    Reputation
    3319
    Thanks
    11,108
    My Mood
    Happy
    Incorrect. They've made updates and this will not be functional anymore. Even if you update the address used in this version.


    I Read All Of My PM's & VM's
    If you need help with anything, just let me know.
     
     
    VM | PM

    Publicist Since 04.04.2015
    Middleman Since Unknown - Unknown
    Global Moderator Since 08.01.2013
    Donator Since 05.29.2013

    Minion+ Since 04.18.2013

    District 187 Minion Since 04.04.2013
    Steam Minion Since 02.26.2013
    WarRock Minion Since 02.19.2013
    A.V.A Minion Since 02.13.2013
    DayZ Minion Since 01.21.2013
    Combat Arms Minion Since 12.26.2012
    Contributor Since 11.16.2012
    Member Since 05.11.2010


Similar Threads

  1. [Request] ofs_z addy because hack shield just updated
    By addmeasfd1 in forum WarRock Hack Source Code
    Replies: 4
    Last Post: 03-18-2013, 09:42 PM
  2. Update the Bypass Addy
    By CFHackerExtreme in forum Crossfire Coding Help & Discussion
    Replies: 2
    Last Post: 03-08-2013, 07:57 AM
  3. [Outdated] HackShield Bypass addy's updated + my addy logger updated + new features. :)
    By RobinC in forum Piercing Blow Hack Coding/Source Code
    Replies: 29
    Last Post: 02-15-2013, 03:07 AM
  4. [Source Code] Updated ASM addies+bytes
    By AeroMan in forum WarRock Hack Source Code
    Replies: 14
    Last Post: 08-07-2011, 09:21 AM
  5. [update] Did they just fix the weapon script hacks?
    By ANONandy in forum WarRock Discussions
    Replies: 14
    Last Post: 04-21-2011, 04:00 PM