|
You last visited: Today at 14:05
Advertisement
King7 and disaw0v ( HackShield ByPass )
Discussion on King7 and disaw0v ( HackShield ByPass ) within the WarRock Hacks, Bots, Cheats & Exploits forum part of the WarRock category.
04/11/2013, 21:03
|
#1
|
elite*gold: 0 
Join Date: Mar 2012
Posts: 281
Received Thanks: 158
|
King7 and disaw0v ( HackShield ByPass )
It's our BYPASS STYLE METHOD. we don't show address but if you are lucky you can get address BUT it's not easy!
we would like to show you all our bypass method may can be usefull for someone 
Code:
DWORD dwAhnHS_MakeResponse_JMPBack = 0;
DWORD dwAhnHS_EndOfMakeResponse_HookStart = 0;
DWORD HS_Place = 0;
__declspec(naked) void __cdecl hkAhnHS_MakeResponse ( DWORD a1, char* a2, char* a3 )
{
__asm
{
push ebp
mov ebp,esp
push 0xFF
pushad
pushfd
}
if ( a1 == 0xD )
{
*(BYTE*)(HS_Place) = 0x33;
*(BYTE*)(HS_Place+0x1) = 0xD0;
}
__asm
{
popfd
popad
jmp dwAhnHS_MakeResponse_JMPBack
}
}
__declspec(naked) void __cdecl hkAhnHS_EndOfMakeResponse()
{
__asm
{
pushad
pushfd
}
*(BYTE*)(HS_Place) = 0x85;
*(BYTE*)(HS_Place+0x1) = 0xD2;
__asm
{
popfd
popad
retn 0x0C
}
}
int DetouringHackShield (void)
{
int hEhSvc, OK = 1337;
do
{
hEhSvc = (int)Tools.oWnGetModuleHandle("EhSvc.dll");
Sleep(1000);
} while(!hEhSvc);
if( hEhSvc > 0 )
{
unsigned long MProtection;
if ( ProtectVirtualProtect((void*)hEhSvc,0x00125000,0x04,&MProtection) )
{
HS_Place = (hEhSvc+0x******);
// CRC
*(BYTE*)(hEhSvc+0x******) = 0x31;
// Detection
*(BYTE*)(hEhSvc+0x******) = 0xC3;
// Detection
*(BYTE*)(hEhSvc+0x******) = 0xC3;
dwAhnHS_MakeResponse_JMPBack = (hEhSvc+0x******0+0x5);
Detour->Create((PBYTE)(hEhSvc+0x******),(LPBYTE)hkAhnHS_MakeResponse,DETOUR_TYPE_JMP,DETOUR_LEN_AUTO);
Detour->Create((PBYTE)(hEhSvc+0x******),(LPBYTE)hkAhnHS_EndOfMakeResponse,DETOUR_TYPE_JMP,DETOUR_LEN_AUTO);
ProtectVirtualProtect((void*)hEhSvc,0x00125000,MProtection,0);
}
}
}
|
|
|
|
04/11/2013, 21:07
|
#2
|
elite*gold: 5
Join Date: Jan 2012
Posts: 738
Received Thanks: 1,707
|
Quote:
Originally Posted by -Marekiarox-
It's our BYPASS STYLE METHOD. we don't show address but if you are lucky you can get address BUT it's not easy!
