Hi i got banned very fast by punkbuster, how do i am fixing it, it took about 1-5 min..


i am only using wichester hack , making by visual c++

and my code is

DWORD proc_id;
HANDLE hProcess;

void memory()
{
HWND hWnd = FindWindow(0, "WarRock");
GetWindowThreadProcessId(hWnd, &proc_id);
hProcess = OpenProcess(PROCESS_ALL_ACCESS|PROCESS_VM_OPERATIO N|PROCESS_VM_READ|PROCESS_VM_WRITE|PROCESS_QUERY_I NFORMATION, FALSE, proc_id);
}

void ana(long addy, short offset, long value)
{
long maddy;
long saddy;
memory();
ReadProcessMemory(hProcess, (LPVOID*)(DWORD) addy, &maddy, sizeof(maddy), NULL);
saddy = maddy + offset;
WriteProcessMemory(hProcess, (LPVOID*)(DWORD) saddy, &value, sizeof(value), NULL);

}



void CTestin1Dlg::On5sloth0n()
{
ana(0x1376340,0x4c,42);
}

you need to change your proc_id and hprocess strings to something like RIHGDRHDRJH6346363463FTJFJTNKFJHNXFJK

i did now , but i still got a BAN....

strings are changed now


DWORD qwerdfdfgertv3442323ewe2;
HANDLE qwerdfdfgertv3442323ewe3;

void esek1memory()
{
HWND qwerdfdfgertv3442323ewe4 = FindWindow(0, "WarRock");
GetWindowThreadProcessId(qwerdfdfgertv3442323ewe4, &qwerdfdfgertv3442323ewe2);
qwerdfdfgertv3442323ewe3 = OpenProcess(PROCESS_ALL_ACCESS|PROCESS_VM_OPERATIO N|PROCESS_VM_READ|PROCESS_VM_WRITE|PROCESS_QUERY_I NFORMATION, FALSE, qwerdfdfgertv3442323ewe2);
}


void ana(long addy, short offset, long value)
{
long maddy;
long saddy;
esek1memory();
ReadProcessMemory(qwerdfdfgertv3442323ewe3, (LPVOID*)(DWORD) addy, &maddy, sizeof(maddy), NULL);
saddy = maddy + offset;
WriteProcessMemory(qwerdfdfgertv3442323ewe3, (LPVOID*)(DWORD) saddy, &value, sizeof(value), NULL);

}



void CTestin1Dlg::On5sloth0n()
{
ana(0x1376340,0x4c,42);
}

fgt70you need to change the bold words
DWORD proc_id;
HANDLE hProcess;

void memory()
{
HWND hWnd = FindWindow(0, "WarRock");
GetWindowThreadProcessId(hWnd, &proc_id);
hProcess = OpenProcess(PROCESS_ALL_ACCESS|PROCESS_VM_OPERATIO N|PROCESS_VM_READ|PROCESS_VM_WRITE|PROCESS_QUERY_I NFORMATION, FALSE, proc_id);
}

void ana(long addy, short offset, long value)
{
long maddy;
long saddy;
memory();
ReadProcessMemory(hProcess, (LPVOID*)(DWORD) addy, &maddy, sizeof(maddy), NULL);
saddy = maddy + offset;
WriteProcessMemory(hProcess, (LPVOID*)(DWORD) saddy, &value, sizeof(value), NULL);

}



void CTestin1Dlg::On5sloth0n()
{
ana(0x1376340,0x4c,42);
}




if you need some more help plzz pm me and download teamviewer or just say me that i need to explain somethingsniperheadshot2

i am still getting banned after i changed the strings.

code loos like now


DWORD asdijaiosd53451;
HANDLE asdijaiosd53452;

void asdijaiosd5345911()
{
HWND asdijaiosd53453 = FindWindow(0, "WarRock");
GetWindowThreadProcessId(asdijaiosd53453, &asdijaiosd53451);
asdijaiosd53452 = OpenProcess(PROCESS_ALL_ACCESS|PROCESS_VM_OPERATIO N|PROCESS_VM_READ|PROCESS_VM_WRITE|PROCESS_QUERY_I NFORMATION, FALSE, asdijaiosd53451);
}


void asdijaiosd53454(long asdijaiosd53455, short asdijaiosd53456, long asdijaiosd53457)
{
long masdijaiosd53455;
long sasdijaiosd53455;
asdijaiosd5345911();
ReadProcessMemory(asdijaiosd53452, (LPVOID*)(DWORD) asdijaiosd53455, &masdijaiosd53455, sizeof(masdijaiosd53455), NULL);
sasdijaiosd53455 = masdijaiosd53455 + asdijaiosd53456;
WriteProcessMemory(asdijaiosd53452, (LPVOID*)(DWORD) sasdijaiosd53455, &asdijaiosd53457, sizeof(asdijaiosd53457), NULL);

