Blubb1337 (11-06-2010),House (11-06-2010),intervention61 (07-23-2011),JamesA1994 (11-07-2010),meonguyen (04-25-2012),rida_44 (09-19-2012),SkyAssasin (11-06-2010)
!THIS IS BANABLE WITH VAC!
Ok to start us off to the people who dont know me i made a hack and developed it to go further in each patch that came out with alot of help from SupernovaAO and other people such as Hell Demon and some people at GD leaving snippets and leads to new finds. i do not take Credit for all of this just spreading what i know of and helping you learn to understand how hacks work and how to create your own, With this being said "why is this not in the code section" Well my reply to that is because this isnt just code im going to be sharing with you its is infact a fully working hack that shows you how to update it for the rest of MW2's Engine days.
Step 1.
Now to start with your need a C/C++ Compiler google is your friend for this step.
Step 2.
Offsets are what we use to alter something at a particular point in the game. i am not going to explain fully how to find new offsets as that is a different post all together and alot more complicated, But what i will explain is how to update offsets VIA Signatures which i will share with you.
What is a Signature ?
Well it is a Lead of parts of address's in the games code which make a unique pattern to eventually lead to the point of offset we want to use.
Step 3.
The List.
console B8 ???????? 2B05 ???????? 56 50 51 B9 ???????? BE ???????? E8 ???????? A1 ????????
Address Hex dump Command Comments
004393E0 /$ 8B4C24 0C MOV ECX,DWORD PTR SS:[ARG.3]
Radar1 74 ?? 8BD5 8BC3 E8 ???????? 5D 8B4C24 ?? 83F9 ??
Address Hex dump Command Comments
00580701 |. /74 09 JE SHORT 0058070C
Radar2 74 ?? 55 8B2D ???????? 8D85 ???????? 3903 7E ?? D905 ???????? 57 51
Address Hex dump Command Comments
005806D0 |. /74 3B JE SHORT 0058070D
CounterUAV 75 ?? D9EE D905 ???????? D8D1 DFE0 F6C4 ?? 7B ?? 8B0D ???????? D941 ??
Address Hex dump Command Comments
0041BDD8 |. /75 66 JNE SHORT 0041BE40
Recoil E8 ???????? 83C4 ?? 8B15 ???????? 807A ?? ?? 8B7424 ?? 74 ??
(check the bytes)
Address Hex dump Command Comments
0049D327 |. E8 C4 53 FB FF CALL 004526F0
Laser 74 08 C7 44 24 1C 01 00 00 00 83 7E 08 00 74 08 C7 44 24 1C 00 00 00 00 33 F6 39 74 24 28 C6 44 24 13 00 89 74 24 20
Address Hex dump Command Comments
00477172 |. /74 08 JE SHORT 0047717C
Coldbloodfix 75 ?? 3987 ???????? 75 ?? 8B2D ???????? 57 53 E8 ???????? D95C24 ??
Address Hex dump Command Comments
005A00FE |. /75 6F JNE SHORT 005A016F
Coldbloodfix2 74 ?? B0 ?? 83C4 ?? C3 D905 ???????? 8B8E ???????? D95C24 ?? 57 D905 ????????
Address Hex dump Command Comments
00582AEC |. /74 06 JE SHORT 00582AF4
chopper 75 ?? 3805 ???????? 74 ?? 56 E8 ???????? 83C4 ??
Address Hex dump Command Comments
0047AA80 |. /75 23 JNE SHORT 0047AAA5
name tags 0F85 ???????? F705 ???????? ???????? 74 ?? 8B96 ???????? 3B15 ???????? 75 ??
Address Hex dump Command Comments
00582D06 |. /0F85 F9000000 |JNE 00582E05
drawthru walls 74 ?? B0 ?? 83C4 ?? C3 D905 ???????? 8B8E ???????? D95C24 ?? 57 D905 ????????
Address Hex dump Command Comments
00582AEC |. /74 06 JE SHORT 00582AF4
thermal1 74 ?? B0 01 C3 F7 ?? ?? ?? ?? ??
