Page 1 of 8 123 ... LastLast
Results 1 to 15 of 114
  1. #1
    FORCE™'s Avatar
    Join Date
    Apr 2009
    Gender
    male
    Location
    Omg ure a pedaphile
    Posts
    4,225
    Reputation
    69
    Thanks
    667
    My Mood
    Goofy

    Hack Shield Analysis [UPDATED]

    I did not make this at all. This is "so be it" source code for a bypass.
    After he stoped hacking CA he released it publicly.
    This will take some editing to get this working.
    So coders feel free to take your shot
    Code:
    #define HS_JMP            0x63B31D
    #define HS_JMP2            0x63B323
    
    typedef int            (__cdecl *HS_GetProcAddress_t)( int hModule, int a2 );
    typedef int            (__stdcall *HackshieldComm_t )( int, void*, void* );
    typedef signed int    (__stdcall *KickProc_t)( int a1, int a2, int a3 );
    
    HS_GetProcAddress_t                pHS_GetProcAddress        = NULL;
    HackshieldComm_t                pHackshieldComm            = NULL;
    KickProc_t                        pKickProc                = NULL;
    
    signed int __stdcall new_KickProc( int a1, int a2, int a3 )
    {
        return 1;
    }
    
    int __stdcall new_HackshieldComm( int hsCommCode, void *Param1, void *Param2 )
    {
        if( hsCommCode == 4 || hsCommCode == 5 || hsCommCode == 13 ) //kill!
        {
            if( hsCommCode == 4 ) //replace kick proc
            {
                DWORD *dwParam1 = (DWORD *)Param1;
    
                pKickProc    = (KickProc_t)*dwParam1;
                *dwParam1    = (DWORD)new_KickProc;
            }
    
            int iReturn = pHackshieldComm( hsCommCode, Param1, Param2 );
    
            return 1;
        }
    
        int iReturn = pHackshieldComm( hsCommCode, Param1, Param2 );
    
        return iReturn;
    }
    
    void HookCommunication( EXCEPTION_POINTERS* pExceptionInfo )
    {
        DWORD dwEbp        = pExceptionInfo->ContextRecord->Ebp;
        DWORD dwParam2    = 0;
    
        __asm
        {
            push eax;
            push edx;
            mov eax, dwEbp;
            mov edx, [eax+0xC];
            mov dwParam2, edx;
            pop edx;
            pop eax;
        }
    
        if( dwParam2 == 0xA ) //this is the ordinal of some export...hmm..
        {
            pHackshieldComm                        = (HackshieldComm_t)pExceptionInfo->ContextRecord->Eax;
            pExceptionInfo->ContextRecord->Eax    = (DWORD)new_HackshieldComm;
        }
    
        pExceptionInfo->ContextRecord->Eip        = HS_JMP2;
    
        return;
    }
    
    PVOID pContextHandler = NULL;
    
    LONG WINAPI ***ExceptionHandler( EXCEPTION_POINTERS* pExceptionInfo )
    {
        if( pExceptionInfo->ExceptionRecord->ExceptionCode != EXCEPTION_SINGLE_STEP )
        {
            return EXCEPTION_CONTINUE_SEARCH;
        }
    
        if( pExceptionInfo->ExceptionRecord->ExceptionAddress == (PVOID)HS_JMP )
        {
            HookCommunication( pExceptionInfo );
            return EXCEPTION_CONTINUE_EXECUTION;
        }
    
        return EXCEPTION_CONTINUE_SEARCH;
    }
    
    void InitContextHook()
    {
        pContextHandler = AddVectoredExceptionHandler( 0x50BE17, ***ExceptionHandler );
    
        CONTEXT Context;
        Contex*****ntextFlags = CONTEXT_DEBUG_REGISTERS;
        GetThreadContext(GetCurrentThread(), &Context);
        Context.Dr0 = HS_JMP;
        Context.Dr7 = (1<<0)|(1<<2)|(1<<4)|(1<<6);
        SetThreadContext(GetCurrentThread(), &Context);
    }
    Also here is a simple tut for this i found by novasynth.
    Have fun...
    C+ is for .dll programming, and C++ is for application programming. This is in C+ format, therefore it is a Dynamic Link Library (.dll file for short). If you have a proper compiler, basically all you need to do is compile this script into a main .dll file, and then save it. Afterwards, you can inject the .dll file into combat arms or such and such and you should be able to attach a cheat engine or something to hack away at the same, finding proper hex addresses and compiling scripts. Most of the hacks now-a-days are just C+ scripts made with cheat engine, compiled with another program (god knows what) and then injected into the game as a .dll file. its the simplest and most effective way to hack these games now. ITs not that hard really, all you need to do is understand it
    ^^Not sure how much that helped.
    But take a stab at it.

