Hackshield Bypass Addy's

[Qmo]

Hackshield no need to Bypass, Just jump with detaurs create
for PBlackout and pointblank, create detours then hook then dip different kinds

[brokim]

hmm thats cool! never thought of that lol xD cant wait to code with you sometime bro.

Hackshield no need to Bypass, Just jump with detaurs create
for PBlackout and pointblank, create detours then hook then dip different kinds

[Novo]

Hackshield no need to Bypass, Just jump with detaurs create
for PBlackout and pointblank, create detours then hook then dip different kinds

This does not really make sense. Could you try writing it in english again?

I keep getting d/c on PB TH for hooking EndScene in the RenderContext vtable

Code:

	DWORD addrRenderContext = FindPattern( i3SceneDx, 0, patRenderContext, maskRenderContext, 1 );
#ifdef DEBUG
	Log->Write( "addrRenderContext %p", addrRenderContext );
#endif
	if( addrRenderContext == 0 )
		return false;

	while( (i3RenderContext*)addrRenderContext == NULL ||
		*(i3RenderContext**)addrRenderContext == NULL ||
		**(i3RenderContext***)addrRenderContext == NULL ||
		***(i3RenderContext****)addrRenderContext == NULL )
		Sleep(10);

	pRenderContext = ***(i3RenderContext****)addrRenderContext;
	Log->Write( "pRenderContext %p", pRenderContext );

	while( pRenderContext->isReady == 0 )
		Sleep( 10 );
	Log->Write( "pRenderContext->isReady %d", pRenderContext->isReady );

	static DWORD dwEndSceneAddr = *( DWORD* )pRenderContext->pD3DDevice + 42 * 4;
	Log->Write( "dwEndSceneAddr %p", dwEndSceneAddr );

	oEndScene = (tEndScene)VTableHook( *( DWORD* )pRenderContext->pD3DDevice, 42, ( DWORD )&hEndScene );
	Log->Write( "hEndScene %p", ( DWORD )&hEndScene );
	Log->Write( "oEndScene %p", oEndScene );

[brokim]

these are really old addys bro

This does not really make sense. Could you try writing it in english again?

I keep getting d/c on PB TH for hooking EndScene in the RenderContext vtable

Code:

	DWORD addrRenderContext = FindPattern( i3SceneDx, 0, patRenderContext, maskRenderContext, 1 );
#ifdef DEBUG
	Log->Write( "addrRenderContext %p", addrRenderContext );
#endif
	if( addrRenderContext == 0 )
		return false;

	while( (i3RenderContext*)addrRenderContext == NULL ||
		*(i3RenderContext**)addrRenderContext == NULL ||
		**(i3RenderContext***)addrRenderContext == NULL ||
		***(i3RenderContext****)addrRenderContext == NULL )
		Sleep(10);

	pRenderContext = ***(i3RenderContext****)addrRenderContext;
	Log->Write( "pRenderContext %p", pRenderContext );

	while( pRenderContext->isReady == 0 )
		Sleep( 10 );
	Log->Write( "pRenderContext->isReady %d", pRenderContext->isReady );

	static DWORD dwEndSceneAddr = *( DWORD* )pRenderContext->pD3DDevice + 42 * 4;
	Log->Write( "dwEndSceneAddr %p", dwEndSceneAddr );

	oEndScene = (tEndScene)VTableHook( *( DWORD* )pRenderContext->pD3DDevice, 42, ( DWORD )&hEndScene );
	Log->Write( "hEndScene %p", ( DWORD )&hEndScene );
	Log->Write( "oEndScene %p", oEndScene );

[Novo]

these are really old addys bro

What addys? I'm not talking about OP..
Did you even see my code?

The post I quoted is 1 week old..

[brokim]

WOOPS sorry im a dumbass sometimes. and he is right, you dont really need a hackshield bypass, it just helps.

What addys? I'm not talking about OP..
Did you even see my code?

The post I quoted is 1 week old..

[Novo]

WOOPS sorry im a dumbass sometimes. and he is right, you dont really need a hackshield bypass, it just helps.

So where do I hook EndScene that HS doesn't detect?
I was thinking to do hook pointer to i3RenderContext instead but need to rebuild it first then..

[Qmo]

So where do I hook EndScene that HS doesn't detect?
I was thinking to do hook pointer to i3RenderContext instead but need to rebuild it first then..

try making hook your own, and try using a different system with a different also for hook code
Not too focused on your EndScene

[Novo]

try making hook your own, and try using a different system with a different also for hook code
Not too focused on your EndScene

What do you mean making hook your own? This is 100% my code :P
I'm gonna try Present too.. Do they detect midfunction hooks yet?

Engine drawing would be better, but I assume they checksum all the functions so can't hook there either in vtable

[Qmo]

What do you mean making hook your own? This is 100% my code :P
I'm gonna try Present too.. Do they detect midfunction hooks yet?

