xXTheFirstXx (06-08-2011)
Hi guys, well as the title says could u guys tell me the undetected PTC Method?
And/Or write a small tutorial about making a undetected PTC Method this will help other Hackers a lot, and also will it increase our skills
Its true, im H4ckBlood and im back,
Still not afraid, Just Google me!
xXTheFirstXx (06-08-2011)
Code:void Push ( const char* cmd ) { _asm { PUSH cmd MOV EAX, 0x485F60 CALL EAX ADD ESP, 0x4 } }Code:Push("ShowFps 1");
Last edited by Alessandro10; 06-08-2011 at 02:46 PM.
H4ckBlood (06-09-2011),xXTheFirstXx (06-08-2011)
Thank you a lot
You helped me out, and im sure alot of other hackers 2
Hmm it is not working?
Ive got this but it seems not working!Code:#include <windows.h> #pragma comment(lib,"shell32.lib") void Push ( const char* cmd ) { _asm { PUSH cmd MOV EAX, 0x485F60 CALL EAX ADD ESP, 0x4 } } DWORD *LTClient = ( DWORD* )( 0x375087EC ); void* CONoff = ( void* )*( DWORD* )( *LTClient + 0x208 ); bool IsGameReadyForHook() { if( GetModuleHandleA( "d3d9.dll" ) != NULL && GetModuleHandleA( "ClientFX.fxd" ) != NULL && GetModuleHandleA( "CShell.dll" ) != NULL ) return true; return false; } void MemCopy(void* Dest, const void* Src, int Len) { DWORD OldProtect; DWORD OldProtect2; VirtualProtect(Dest, Len, PAGE_EXECUTE_READWRITE, &OldProtect); memcpy(Dest, Src, Len); VirtualProtect(Dest, Len, OldProtect, &OldProtect2); FlushInstructionCache(GetCurrentProcess(), Dest, Len); } void main() { while (!IsGameReadyForHook()){ Sleep(20); } bool FPS = false;//FPS //right here is stuff that will be on when it starts up //Example Below //PushToConsole("FireSpeed 999.999999" ); //firerate= false; while(true){ if(GetAsyncKeyState(VK_HOME)<0){ if(FPS){ Push("ShowFps 1"); FPS = false; } else { Push("ShowFps 0"); FPS = true; } } Sleep(160); } } BOOL APIENTRY DllMain( HMODULE hModule, DWORD ul_reason_for_call, LPVOID lpReserved ) { switch (ul_reason_for_call) { case DLL_PROCESS_ATTACH: ShellExecute; CreateThread(NULL, 0, (LPTHREAD_START_ROUTINE)&main, NULL, 0,NULL); break; case DLL_THREAD_ATTACH: case DLL_THREAD_DETACH: case DLL_PROCESS_DETACH: break; } return TRUE; } }
Last edited by H4ckBlood; 06-08-2011 at 03:01 PM.
Its true, im H4ckBlood and im back,
Still not afraid, Just Google me!
xXTheFirstXx (06-08-2011)
Hotkey Base Working..
Scan:
VirusTotal - Free Online Virus, Malware and URL Scanner
Hotkeys.rar - Verificador de malware do Jotti
Code:
U Need Directx SDK (June 2010)Code:#include "stdafx.h" #include <windows.h> #include <d3dx9.h> typedef HRESULT ( WINAPI* oPresent ) ( LPDIRECT3DDEVICE9 pDevice, CONST RECT *pSourceRect, CONST RECT *pDestRect, HWND hDestWindowOverride, CONST RGNDATA *pDirtyRegion); oPresent pPresent; bool IsGameReadyForHook() { if( GetModuleHandleA( "d3d9.dll" ) != NULL && GetModuleHandleA( "ClientFX.fxd" ) != NULL && GetModuleHandleA( "CShell.dll" ) != NULL ) return true; return false; } void Memoria( void* pvAddress, void* pvBuffer, size_t len ) { if( *(BYTE*)pvAddress == *(BYTE*)pvBuffer ) return; memcpy( ( void* )pvAddress, ( void* )pvBuffer, len ); } bool bDataCompare(const BYTE* pData, const BYTE* bMask, const char* szMask) { for(;*szMask;++szMask,++pData,++bMask) if(*szMask=='x' && *pData!=*bMask ) return false; return (*szMask) == NULL; } DWORD FindPattern(DWORD dwAddress,DWORD dwLen,BYTE *bMask,char * szMask) { for(DWORD i=0; i < dwLen; i++) if(bDataCompare( (BYTE*)( dwAddress+i ),bMask,szMask) ) return (DWORD)(dwAddress+i); return 0; } // Kef... it's hard name xD DWORD VTable(int index) { DWORD* devicePtr = 0; DWORD hD3D9 = NULL; while(hD3D9 == NULL){ Sleep(100); try { hD3D9 = (DWORD)GetModuleHandleA("d3d9.dll");} catch(...) { hD3D9 = NULL; }} DWORD addy = FindPattern(hD3D9, 0x1280000, (PBYTE)"\xC7\x06\x00\x00\x00\x00\x89\x86\x00\x00\x00\x00\x89\x86", "xx????xx????xx"); Memoria (&devicePtr, (void*)(addy+2), 4); if(devicePtr == NULL){ return 0;} return devicePtr[index]; } void Push ( const char* cmd ) { _asm { PUSH cmd MOV EAX, 0x485F60 CALL EAX ADD ESP, 0x4 } } void main() { Push("ShowFps 1"); } HRESULT WINAPI gellPresent(LPDIRECT3DDEVICE9 pDevice, CONST RECT *pSourceRect, CONST RECT *pDestRect, HWND hDestWindowOverride, CONST RGNDATA *pDirtyRegion) { _asm pushad; main(); _asm popad; return pPresent(pDevice, pSourceRect, pDestRect, hDestWindowOverride, pDirtyRegion); } void *DetourCreate( BYTE *src, const BYTE *dst ) { int len = 5; BYTE *jmp = (BYTE*)malloc( len+5 ); DWORD dwBack; VirtualProtect( src, len, PAGE_EXECUTE_READWRITE, &dwBack ); memcpy( jmp, src, len ); jmp += len; jmp[0] = 0xE9; *(DWORD*)( jmp+1 ) = (DWORD)( src+len - jmp ) - 5; src[0] = 0xE9; *(DWORD*)( src+1 ) = (DWORD)( dst - src ) - 5; VirtualProtect( src, len, dwBack, &dwBack ); return( jmp-len ); } void Hook(void) { DWORD dwPresent = VTable(17); pPresent = (oPresent)DetourCreate(( PBYTE)dwPresent, ( PBYTE )gellPresent); } DWORD WINAPI dwD3D9Thread(LPVOID) { while( !IsGameReadyForHook() ) Sleep(100); Hook(); return 0; } BOOL WINAPI DllMain ( HMODULE hDll, DWORD dwReason, LPVOID lpReserved ) { DisableThreadLibraryCalls(hDll); if ( dwReason == DLL_PROCESS_ATTACH ) { CreateThread(NULL, NULL, dwD3D9Thread, NULL, NULL, NULL); } return TRUE; }
@Disturbed
@AVGN
Last edited by Alessandro10; 06-08-2011 at 03:24 PM.
