Disconnect From Server Mini Bypass -

1. #define check1 0x??????
2. #define check2 0x??????
3. #define check3 0x??????
4. #define check4 0x??????
5. #define check5 0x??????
6. #define check6 0x??????
7. #define hackDetect_1 0x??????
8. #define hackDetect_2 0x??????
9. #define hackDetect_3 0x??????
10. #define hackDetect_4 0x??????
11. #define hackDetect_5 0x??????
12. #define hackDetect_6 0x??????
13.  
14. void WINAPIV DisconectFromServer()
15. {
16. __asm
17. {
18. MOV ECX, DWORD PTR DS:[ ESP + 0x4 ]
19. XOR EAX, EAX
20. CMP [ ESP + 0x8 ], EAX
21. JMP RET_JE
22. RET_JNZ: MOVZX EDX, BYTE PTR DS:[ ECX ]
23. DEC [ ESP + 0x8 ]
24. XOR EDX, EAX
25. AND EDX, 0x0FF
26. SHR EAX, 0x8
27. XOR EAX, DWORD PTR DS:[ EDX*4 + 0x?????? ]
28. INC ECX
29. CMP [ ESP + 0x8 ], 0x0
30. JNZ RET_JNZ
31. RET_JE: NOT EAX
32. }
33. }
34.  
35. void DetourCreateE8( BYTE *src, DWORD dst, DWORD len )
36. {
37. DWORD OldProtection, RealAddress;
38. VirtualProtect( src, len, PAGE_EXECUTE_READWRITE, &OldProtection );
39. RealAddress = ( DWORD ) ( ( dst + 1 ) - ( DWORD ) src ) - 5;
40. *src = 0xE8;
41. *( DWORD * ) ( src + 0x01 ) = RealAddress;
42. VirtualProtect( src, len, OldProtection, 0 );
43. return;
44. }
45.  
46. void check ()
47. {
48. DWORD Engine = (DWORD)GetModuleHandleA("crossfire.exe");
49. memcpy((VOID*)( Engine + check1 ), "\xEB", 1);
50. memcpy((VOID*)( Engine + check2 ), "\xEB", 1);
51. memcpy((VOID*)( Engine + check3 ), "\xEB", 1);
52. memcpy((VOID*)( Engine + check4 ), "\xEB", 1);
53. memcpy((VOID*)( Engine + check5 ), "\xEB", 1);
54. memcpy((VOID*)( Engine + check6 ), "\xEB", 1);
55. }
56.  
57. void CALLBypass ( )
58. {
59. check();
60. DWORD Engine = (DWORD)GetModuleHandleA("crossfire.exe");
61. DetourCreateE8( ( PBYTE ) ( Engine + hackDetect_1 ), ( DWORD ) DisconectFromServer, 5 );
62. DetourCreateE8( ( PBYTE ) ( Engine + hackDetect_2 ), ( DWORD ) DisconectFromServer, 5 );
63. DetourCreateE8( ( PBYTE ) ( Engine + hackDetect_3 ), ( DWORD ) DisconectFromServer, 5 );
64. DetourCreateE8( ( PBYTE ) ( Engine + hackDetect_4 ), ( DWORD ) DisconectFromServer, 5 );
65. DetourCreateE8( ( PBYTE ) ( Engine + hackDetect_5 ), ( DWORD ) DisconectFromServer, 5 );
66. DetourCreateE8( ( PBYTE ) ( Engine + hackDetect_6 ), ( DWORD ) DisconectFromServer, 5 );
67. }
68.  
69. -----------------------------------------------------------------------------------------------------------
70.  
71.  
72. attach crossfire.exe and right click change search for Comand paste this
73. DEC [ ESP + 0x8 ]
74. XOR EDX, EAX
75. AND EDX, 0x0FF
76. SHR EAX, 0x8
77.  
78. u wiil get addres
79.  
80. DEC [ ESP + 0x8 ]
81. XOR EDX, EAX
82. AND EDX, 0x0FF
83. SHR EAX, 0x8
84. XOR EAX, DWORD PTR DS:[ EDX*4 +0x??????? ]
85.  
86. ----------------------------------------------------------------------------------------------------------------------