Address Hex dump Command Comments
0059B0DB |. /74 03 JE SHORT 0059B0E0
thermal2 74 ?? A1 ?? ?? ?? ?? 8B ?? 10 C3 F6
Address Hex dump Command Comments
0059B13E |. /74 09 JE SHORT 0059B149
blackwhitefix 0F 84 ?? ?? ?? ?? 8B ?? ?? ?? ?? ?? 0F B6 49 10
Address Hex dump Command Comments
0050E111 |. /0F84 BD000000 JE 0050E1D4
xhair 75 ?? DB81 ???????? D91A DB81 ???????? E9 ???????? D905 ????????
Address Hex dump Command Comments
00465AEF |. /75 13 JNE SHORT 00465B04
noflash 833D ???????? ?? 74 ?? 833D ???????? ?? 0F95C0 84C0 75 ??
Address Hex dump Command Comments
00455D50 /$ 833D A8988600 00 CMP DWORD PTR DS:[8698A8],0 ; iw4mp.00455D50(guessed Arg1)
Wallhack 68 ???????? 50 53 55 E8 ???????? 83C4 ??
Address Hex dump Command Comments
0059037D |. 68 04010000 PUSH 104 ; |Arg4 = 104
Get font 8B4424 ?? 894424 ?? C74424 ?? ???????? E9 ????????
Address Hex dump Command Comments
00506320 /$ >8B4424 04 MOV EAX,DWORD PTR SS:[ESP+4]
draw engine text 8B4424 ?? 8038 ?? 0F84 ???????? 8D50 ?? 8A08 83C0 ??
Address Hex dump Command Comments
0050AC40 /$ 8B4424 04 MOV EAX,DWORD PTR SS:[ARG.1]
DETOUR 51 A1 ???????? 8378 ?? ?? 7D ?? 6A ?? E8 ???????? 83C4 ??
Address Hex dump Command Comments
00581700
DVAR UNLOCKER 53 D918 68 ???????? 56 E8 ????????
ADDRESS
00646F10
Ok now you have the whole list off Signitures and offsets for the latest version 1.2.208
The signature of the Dvar unlocker looks like this :
53 D918 68 ???????? 56 E8 ????????
when used correctly in a debugger it will lead you to the offset which is this :
00646F10
The offset can then be used in source code (Which i will provide in a later step) you simply change the 0's at the start to look like this :
0x646F10
As we dont need two 0s at the start.
Step 4.
How to update the offsets via Signature.
Get ollydbg Attach the iw4mp.exe to the debugger,
Press Ctrl G Then put in the Signature it will take you to the new offset.
Say 1.3.2099 comes out tomorrow the signature will lead you to the new offset for the hack source code.
Step 5.
The source code for the hack...
To simplify this im just going to share my source as i dont wanna ramble on about two make it from scratch so the link for the source will be at the bottom.
Now that you have the source and the abilitys to update the offsets..
You now have a Forever Self updating hack.
BUT Do bare in mind with VAC Running and this hack Writing to the process memory it will get you banned.
Again i want to make this dead clear.
THIS IS BANABLE BY VAC !!!
But the good news is there is ways around VAC And also works for things that dont use VAC Like lobby tracker and other sources for banned people to play (not going in to more detail about this work it out for your selfs.)
If the game version is different just attach the game version your connecting too and update/downdate to that ones offsets.
There are ways around VAC and its Bans but you need to do your own searching and homework for this matter, but it is still possible.
Step 6.
The code. Attached download it.
I will answer questions if i can and update when i can.
Bare in mind to always read all posts before posting and dont be rude.
Dont ask about VAC Blockers here as its probably not allowed by the said forum this is posted on (as it will be on multiple forums) and i cant guarantee and vac blockers out there.
All this information is to be used at the User Risk and is not my responsibility nor fault if it results in the loss of steam games, hair, blood or life.
To admins / Mods the advertising in the code is now invalid as the site is no longer running its just example code of how to use static text. can be easyily changed / edited to say anything.
