- Sponsored Advertisement -
Welcome to the UnKnoWnCheaTs - Multiplayer Game Hacks and Cheats.
You have to register
Anti-Cheat Bypass punkbuster vac gameguard esl xray screenshot detection undetected source code tutorial
You are Unregistered, please register
#81 Join Date: Dec 2009
Posts: 361
Reputation: 2804 Rep Power: 61
Last Achievements how would i use Returned_Device_Interface->SetRenderState(D3DRS_FILLMODE, D3DFILL_WIREFRAME);LPDIRECT3DDEVICE9* Returned_Device_Interface , i see this is a double pointer so i dont know how to use the device...
Anddos is online now
#82 Hacker Supreme Join Date: Oct 2008
Posts: 235
Reputation: 3567 Rep Power: 80
Quote:
Originally Posted by
Anddos how would i use Returned_Device_Interface->SetRenderState(D3DRS_FILLMODE, D3DFILL_WIREFRAME);LPDIRECT3DDEVICE9* Returned_Device_Interface , i see this is a double pointer so i dont know how to use the device...
Did you even try it out?
Krtek is offline
#83 Join Date: Dec 2009
Posts: 361
Reputation: 2804 Rep Power: 61
Last Achievements yes i did
Anddos is online now
#84 Join Date: Nov 2009
Posts: 91
Reputation: 289 Rep Power: 31
Last Achievements Thank you, I will try these when I find some time.
I<3UC is offline
#85 n00bie Join Date: Mar 2010
Posts: 5
Reputation: 10 Rep Power: 24
Thanks for this
Last edited by ragehacker; 03-12-2010 at 12:58 AM .
ragehacker is offline
#86 n00bie Join Date: Oct 2009
Posts: 1
Reputation: 10 Rep Power: 29
I can't say how grateful I am for this source. This kind of learning material is exactly what I need.
Th3Doc7or is offline
#87 n00bie Join Date: Feb 2010
Posts: 18
Reputation: 10 Rep Power: 24
Does this work for BattleField Bad Company 2?
helicopter12 is offline
#88 Supreme H4x0|2 Join Date: Jan 2009
Location: uoy dniheB
Posts: 676
Reputation: 8706 Rep Power: 138
This should work for any game that runs DX9
__________________
" Stay on top but remain from the underground"
4bply is offline
#89 Join Date: Oct 2010
Posts: 17
Reputation: -74 Rep Power: 0
Thanks for this great stuff roverturbo.
DownDownDown is offline
#90 Level 3
Join Date: Apr 2009
Posts: 1,605
Reputation: 27376 Rep Power: 340
Quote:
Originally Posted by
DownDownDown Thanks for this great stuff roverturbo.
Probably Warrock's anti-cheat detect's it and it doesnt allow you to start your game with it.You will need to find another hooking method wich is undetced or bypass anti-cheat's scan.
botex is offline
#91 Join Date: Jul 2009
Posts: 1,069
Reputation: 49961 Rep Power: 552
Quote:
Originally Posted by
DownDownDown Thanks for this great stuff roverturbo.
WR just drops the createdevice so you can't hook it, not this way anyways.
__________________
Shad0w_'s Alter Ego
disavow is online now
#92 Join Date: Oct 2010
Posts: 17
Reputation: -74 Rep Power: 0
Uff i dont know really how hook the dip on warrock without rehooking =(
DownDownDown is offline
#94 Join Date: Oct 2010
Posts: 17
Reputation: -74 Rep Power: 0
It crash for me but this time isn't the HackShield but is warrock.. it do only black screen and after crash...
DownDownDown is offline
#95 Level 3
Join Date: Apr 2009
Posts: 1,605
Reputation: 27376 Rep Power: 340
Quote:
Originally Posted by
DownDownDown It crash for me but this time isn't the HackShield but is warrock.. it do only black screen and after crash...
Then problem is with your hook.Try to do some log's to see where it crashes.
botex is offline
#96 Join Date: Oct 2010
Posts: 17
Reputation: -74 Rep Power: 0
It say allright.. :
DownDownDown is offline
#97 Level 3
Join Date: Apr 2009
Posts: 1,605
Reputation: 27376 Rep Power: 340
Quote:
Originally Posted by
DownDownDown It say allright.. :
Do you use normal detours(1.5)? You can also attach debuger(Olly) to see where does it crash.Maybe you did not define your function like they should be.