[MPGH]AVGN (06-08-2011),ctpsolo (07-05-2011),H4ckBlood (06-09-2011),OBrozz (06-10-2011)
Now ive got it like this:
But now i get this error at else : Error Expected a Statement.Code:bool FPS=true void main(){ if(GetAsyncKeyState(VK_HOME)<0){ if(FPS){ { Push("ShowFps 1"); FPS = false; } else { Push("ShowFps 0"); FPS = true; } }
It can be me, but im not really getting this and its a long time ago that i coded and i forget a lot ,
Its true, im H4ckBlood and im back,
Still not afraid, Just Google me!
Last edited by mo3ad001; 06-09-2011 at 05:21 AM.
OBrozz (06-10-2011)
LOLOLOLOLOLOLOLOLOLOLOLOLOLOLOLOLOLOLOLOLOLOLOLOLO LOLOLO
ok XD
steel o-o's sig =
= Done , = Not Done
Leecher 0 =
Newbie 25 =
Member 50 =
Advanced Member 100 =
H4X0R Member 150 =
Dual-Keyboard Member 250 =
Expert Member 500 =
's Trainer 750 =
MPGH Expert 1000 =
Synthetic Hacker 1250 =
Blackhat Hacker 1500 =
Whitehat Hacker 2000 =
's Guardian 2500 =
Upcoming MPGHiean 3000 =
MPGH Addict 3500 =
MPGHiean 4000 =
MPGH Knight 4500 =
MPGH Lord 5000 =
MPGH Champion 5500 =
MPGH King 6000 =
MPGH Legend 6500 =
MPGH God 7000 =
MPGH God II 7500 =
MPGH God III 8000 =
MPGH God IV 8500 =
MPGH God V 9000 =
Arun's Slave 9500 =
Dave's Slave 10000 =
Games that rely on virtual calls can be easily rewritten
we know there are check in the console command function,but we also know that it is a virtual call
so hook the function on the table and re write it
int __cdecl myConsoleCommand( const char* szCommand )
{
ConsoleSub(0xADDBEEF,szCommand);
}
this is something worth learning specially for games where you need to modify something simple like a jmp or a NOP and the game actually scans memory and doesnt check the table.
other then that you could call the subfunctions, modify the checks but this is something a few people might know about and can be used to exploit a number of functions and rewriting them in your favor
LOL you made me laugh for a strait minute.
you forgot a "}" at the end of your code. Your C++ compiler tells you that I'm sure.
Here let me fix with notepad.
Code:bool FPS=true void main(){ if(GetAsyncKeyState(VK_HOME)<0){ Push("ShowFps 1"); FPS = false; } else { Push("ShowFps 0"); FPS = true; } }
Last edited by OBrozz; 06-10-2011 at 05:09 PM.
Last edited by topblast; 06-10-2011 at 06:01 PM.
I just like programming, that is all.
Current Stuff:
- GPU Programmer (Cuda)
- Client/Server (Cloud Server)
- Mobile App Development
I'd like to thank you for this, the code got me going again because last time I fiddled with hacks for CA was nearly a year ago before they started to check from where the console commands where coming...
However with a slightly modified version of that source the game crashes after 2-3 minutes ingame so I guess something is detected, the hook perhaps? Anyone have an idea? I also believe they implemented some more things while I was gone, sources nowadays seems to check that you are ingame before they activate the hacks. Do you DC with them on in the lobby?
Edit: Wasn't hook, it seems to crash due to a memory access violation... Found this in debug files
2011/x/x ----- 0:9:56 - CombatArms Debug Start!
Exception code: C0000005
Fault address: 374B9AA6 01:003B8AA6 C:\Nexon\Combat Arms EU\Game\cshell.dll
Last edited by ctpsolo; 07-06-2011 at 03:00 AM.
Sorry to bring up a old thread but I sort of have a problem...
I'm using these functions with these addies: [C++] Unwrapped Console PTC Function - Pastebin.com and its not getting detected nor working.
Commented out in the PTC Function means I've tried it all ready.
I also additionally tried both codes with and without the InGame function.
Just to keep things straight credits for InGame thingy to flameswor10.
Came from a hotkey base a friend sent me.