Byapass

Byapass

Code:

HINSTANCE lGetModuleHandle(CHAR *szModule)
{
	HINSTANCE hModule = NULL;
	if(!(hModule = GetModuleHandle(szModule)))
	{
		hModule = LoadLibrary(szModule);
	}
	return hModule;
}

INT Memcpy(VOID *lpMem, VOID *lpSrc, size_t len)
{
	DWORD flNewProtect = PAGE_READWRITE, lpflOldProtect;
	unsigned char *pDst = (unsigned char *)lpMem, *pSrc = (unsigned char *)lpSrc;

	if(VirtualProtect(lpMem, len, flNewProtect, &lpflOldProtect))
	{
		while(len-- > 0) *pDst++ = *pSrc++;
		return 0;
	}

	return 1;
}



#define EhsvcSelfCrC	    0x00799EC 
#define Detection	        0x0009F10 
#define NanoCheck1 		    0x003C4BE 
#define NanoCheck2	        0x00398FF 
#define NanoCheck3		    0x003B976 
#define AsmDetection		0x002BBC1
#define HSAntiCrash		    0x003C52E

DWORD WINAPI Bypass(LPVOID)
{
	DWORD dwHackshield = NULL;
	do
	{
		Sleep(100);
		dwHackshield = (DWORD)GetModuleHandle(STRING_EHSVC);
	} while(!dwHackshield);

	BYTE HSB1[1] = {0x74};
	BYTE HSB2[1] = {0xD2};
	BYTE HSB3[3] = {0xC2, 0x04, 0x00};
	BYTE HSB4[1] = {0x31};
	BYTE HSB5[2] = {0x90, 0x90};

	Memcpy((VOID *)(dwHackshield + NanoCheck2),	        HSB4, 1);
	Memcpy((VOID *)(dwHackshield + Detection),	        HSB3, 3);
	Memcpy((VOID *)(dwHackshield + NanoCheck3),	        HSB4, 1);
	Memcpy((VOID *)(dwHackshield + AsmDetection),	    HSB5, 2);
	Memcpy((VOID *)(dwHackshield + EhsvcSelfCrC),	    HSB3, 3);
	Memcpy((VOID *)(dwHackshield + NanoCheck1 ),	    HSB4, 1);
	Memcpy((VOID *)(dwHackshield + HSAntiCrash ),       HSB4, 1);

	return NULL;
}

Credits

@luizimloko ->Byapass
@demtrios ->adresses

Originally Posted by demtrios

Code:
HINSTANCE lGetModuleHandle(CHAR *szModule)
{
HINSTANCE hModule = NULL;
if(!(hModule = GetModuleHandle(szModule)))
{
hModule = LoadLibrary(szModule);
}

good job as always ....

This is detected for NA. We're on a higher HS version.

Originally Posted by Flengo

This is detected for NA. We're on a higher HS version.

I tested was running now

Originally Posted by demtrios

I tested was running now

Interesting.

Originally Posted by demtrios

I tested was running now

try use DIP Hook 82

English, Brazilians don't know how to speak...

Originally Posted by Element™

English, Brazilians don't know how to speak...

Basically this bypass is old and won't work for DIP Hooks, you will crash after a few minutes or so.

BlackLegend EHSVC Logger ?

Good job xD

lol you dont even need a bypass for any hooks in that game ...

Originally Posted by wraithkilla

lol you dont even need a bypass for any hooks in that game ...

If you use DIP hook and texture chams you do, but with DIP hook by itself, you're fine.

Originally Posted by arun823

If you use DIP hook and texture chams you do, but with DIP hook by itself, you're fine.

no you dont

i use ms detours v3 and it works fine without any bypass

Originally Posted by wraithkilla

no you dont

i use ms detours v3 and it works fine without any bypass

Where'd you get that shit from?

Originally Posted by Flengo

Where'd you get that shit from?

I have this Detours may also be posting

Post a Reply

Tags for this Thread