Engine drawing would be better, but I assume they checksum all the functions so can't hook there either in vtable

hahaha ok ok slowly


actually; VtableHOOK already detected for system jump detaurs
tray different; DIP system
Ask the same person on the outside forums


This is just an example my system code for DIP
==> AddFlus PBYTE FOR DIP and HOOK

Code:

(__stdcall* pAdpDrawIndexedPrimitive)(ULONG,D3D_DRAWINDEXEDPRIMITIVE*) = NULL; // my RESULT

Code:

pDetourRemove((PBYTE)ArmyDrawIndexedPrimitive,(PBYTE)ArmyDrawIndexedPrimitive);

Not this System, because this DIP Is already detected all games Online

Code:

VTableHook // ready detected:(
oDrawIndexedPrimitive(pDevice, PrimType, BaseVertexIndex, MinVertexIndex, NumVertices, startIndex, primCount);

and for menu hotkey, used VK_key not VK_control
Like this code

Code:

    __asm;
 if(GetAsyncKeyState(VK_F10)&1){Glass2=!Glass2;}

 if (Glass2)
 if(Stride == 44  )
{

                pDevice->SetRenderState(D3DRS_ZENABLE, D3DZB_FALSE);
                xxxxxxxxxx(xxxxxxxxx); // your DIP
                pDevice->SetRenderState(D3DRS_ZENABLE, D3DZB_TRUE);
  }

BTW ... may I ask for game what your Project ?

[Novo]

PointBlank (Project BlackOut) Thailand

And I don't want to hook DIP, I want to hook ES or Present so I can draw
Might do chams later but..

Your code does not really make sense, didn't answer the question & was pretty irrelevant. But thank you very much for your PM, that was helpful!



I will share with the community what I can make

To find an static pointer to i3dRenderContext I opened i3SceneDx.dll in IDA, looked at exports, found

Code:

i3RenderContext * g_pRenderContext

Which sounds interesting, so we follow it..

Code:

04C8CFCF   CC               INT3
04C8CFD0   83EC 60          SUB ESP,60
04C8CFD3   A1 54EDDF04      MOV EAX,DWORD PTR DS:[4DFED54]
04C8CFD8   33C4             XOR EAX,ESP
04C8CFDA   894424 5C        MOV DWORD PTR SS:[ESP+5C],EAX
04C8CFDE   A1 BC98D504      MOV EAX,DWORD PTR DS:[4D598BC]           ; i3RenderContext * g_pRenderContext
04C8CFE3   53               PUSH EBX
04C8CFE4   8B5C24 6C        MOV EBX,DWORD PTR SS:[ESP+6C]
04C8CFE8   55               PUSH EBP
04C8CFE9   8B6C24 6C        MOV EBP,DWORD PTR SS:[ESP+6C]
04C8CFED   56               PUSH ESI
04C8CFEE   8BF1             MOV ESI,ECX
04C8CFF0   8B08             MOV ECX,DWORD PTR DS:[EAX]
04C8CFF2   FF15 9496D504    CALL DWORD PTR DS:[4D59694]              ; i3RenderContext::IsReady(void)

And there we have a static pointer.

Now it's just to make a pattern and then we can use it to find the D3D device like so:

Code:

BYTE patRenderContext[] = "\xA1\x00\x00\x00\x00\x53\x8B\x5C\x24\x6C\x55";
char maskRenderContext[] = "x????xxxx?x";

bool Hook()
{
	while( i3SceneDx == NULL )
		i3SceneDx = GetModuleHandleA( "i3SceneDx" );
	Log->Write( "i3SceneDx %p", i3SceneDx );

	DWORD addrRenderContext = FindPattern( i3SceneDx, 0, patRenderContext, maskRenderContext, 1 );
	Log->Write( "addrRenderContext  %p", addrRenderContext );

	if( addrRenderContext == 0 )
		return false;

	while( (i3RenderContext*)addrRenderContext == NULL ||
		*(i3RenderContext**)addrRenderContext == NULL ||
		**(i3RenderContext***)addrRenderContext == NULL ||
		***(i3RenderContext****)addrRenderContext == NULL )
		Sleep(10);

	pRenderContext = ***(i3RenderContext****)addrRenderContext;
	Log->Write( "pRenderContext %p", pRenderContext );

	while( pRenderContext->isReady == 0 )
		Sleep( 10 );
	Log->Write( "pRenderContext->isReady %d", pRenderContext->isReady );

	// put hook now
}

[anasta]

please .. how to bypass winlockdll.dll pointblank because winlockdll.dll block window mode

---------- Post added at 11:35 AM ---------- Previous post was at 11:34 AM ----------

please .. how to bypass winlockdll.dll pointblank because winlockdll.dll block window mode