Home › Forum › MultiPlayer Game Hacks & Cheats › Combat Arms Hacks & Cheats › Combat Arms Hack Coding / Programming / Source Code › Hack Adresses/HackSheild Bypass
Hack Adresses/HackSheild Bypass
Hack Adresses/HackSheild Bypass
#define NoReload 0x374BB8F4
#define GlassWalls 0x57276A
#define RPP 0x3785E018
#define TELE 0x3785E118
#define deviceptr 0x000008
#define ltclient 0x3781BE50
#define SuperBullets 0x374B65D6
#define RECOIL1 0x3746F630
#define RECOIL2 0x3745F489
#define RECOIL3 0x3746F644
#define RECOIL4 0x3746F647
#define RECOIL5 0x3746F650
#define GameStatus ????????
#define ptc1 0x484BC0
#define nametag1 ???????????
#define nametag2 0x373747AD
#define DrawPrim 0x000160
#define getplayerbyindex 0x3715DDB0
#define getlocalplayer 0x3715E770
#define clientinfomgr 0x3715E150
#define LTC 0x00485E10.
#define LTB 0x3780CB90.
#define ASUS 0x005727AA.
#define PlayerInfo 0x378508C8.
#define NoRecoil 0x3746955C.
#define NoReload 0x374B54B4.
#define Position 0x00066F34.
#define SuperBullets 0x374B01B6.
#define Engine_Nametags1 0x3736EFDC.
#define Engine_Nametags2 0x3736EFC1.
#define GetPlayerByIndex 0x3715DD50.
#define GetLocalPlayer 0x3715E700.
#define ulThis 0x37826780.
#define BeastMode 0x37825EEC.
This is the code to bypass the hackshield pro. This is quite old so you'll probally need to fix it a bit. Also you need the adress.
#define HS_JMP 0x63B31D
#define HS_JMP2 0x63B323
typedef int (__cdecl *HS_GetProcAddress_t)( int hModule, int a2 );
typedef int (__stdcall *HackshieldComm_t )( int, void*, void* );
typedef signed int (__stdcall *KickProc_t)( int a1, int a2, int a3 );
HS_GetProcAddress_t pHS_GetProcAddress = NULL;
HackshieldComm_t pHackshieldComm = NULL;
KickProc_t pKickProc = NULL;
signed int __stdcall new_KickProc( int a1, int a2, int a3 )
{
return 1;
}
int __stdcall new_HackshieldComm( int hsCommCode, void *Param1, void *Param2 )
{
if( hsCommCode == 4 || hsCommCode == 5 || hsCommCode == 13 ) //kill!
{
if( hsCommCode == 4 ) //replace kick proc
{
DWORD *dwParam1 = (DWORD *)Param1;
pKickProc = (KickProc_t)*dwParam1;
*dwParam1 = (DWORD)new_KickProc;
}
int iReturn = pHackshieldComm( hsCommCode, Param1, Param2 );
return 1;
}
int iReturn = pHackshieldComm( hsCommCode, Param1, Param2 );
return iReturn;
}
void HookCommunication( EXCEPTION_POINTERS* pExceptionInfo )
{
DWORD dwEbp = pExceptionInfo->ContextRecord->Ebp;
DWORD dwParam2 = 0;
__asm
{
push eax;
push edx;
mov eax, dwEbp;
mov edx, [eax+0xC];
mov dwParam2, edx;
pop edx;
pop eax;
}
if( dwParam2 == 0xA ) //this is the ordinal of some export...hmm..
{
pHackshieldComm = (HackshieldComm_t)pExceptionInfo->ContextRecord->Eax;
pExceptionInfo->ContextRecord->Eax = (DWORD)new_HackshieldComm;
}
pExceptionInfo->ContextRecord->Eip = HS_JMP2;
return;
}
PVOID pContextHandler = NULL;
LONG WINAPI ***ExceptionHandler( EXCEPTION_POINTERS* pExceptionInfo )
{
if( pExceptionInfo->ExceptionRecord->ExceptionCode != EXCEPTION_SINGLE_STEP )
{
return EXCEPTION_CONTINUE_SEARCH;
}
if( pExceptionInfo->ExceptionRecord->ExceptionAddress == (PVOID)HS_JMP )
{
HookCommunication( pExceptionInfo );
return EXCEPTION_CONTINUE_EXECUTION;
}
return EXCEPTION_CONTINUE_SEARCH;
}
void InitContextHook()
{
pContextHandler = AddVectoredExceptionHandler( 0x50BE17, ***ExceptionHandler );
CONTEXT Context;
Contex*****ntextFlags = CONTEXT_DEBUG_REGISTERS;
GetThreadContext(GetCurrentThread(), &Context);
Context.Dr0 = HS_JMP;
Context.Dr7 = (1<<0)|(1<<2)|(1<<4)|(1<<6);
SetThreadContext(GetCurrentThread(), &Context);
}
#define GlassWalls 0x57276A
#define RPP 0x3785E018
#define TELE 0x3785E118
#define deviceptr 0x000008
#define ltclient 0x3781BE50
#define SuperBullets 0x374B65D6
#define RECOIL1 0x3746F630
#define RECOIL2 0x3745F489
#define RECOIL3 0x3746F644
#define RECOIL4 0x3746F647
#define RECOIL5 0x3746F650
#define GameStatus ????????