botex is offline
#98 Join Date: Oct 2010
Posts: 17
Reputation: -74 Rep Power: 0
Code:
void *DetourCreate (BYTE *src, const BYTE *dst, const int len)
{
BYTE *jmp;
DWORD dwback;
DWORD jumpto, newjump;
VirtualProtect(src,len,PAGE_READWRITE,&dwback);
if(src[0] == 0xE9)
{
jmp = (BYTE*)malloc(10);
jumpto = (*(DWORD*)(src+1))+((DWORD)src)+5;
newjump = (jumpto-(DWORD)(jmp+5));
jmp[0] = 0xE9;
*(DWORD*)(jmp+1) = newjump;
jmp += 5;
jmp[0] = 0xE9;
*(DWORD*)(jmp+1) = (DWORD)(src-jmp);
}
else
{
jmp = (BYTE*)malloc(5+len);
memcpy(jmp,src,len);
jmp += len;
jmp[0] = 0xE9;
*(DWORD*)(jmp+1) = (DWORD)(src+len-jmp)-5;
}
src[0] = 0xE9;
*(DWORD*)(src+1) = (DWORD)(dst - src) - 5;
for(int i = 5; i < len; i++)
src[i] = 0x90;
VirtualProtect(src,len,dwback,&dwback);
return (jmp-len);
} I use this detour.
DownDownDown is offline
#99 Level 3
Join Date: Apr 2009
Posts: 1,605
Reputation: 27376 Rep Power: 340
Quote:
Originally Posted by
DownDownDown
Use normal detours 1.5.If your game will still crash,try commenting out part's of your code and from there you will be able to see where/why does it crash.
botex is offline
#100 Join Date: Oct 2010
Posts: 17
Reputation: -74 Rep Power: 0
Yes i have tryed commenting some parts and at the moment of DetourCreate it crash.
I try the detours 1.5 thanks for help.
[Auto Merged - 0:34:46 Europe/Moscow]
Edit: Thanks with this detours warrock is opened but when load news it say Warrock crash etc IT ISN'T THE HACKSHIELD!
ALL MY SOURCE CODE:
Code:
#include <windows.h>
#include <d3d9.h>
#include <d3dx9.h>
#include "detours.h"
#pragma comment(lib, "d3d9.lib")
#pragma comment(lib, "d3dx9.lib")
DWORD * VTable;
DWORD dwEndscene_hook, dwEndscene_ret;
BYTE EndSceneOpCodes[6];
LPDIRECT3DDEVICE9 m_pD3Ddev;
__declspec(naked) void MyEndscene( )
{
__asm
{
mov dword ptr ss:[ebp - 10], esp;
mov esi, dword ptr ss:[ebp + 0x8];
mov m_pD3Ddev, esi;
}
__asm
{
jmp dwEndscene_ret;
}
}
bool bCompare(const BYTE* pData, const BYTE* bMask, const char* szMask)
{
for(;*szMask;++szMask,++pData,++bMask)
if(*szMask=='x' && *pData!=*bMask) return 0;
return (*szMask) == NULL;
}
DWORD FindPattern(DWORD dwdwAdd,DWORD dwLen,BYTE *bMask,char * szMask)
{
for(DWORD i=0; i<dwLen; i++)
if (bCompare((BYTE*)(dwdwAdd+i),bMask,szMask)) return (DWORD)(dwdwAdd+i);
return 0;
}
void Dx9Hook( LPCSTR D3D9 )
{
DWORD hD3D = NULL;
while (!hD3D) hD3D = (DWORD)GetModuleHandleA(D3D9);
DWORD PPPDevice = FindPattern(hD3D, 0x128000, (PBYTE)"\xC7\x06\x00\x00\x00\x00\x89\x86\x00\x00\x00\x00\x89\x86", "xx????xx????xx");
memcpy( &VTable, (void *)(PPPDevice + 2), 4);
dwEndscene_hook = VTable[42] + 0x2A; //mid function
dwEndscene_ret = dwEndscene_hook + 0x6; //return address
}
void Thread(void)
{
Dx9Hook("d3d9.dll");
memcpy((void *)EndSceneOpCodes, (void *)"\x89\x65\xF0\x8B\x75\x08", 6);
while( 1 )
{
Sleep( 1000 );
if(memcmp((void *)EndSceneOpCodes, (void *)dwEndscene_hook, 6) == 0 )
DetourFunction((PBYTE)dwEndscene_hook, (PBYTE)MyEndscene);
}
}
BOOL WINAPI DllMain( HMODULE hDll, DWORD Reason, PVOID lpReserved )
{
if( Reason == DLL_PROCESS_ATTACH )
{
CreateThread( NULL, NULL, ( LPTHREAD_START_ROUTINE )&Thread, NULL, NULL, NULL );
}
return TRUE;
}
Last edited by DownDownDown; 10-16-2010 at 09:35 PM .
DownDownDown is offline
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
HTML code is Off
All times are GMT +1. The time now is 08:55 PM .
