ah its pretty clean written and easy to implenent in already excisting projects.
Currently it has Chat,Notice,Datopen ptr hook.
If anyone has wishes tell me and I add them. I might try to code a hackshield proof hook, dunno how they detect detours on normal funcs (maybe patternscan or return check who knows?)
@edit,
it was just for example (to execute the functions I hooked).
If we could hook Opendat for example I would like to do smth like that:
if("Login")
QuickSendHook(Login)
if("Login2")
QuickSendHook(Login2)
you could handle dat actions ingame with own functions, would be useful but hooks get detected thou hackshield (opcode check , or return check I dunno). I need more creativity on hooks ;p
HackShield-Scanner loads the memory and then creates CRC from it. If generatedCRC != correctCRC -> Notify engine message callback -> Memory manipulation detected -> Exit Process.
The CRC function is checked by Themida's Integrity check and probably even some kind of HackShield's self-integrity-check. Also altering engine callback is not good idea as you won't be able to respond to 0x03 packet.
As far I remember the CRC was generated from 0x1000 big memory chunks inside engine.exe (Including packet functions etc.).
Anyways -> good job on finding function calls.
#EDIT:
This is basically the output of hackshield if you are detected.
(ModName: engine.exe(00400000h) Addr:00573000h, 6364F81Bh != F9C775AAh)
[Addr] = Start address of checked region. So modification is probably between 00573000h and 00574000h in this example.
[n0 != n1] = CRC is not obviously matching
HackShield-Scanner loads the memory and then creates CRC from it. If generatedCRC != correctCRC -> Notify engine message callback -> Memory manipulation detected -> Exit Process.
The CRC function is checked by Themida's Integrity check and probably even some kind of HackShield's self-integrity-check. Also altering engine callback is not good idea as you won't be able to respond to 0x03 packet.
As far I remember the CRC was generated from 0x1000 big memory chunks inside engine.exe (Including packet functions etc.).
Anyways -> good job on finding function calls.
#EDIT:
This is basically the output of hackshield if you are detected.
(ModName: engine.exe(00400000h) Addr:00573000h, 6364F81Bh != F9C775AAh)
[Addr] = Start address of checked region. So modification is probably between 00573000h and 00574000h in this example.
[n0 != n1] = CRC is not obviously matching
what about let it scan the real engine and use another one to work with?!
However my bypass was inline asm hook, that checked read location and if the Hackshield was just about to read the region I switched the pointer to original bytes (backup) instead modified and after that I switched the pointer back to engine. However the integrity check had to be cracked too.
But atm there are like 3 checks (or maybe more) that has to be modified (not easy stuff ofcourse -> Themida is not cheap protection)
However my bypass was inline asm hook, that checked read location and if the Hackshield was just about to read the region I switched the pointer to original bytes (backup) instead modified and after that I switched the pointer back to engine. However the integrity check had to be cracked too.
But atm there are like 3 checks (or maybe more) that has to be modified (not easy stuff ofcourse -> Themida is not cheap protection)
yea its alot of work finding those and crack them , not worth it while IAT/EAT hooks work without any issues
I dont need those hooks but they would be useful to have.
I gonna add cooldown for skills when I find some sparetime
if you have more wishes I add them, im thinkin of adding quicksend and recv hook but dunno what you guys think... if you made something new just add it and reupp I will add it on first page.