    __________________________________________________ ____________________________


    Hack Shield Analysis

    Credits: Tension from mpgh and Th4natoS from elite hacks, also lolz for the addies he got
    Soryy for leaving this out

    Hi there, and welcome to my ultimate information dump on Hack Shield, one of the best Anti-Cheat services ever made. Today you will essentially learn what Hack Shield is made of, how Hack Shield works, and you will even learn some new bypassing ideas.

    Index

    1. Hack Shield Components
    2. Hack Shield Flow
    3. Bypassing Theory



    Hack Shield Components

    Hack Shield consists of:


    1) EhSvc.dll:

    • EhSvc is the Hack Shield interface dll
    • It communicates between the game client and Hack Shield
    • It communicates with the Hack Shield driver (EagleNT.sys)
    • It initiates the hack tool detection engine
    • This is usually the only file needed to create a workable bypass


    Code:
    	0x10000000		0 (0x0)	EHSvc.dll	C:\Nexon\Combat Arms\HShield\EHSvc.dll	
    1	0x1000af00	0x0000af00	1 (0x1)	EHSvc.dll	C:\Nexon\Combat Arms\HShield\EHSvc.dll	
    10	0x1000ca80	0x0000ca80	10 (0xa)	EHSvc.dll	C:\Nexon\Combat Arms\HShield\EHSvc.dll	
    12	0x1000ca40	0x0000ca40	12 (0xc)	EHSvc.dll	C:\Nexon\Combat Arms\HShield\EHSvc.dll	
    13	0x1000ad60	0x0000ad60	13 (0xd)	EHSvc.dll	C:\Nexon\Combat Arms\HShield\EHSvc.dll	
    14	0x1000c760	0x0000c760	14 (0xe)	EHSvc.dll	C:\Nexon\Combat Arms\HShield\EHSvc.dll	
    15	0x10009c70	0x00009c70	15 (0xf)	EHSvc.dll	C:\Nexon\Combat Arms\HShield\EHSvc.dll	
    16	0x1000c7c0	0x0000c7c0	16 (0x10)	EHSvc.dll	C:\Nexon\Combat Arms\HShield\EHSvc.dll	
    17	0x1000aba0	0x0000aba0	17 (0x11)	EHSvc.dll	C:\Nexon\Combat Arms\HShield\EHSvc.dll	
    18	0x1000ca60	0x0000ca60	18 (0x12)	EHSvc.dll	C:\Nexon\Combat Arms\HShield\EHSvc.dll	
    19	0x1000c500	0x0000c500	19 (0x13)	EHSvc.dll	C:\Nexon\Combat Arms\HShield\EHSvc.dll	
    2	0x1000c980	0x0000c980	2 (0x2)	EHSvc.dll	C:\Nexon\Combat Arms\HShield\EHSvc.dll	
    20	0x1000cd70	0x0000cd70	20 (0x14)	EHSvc.dll	C:\Nexon\Combat Arms\HShield\EHSvc.dll	
    21	0x1000d080	0x0000d080	21 (0x15)	EHSvc.dll	C:\Nexon\Combat Arms\HShield\EHSvc.dll	
    22	0x1000ce70	0x0000ce70	22 (0x16)	EHSvc.dll	C:\Nexon\Combat Arms\HShield\EHSvc.dll	
    23	0x1000b5f0	0x0000b5f0	23 (0x17)	EHSvc.dll	C:\Nexon\Combat Arms\HShield\EHSvc.dll	
    24	0x1000b090	0x0000b090	24 (0x18)	EHSvc.dll	C:\Nexon\Combat Arms\HShield\EHSvc.dll	
    25	0x1000d0b0	0x0000d0b0	25 (0x19)	EHSvc.dll	C:\Nexon\Combat Arms\HShield\EHSvc.dll	
    26	0x1000ce90	0x0000ce90	26 (0x1a)	EHSvc.dll	C:\Nexon\Combat Arms\HShield\EHSvc.dll	
    3	0x1000a930	0x0000a930	3 (0x3)	EHSvc.dll	C:\Nexon\Combat Arms\HShield\EHSvc.dll	
    4	0x1000c630	0x0000c630	4 (0x4)	EHSvc.dll	C:\Nexon\Combat Arms\HShield\EHSvc.dll	
    5	0x1000a960	0x0000a960	5 (0x5)	EHSvc.dll	C:\Nexon\Combat Arms\HShield\EHSvc.dll	
    6	0x10008dc0	0x00008dc0	6 (0x6)	EHSvc.dll	C:\Nexon\Combat Arms\HShield\EHSvc.dll	
    7	0x1000a980	0x0000a980	7 (0x7)	EHSvc.dll	C:\Nexon\Combat Arms\HShield\EHSvc.dll	
    8	0x1000ca20	0x0000ca20	8 (0x8)	EHSvc.dll	C:\Nexon\Combat Arms\HShield\EHSvc.dll	
    9	0x1000ac80	0x0000ac80	9 (0x9)	EHSvc.dll	C:\Nexon\Combat Arms\HShield\EHSvc.dll
    2) V3Pro32s.dll:

    • This is the hacking tool detection interface dll
    • This starts the hacking tool detection engine
    • This is helps the scanning of known hack signatures
    • A very important file. This could interrupt the Hack Shield driver if correctly intercepted



    Code:
    addies for various functions of above dll
    _AhnGetFileEntry	0x1000bb9c	0x0000bb9c	30 (0x1e)	v3pro32s.dll	C:\Nexon\Combat Arms\HShield\v3pro32s.dll	
    AhnBootInformation	0x1000b16f	0x0000b16f	1 (0x1)	v3pro32s.dll	C:\Nexon\Combat Arms\HShield\v3pro32s.dll	
    AhnCheckBootSector	0x1000b177	0x0000b177	2 (0x2)	v3pro32s.dll	C:\Nexon\Combat Arms\HShield\v3pro32s.dll	
    AhnCheckDefaultExtensions	0x1000124a	0x0000124a	3 (0x3)	v3pro32s.dll	C:\Nexon\Combat Arms\HShield\v3pro32s.dll	
    AhnCheckFile	0x1000ba5e	0x0000ba5e	4 (0x4)	v3pro32s.dll	C:\Nexon\Combat Arms\HShield\v3pro32s.dll	
    AhnCheckMemory	0x1000b160	0x0000b160	5 (0x5)	v3pro32s.dll	C:\Nexon\Combat Arms\HShield\v3pro32s.dll	
    AhnCheckProcess	0x1000b79d	0x0000b79d	6 (0x6)	v3pro32s.dll	C:\Nexon\Combat Arms\HShield\v3pro32s.dll	
    AhnGetBootRepairStatus	0x1000b5b9	0x0000b5b9	7 (0x7)	v3pro32s.dll	C:\Nexon\Combat Arms\HShield\v3pro32s.dll	
    AhnGetDefaultExtensions	0x1000126b	0x0000126b	8 (0x8)	v3pro32s.dll	C:\Nexon\Combat Arms\HShield\v3pro32s.dll	
    AhnGetEngineDate	0x100013fd	0x000013fd	9 (0x9)	v3pro32s.dll	C:\Nexon\Combat Arms\HShield\v3pro32s.dll	
    AhnGetEngineDateString	0x1000145c	0x0000145c	10 (0xa)	v3pro32s.dll	C:\Nexon\Combat Arms\HShield\v3pro32s.dll	
    AhnGetEngineDateValue	0x10001449	0x00001449	11 (0xb)	v3pro32s.dll	C:\Nexon\Combat Arms\HShield\v3pro32s.dll	
    AhnGetExtRepairStatus	0x1000b287	0x0000b287	12 (0xc)	v3pro32s.dll	C:\Nexon\Combat Arms\HShield\v3pro32s.dll	
    AhnGetRepairStatus	0x1000b1b4	0x0000b1b4	13 (0xd)	v3pro32s.dll	C:\Nexon\Combat Arms\HShield\v3pro32s.dll	
