Home › Forum › MultiPlayer Game Hacks & Cheats › Other Semi-Popular First Person Shooter Hacks › DayZ Mod & Standalone Hacks & Cheats › DayZ Help & Requests › Bypass Help, Noob Question
Bypass Help, Noob Question
Bypass Help, Noob Question
I am looking to see how exactly bypasses are made, what do they need to accomplish, how they are made
and any links to patched bypasses will help ( I can study them) ?
Any other info about bypasses will help.
and any links to patched bypasses will help ( I can study them) ?
Any other info about bypasses will help.
Best thing you need to do is decompile the BEClient.dll
What I have so far:
================================================== ===================
char __cdecl Init(int Unknown, BE_GameData *GameData, BE_Callback *pCallback)
{
char result; // al@2
const void *pTrampoline_recvfrom; // eax@3
void *p2Trampoline_recvfrom; // esi@3
HMODULE hMod; // eax@8
FARPROC proc_recvfrom2; // eax@8
unsigned int seed; // eax@10
if ( !InitializeCriticalSectionAndSpinCount(&CriticalSe ction, 0x80000000u) )
return 0;
EnterCriticalSection(&CriticalSection);
pTrampoline_recvfrom = (const void *)operator new(0x20u);
p2Trampoline_recvfrom = (void *)pTrampoline_recvfrom;
if ( !pTrampoline_recvfrom )
goto HookFail;
if ( !JMP_Hook((int)recvfrom_hook, recvfrom, pTrampoline_recvfrom) )
{
j__free(p2Trampoline_recvfrom);
HookFail:
p2Trampoline_recvfrom = 0;
}
g_Trampoline_recvfrom = p2Trampoline_recvfrom;// Global var to recvfrom trampoline
if ( p2Trampoline_recvfrom
&& ((hMod = GetModuleHandleA("wsock32.dll"),
proc_recvfrom2 = GetProcAddress(hMod, "recvfrom"),
(dword_1001A558 = (int (__stdcall *)(_DWORD, _DWORD, _DWORD, _DWORD, _DWORD, _DWORD))proc_recvfrom2) == 0)
|| (g_Trampoline_wsock32_recvfrom = JMP_HookEx(proc_recvfrom2, (int)wsock32_recvfrom_hook)) != 0) )
{
seed = GetTickCount();
srand(seed);
if ( FindWindowA("ArmA 2 OA", 0) )
GameType = 1;
else
GameType = FindWindowA("Ironfront", 0) != 0 ? 2 : 0;
*(_DWORD *)&to.sa_data[2] = GameData->locIP;// local ip
*(_WORD *)&to.sa_data[0] = GameData->locPort;// port
ChatPrint = (int (__cdecl *)(_DWORD))GameData->pChatPrint;
pCallback->pBE_Unload = (DWORD)BE_Unload; // unload function - called to free battleye resources
pCallback->pBE_Update = (DWORD)BE_Update; // be update callback
pCallback->pBE_DisplayInfo = (DWORD)BE_DisplayInfo;// called when you type #beclient guid, to display your guid or #beclient players
pCallback->pBE_BE_ScriptCallBack = (DWORD)BE_ScriptCallBack;// BE_ScriptCallBack Function
BE_ChatPrintf("Initialized (v%u.%03u)", 1, 168);
LeaveCriticalSection(&CriticalSection);
result = 1;
}
else
{
LeaveCriticalSection(&CriticalSection);
BE_Unload();
result = 0;
}
return result;
}
================================================== ===================
Plus you need to learn more about C++ and study the DLL's, learn what they do when you login to a server. And study more!
Also learn what the Init Function does and Player ID. And I'd say after learning + studying you should know how to make a bypass. Or atleast know how one works!
I am currently making one of my own bypasses. And it will be free to the community.
Notes:
Learn Packets.
Such as Packet Headers and Connect Packets.
Learn how to make your own connect packets as well. Plus more stuff. Don't let it overwhelm you though.
What I have so far:
================================================== ===================
char __cdecl Init(int Unknown, BE_GameData *GameData, BE_Callback *pCallback)
{
char result; // al@2
const void *pTrampoline_recvfrom; // eax@3
void *p2Trampoline_recvfrom; // esi@3
HMODULE hMod; // eax@8
FARPROC proc_recvfrom2; // eax@8
unsigned int seed; // eax@10
if ( !InitializeCriticalSectionAndSpinCount(&CriticalSe ction, 0x80000000u) )
return 0;
EnterCriticalSection(&CriticalSection);
pTrampoline_recvfrom = (const void *)operator new(0x20u);
p2Trampoline_recvfrom = (void *)pTrampoline_recvfrom;
if ( !pTrampoline_recvfrom )
goto HookFail;
if ( !JMP_Hook((int)recvfrom_hook, recvfrom, pTrampoline_recvfrom) )
{
j__free(p2Trampoline_recvfrom);
HookFail:
p2Trampoline_recvfrom = 0;
}
g_Trampoline_recvfrom = p2Trampoline_recvfrom;// Global var to recvfrom trampoline
if ( p2Trampoline_recvfrom
&& ((hMod = GetModuleHandleA("wsock32.dll"),
proc_recvfrom2 = GetProcAddress(hMod, "recvfrom"),
(dword_1001A558 = (int (__stdcall *)(_DWORD, _DWORD, _DWORD, _DWORD, _DWORD, _DWORD))proc_recvfrom2) == 0)
|| (g_Trampoline_wsock32_recvfrom = JMP_HookEx(proc_recvfrom2, (int)wsock32_recvfrom_hook)) != 0) )
{
seed = GetTickCount();
srand(seed);
if ( FindWindowA("ArmA 2 OA", 0) )
GameType = 1;
else
GameType = FindWindowA("Ironfront", 0) != 0 ? 2 : 0;
*(_DWORD *)&to.sa_data[2] = GameData->locIP;// local ip
*(_WORD *)&to.sa_data[0] = GameData->locPort;// port
ChatPrint = (int (__cdecl *)(_DWORD))GameData->pChatPrint;
pCallback->pBE_Unload = (DWORD)BE_Unload; // unload function - called to free battleye resources
pCallback->pBE_Update = (DWORD)BE_Update; // be update callback
pCallback->pBE_DisplayInfo = (DWORD)BE_DisplayInfo;// called when you type #beclient guid, to display your guid or #beclient players
pCallback->pBE_BE_ScriptCallBack = (DWORD)BE_ScriptCallBack;// BE_ScriptCallBack Function
BE_ChatPrintf("Initialized (v%u.%03u)", 1, 168);
LeaveCriticalSection(&CriticalSection);
result = 1;
}
else
{
LeaveCriticalSection(&CriticalSection);
BE_Unload();
result = 0;
}
return result;
}
================================================== ===================
Plus you need to learn more about C++ and study the DLL's, learn what they do when you login to a server. And study more!
Also learn what the Init Function does and Player ID. And I'd say after learning + studying you should know how to make a bypass. Or atleast know how one works!
I am currently making one of my own bypasses. And it will be free to the community.
Notes:
Learn Packets.
Such as Packet Headers and Connect Packets.
Learn how to make your own connect packets as well. Plus more stuff. Don't let it overwhelm you though.
Similar Threads
- 5Last post
- 1Last post
- 15Last post
^^