#define ptc1 0x484BC0
#define nametag1 ???????????
#define nametag2 0x373747AD
#define DrawPrim 0x000160
#define getplayerbyindex 0x3715DDB0
#define getlocalplayer 0x3715E770
#define clientinfomgr 0x3715E150
#define LTC 0x00485E10.
#define LTB 0x3780CB90.
#define ASUS 0x005727AA.
#define PlayerInfo 0x378508C8.
#define NoRecoil 0x3746955C.
#define NoReload 0x374B54B4.
#define Position 0x00066F34.
#define SuperBullets 0x374B01B6.
#define Engine_Nametags1 0x3736EFDC.
#define Engine_Nametags2 0x3736EFC1.
#define GetPlayerByIndex 0x3715DD50.
#define GetLocalPlayer 0x3715E700.
#define ulThis 0x37826780.
#define BeastMode 0x37825EEC.
This is the code to bypass the hackshield pro. This is quite old so you'll probally need to fix it a bit. Also you need the adress.
#define HS_JMP 0x63B31D
#define HS_JMP2 0x63B323
typedef int (__cdecl *HS_GetProcAddress_t)( int hModule, int a2 );
typedef int (__stdcall *HackshieldComm_t )( int, void*, void* );
typedef signed int (__stdcall *KickProc_t)( int a1, int a2, int a3 );
HS_GetProcAddress_t pHS_GetProcAddress = NULL;
HackshieldComm_t pHackshieldComm = NULL;
KickProc_t pKickProc = NULL;
signed int __stdcall new_KickProc( int a1, int a2, int a3 )
{
return 1;
}
int __stdcall new_HackshieldComm( int hsCommCode, void *Param1, void *Param2 )
{
if( hsCommCode == 4 || hsCommCode == 5 || hsCommCode == 13 ) //kill!
{
if( hsCommCode == 4 ) //replace kick proc
{
DWORD *dwParam1 = (DWORD *)Param1;
pKickProc = (KickProc_t)*dwParam1;
*dwParam1 = (DWORD)new_KickProc;
}
int iReturn = pHackshieldComm( hsCommCode, Param1, Param2 );
return 1;
}
int iReturn = pHackshieldComm( hsCommCode, Param1, Param2 );
return iReturn;
}
void HookCommunication( EXCEPTION_POINTERS* pExceptionInfo )
{
DWORD dwEbp = pExceptionInfo->ContextRecord->Ebp;
DWORD dwParam2 = 0;
__asm
{
push eax;
push edx;
mov eax, dwEbp;
mov edx, [eax+0xC];
mov dwParam2, edx;
pop edx;
pop eax;
}
if( dwParam2 == 0xA ) //this is the ordinal of some export...hmm..
{
pHackshieldComm = (HackshieldComm_t)pExceptionInfo->ContextRecord->Eax;
pExceptionInfo->ContextRecord->Eax = (DWORD)new_HackshieldComm;
}
pExceptionInfo->ContextRecord->Eip = HS_JMP2;
return;
}
PVOID pContextHandler = NULL;
LONG WINAPI ***ExceptionHandler( EXCEPTION_POINTERS* pExceptionInfo )
{
if( pExceptionInfo->ExceptionRecord->ExceptionCode != EXCEPTION_SINGLE_STEP )
{
return EXCEPTION_CONTINUE_SEARCH;
}
if( pExceptionInfo->ExceptionRecord->ExceptionAddress == (PVOID)HS_JMP )
{
HookCommunication( pExceptionInfo );
return EXCEPTION_CONTINUE_EXECUTION;
}
return EXCEPTION_CONTINUE_SEARCH;
}
void InitContextHook()
{
pContextHandler = AddVectoredExceptionHandler( 0x50BE17, ***ExceptionHandler );
CONTEXT Context;
Contex*****ntextFlags = CONTEXT_DEBUG_REGISTERS;
GetThreadContext(GetCurrentThread(), &Context);
Context.Dr0 = HS_JMP;
Context.Dr7 = (1<<0)|(1<<2)|(1<<4)|(1<<6);
SetThreadContext(GetCurrentThread(), &Context);
}
LEACH.
this has been posted here like 5 times
this has been posted here like 5 times
Originally Posted by speedforyou
LEACH.
this has been posted here like 5 times
this has been posted here like 5 times
Originally Posted by MasterLeech
DUH!!!! Why don't you request it to be closed?
but he is taking creds thats not right.