Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- /*
- -----------------------------------------
- * Operation 7 Netgame
- * Glitch detection kick bypass
- -----------------------------------------
- * Author: SEGnosis - GHAnon.net
- * Thanks to:
- * bitterbanana - No known site
- * Drunken Cheetah - No known site
- * fatboy88 - No known site
- * Geek4Ever - No known site
- * learn_more - www.uc-forum.com
- * Novocaine - http://ilsken.net/blog/?page_id=64
- * Philly0494 - No known site
- * Roverturbo - www.uc-forum.com
- * SilentKarma - www.halocoders.com - offline
- * Strife - www.uc-forum.com
- * Wieter20 - No known site
- */
- #ifndef H_GLITCHBYPASS
- #define H_GLITCHBYPASS
- //----------------------------------//
- #include <Windows.h>
- //----------------------------------//
- #define asm_JMP 0xE9
- void GBPassDetour();
- DWORD WINAPI GBPassThread( LPVOID );
- //----------------------------------//
- class C_GlitchBypass
- {
- public:
- C_GlitchBypass();
- ~C_GlitchBypass();
- void Begin();
- void WriteDetour();
- DWORD FindPattern( DWORD base, DWORD size, char pattern[], char mask[] );
- DWORD m_ulDetourAddress,
- m_ulReturnAddress,
- m_ulEsiRegister;
- BYTE m_usEcx;
- bool m_bEnabled;
- }CGBPass;
- //----------------------------------//
- C_GlitchBypass::C_GlitchBypass()
- {
- m_ulDetourAddress = 0;
- m_ulReturnAddress = 0;
- }
- C_GlitchBypass::~C_GlitchBypass()
- {
- }
- void C_GlitchBypass::Begin()
- {
- CreateThread( 0, 0, GBPassThread, 0, 0, 0 );
- }
- DWORD C_GlitchBypass::FindPattern(DWORD base, DWORD size, char pattern[], char mask[] )
- {
- for( DWORD retAddress = base; retAddress < (base + size) ; retAddress++ )
- {
- if( *(BYTE*)retAddress == (pattern[0]&0xff) || mask[0] == '?' )
- {
- DWORD startSearch = retAddress;
- for( int i = 0; mask[i] != '\0' ; i++, startSearch++ )
- {
- if( (pattern[i]&0xff) != *(BYTE*)startSearch && mask[i] != '?')
- break;
- if( ((pattern[i]&0xff) == *(BYTE*)startSearch || mask[i] == '?') && mask[i+1] == '\0' )
- return retAddress;
- }
- }
- }
- return NULL;
- }
- void C_GlitchBypass::WriteDetour()
- {
- // Set return address
- m_ulReturnAddress = m_ulDetourAddress + 7; // 7 = Size in bytes of all the instructions overwritten
- // Create new array to hold instruction
- unsigned char cJump[ 7 ] = { 0x90, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90 };
- // Set instruction for long jump
- cJump[ 0 ] = asm_JMP;
- // Set offset for jump
- DWORD ulOffset = ( ( DWORD )GBPassDetour - 5 ) - m_ulDetourAddress;
- memcpy( &cJump[ 1 ], &ulOffset, 4 );
- // Write detour
- DWORD dwOld;
- VirtualProtect( ( PVOID )m_ulDetourAddress, 7, PAGE_EXECUTE_READWRITE, &dwOld );
- memcpy( ( PVOID )m_ulDetourAddress, &cJump, 7 );
- VirtualProtect( ( PVOID )m_ulDetourAddress, 7, dwOld, 0 );
- }
- //----------------------------------//
- DWORD WINAPI GBPassThread( LPVOID )
- {
- while( !CGBPass.m_ulDetourAddress )
- {
- CGBPass.m_ulDetourAddress = CGBPass.FindPattern( 0x400000, 0x316000, "\x83\xC4\x08\x3C\x03\x88\x0E\x72\x1B\x8B\x0D\x00\x00\x00\x00\x6A\x04\x6A\x00\x68\x00\x00\x00\x00\x51\xFF\x15\x00\x00\x00\x00\xE9\x00\x00\x00\x00\x8B\x43\x40\x8B\x88\x00\x00\x00\x00\x05\x00\x00\x00\x00\x83\xF9\x08\x72\x05", "xxxxxxxxxxx????xxxxx????xxx????x????xxxxx????x????xxxxx" );
- Sleep( 250 );
- }
- CGBPass.WriteDetour();
- return 0;
- }
- __declspec(naked) void GBPassDetour()
- {
- __asm
- {
- mov CGBPass.m_ulEsiRegister,esi
- mov CGBPass.m_usEcx,cl
- pushad
- pushfd
- }
- static BYTE* pBypass = ( BYTE* )CGBPass.m_ulEsiRegister;
- if( CGBPass.m_bEnabled )
- *pBypass = 0;
- else
- *pBypass = CGBPass.m_usEcx;
- __asm
- {
- popfd
- popad
- add esp,0x08
- cmp al,0x03
- jmp [CGBPass.m_ulReturnAddress]
- }
- }
- #endif
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
