Hack Adresses/HackSheild Bypass

[superadmins]

#define NoReload 0x374BB8F4
#define GlassWalls 0x57276A
#define RPP 0x3785E018
#define TELE 0x3785E118
#define deviceptr 0x000008
#define ltclient 0x3781BE50
#define SuperBullets 0x374B65D6
#define RECOIL1 0x3746F630
#define RECOIL2 0x3745F489
#define RECOIL3 0x3746F644
#define RECOIL4 0x3746F647
#define RECOIL5 0x3746F650
#define GameStatus ????????
#define ptc1 0x484BC0
#define nametag1 ???????????
#define nametag2 0x373747AD
#define DrawPrim 0x000160
#define getplayerbyindex 0x3715DDB0
#define getlocalplayer 0x3715E770
#define clientinfomgr 0x3715E150
#define LTC 0x00485E10.
#define LTB 0x3780CB90.
#define ASUS 0x005727AA.
#define PlayerInfo 0x378508C8.
#define NoRecoil 0x3746955C.
#define NoReload 0x374B54B4.
#define Position 0x00066F34.
#define SuperBullets 0x374B01B6.
#define Engine_Nametags1 0x3736EFDC.
#define Engine_Nametags2 0x3736EFC1.
#define GetPlayerByIndex 0x3715DD50.
#define GetLocalPlayer 0x3715E700.
#define ulThis 0x37826780.
#define BeastMode 0x37825EEC.


This is the code to bypass the hackshield pro. This is quite old so you'll probally need to fix it a bit. Also you need the adress.


#define HS_JMP 0x63B31D
#define HS_JMP2 0x63B323

typedef int (__cdecl *HS_GetProcAddress_t)( int hModule, int a2 );
typedef int (__stdcall *HackshieldComm_t )( int, void*, void* );
typedef signed int (__stdcall *KickProc_t)( int a1, int a2, int a3 );

HS_GetProcAddress_t pHS_GetProcAddress = NULL;
HackshieldComm_t pHackshieldComm = NULL;
KickProc_t pKickProc = NULL;

signed int __stdcall new_KickProc( int a1, int a2, int a3 )
{
return 1;
}

int __stdcall new_HackshieldComm( int hsCommCode, void *Param1, void *Param2 )
{
if( hsCommCode == 4 || hsCommCode == 5 || hsCommCode == 13 ) //kill!
{
if( hsCommCode == 4 ) //replace kick proc
{
DWORD *dwParam1 = (DWORD *)Param1;

pKickProc = (KickProc_t)*dwParam1;
*dwParam1 = (DWORD)new_KickProc;
}

int iReturn = pHackshieldComm( hsCommCode, Param1, Param2 );

return 1;
}

int iReturn = pHackshieldComm( hsCommCode, Param1, Param2 );

return iReturn;
}

void HookCommunication( EXCEPTION_POINTERS* pExceptionInfo )
{
DWORD dwEbp = pExceptionInfo->ContextRecord->Ebp;
DWORD dwParam2 = 0;

__asm
{
push eax;
push edx;
mov eax, dwEbp;
mov edx, [eax+0xC];
mov dwParam2, edx;
pop edx;
pop eax;
}

if( dwParam2 == 0xA ) //this is the ordinal of some export...hmm..
{
pHackshieldComm = (HackshieldComm_t)pExceptionInfo->ContextRecord->Eax;
pExceptionInfo->ContextRecord->Eax = (DWORD)new_HackshieldComm;
}

pExceptionInfo->ContextRecord->Eip = HS_JMP2;

return;
}

PVOID pContextHandler = NULL;

LONG WINAPI ***ExceptionHandler( EXCEPTION_POINTERS* pExceptionInfo )
{
if( pExceptionInfo->ExceptionRecord->ExceptionCode != EXCEPTION_SINGLE_STEP )
{
return EXCEPTION_CONTINUE_SEARCH;
}

if( pExceptionInfo->ExceptionRecord->ExceptionAddress == (PVOID)HS_JMP )
{
HookCommunication( pExceptionInfo );
return EXCEPTION_CONTINUE_EXECUTION;
}

return EXCEPTION_CONTINUE_SEARCH;
}

void InitContextHook()
{
pContextHandler = AddVectoredExceptionHandler( 0x50BE17, ***ExceptionHandler );

CONTEXT Context;
Contex*****ntextFlags = CONTEXT_DEBUG_REGISTERS;
GetThreadContext(GetCurrentThread(), &Context);
Context.Dr0 = HS_JMP;
Context.Dr7 = (1<<0)|(1<<2)|(1<<4)|(1<<6);
SetThreadContext(GetCurrentThread(), &Context);
}

[speedforyou]

LEACH.
this has been posted here like 5 times

[MasterLeech]

LEACH.
this has been posted here like 5 times

DUH!!!! Why don't you request it to be closed?

[speedforyou]

DUH!!!! Why don't you request it to be closed?

well... ill let him get his share he wants to post go ahead
but he is taking creds thats not right.