Some help at ASM & HackShield remove

07/11/2012 08:41 sheik_gray#1
hi im trygin to remove HS from somegame... but i post here because the section of this game is almost dead... i just need some hint with this code just to start... i just know this part load th driver and then when i patch this part i need to patch the part who check if is loaded or not and do a conditional jump but the example i have study is more simple, because i think is a old version of Hackhield... i know this section is for metin but i think this can help more ppl to learn something about how works the HS

Thanks

Code:
unpacked:007DC7BD                 push    offset aHshieldEhsvc_d ; "\\HShield\\EhSvc.dll"
unpacked:007DC7C2                 rep stosd
unpacked:007DC7C4                 mov     edi, offset unk_174C054
unpacked:007DC7C9                 or      ecx, 0FFFFFFFFh
unpacked:007DC7CC                 repne scasb
unpacked:007DC7CE                 not     ecx
unpacked:007DC7D0                 sub     edi, ecx
unpacked:007DC7D2                 mov     eax, ecx
unpacked:007DC7D4                 mov     esi, edi
unpacked:007DC7D6                 mov     edi, edx
unpacked:007DC7D8                 shr     ecx, 2
unpacked:007DC7DB                 rep movsd
unpacked:007DC7DD                 mov     ecx, eax
unpacked:007DC7DF                 and     ecx, 3
unpacked:007DC7E2                 rep movsb
unpacked:007DC7E4                 lea     ecx, [esp+214h+var_104]
unpacked:007DC7EB                 push    ecx
unpacked:007DC7EC                 call    ds:dword_87B170
unpacked:007DC7F2                 push    4
unpacked:007DC7F4                 push    2883DBEh
unpacked:007DC7F9                 push    offset aE6e29374943cf6 ; "E6E29374943CF660DBEC8E62"
unpacked:007DC7FE                 push    17B1h
unpacked:007DC803                 lea     edx, [esp+220h+var_104]
unpacked:007DC80A                 push    offset sub_7DCC10
unpacked:007DC80F                 push    edx
unpacked:007DC810                 call    sub_859C92
unpacked:007DC815                 push    offset unk_8CC4A0
unpacked:007DC81A                 mov     esi, eax
unpacked:007DC81C                 call    sub_7ACAA0
unpacked:007DC821                 add     esp, 4
unpacked:007DC824                 test    esi, esi
unpacked:007DC826                 jz      loc_7DC93B
unpacked:007DC82C                 cmp     esi, 103h
unpacked:007DC832                 jg      short loc_7DC8A2
unpacked:007DC834                 jz      short loc_7DC891
unpacked:007DC836                 cmp     esi, 100h
unpacked:007DC83C                 jg      short loc_7DC882
unpacked:007DC83E                 jz      short loc_7DC86E
unpacked:007DC840                 mov     eax, esi
unpacked:007DC842                 sub     eax, 2
unpacked:007DC845                 jz      short loc_7DC85A
unpacked:007DC847                 sub     eax, 2
unpacked:007DC84A                 jnz     loc_7DC8E9
unpacked:007DC850                 push    offset unk_8CC478
unpacked:007DC855                 jmp     loc_7DC909
07/11/2012 08:51 Mi4uric3#2
Does this Version of Hackshield support Heartbeats (Pings from Server)?
If yes, you can't just remove the Hackshield.
If no, then you just need to delete the EhSvc.dll in the hshield\-Folder.
Start your game, and then some Error-Messages will appear. That are the only things you need to patch. Since it are MessageBoxes, they are easy to find :)