Bypass Source Code

[broly7]

Shit i am a master of olly lol but now i have to train tennis
Then i'll try this method. My ollydbg dopped with plugins can open themida packed files.

[lolz2much]

Wow. This program is incredible. It just rips apart .dll and gives you the addresses to each function, even the names of them. I suppose if we find the right one to attack we could detour the function. Ofcourse I'm not completely sure how to detour functions not part of the native Windows API.

ive already figured out how to make hack addies unpatchable.

this wont stop bypasses form getting patched though

notice in the one .dll i riped apart hshield only chekcs the version of engine.exe
this what stops u from using an old version of it

now what do we know about hacks

#1 cshell.dll is were all the hack addies are
#2 engine.exe and cshell get updated together

so what can we do

#1 detour the version checking functions
what will this do?
this will alow us to keep old versions of engine.exe and cshell.dll
this way when theres an update ours wont change and old hack addies will still work
theres alil more to it then that but u get the idea

now possible problems with the above

#1 does the server do a check on the file versions as well

if it does we could patch the files with updated version numbering


if this works we would no longer have to update hgacks with current addies and base pointers.useful yes.importnant so/so it dont take long to update the addies anyways but it stops the coders from having to search all the addies all over again, and leaves them more free time to work on the new bypass when hshield updates


just kicking around some ideas

[darkonezu]

your the man lolz

[why06]

if this works we would no longer have to update hgacks with current addies and base pointers.useful yes.importnant so/so it dont take long to update the addies anyways but it stops the coders from having to search all the addies all over again, and leaves them more free time to work on the new bypass when hshield updates
just kicking around some ideas

Yeh you could do that if you want to deal with huge amounts of compatibility issues. I'd say the best way is just to find the signature of the addresses you want and create an address logger to automatically search out those addresses. That's what everyone does in Warrock.

We only want to bypass the hack detection features. Disabling the Engine from updating could lead to problems.

[broly7]

lolz nice idea but...WE CAN'T!! EHSCV.DLL is overwriten. SO IF WE CRACK the dll, it is deleted and overwrited with the same uncracked dll. Any ideas?

[lolz2much]

lolz nice idea but...WE CAN'T!! EHSCV.DLL is overwriten. SO IF WE CRACK the dll, it is deleted and overwrited with the same uncracked dll. Any ideas?

st it to readonly

[broly7]

Testing...FAIL

No i can't. Continues overwriting it.

[cheezetrix]

man i wish i understood what i just read good job hackshield is gonna be useless against hacks soon

[Corndog]

all this info is leeched from gordon's site right?

[broly7]

all this info is leeched from gordon's site right?

looooooooooooooooooool

[FORCE™]

no not gordons site, i gave credits it in the first sentence

[TyGas]

This is a good post. This is the kind of kownledge I was looking for.

[FORCE™]

hey would you mine posting where we might find these files, or attach them to the thread.

if you can't attach them to the thread, just pm me the link for the .dll files.
i think i will work on a bypass

thanks.

Ok guys, here are the files, i could only find 4 of them, if u want the rest ask lolz or broly

[2698500]

Here is that info you wanted. I will put up to tut's. how to disable eagle and how to delete the hiddens.


How to disable Eagle NT:
Start > Run > regedit> OK
Go to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\
Right Click EagleNT
Select Permissions…
Click Advanced
Click Add
Type your Windows account name in the text box
Click Check Names, if the name you typed becomes underlined continue, if not type it again and try again Check Names.
Click OK
Check Full Control
Click OK
Uncheck “Inherit from parent the permission entries that apply to child objects. Include these with entries explicitly defined here”.
Click “Remove” on the window that pops up.
Test, if not restart computer.

Unlocker:
1.Run Combatarms.exe from your Release folder and load to login page.
2.Go to where ever your combat arms is.
3.Look for 2 or more semi-transparent *.dll files.
4.CTRL CLICK on the 2 file
5.Right Click > Unlocker
6.Select the files > Unlock All
7.In your HShield folder, SHIFT DELETE the 2 files.
(No need to shut down the game client)
8.Do your hacks and what not.
9.Do ProcessHacker ^^.

[YellowCake]

Problem is im getting Error Code=204~!!