Warrock - Code Snippets

Page 65 of 73 « First 15556364 65 6667 Last »
05/12/2013 21:47 hansewurst#961
Quote:
Originally Posted by GigaByte™ View Post
#Request latest EhSvc dump :)
Hackshield dump?
05/12/2013 22:19 GigaByte™#962
Quote:
Originally Posted by hansewurst View Post
Hackshield dump?
Yes. The latest one if you can please
05/13/2013 20:43 .BlackHat#963
Be happy that I share it with you now..
Download is attached.

It's only a DLL. Scan it yourself (#low connection ftw)..

Anhang deleted da kein VT
05/14/2013 21:37 Inline™#964
#Request

NadeSize source
05/14/2013 21:55 *KingDevil*#965
Quote:
Originally Posted by Inline™ View Post
#Request

NadeSize source
switch ( _Cy_NadeSize )
{
case 0:*(FLOAT*)(ADR_NadeSize) = (0.13);break; //Normal Volue
case 1:*(FLOAT*)(ADR_NadeSize) = (0.13f*10);break; //x10Size
case 2:*(FLOAT*)(ADR_NadeSize) = (0.13f*30);break; //x30Size
case 3:*(FLOAT*)(ADR_NadeSize) = (0.13f*50);break; //x50Size
case 4:*(FLOAT*)(ADR_NadeSize) = (0.13f*70);break; //x70Size
case 5:*(FLOAT*)(ADR_NadeSize) = (0.13f*100);break; //x100Size

}

Credits CyBerTürk™.
05/15/2013 07:51 Raz9r#966
Quote:
Originally Posted by *KingDevil* View Post
switch ( _Cy_NadeSize )
{
case 0:*(FLOAT*)(ADR_NadeSize) = (0.13);break; //Normal Volue
case 1:*(FLOAT*)(ADR_NadeSize) = (0.13f*10);break; //x10Size
case 2:*(FLOAT*)(ADR_NadeSize) = (0.13f*30);break; //x30Size
case 3:*(FLOAT*)(ADR_NadeSize) = (0.13f*50);break; //x50Size
case 4:*(FLOAT*)(ADR_NadeSize) = (0.13f*70);break; //x70Size
case 5:*(FLOAT*)(ADR_NadeSize) = (0.13f*100);break; //x100Size

}

Credits CyBerTürk™.
The same thing as in my last post applies:
Code:
static const float nadesize_valarr[] = { 0.13f, 0.13f * 10.0f, 0.13f * 30.0f, 0.13f * 50.0f, 0.13f * 70.0f, 0.13f * 100.0f };
// assuming that 0 <= _Cy_NadeSize <= 5
*reinterpret_cast<float *const>(ADR_NadeSize) = nadesize_valarr[_Cy_NadeSize];
If your compiler supports constexpr use it instead of static const. Also note that _Cy_NadeSize is valid production code, but invalid per standard as names prefixed by _ followed either an uppercase letter or another _ are implementation reserved. Please also take note that compilers often do not optimize the expression 0.13f * 100 because of the different encodings of float and int.
05/15/2013 11:32 BlackLegend™##967
//================= EHSVC =================//
EhsVc.dll Entry Point : 0x5C81000
EhsVc.dll .code Size : 0x101000
EhsVc.dll .code Offset : 0x1000

//================ BYPASS1 =================//
#define ADR_HSCallBack1 0x0085C2D
#define ADR_HSCallBack2 0x000A238
#define ADR_HSNanoScan1 0x00A713A
#define ADR_HSNanoScan2 0x00A481E
//================ BYPASS2 =================//
#define EhsvcSelfCrC 0x008518E
#define Detection 0x000A1A0
#define NanoCheck1 0x003F55E
#define NanoCheck2 0x003C90F
//================= Other =================//
#define HSAntiCrash 0x003F5D4
#define Asm Detection 0x002ECFD
//======= Made By BlackLegend & NikM =======//

HF
05/15/2013 12:48 xXrussXx#968
Quote:
Originally Posted by BlackLegend™# View Post
//================= EHSVC =================//
EhsVc.dll Entry Point : 0x5C81000
EhsVc.dll .code Size : 0x101000
EhsVc.dll .code Offset : 0x1000

//================ BYPASS1 =================//
#define ADR_HSCallBack1 0x0085C2D
#define ADR_HSCallBack2 0x000A238
#define ADR_HSNanoScan1 0x00A713A
#define ADR_HSNanoScan2 0x00A481E
//================ BYPASS2 =================//
#define EhsvcSelfCrC 0x008518E
#define Detection 0x000A1A0
#define NanoCheck1 0x003F55E
#define NanoCheck2 0x003C90F
//================= Other =================//
#define HSAntiCrash 0x003F5D4
#define Asm Detection 0x002ECFD
//======= Made By BlackLegend & NikM =======//

HF
IDK but your logger gives me this loggs..(could be you old logger!?)