we would like to show you all our bypass method may can be usefull for someone
Code:
DWORD dwAhnHS_MakeResponse_JMPBack = 0;
DWORD dwAhnHS_EndOfMakeResponse_HookStart = 0;
DWORD HS_Place = 0;
__declspec(naked) void __cdecl hkAhnHS_MakeResponse ( DWORD a1, char* a2, char* a3 )
{
__asm
{
push ebp
mov ebp,esp
push 0xFF
pushad
pushfd
}
if ( a1 == 0xD )
{
*(BYTE*)(HS_Place) = 0x33;
*(BYTE*)(HS_Place+0x1) = 0xD0;
}
__asm
{
popfd
popad
jmp dwAhnHS_MakeResponse_JMPBack
}
}
__declspec(naked) void __cdecl hkAhnHS_EndOfMakeResponse()
{
__asm
{
pushad
pushfd
}
*(BYTE*)(HS_Place) = 0x85;
*(BYTE*)(HS_Place+0x1) = 0xD2;
__asm
{
popfd
popad
retn 0x0C
}
}
int DetouringHackShield (void)
{
int hEhSvc, OK = 1337;
do
{
hEhSvc = (int)Tools.oWnGetModuleHandle("EhSvc.dll");
Sleep(1000);
} while(!hEhSvc);
if( hEhSvc > 0 )
{
unsigned long MProtection;
if ( ProtectVirtualProtect((void*)hEhSvc,0x00125000,0x04,&MProtection) )
{
HS_Place = (hEhSvc+0x******);
// CRC
*(BYTE*)(hEhSvc+0x******) = 0x31;
// Detection
*(BYTE*)(hEhSvc+0x******) = 0xC3;
// Detection
*(BYTE*)(hEhSvc+0x******) = 0xC3;
dwAhnHS_MakeResponse_JMPBack = (hEhSvc+0x******0+0x5);
Detour->Create((PBYTE)(hEhSvc+0x******),(LPBYTE)hkAhnHS_MakeResponse,DETOUR_TYPE_JMP,DETOUR_LEN_AUTO);
Detour->Create((PBYTE)(hEhSvc+0x******),(LPBYTE)hkAhnHS_EndOfMakeResponse,DETOUR_TYPE_JMP,DETOUR_LEN_AUTO);
ProtectVirtualProtect((void*)hEhSvc,0x00125000,MProtection,0);
}
}
}
|
CHABBOS WISSEN WER DIE ADRESSEN GEKLAUT HAT
|
|
|
|
|
04/11/2013, 21:09
|
#3
|
elite*gold: 0
Join Date: Sep 2012
Posts: 182
Received Thanks: 223
|
Quote:
Originally Posted by BlackLegend™#
CHABBOS WISSEN WER DIE ADRESSEN GEKLAUT HAT
|
Tut mir Leid  
|
|
|
|
|
04/11/2013, 21:10
|
#4
|
elite*gold: 93
Join Date: Jan 2012
Posts: 517
Received Thanks: 585
|
Quote:
Originally Posted by SonyRazzer
Tut mir Leid |
tu nicht so 
|
|
|
|
 |
Similar Threads
|
ASM BYPASS PUBLIC BY KING7
08/22/2011 - WarRock Hacks, Bots, Cheats & Exploits - 20 Replies
BOOL MemEditing (VOID *lpMem,VOID *lpSrc,DWORD len)
{
DWORD lpflOldProtect, flNewProtect = PAGE_READWRITE;
unsigned char * pDst = (unsigned char *)lpMem,
*pSrc = (unsigned char *)lpSrc;
if (VirtualProtect(lpMem,len,flNewProtect,&lpflOl dProtect))
{
while(len-- > 0) *pDst++ = *pSrc++;
return (0);
|
King7 verkauft.......(V.I.P Base mit Bypass)
07/17/2011 - WarRock Trading - 10 Replies
er verkauft seine V.I.P base mit bypass:
http://www.wr-vip.com/Pics/full-hack.png
Base mit vielen ASM Funktionen+Bypass.
Der Bypass geht atm perfect (full asm) ohne serverkick!
only 50€ PSC!
|
-!WarRock Bypass!- -by King7-
11/13/2010 - WarRock Hacks, Bots, Cheats & Exploits - 12 Replies
#Patched
|
[Hackshield]Bypass the new protection hackshield
01/25/2010 - Silkroad Online - 2 Replies
Today i was so mad from agbot so i found the loader lite 3...
so i tried to connect with him to ibot (port : 16000) and failed cuz of the hackshield .... so i tried to rename the "hackshield" file dictory and it was full of success ... but i dont know .. should i get banned for it? (i bought silks)
if no ill post here the download and guide...
Thank's alot : Kobbi :)
|
Q> need help Bypass HackShield
06/18/2009 - RF Online - 0 Replies
Anyone can teach me how to bypass Hackshield please ..
i am new here so anyone can help me .. ??
:handsdown::handsdown::handsdown::handsdown::hand sdown::handsdown:
|
All times are GMT +1. The time now is 14:06.
|
|
