Home › Forum › MultiPlayer Game Hacks & Cheats › Combat Arms Hacks & Cheats › Combat Arms Hack Coding / Programming / Source Code › Hackshield bypass {Source code}
Hackshield bypass {Source code}
again not ours its from ucforum
I was wandering about this C++ stuff I am taking a class in school for C++ do you think its useful for me to stay in it, can it even help me learn how to do this or is this something you learn with countless hours of reading and working on??
Originally Posted by brett22278
I was wandering about this C++ stuff I am taking a class in school for C++ do you think its useful for me to stay in it, can it even help me learn how to do this or is this something you learn with countless hours of reading and working on??
I wish I was good enough in C++ to finish coding this.
lol i didnt understand s single thing in this source code, guess its time to learn C++ Coding
hmm, i understand the jist of it, ill go try and make a bypass now 
Did you actually prove to anyone that your script works?
Originally Posted by headsup
Ok listen, I did not make this, I found from acid burn and changed a few details, And now im letting all you people know about it. This is not 100%, And will require some coding and changed value's; Since this is old and hackshield updated..[SIZE="5"]Anyway here it is and thanks me.
Do not reply, With spam , flame, Just don't reply at all.. Pm me with any question's as i Willl Be able to give you help!!.. Thank's
Here is a simple script i wrote up, But got leeched all over.. This is a bypass but will require you to add in a code to pass cshell also.. But hey this is half way done. Do not reply it doesn't work i know it does.. I am using the old RK Aimbot with TnT chams..
You need to work with this as i am not just going to pass cshell for you for the fact of choobs.. Sooooo.. Have fun And thank's me!!
Alwayz remember to Thank's
Code:
#define HS_JMP 0x63B31D
#define HS_JMP2 0x63B323
typedef int (__cdecl *HS_GetProcAddress_t)( int hModule, int a2 );
typedef int (__stdcall *HackshieldComm_t )( int, void*, void* );
typedef signed int (__stdcall *KickProc_t)( int a1, int a2, int a3 );
HS_GetProcAddress_t pHS_GetProcAddress = NULL;
HackshieldComm_t pHackshieldComm = NULL;
KickProc_t pKickProc = NULL;
signed int __stdcall new_KickProc( int a1, int a2, int a3 )
{
return 1;
}
int __stdcall new_HackshieldComm( int hsCommCode, void *Param1, void *Param2 )
{
if( hsCommCode == 4 || hsCommCode == 5 || hsCommCode == 13 ) //kill!
{
if( hsCommCode == 4 ) //replace kick proc
{
DWORD *dwParam1 = (DWORD *)Param1;
pKickProc = (KickProc_t)*dwParam1;
*dwParam1 = (DWORD)new_KickProc;
}
int iReturn = pHackshieldComm( hsCommCode, Param1, Param2 );
return 1;
}
int iReturn = pHackshieldComm( hsCommCode, Param1, Param2 );
return iReturn;
}
void HookCommunication( EXCEPTION_POINTERS* pExceptionInfo )
{
DWORD dwEbp = pExceptionInfo->ContextRecord->Ebp;
DWORD dwParam2 = 0;
__asm
{
push eax;
push edx;
mov eax, dwEbp;
mov edx, [eax+0xC];
mov dwParam2, edx;
pop edx;
pop eax;
}
if( dwParam2 == 0xA ) //this is the ordinal of some export...hmm..
{
pHackshieldComm = (HackshieldComm_t)pExceptionInfo->ContextRecord->Eax;
pExceptionInfo->ContextRecord->Eax = (DWORD)new_HackshieldComm;
}
pExceptionInfo->ContextRecord->Eip = HS_JMP2;
return;
}
PVOID pContextHandler = NULL;
LONG WINAPI ***ExceptionHandler( EXCEPTION_POINTERS* pExceptionInfo )
{
if( pExceptionInfo->ExceptionRecord->ExceptionCode != EXCEPTION_SINGLE_STEP )
{
return EXCEPTION_CONTINUE_SEARCH;
}
if( pExceptionInfo->ExceptionRecord->ExceptionAddress == (PVOID)HS_JMP )
{
HookCommunication( pExceptionInfo );
return EXCEPTION_CONTINUE_EXECUTION;
}
return EXCEPTION_CONTINUE_SEARCH;
}
void InitContextHook()
{
pContextHandler = AddVectoredExceptionHandler( 0x50BE17, ***ExceptionHandler );
CONTEXT Context;
Contex*****ntextFlags = CONTEXT_DEBUG_REGISTERS;
GetThreadContext(GetCurrentThread(), &Context);
Context.Dr0 = HS_JMP;
Context.Dr7 = (1<<0)|(1<<2)|(1<<4)|(1<<6);
SetThreadContext(GetCurrentThread(), &Context);
Do not reply, With spam , flame, Just don't reply at all.. Pm me with any question's as i Willl Be able to give you help!!.. Thank's
Here is a simple script i wrote up, But got leeched all over.. This is a bypass but will require you to add in a code to pass cshell also.. But hey this is half way done. Do not reply it doesn't work i know it does.. I am using the old RK Aimbot with TnT chams..