//================= EHSVC =================//
EhsVc.dll Entry Point : 0x3B31000
EhsVc.dll .code Size : 0x100000
EhsVc.dll .code Offset : 0x1000

//================ BYPASS1 =================//
#define ADR_HSCallBack1 0x0085CDD
#define ADR_HSCallBack2 0x000A238
#define ADR_HSNanoScan1 0x00A5EBA
#define ADR_HSNanoScan2 0x00A359E
//================ BYPASS2 =================//
#define EhsvcSelfCrC 0x008523E
#define Detection 0x000A1A0
#define NanoCheck1 0x00402CE
#define NanoCheck2 0x003D67F
//================= Other =================//
#define HSAntiCrash 0x0040344
#define Asm Detection 0x002EE5D
//======= Made By BlackLegend & NikM =======//
//================= EHSVC =================//
EhsVc.dll Entry Point : 0x3831000
EhsVc.dll .code Size : 0x100000
EhsVc.dll .code Offset : 0x1000

//================ BYPASS1 =================//
#define ADR_HSCallBack1 0x0085CDD
#define ADR_HSCallBack2 0x000A238
#define ADR_HSNanoScan1 0x00A5EBA
#define ADR_HSNanoScan2 0x00A359E
//================ BYPASS2 =================//
#define EhsvcSelfCrC 0x008523E
#define Detection 0x000A1A0
#define NanoCheck1 0x00402CE
#define NanoCheck2 0x003D67F
//================= Other =================//
#define HSAntiCrash 0x0040344
#define Asm Detection 0x002EE5D
//======= Made By BlackLegend & NikM =======//
//================= EHSVC =================//
EhsVc.dll Entry Point : 0x39C1000
EhsVc.dll .code Size : 0x101000
EhsVc.dll .code Offset : 0x1000

//================ BYPASS1 =================//
#define ADR_HSCallBack1 0x0085C2D
#define ADR_HSCallBack2 0x000A238
#define ADR_HSNanoScan1 0x00A713A
#define ADR_HSNanoScan2 0x00A481E
//================ BYPASS2 =================//
#define EhsvcSelfCrC 0x008518E
#define Detection 0x000A1A0
#define NanoCheck1 0x003F55E
#define NanoCheck2 0x003C90F
//================= Other =================//
#define HSAntiCrash 0x003F5D4
#define Asm Detection 0x002ECFD
//======= Made By BlackLegend & NikM =======//
//================= EHSVC =================//
EhsVc.dll Entry Point : 0x3861000
EhsVc.dll .code Size : 0x101000
EhsVc.dll .code Offset : 0x1000

//================ BYPASS1 =================//
#define ADR_HSCallBack1 0x0085C2D
#define ADR_HSCallBack2 0x000A238
#define ADR_HSNanoScan1 0x00A713A
#define ADR_HSNanoScan2 0x00A481E
//================ BYPASS2 =================//
#define EhsvcSelfCrC 0x008518E
#define Detection 0x000A1A0
#define NanoCheck1 0x003F55E
#define NanoCheck2 0x003C90F
//================= Other =================//
#define HSAntiCrash 0x003F5D4
#define Asm Detection 0x002ECFD
//======= Made By BlackLegend & NikM =======//
05/15/2013 16:14 .BlackHat#969
My logs say:

Code:
#define adrCqcProne 0x0091BD84
#define adrWeapon1 0x000101EC
#define adrWeapon2 0x000101EE
#define adrWeapon3 0x000101F0
#define adrD3DUsername 0x00AB0294
#define adrD3DHealth 0x00AB1464
#define adrSpawnTime 0x00B9D220
#define adrFallDamage 0x000102E8
#define adrUnlimitedAmmo 0x00A533F4
#define ofsPremium1 0x0000058C
#define ofsPremium2 0x00000590
#define ofsFireDelay 0x00010410
#define ofsInvisible 0x000DF35C
#define fEngineText 0x00401023
#define fMessageBox 0x0051AE5A

