Kindly give guidance to this hacking noob, got a base already

[ainkut]

Yes, I have returned from a long break. 3 years I think the password reminder said, at least. I have returned with ACTUAL programming knowledge.[lots of stuff removed, irrelevant]

edit 1:the DLL now compiles properly.

edit 2:read some guides, and was able to dump engine and the cshell.dll files. cool. i was also able to open it up in Sabre, and I can now look for addresses.

Bottomline, questions:
1)Does using incorrect addresses/values cause instant ban?
2)Are there any examples of what methods are now patched? Or rather, does Haxo's base(the one i'm using) have any patched methods in it I should watch out for?

[wraithkilla]

1. No

2. Hook is detected , use another one

[ainkut]

ok but what does Hook.cpp do, exactly? Does it attach itself to the Direct3d inside Combat Arms?

edit: research says it makes the hack undetected, or at least that's the definition of a "hook"..why would those be publicly available..? anyways, i'll browse for one.

edit 2: unless you mean it just needs a new address..or does it need a whole new method?

[flameswor10]

@ainkut
A hook basically modifies the opcode of the function you would like to nodify/hook, to jump to a function inside of your own .dll.

This is called a detour, and allows you force the application to jump to your functions while running their own code.

It basically works like this.

Original:
int Randomcode(int i, int t)
{
Do Random code
return
}

After Detour:
int Randomcode(int i, int t)
{
call Yourfunction << the function you are redirecting
do random code
return
}

Obviously, hackshield checks for any modification to the important functions, and this is what causes a crash.

[ainkut]

So how does one bypass, or get around hackshield? As in how would one modify the hook to make it..well, hiding in plain sight? I see that it currently connects, from what I can tell, directly into the D3D's device that lets it display(i've done some Irrlicht messing around, seems very similar code-wise)..

[flameswor10]

So how does one bypass, or get around hackshield? As in how would one modify the hook to make it..well, hiding in plain sight? I see that it currently connects, from what I can tell, directly into the D3D's device that lets it display(i've done some Irrlicht messing around, seems very similar code-wise)..

You can hook other functions, or further into the function (not the first 5 to 12 bytes) then use the EngineDevicePointer to draw.
You also can hook any function that gets called ONCE between BeginScene and PresentScene.

[ainkut]

So I'm either looking for a way to detour past the first 12 bytes, or, I should be looking for another function to hook onto. Interesting.
How many of the other functions are secured in this way? Knowing Nx, I doubt many. But eh.

edit 1: is there any real difference between the two, of going past those bytes or finding another function to hook?

no joke, my edit button has disappeared O_o
i see "reply, reply with quote, quote selected text, and multi quote"

so..you mean to change the offset used for hooking? googling it gave me that idea..honestly.