You need to work with this as i am not just going to pass cshell for you for the fact of choobs.. Sooooo.. Have fun And thank's me!!
Code:
/*-----------------------------------------------------------------Bypass---------------------------------------------------------*/
{
for (;;){
int EhSvc = (long)GetModuleHandleA("EhSvc.dll");
if(EhSvc !=0){
DWORD OldProtect;
int EhPtr = 0xAF590;//Constant
int Memory1 =(EhSvc+0xB1D6C);//HS-Addy
int Memory2 =(EhSvc+0xB1D70);//Hs-Addy-Jump
int Memory3 =(EhSvc+0xB1D90);//Hs-Addy-Jump
int Memory4 =(EhSvc+0xB186C);//Hs-Addy-Jump
int Memory5 =(EhSvc+0xBE338);//Hs-Addy-Jump
int Memory6 =(EhSvc+0xBE3A4);//Hs-Addy-Jump
int Memory7 =(EhSvc+0xBE478);//Hs-Addy-Jump
int Memory8 =(EhSvc+0xBE480);//Hs-Addy-Jump
int Memory9 = (EhSvc+0xBEC90);//Hs-Addy-Jump
int Memory10 =(EhSvc+0xB9E54);//Hs-Addy-Jump
int Memory11 =(EhSvc+0xB9E48);//Hs-Addy-Jump
int Memory12 =(EhSvc+0xB9E38);//Hs-Addy-Jump
int Memory13 =(EhSvc+0xB9E04);//Hs-Addy-Jump
int Memory14 =(EhSvc+0xB9DD0);//Hs-Addy-Jump
int Memory15 =(EhSvc+0xBEC74);//Hs-Addy-Jump
int Memory16 =(EhSvc+0xB9DC8);//Hs-Addy-Jump
int Memory17 =(EhSvc+0xB9E84);//Hs-Addy-Jump
int Memory18 =(EhSvc+0xB9858);//Hs-Addy-Jump
int Memory19 =(EhSvc+0xB9888);//Hs-Addy-Jump
int Memory20 =(EhSvc+0xB98B8);//Hs-Addy-Jump
int Memory21 =(EhSvc+0xB98E8);//Hs-Addy-Jump
int Memory22 =(EhSvc+0xB1674);//Hs-Addy-Jump
int Memory23 =(EhSvc+0xB1724);//Hs-Addy-Jump
int Memory24 =(EhSvc+0xB9C54);//Hs-Addy-Jump
int Memory25 =(EhSvc+0xB16F8);//Hs-Addy-Jump
int Memory26 =(EhSvc+0xB16CC);//Hs-Addy-Jump
int Memory27 =(EhSvc+0xB16A0);//Hs-Addy-Jump
int Memory28 =(EhSvc+0xB1794);//Hs-Addy-Jump
int EhY = (EhSvc+EhPtr-0x20);//Constant
int Eh0 = (EhSvc+EhPtr-0x44);//Constant
int EhX = (EhSvc+EhPtr-0x40);//Constant
VirtualProtect((void*)(Memory1),0x6,PAGE_EXECUTE_READWRITE,&OldProtect);
*(DWORD*)(Memory1) = 4;
VirtualProtect((void*)(Memory2),0x6,PAGE_EXECUTE_READWRITE,&OldProtect);
*(DWORD*)(Memory2) = 4;
VirtualProtect((void*)(Memory3),0x6,PAGE_EXECUTE_READWRITE,&OldProtect);
*(DWORD*)(Memory3) = 4;
VirtualProtect((void*)(Memory4),0x6,PAGE_EXECUTE_READWRITE,&OldProtect);
*(DWORD*)(Memory4) = 4;
VirtualProtect((void*)(Memory5),0x6,PAGE_EXECUTE_READWRITE,&OldProtect);
*(DWORD*)(Memory5) = 4;
VirtualProtect((void*)(Memory6),0x6,PAGE_EXECUTE_READWRITE,&OldProtect);
*(DWORD*)(Memory6) = 4;
VirtualProtect((void*)(Memory7),0x6,PAGE_EXECUTE_READWRITE,&OldProtect);
*(DWORD*)(Memory7) = 4;
VirtualProtect((void*)(Memory8),0x6,PAGE_EXECUTE_READWRITE,&OldProtect);