#define adrHSStub 0x00515926 // write \xEB
#define adrHSHandler 0x005E5E53 // write \xC3
#define ofsHsDetection 0x0000A1A0 // write \xC2\x04\x00
#define ofsHsSelfCrc 0x0008523E // write \xC2\x04\x00
#define ofsHsNano 0x000A5EBA // write \xD2
05/15/2013 17:24 CyberVeezy :)#970

[ 15.05.2013 - Updated Bypass ]
[ 1 Hours - Kick! ]
[ Credits: Reaper & BlackHat ]

Code:
void WarRock_AhnLab_HackShield_Bypass(void)
{
DWORD dwEhSvc;
do
{
dwEhSvc = (DWORD)GetModuleHandleA("EHSVC.DLL");
Sleep(30);
}
while (!dwEhSvc);


MemoryEdit((void *)(hEhSvc + 0x515926), (void *)"\xEB\", 1);
MemoryEdit((void *)(hEhSvc + 0x5E5E53),(void *)"\xC3", 1);
MemoryEdit((void *)(hEhSvc + 0x0000A1A0)(void *)"\xC2\x04\x00", 3);
MemoryEdit((void *)(hEhSvc + 0x0008523E )(void *)"\xC2\x04\x00", 3);
MemoryEdit((void *)(hEhSvc + 0x5E5E53),(void *)"\xD2", 1);
}
I dont know if its work, test it.
05/15/2013 21:43 .BlackHat#971
Quote:
Originally Posted by CyberVeezy :) View Post

[ 15.05.2013 - Updated Bypass ]
[ 1 Hours - Kick! ]
[ Credits: Reaper & BlackHat ]

Code:
void WarRock_AhnLab_HackShield_Bypass(void)
{
DWORD dwEhSvc;
do
{
dwEhSvc = (DWORD)GetModuleHandleA("EHSVC.DLL");
Sleep(30);
}
while (!dwEhSvc);


MemoryEdit((void *)(hEhSvc + 0x515926), (void *)"\xEB\", 1);
MemoryEdit((void *)(hEhSvc + 0x5E5E53),(void *)"\xC3", 1);
MemoryEdit((void *)(hEhSvc + 0x0000A1A0)(void *)"\xC2\x04\x00", 3);
MemoryEdit((void *)(hEhSvc + 0x0008523E )(void *)"\xC2\x04\x00", 3);
MemoryEdit((void *)(hEhSvc + 0x5E5E53),(void *)"\xD2", 1);
}
I dont know if its work, test it.
mega fail.

MemoryEdit((void *)(hEhSvc + 0x5E5E53),(void *)"\xC3", 1);
...
MemoryEdit((void *)(hEhSvc + 0x5E5E53),(void *)"\xD2", 1);

wtf?
Außerdem sind die beiden Addressen (0x515926 und 0x5E5E53) keine Offsets. Sprich: hEhSvc + muss weg.
Kanns hier auch einmal einer richtig machen? :facepalm:
05/16/2013 06:39 Lazl07#972
Quote:
Originally Posted by .BlackHat View Post
mega fail.

MemoryEdit((void *)(hEhSvc + 0x5E5E53),(void *)"\xC3", 1);
...
MemoryEdit((void *)(hEhSvc + 0x5E5E53),(void *)"\xD2", 1);

wtf?
Außerdem sind die beiden Addressen (0x515926 und 0x5E5E53) keine Offsets. Sprich: hEhSvc + muss weg.
Kanns hier auch einmal einer richtig machen? :facepalm:

Hey.Im using xC3 but its still perfect.
05/17/2013 01:16 xXrussXx#973
Quote:
Originally Posted by Lazl07 View Post
Hey.Im using xC3 but its still perfect.
He's not speaking about the bytes.
He's speaking about the Ehsvc which u dont need to use.
05/17/2013 06:13 Lazl07#974
i didnt understand dutch.
05/18/2013 12:30 MineCore#975
Hallo,
ich bin eine Anfänger in C++ und habe eine frage und zwar ich habe es jetzt endlich geschaft ohne C&P einen Warrock Hack zumachen aber er schmiert nach ca 2min ab.
Liegt es daran das ich einen Hackshield Bypass brauche.
Und wenn ja woher bekomme ich einen ?
Page 65 of 73 « First 15556364 65 6667 Last »