    AhnGetVersion	0x100014f7	0x000014f7	14 (0xe)	v3pro32s.dll	C:\Nexon\Combat Arms\HShield\v3pro32s.dll	
    AhnGetVirusFileCureData	0x1000120b	0x0000120b	15 (0xf)	v3pro32s.dll	C:\Nexon\Combat Arms\HShield\v3pro32s.dll	
    AhnGetVirusName	0x100010d1	0x000010d1	16 (0x10)	v3pro32s.dll	C:\Nexon\Combat Arms\HShield\v3pro32s.dll	
    AhnGetVirusName32	0x1000108c	0x0000108c	17 (0x11)	v3pro32s.dll	C:\Nexon\Combat Arms\HShield\v3pro32s.dll	
    AhnGetVirusNameStr	0x1000116c	0x0000116c	18 (0x12)	v3pro32s.dll	C:\Nexon\Combat Arms\HShield\v3pro32s.dll	
    AhnGetVirusNameStr32	0x100010ab	0x000010ab	19 (0x13)	v3pro32s.dll	C:\Nexon\Combat Arms\HShield\v3pro32s.dll	
    AhnInitVaccineEngine	0x1000b600	0x0000b600	20 (0x14)	v3pro32s.dll	C:\Nexon\Combat Arms\HShield\v3pro32s.dll	
    AhnRepairBootSector	0x1000b17e	0x0000b17e	21 (0x15)	v3pro32s.dll	C:\Nexon\Combat Arms\HShield\v3pro32s.dll	
    AhnRepairFile	0x1000eea0	0x0000eea0	22 (0x16)	v3pro32s.dll	C:\Nexon\Combat Arms\HShield\v3pro32s.dll	
    AhnRepairMemory	0x1000b167	0x0000b167	23 (0x17)	v3pro32s.dll	C:\Nexon\Combat Arms\HShield\v3pro32s.dll	
    AhnSetDefaultOption	0x1000ba89	0x0000ba89	24 (0x18)	v3pro32s.dll	C:\Nexon\Combat Arms\HShield\v3pro32s.dll	
    AhnSetExtensions	0x10001295	0x00001295	25 (0x19)	v3pro32s.dll	C:\Nexon\Combat Arms\HShield\v3pro32s.dll	
    PV3CALGetInfoAddr	0x1000a0fe	0x0000a0fe	26 (0x1a)	v3pro32s.dll	C:\Nexon\Combat Arms\HShield\v3pro32s.dll	
    V3CALGetInfo	0x1000a0c2	0x0000a0c2	27 (0x1b)	v3pro32s.dll	C:\Nexon\Combat Arms\HShield\v3pro32s.dll	
    V3CALGetShowInfo	0x1000a080	0x0000a080	28 (0x1c)	v3pro32s.dll	C:\Nexon\Combat Arms\HShield\v3pro32s.dll	
    V3CALGetTotalInfoCount	0x1000a0b9	0x0000a0b9	29 (0x1d)	v3pro32s.dll	C:\Nexon\Combat Arms\HShield\v3pro32s.dll

