Let me just say that the link does not work...unless it takes 4 tries to get it open.
Hi,
Here is a way to defeat punkbuster checks ( I used IDA Pro ).
IDA Pro 4.3 freeware version: https://www.programmersheaven.com/dow.../download.aspx
First we need to find the "%c%c" or "%s NOT_FOUND" string in pbcl.dll:
PHP Code:
.rdata:1005DADC aCC db '%c%c',0
.rdata:1005DACC aSNot_found db '%s NOT_FOUND',0
Then go to the DATA XREF:
PHP Code:
.text:1002696E push offset aCC ; "%c%c"
.text:100269F1 push offset aSNot_found ; "%s NOT_FOUND"
Scroll up to the beginning of the function:
PHP Code:
int __cdecl sub_100250E0(struct _MEMORY_BASIC_INFORMATION Buffer)
It's called like that:
PHP Code:
.text:10033E45 push ecx
.text:10033E46 inc esi
.text:10033E47 push esi ; our usefull string is stored in this register
.text:10033E48 push edx
.text:10033E49 call sub_100250E0
Now we can detour it:
PHP Code:
typedef int ( *PBPerformCheck_t )( int iECX, char **pszESI, _MEMORY_BASIC_INFORMATION mbiArg3 );
PBPerformCheck_t pPBPerformCheck = 0;
int _PBPerformCheck( int iECX, char **pszESI, _MEMORY_BASIC_INFORMATION mbiArg3 )
{
// if the pszESI's first char is |: Files white list check
// if the pszESI's first char is B: Cvar check
// if the pszESI's first char is N: MD5 check
// if the pszESI's first char is E: Key bind check
// Remove stuff
int iReturn = pPBPerformCheck( iECX , pszESI, mbiArg3 );
// Apply stuff
return iReturn;
}
void Hook( )
{
DWORD dwPbclBase = ( DWORD )GetModuleHandle( "pbcl.dll" );
pPBPerformCheck = ( PBPerformCheck_t )DetourFunction( ( BYTE * )( dwPbclBase + 0x250E0 ), ( BYTE * )_PBPerformCheck, 6 );
}
The string also contains the names of the modules/cvars/path ... checked, the AT and LEN value of the MD5 checks, and this code is 100% working for up to date FarCry 1.4 punkbuster client.
Happy filtering
!!! Global hardware ban if detected, so use it at your own risk !!!
Note this isnt made by me i found it in a txt doc in google and copied and pasted it cudos to autohor
Let me just say that the link does not work...unless it takes 4 tries to get it open.
mmm i got IDA or w/e its just the TUT is too confusing for me :@
link to ida( demo ):
https://www.datarescue.com/freefiles/idademo51.exe
GOOGLE is YOUR Friend invite him over to play and he can help you Find shit you may not have been able to found u know like that pokemon figure under your bed