Hacksheild bypass stuff

[i7vSa7vi7y]

ok i got this from another site. i will not name but maybe this can help some ppl bypass the hacksheild. i havnt tried this but I DID NOT MAKE THIS OR WAS IN ANY PART!! BTW HIT THE THANKS BUTOON XD
This will work on the newest update, just got to do a bit of work..

Alright so you want to bypass Hackshield, First Get a clean install of Combat Arms updated to the latest version [Ver_US_0.5.2423(18)]-[20080820_131138]. Now Fyyre states that the easiest way to bypass hackshield, is to just stop it from loading in the first place. I can't argue with that. So rename your HShield folder to something else, in this case I rename it to zzzHshield. Now that the Hackshield files can't be found by the game, they won't be able to be loaded. But now when you run the game you will get an error saying that the protection modules failed to update. We need to get rid of this error. Now the engine for combat arms is packed with upx, but when trying to use the standard unpacker upx provides, it gives an error saying that can't unpack. So the tool I used was PE explorer. Just open engine.exe with PE explorer and then save it as something other then the original. I will refer to it as zzzEngine.exe. (At this point I renamed my original engine to OriginalEngine.exe and zzzEngine to Engine.exe). Now load up the unpacked engine into ollydbg. The string we will be searching for is "Fail to update". The result should be
Code:

00505EF1 . 68 A8C06600 PUSH Engine.0066C0A8

; |format = "Fail to update protection modules! - ErrorCode [0x%08X]"

Basically we want this box not to pop up. Scrolling up a bit you see
Code:

00505EEA . 74 2F JE SHORT

Engine.00505F1B

Which makes the message box pop up. Changeing the JE to JNZ though will prevent it from popping up!

So now get your favorite hex editor (I use ollydbg) and search for 74 2F and change it to 75 2F and save the result. Now fireup combat arms. AH! An invalid file has been installed. Once again same method, lets search. The result of your search

should be
Code:

00505FF0 . 68 28C06600 PUSH Engine.0066C028 ; |Text = "An invalid file has been

installed.
Please reinstall the file."

Once again same method will be used, find the JE and change it to JNZ. The offset is 00505FE0 . 74 22 JE SHORT Engine.00506004. Now try running again. Compatibility mode!?! Once again

search, & result
Code:

0050600B . 68 D8BF6600 PUSH Engine.0066BFD8 ; |Text = "The program is

running on compatibility mode.
The program is shutting down."

Once again JE to JNZ. This is the offset 00505FDB

. 74 42 JE SHORT Engine.0050601F. JE TO JNZ TIME! Now run once again. Another instance is running (liars). Now I'm going to save us a lot of time and just tell you everything to nop because you end up going through this process like 10

times.
Code:

00505FDB . 74 42 JE SHORT Engine.0050601F
00505FD9 7F 5F JG SHORT Engine.0050603A
00505FD9 7F 5F JG SHORT Engine.0050603A
0050603F . 74 4B JE SHORT Engine.0050608C
00506044 . 74 2E JE SHORT Engine.00506074
005060BA . 74 2E JE SHORT Engine.005060EA
00505FCE . 0F84 D0000000 JE Engine.005060A4

IT starts up now! But now it says that the file is corrupt. Now searching for this string will be futile because its somehow hidden. So the next best thing is to get the crc32 of the first file and subsitute it for the modified version so that the game thinks were using an unmodified version. Using PEiD and the crc32 plugin you can see the original crc32 is BBAF654E, Now change the crc32 of the modified engine to that. Now hopefully if you've done everything right, you will be able to start combat arms without hacksheild starting =p

Credits:
Zephyrous
DeadlyData
Fyyre
pooping99
King-Orgy

Tools used:
OllyDbg 1.10
PE Explorer
Download PE Explorer/Editor application, DLL Viewer, EXE Ressource Editor and Disassembler, Borland Delphi EXE Editor.

[jOhnn]

i downloaded ollydbg and tried to extract it but then this poped up.
C:\Downloads\odbg110.zip: The archive is either in unknown format or damaged
help?

[dvtran93]

Can anyone guide me thru this entire process? Pm me please if you are kind enough to do so.

[moosicgawd]

Nice post. i saw this on the same site. But the only concern is that the creator of this threads bypass didnt work? or mabey it did but from my understanding it hadnt.

But thankyou for posting. If it does truly work then my hats off to you and the creator of the original thread.

[dikudiku]

thanks is very good

[deadnesser]

Nice post. i saw this on the same site. But the only concern is that the creator of this threads bypass didnt work? or mabey it did but from my understanding it hadnt.

But thankyou for posting. If it does truly work then my hats off to you and the creator of the original thread.

I'm the creator of the tutorial, if its seen on anywhere on this website it was leeched. This will not work with the newest update, it worked with the old ones though (Unless you do more work).

[Zhellbound]

Ive seen somthing like this somewhere, itried it but didnt work, mabye im just to lazy to read the whole TUT, idk, but im not big into coding, ill try it once in a while. o well

Hopefully theres a new bypass commin out soon _coughs Daves _coughs

[insane92]

ths is reat, tomarow ima sit down with this and actually be the only choob here who helpz people instead of arguing and getting pissed

[S.c.h.m.e.g.m.a]

anyoe know if this works?

[deadnesser]

anyoe know if this works?

This will not work with the newest update, it worked with the old ones though (Unless you do more work).

>.> Make sure you don't look through the thread

[Almighty]

Thanks. This might just be helpful lol.

[elitetech]

Like most have said This will not work unless you do more work. You can disable HS but HS calls d3d now so you will have to find your way past that.

[kingpop91770]

Nice work. I appreciate it =). I hope someone will make a bypass soon.

[SalvationD]

Why when i try to search for Binary String it ALWAYS shows nothing can be found? Yet if I use the disassembler in PE Explorer, I can see the fail to update but I can't change it in there.. so why doesn't ollydbg show something similar..

[crazykid401]

will help makea bypass finally

[CoMPMStR]

Why when i try to search for Binary String it ALWAYS shows nothing can be found? Yet if I use the disassembler in PE Explorer, I can see the fail to update but I can't change it in there.. so why doesn't ollydbg show something similar..

If you're searching for a certain text you don't do a binary search, you search for referenced strings. If you really need an in depth tutorial on how to do that then you shouldn't bother with this project in the first place.


---------------------------------------------------------------

And for those of you who think this will allow someone to create a bypass, all I have to say is don't hold your breath. If it would be that easy after the patch, don't you think we'd all have a bypass by now?