    3) 3N.mhe:

    • The Heuristic engine file
    • Contains the patterns used to search for known hacks


    4) psapi.dll:

    • The process status helper dll
    • Helps scan process signatures and control process functions


    Code:
    EmptyWorkingSet	0x76a61e20	0x00001e20	1 (0x1)	psapi.dll	C:\Nexon\Combat Arms\HShield\psapi.dll	
    EnumDeviceDrivers	0x76a615a3	0x000015a3	2 (0x2)	psapi.dll	C:\Nexon\Combat Arms\HShield\psapi.dll	
    EnumPageFilesA	0x76a63b3c	0x00003b3c	3 (0x3)	psapi.dll	C:\Nexon\Combat Arms\HShield\psapi.dll	
    EnumPageFilesW	0x76a639cd	0x000039cd	4 (0x4)	psapi.dll	C:\Nexon\Combat Arms\HShield\psapi.dll	
    EnumProcesses	0x76a634a9	0x000034a9	6 (0x6)	psapi.dll	C:\Nexon\Combat Arms\HShield\psapi.dll	
    EnumProcessModules	0x76a61a8a	0x00001a8a	5 (0x5)	psapi.dll	C:\Nexon\Combat Arms\HShield\psapi.dll	
    GetDeviceDriverBaseNameA	0x76a61748	0x00001748	7 (0x7)	psapi.dll	C:\Nexon\Combat Arms\HShield\psapi.dll	
    GetDeviceDriverBaseNameW	0x76a61823	0x00001823	8 (0x8)	psapi.dll	C:\Nexon\Combat Arms\HShield\psapi.dll	
    GetDeviceDriverFileNameA	0x76a616cd	0x000016cd	9 (0x9)	psapi.dll	C:\Nexon\Combat Arms\HShield\psapi.dll	
    GetDeviceDriverFileNameW	0x76a617c7	0x000017c7	10 (0xa)	psapi.dll	C:\Nexon\Combat Arms\HShield\psapi.dll	
    GetMappedFileNameA	0x76a61945	0x00001945	11 (0xb)	psapi.dll	C:\Nexon\Combat Arms\HShield\psapi.dll	
    GetMappedFileNameW	0x76a6187f	0x0000187f	12 (0xc)	psapi.dll	C:\Nexon\Combat Arms\HShield\psapi.dll	
    GetModuleBaseNameA	0x76a61d2f	0x00001d2f	13 (0xd)	psapi.dll	C:\Nexon\Combat Arms\HShield\psapi.dll	
    GetModuleBaseNameW	0x76a61cb2	0x00001cb2	14 (0xe)	psapi.dll	C:\Nexon\Combat Arms\HShield\psapi.dll	
    GetModuleFileNameExA	0x76a61c4a	0x00001c4a	15 (0xf)	psapi.dll	C:\Nexon\Combat Arms\HShield\psapi.dll	
    GetModuleFileNameExW	0x76a61bcd	0x00001bcd	16 (0x10)	psapi.dll	C:\Nexon\Combat Arms\HShield\psapi.dll	
    GetModuleInformation	0x76a61d97	0x00001d97	17 (0x11)	psapi.dll	C:\Nexon\Combat Arms\HShield\psapi.dll	
    GetPerformanceInfo	0x76a6382d	0x0000382d	18 (0x12)	psapi.dll	C:\Nexon\Combat Arms\HShield\psapi.dll	
    GetProcessImageFileNameA	0x76a637a9	0x000037a9	19 (0x13)	psapi.dll	C:\Nexon\Combat Arms\HShield\psapi.dll	
    GetProcessImageFileNameW	0x76a6371b	0x0000371b	20 (0x14)	psapi.dll	C:\Nexon\Combat Arms\HShield\psapi.dll	
    GetProcessMemoryInfo	0x76a635c2	0x000035c2	21 (0x15)	psapi.dll	C:\Nexon\Combat Arms\HShield\psapi.dll	
    GetWsChanges	0x76a636e1	0x000036e1	22 (0x16)	psapi.dll	C:\Nexon\Combat Arms\HShield\psapi.dll	
    InitializeProcessForWsWatch	0x76a6369d	0x0000369d	23 (0x17)	psapi.dll	C:\Nexon\Combat Arms\HShield\psapi.dll	
    QueryWorkingSet	0x76a61e8b	0x00001e8b	24 (0x18)	psapi.dll	C:\Nexon\Combat Arms\HShield\psapi.dll	
    QueryWorkingSetEx	0x76a61ec7	0x00001ec7	25 (0x19)	psapi.dll	C:\Nexon\Combat Arms\HShield\psapi.dll
    5) V3Warp(d)(n)s.v3d:

    • The anti-hacking engine pattern file
    • Not to sure exactly what this does, but it reads the 3N.mhe file


    6) EagleNT.sys:

    • The Hack Shield kernel driver
    • Performs anti-hacking functions, protects the game client's process, and hooks certain API's, rendering them useless
    • If successfully uninitiated, it could enable the use of many API's and functions such as Read/WriteProcessMemory.



    2. Hack Shield Flow

    Here is a graphical chart explaining how all the components work together:

    [IMG]https://i254.photobucke*****m/albums/hh113/McElf223/structure.jpg[/IMG]

    Here is a graphical chart explaining how Hack Shield is started:


    [IMG]https://i254.photobucke*****m/albums/hh113/McElf223/hs_pc.jpg[/IMG]

    **If I were you I would pay attention to those function names!



    3. Bypassing Theory

    So, we got some nice information about Hack Shield. How do we bypass it? I will tell you right now, I'm going to show you some very unconventional and new ideas. Say goodbye to your petty API and ASM bypasses, and say hello to your new best friend: detouring. Before we continue, you should have a strong foundation in detouring. If you don't, I recommend watching this.