Virus Scan:-
https://www.virustotal.com/file-scan/...ffa-1289060954
https://virusscan.jotti.org/en/scanre...442396f44b21f4
https://www.virustotal.com/file-scan/...a55-1289061057
https://virusscan.jotti.org/en/scanre...4acc229231784c
Video of the hack working.
bare in mind the advertising is false now as the site is closed / dead / gone.
[youtube]1lpva96L2_E[tube]
Last edited by Blubb1337; 11-06-2010 at 05:24 PM.
Blubb1337 (11-06-2010),House (11-06-2010),intervention61 (07-23-2011),JamesA1994 (11-07-2010),meonguyen (04-25-2012),rida_44 (09-19-2012),SkyAssasin (11-06-2010)
2 virusscans for each file and a screenshot of the hack plox.
Themonsterman (11-07-2010),wasaka1 (11-06-2010)
name me another virus scan that can do a 8mb file as total is the only one i can get to do a 7+ mb file. also the video is good enough as a screenshot i believe.
Just aprove this, monsterman is legit
Ah we-a blaze the fyah, make it bun dem!
Themonsterman (11-07-2010)
god damn, nice sig list, btw whats with your site?
Themonsterman (11-07-2010)
Im enlisting with the British army at the start of next year as a Combat Medical Tech so dont have time to invest in this project anymore last 5 or 6 months just been solid at the gym hence the inactivity, figured id share my project for others to learn from and keep the im00 heart beating for all those that help make the hack / site.
the site wont be returning,
however, thanks for sharing your project with us
Themonsterman (11-07-2010)
your welcome.
Aww, I was wondering why it was down. Well, nice job Thermonsterman. Enjoy your time in the army! /yea
Donate:
BTC: 1GEny3y5tsYfw8E8A45upK6PKVAEcUDNv9
Handy Tools/Hacks:
Extreme Injector v3.7.3
A powerful and advanced injector in a simple GUI.
Can scramble DLLs on injection making them harder to detect and even make detected hacks work again!
Minion Since: 13th January 2011
Moderator Since: 6th May 2011
Global Moderator Since: 29th April 2012
Super User/Unknown Since: 23rd July 2013
'Game Hacking' Team Since: 30th July 2013
--My Art--
[Roxas - Pixel Art, WIP]
[Natsu - Drawn]
[Natsu - Coloured]
All drawings are coloured using Photoshop.
--Gifts--
[Kyle]
Themonsterman (11-07-2010)
Themonsterman (11-07-2010)
Here is just a little note, DO NOT ask what to do with this!
Donate:
BTC: 1GEny3y5tsYfw8E8A45upK6PKVAEcUDNv9
Handy Tools/Hacks:
Extreme Injector v3.7.3
A powerful and advanced injector in a simple GUI.
Can scramble DLLs on injection making them harder to detect and even make detected hacks work again!
Minion Since: 13th January 2011
Moderator Since: 6th May 2011
Global Moderator Since: 29th April 2012
Super User/Unknown Since: 23rd July 2013
'Game Hacking' Team Since: 30th July 2013
--My Art--
[Roxas - Pixel Art, WIP]
[Natsu - Drawn]
[Natsu - Coloured]
All drawings are coloured using Photoshop.
--Gifts--
[Kyle]
Blubb1337 (11-07-2010),House (11-06-2010),Themonsterman (11-07-2010)
the code is for coders or people who want to understand how hacks work,
also the dll is a simple inject into a iw4mp.exe with a injector such as winject, and off you go.
Wow, Thanked and +Rep.
CoD Minion: Jan 13th 2011 to April 11 2011
MMORPG Minion Since: March 28th 2011 to April 11 2011
Don't be afraid to rep, you aren't loosing anything!
Don't forget your P&Q's. Press the thanks button if someone has helped.
jamesa1994@hotmail.com
Themonsterman (11-07-2010)
yoyo sup monsterman, good work on the, well, whaddya call it, exploit, tweak, no idea.
good to see you back too, yoyoyo
Check out my new topic : Medal of Honor 2010 Retail ESP / Wallhack Here
Add me :
On MSN
Koenschouten@hotmail.com
Themonsterman (11-08-2010)