*(DWORD*)(Memory8) = 4;
VirtualProtect((void*)(Memory9),0x6,PAGE_EXECUTE_READWRITE,&OldProtect);
*(DWORD*)(Memory9) = 4;
VirtualProtect((void*)(Memory10),0x6,PAGE_EXECUTE_READWRITE,&OldProtect);
*(DWORD*)(Memory10) = 4;
VirtualProtect((void*)(Memory11),0x6,PAGE_EXECUTE_READWRITE,&OldProtect);
*(DWORD*)(Memory11) = 4;
VirtualProtect((void*)(Memory12),0x6,PAGE_EXECUTE_READWRITE,&OldProtect);
*(DWORD*)(Memory12) = 4;
VirtualProtect((void*)(Memory13),0x6,PAGE_EXECUTE_READWRITE,&OldProtect);
*(DWORD*)(Memory13) = 4;
VirtualProtect((void*)(Memory14),0x6,PAGE_EXECUTE_READWRITE,&OldProtect);
*(DWORD*)(Memory14) = 4;
VirtualProtect((void*)(Memory15),0x6,PAGE_EXECUTE_READWRITE,&OldProtect);
*(DWORD*)(Memory15) = 4;
VirtualProtect((void*)(Memory16),0x6,PAGE_EXECUTE_READWRITE,&OldProtect);
*(DWORD*)(Memory16) = 4;
VirtualProtect((void*)(Memory17),0x6,PAGE_EXECUTE_READWRITE,&OldProtect);
*(DWORD*)(Memory17) = 4;
VirtualProtect((void*)(Memory18),0x6,PAGE_EXECUTE_READWRITE,&OldProtect);
*(DWORD*)(Memory18) = 4;
VirtualProtect((void*)(Memory19),0x6,PAGE_EXECUTE_READWRITE,&OldProtect);
*(DWORD*)(Memory19) = 4;
VirtualProtect((void*)(Memory20),0x6,PAGE_EXECUTE_READWRITE,&OldProtect);
*(DWORD*)(Memory20) = 4;
VirtualProtect((void*)(Memory21),0x6,PAGE_EXECUTE_READWRITE,&OldProtect);
*(DWORD*)(Memory21) = 4;
VirtualProtect((void*)(Memory22),0x6,PAGE_EXECUTE_READWRITE,&OldProtect);
*(DWORD*)(Memory22) = 4;
VirtualProtect((void*)(Memory23),0x6,PAGE_EXECUTE_READWRITE,&OldProtect);
*(DWORD*)(Memory23) = 4;
VirtualProtect((void*)(Memory24),0x6,PAGE_EXECUTE_READWRITE,&OldProtect);
*(DWORD*)(Memory24) = 4;
VirtualProtect((void*)(Memory25),0x6,PAGE_EXECUTE_READWRITE,&OldProtect);
*(DWORD*)(Memory25) = 4;
VirtualProtect((void*)(Memory26),0x6,PAGE_EXECUTE_READWRITE,&OldProtect);
*(DWORD*)(Memory26) = 4;
VirtualProtect((void*)(Memory27),0x6,PAGE_EXECUTE_READWRITE,&OldProtect);
*(DWORD*)(Memory27) = 4;
VirtualProtect((void*)(Memory28),0x6,PAGE_EXECUTE_READWRITE,&OldProtect);
*(DWORD*)(Memory28) = 4;
VirtualProtect((void*)(Eh0),0x14,PAGE_EXECUTE_READWRITE,&OldProtect);
*(DWORD*)(Eh0) = 4;
VirtualProtect((void*)(EhX),0x14,PAGE_EXECUTE_READWRITE,&OldProtect);
*(DWORD*)(EhX) = 4;
VirtualProtect((void*)(EhY),0x14,PAGE_EXECUTE_READWRITE,&OldProtect);
*(DWORD*)(EhY) = 4;
}
Sleep(5);
}
}
/*-----------------------------------------------------------------Bypass---------------------------------------------------------*/
Alwayz remember to Thank's
Similar Threads
- 33Last post
- 24Last post
- 113Last post
- 20Last post
- 12Last post