    So what functions do we detour? In reality, you are going to be detouring CallBack. The CallBack function in Hack Shield collects data from the Hack Shield service. The data is usually errors or "Hack Detected" type messages. The goal of course is to stop it from getting the Hack Detected messages, or stop it from alerting the game client that there is a "Hack Detected" message. The first goal is to find the actual name of the function. The next step is to rebuild the params of the function. The next step is to find the address of this function. Then finally you detour it. Here is my example (not working probably):

    Code:
    ////// Declares //////
    #define CallBackAddy 0x0000001
    typedef int ( *PFN_AhnEH_Callback)( long lCode, long lParamSize, void* pParam ); //the name of the function actually is PFN_AhnEH_Callback
    PFN_AhnEH_Callback pAhnEH_Callback; //Defining our function
    //////
    
    ////// Our new function //////
    int _CallBackThread()
    {
        DWORD dwCode = YOUR_CODE_TO_PASS;
        int myReturn = pAhnEH_Callback(dwCode, 0, NULL);
        return myReturn;
    }
    //////
    ////// Our Detour //////
    pAhnEH_Callback  = (PFN_AhnEH_Callback)DetourFunction( (PBYTE)( Ehsvc + CallBackAddy ), (PBYTE)_CallBackThread()); 
    //////
    This is just pseudo code, but hopefully you get the idea. The hard part is finding the address of the function. I have my way of getting it, but I'm leaving it up to you to figure out how to get the address. I don't want to completely hand feed you a working bypass. There are a couple ways to get it.

    As a conclusion, I just want to say that you need to use your imagination! Find different functions. Find different ways to bypass. Rip Hack Shield apart. Keep in mind that you can gain access to hooked functions by stopping the Hack Shield anti-hack service.
    Last edited by whitten; 09-25-2009 at 10:12 AM.


    LIVERPOOL FC


  2. The Following 63 Users Say Thank You to FORCE™ For This Useful Post:

    -XpliCitt- (09-21-2009),abou01 (09-23-2009),Azathᴏth (10-20-2009),baraozin (05-29-2011),Barnys (12-08-2009),BluntGod_ (09-09-2012),broly7 (09-22-2009),C0rTez-BryANT (09-23-2009),chaval (09-22-2009),cheezetrix (09-23-2009),cracken7259 (09-22-2009),d00ms33k3r (09-22-2009),darkonezu (09-22-2009),[MPGH]Disturbed (09-23-2009),doommach (09-22-2009),dura2 (09-23-2009),edu_dudu (09-22-2009),euhsoftware (09-22-2009),Extra- (09-22-2009),fbiepidemic (11-26-2009),FMRadio (09-22-2009),Fulfilled (09-21-2009),gwentravolta (09-22-2009),headsup (10-01-2009),higogeta (09-22-2009),hopefordope (12-14-2009),i hate EVERYONE (09-23-2009),imgunna (09-23-2009),IsamuRukario (12-08-2009),JIGS4W (09-22-2009),jijee (09-22-2009),jkbro (02-09-2011),Ken Jeong (09-22-2009),Kounter (09-22-2009),LegendaryAbbo (09-22-2009),Legify (09-22-2009),lolmao39 (12-30-2009),lolz2much (09-21-2009),mariofan901 (09-22-2009),Mat17 (09-22-2009),monsterthejuggalo (09-23-2009),neononxxx (09-23-2009),nzjustin (10-05-2009),purokiller (09-22-2009),rabownz (09-25-2009),rageofhell (09-23-2009),razortap (09-22-2009),RedThunder (09-21-2009),Rocco (09-22-2009),sendi12 (09-23-2009),snotpig (09-22-2009),SomeOneSpecial (09-22-2009),souljaowner (09-22-2009),sudekiiii (09-22-2009),superstar0017 (09-23-2009),Trunky (09-22-2009),TsunaStar (09-23-2009),Tyreall101 (09-22-2009),whitten (09-23-2009),wootage (09-22-2009),XGelite (09-22-2009),xobbfly (11-26-2009),zlavik (09-23-2009)

  3. #2
    RedThunder's Avatar
    Join Date
    Sep 2009
    Gender
    male
    Posts
    2,594
    Reputation
    84
    Thanks
    558
    My Mood
    Twisted
    cool this should be pretty fking helpfull
    consider your self thanked
    TROLL MATH
    14 posts per thread per hour, even at 1 thread an hour in 5 hours, general trolling time, thats 70 posts, and seeing as i try to run it at about 3 threads at a time, then i can make 210 posts in a day which means in 10 days i could be back to where i am if i started a new account, lol so in theory in a month id have 6k posts, in 2 months id have 12k, in 3 months 18k, in 4 months id have 24k and i could have the highest post count on the forum

