Shagrath
Posts : 57
Join date : 2009-10-10
Location : Istanbul/Turkey
 | | Subject: Call of Duty 4 Wallhack Tutorial Sat Oct 10, 2009 10:48 am | |
| - Code:
-
#include <windows.h>
#include <detours.h>
typedef LONG (WINAPI *InterlockedExchangeAdd_t)(LONG volatile *, LONG);
InterlockedExchangeAdd_t o_InterlockedExchangeAdd = NULL;
void _declspec(naked) h_InterlockedExchangeAdd(void)
{
__asm {
push eax
mov eax, DWORD PTR[esp+0x78+0x4]
cmp eax, 0x44548C
jne call_orig
mov [esp+0x80+0x4], 0x12
call_orig:
pop eax
mov ecx, [esp+4]
mov eax, [esp+8]
lock xadd [ecx], eax
retn 8
}
}
int WINAPI DllMain(void *DllHandle, unsigned long Reason, void *Reserved)
{
if (Reason == DLL_PROCESS_ATTACH) {
o_InterlockedExchangeAdd = (InterlockedExchangeAdd_t) DetourFunction((BYTE *) InterlockedExchangeAdd, (BYTE *) h_InterlockedExchangeAdd);
} else if (Reason == DLL_PROCESS_DETACH) {
if (o_InterlockedExchangeAdd) {
DetourRemove((BYTE *) o_InterlockedExchangeAdd, (BYTE *) h_InterlockedExchangeAdd);
o_InterlockedExchangeAdd = NULL;
}
}
return 1;
} Explanation: CG_Player() calls what I call SomeEntityFunction() because I don't really know what is the name of it supposed to be: - Code:
-
.text:0044547F push eax ; int
.text:00445480 push 4 ; int
.text:00445482 push ecx ; int
.text:00445483 mov eax, ebx
.text:00445485 mov ecx, esi
.text:00445487 call SomeEntityFunction As we all know, patching 'push 4' into 'push 0x12' enables the wallhack, but that is detected since PB scans the .text section. This function in some place calls a WINAPI called InterlockedExchangeAdd: - Code:
-
.text:005F7B6A mov ebx, ds:InterlockedExchangeAdd
[...]
.text:005F7BA0 call ebx ; InterlockedExchangeAdd So i hooked InterlockedExchangeAdd and modified SomeEntityFunction's stack frame. Specifically, the pushed argument. Didn't call o_ InterlockedExchangeAdd since it's very short so I inlined it inside the detour func. Long story short: A() -> B() -> C() A calls B which calls C. I hook C and modify B's stack. Currently undetected. Thanks to chaplex | |
|
Pacino
Posts : 10
Join date : 2009-10-10
Age : 34
Location : Slovenia
| | Subject: Re: Call of Duty 4 Wallhack Tutorial Sat Oct 10, 2009 11:45 am | |
| Oh Great.  | |
|
SUXXX
Admin
Posts : 66
Join date : 2009-10-10
| | Subject: Re: Call of Duty 4 Wallhack Tutorial Sat Oct 10, 2009 12:59 pm | |
| | |
|
Pisti_
Posts : 20
Join date : 2009-10-10
Age : 33
Location : Hungary
| | Subject: Re: Call of Duty 4 Wallhack Tutorial Sat Oct 10, 2009 3:29 pm | |
| I've heard that helps for SUXXX to make his own wallhack for cod4  | |
|
Shagrath
Posts : 57
Join date : 2009-10-10
Location : Istanbul/Turkey
| | Subject: Re: Call of Duty 4 Wallhack Tutorial Sun Oct 11, 2009 3:13 am | |
| I hope so | |
|
SUXXX
Admin
Posts : 66
Join date : 2009-10-10
| | Subject: Re: Call of Duty 4 Wallhack Tutorial Sun Oct 11, 2009 6:58 am | |
| Yes i did it works and thanks Shagrath and who created this code.. ye true Pisti .. I will upload it later | |
|
Sponsored content
| | Subject: Re: Call of Duty 4 Wallhack Tutorial | |
| |
|
Home