    14*3*5*10*3*4=highest post count on the forums in 4 months

  4. #3
    ghostsbow's Avatar
    Join Date
    Oct 2008
    Gender
    male
    Location
    Wherever The Wind Takes Me =) haha
    Posts
    709
    Reputation
    12
    Thanks
    34
    My Mood
    Amazed
    Ok now I pretty much have a good understanding of the hackshield ands its components. Nice finding this and thanks for posting it. I appreciate it and I bet a lot of people do

  5. #4
    FORCE™'s Avatar
    Join Date
    Apr 2009
    Gender
    male
    Location
    Omg ure a pedaphile
    Posts
    4,225
    Reputation
    69
    Thanks
    667
    My Mood
    Goofy
    i got no idea with coding but it might help other people


    LIVERPOOL FC


  6. The Following User Says Thank You to FORCE™ For This Useful Post:

    Footballboy262 (09-26-2009)

  7. #5
    lolz2much's Avatar
    Join Date
    Jan 2009
    Gender
    male
    Posts
    743
    Reputation
    28
    Thanks
    807
    My Mood
    Amused
    nice god dam post

    btw i think ihave all the addies needed

    i had no idea how many people in ca are on mpgh...i went in a game, and there was a room called "lol2much fly hack" and everybody had it...it was fun...




  8. #6
    FORCE™'s Avatar
    Join Date
    Apr 2009
    Gender
    male
    Location
    Omg ure a pedaphile
    Posts
    4,225
    Reputation
    69
    Thanks
    667
    My Mood
    Goofy
    Quote Originally Posted by lolz2much View Post
    nice god dam post

    btw i think ihave all the addies needed
    cant wait for the hack to be released


    LIVERPOOL FC


  9. #7
    Fulfilled's Avatar
    Join Date
    Aug 2009
    Gender
    male
    Location
    Behind you... :P
    Posts
    969
    Reputation
    14
    Thanks
    73
    My Mood
    Amused
    Quote Originally Posted by lolz2much View Post
    nice god dam post

    btw i think ihave all the addies needed
    :O that means the MPGH pub will be out soon? *cross fingers*
    Time to start working on my own bypass... as soon as I have a hack rofl.
    Respect List
    Dave - for creating the site.
    User1 - he's an uber beast.
    Whitten - for having an emo bear on his avatar.
    Obama - for being "Obamba" rofl.
    Liz - She helps a LOT (good bye choobs...)
    Stumpy & Trunky - can't tell which is which for some reason, sorry
    ...
    Where'd they all go?

    Me - Because you have to respect yourself.

  10. #8
    ac1d_buRn's Avatar
    Join Date
    Aug 2009
    Gender
    female
    Location
    CA Source Section
    Posts
    3,404
    Reputation
    157
    Thanks
    4,003
    My Mood
    Flirty
    ive got a hackshield bypass source code
    but i dont no wtf to do with it loll

  11. #9
    Fulfilled's Avatar
    Join Date
    Aug 2009
    Gender
    male
    Location
    Behind you... :P
    Posts
    969
    Reputation
    14
    Thanks
    73
    My Mood
    Amused
    Quote Originally Posted by ac1d_buRn View Post
    ive got a hackshield bypass source code
    but i dont no wtf to do with it loll
    Uh... compile it with a compiler and/or build it into an .exe?
    BTW, could you send me the source code? I'm desperate for a bypass (even an old one) so I can see flaws in mine. PM me?
    Respect List
    Dave - for creating the site.
    User1 - he's an uber beast.
    Whitten - for having an emo bear on his avatar.
    Obama - for being "Obamba" rofl.
    Liz - She helps a LOT (good bye choobs...)
    Stumpy & Trunky - can't tell which is which for some reason, sorry
    ...
    Where'd they all go?

    Me - Because you have to respect yourself.

  12. #10
    FORCE™'s Avatar
    Join Date
    Apr 2009
    Gender
    male
    Location
    Omg ure a pedaphile
    Posts
    4,225
    Reputation
    69
    Thanks
    667
    My Mood
    Goofy
    Quote Originally Posted by Fulfilled View Post
    Uh... compile it with a compiler and/or build it into an .exe?
    BTW, could you send me the source code? I'm desperate for a bypass (even an old one) so I can see flaws in mine. PM me?
    well there is a kind of source in the guide but i duobt it works


    LIVERPOOL FC


  13. #11
    Katie_Perry's Avatar
    Join Date
    Feb 2009
    Gender
    male
    Posts
    3,082
    Reputation
    31
    Thanks
    175
    My Mood
    Sneaky
    I like the theory
    Tanks = Rep+

  14. #12
    FORCE™'s Avatar
    Join Date
    Apr 2009
    Gender
    male
    Location
    Omg ure a pedaphile
    Posts
    4,225
    Reputation
    69
    Thanks
    667
    My Mood
    Goofy
    sticky this in general section??????


    LIVERPOOL FC


  15. #13
    LegendaryAbbo's Avatar
    Join Date
    Dec 2008
    Gender
    male
    Posts
    5,243
    Reputation
    23
    Thanks
    546
    My Mood
    Relaxed
    Where did you get this?

  16. #14
    SomeOneSpecial's Avatar
    Join Date
    Sep 2009
    Gender
    male
    Posts
    38
    Reputation
    10
    Thanks
    6
    My Mood
    Amused
    Ok This is my first post lets see if i got this right?


    2) V3Pro32s.dll:

    This is the hacking tool detection interface dll
    This starts the hacking tool detection engine
    This is helps the scanning of known hack signatures
    A very important file. This could interrupt the Hack Shield driver if correctly intercepted

    (ok so what we wanna do here is inject a move to 3n.mhe after it starts the engine and below it NOP out the rest of the operations related to signitures)

    3) 3N.mhe:

    The Heuristic engine file
    Contains the patterns used to search for known hacks

    (Then we want place another move to here after this process starts to psapi.dll and nop out the signiture file)

    4) psapi.dll:

    The process status helper dll
    Helps scan process signatures and control process functions

    (then we want to change the status helper to set value rather then a monitored one that marks as always true place a move to eaglent.sys and nop out signiture control functions)


    6) EagleNT.sys:

    The Hack Shield kernel driver
    Performs anti-hacking functions, protects the game client's process, and hooks certain API's, rendering them useless
    If successfully uninitiated, it could enable the use of many API's and functions such as Read/WriteProcessMemory.

    (alter assembly for the antihacking functions and protection features to a set value of true rather then a monitored and the hackshield will state to the server side data base that the hack shield is running propper and no hacks are present)

    Now we have free rain to use any hack/device avalible.
    Another question how do you find the base address of a multilvl pointer to make these hacks ? Packet editors?

    Am I way of base ? or pretty close?

    The mouse seen some cheese and decided to nibble

  17. #15
    FORCE™'s Avatar
    Join Date
    Apr 2009
    Gender
    male
    Location
    Omg ure a pedaphile
    Posts
    4,225
    Reputation
    69
    Thanks
    667
    My Mood
    Goofy
    Quote Originally Posted by legendaryhack View Post
    Where did you get this?
    does it really matter

    Edit: so can anyone make a working bypass from this.............


    amd btw i think my friend will be making a hack with chams and wallhack soon so i migh release it
    Last edited by FORCE™; 09-22-2009 at 02:51 AM.


    LIVERPOOL FC


Page 1 of 8 123 ... LastLast

Similar Threads

  1. X-Trap Bypass Source Code
    By NoJustice in forum CrossFire Hack Coding / Programming / Source Code
    Replies: 24
    Last Post: 05-07-2011, 08:05 PM
  2. Hackshield bypass {Source code}
    By headsup in forum Combat Arms Hack Coding / Programming / Source Code
    Replies: 37
    Last Post: 12-30-2009, 07:17 PM
  3. [Release] I Bring you.. A HACKSHIELD BYPASS Source Code
    By ac1d_buRn in forum Combat Arms Hacks & Cheats
    Replies: 33
    Last Post: 09-28-2009, 08:33 AM
  4. [Release] ****** DLL Source Code
    By OneWhoSighs in forum WarRock - International Hacks
    Replies: 20
    Last Post: 10-25-2007, 07:41 AM
  5. HALO 2 (XBOX) Source Code
    By mirelesmichael in forum General Game Hacking
    Replies: 12
    Last Post: 09-23-2006, 04:35 AM

Tags for this Thread