}


void CTestDlg::Onfsdfsdfosdok4542()
{
asdijaiosd53454(0x1376340,0x4c,42);
}



but can someone tell me how to add this code in and how to call it ?


void Hook( )
{
DWORD dwPbclBase = ( DWORD )GetModuleHandle( "pbcl.dll" );
pPBPerformCheck = ( PBPerformCheck_t )DetourFunction( ( BYTE * )( dwPbclBase + 0xA36FC), ( BYTE * )_PBPerformCheck, 6 );
}

i am still getting banned after i changed the strings.

code loos like now


DWORD asdijaiosd53451;
HANDLE asdijaiosd53452;

void asdijaiosd5345911()
{
HWND asdijaiosd53453 = FindWindow(0, "WarRock");
GetWindowThreadProcessId(asdijaiosd53453, &asdijaiosd53451);
asdijaiosd53452 = OpenProcess(PROCESS_ALL_ACCESS|PROCESS_VM_OPERATIO N|PROCESS_VM_READ|PROCESS_VM_WRITE|PROCESS_QUERY_I NFORMATION, FALSE, asdijaiosd53451);
}


void asdijaiosd53454(long asdijaiosd53455, short asdijaiosd53456, long asdijaiosd53457)
{
long masdijaiosd53455;
long sasdijaiosd53455;
asdijaiosd5345911();
ReadProcessMemory(asdijaiosd53452, (LPVOID*)(DWORD) asdijaiosd53455, &masdijaiosd53455, sizeof(masdijaiosd53455), NULL);
sasdijaiosd53455 = masdijaiosd53455 + asdijaiosd53456;
WriteProcessMemory(asdijaiosd53452, (LPVOID*)(DWORD) sasdijaiosd53455, &asdijaiosd53457, sizeof(asdijaiosd53457), NULL);

}

void CTestDlg::Onfsdfsdfosdok4542()
{
asdijaiosd53454(0x1376340,0x4c,42);
}



but can someone tell me how to add this code in and how to call it ?


void Hook( )
{
DWORD dwPbclBase = ( DWORD )GetModuleHandle( "pbcl.dll" );
pPBPerformCheck = ( PBPerformCheck_t )DetourFunction( ( BYTE * )( dwPbclBase + 0xA36FC), ( BYTE * )_PBPerformCheck, 6 );
}

It's not gauranteed to be undetected. The only way that'll happen is if you detour your hack or include a bypass.
As regards to the detour fucntion, you need the correct PB check address. This
"0xA36FC", I believe is old and outdated.
Also, be more specific, what are you trying to make? D3D, simple C++/VB hack?

i want to make d3d, but cant find a good tut to start with stamina or weapon hack!


void Hook( )
{
DWORD dwPbclBase = ( DWORD )GetModuleHandle( "pbcl.dll" );
pPBPerformCheck = ( PBPerformCheck_t )DetourFunction( ( BYTE * )( dwPbclBase + 0xA36FC), ( BYTE * )_PBPerformCheck, 6 );
}

i think the new adress is sub_10055FC5, but how do i add in this cpp, and how do i call it, when i add it it say

'pPBPerformCheck' : undeclared identifier

i closed for process list punkbuster.exe a and b

and changed all the strings in the code,

but got banned after 10 min now, a little better from 1 min lol

i am still getting banned after i changed the strings.

code loos like now


DWORD asdijaiosd53451;
HANDLE asdijaiosd53452;

void asdijaiosd5345911()
{
HWND asdijaiosd53453 = FindWindow(0, "WarRock");
GetWindowThreadProcessId(asdijaiosd53453, &asdijaiosd53451);
asdijaiosd53452 = OpenProcess(PROCESS_ALL_ACCESS|PROCESS_VM_OPERATIO N|PROCESS_VM_READ|PROCESS_VM_WRITE|PROCESS_QUERY_I NFORMATION, FALSE, asdijaiosd53451);
}


void asdijaiosd53454(long asdijaiosd53455, short asdijaiosd53456, long asdijaiosd53457)
{
long masdijaiosd53455;
long sasdijaiosd53455;
asdijaiosd5345911();
ReadProcessMemory(asdijaiosd53452, (LPVOID*)(DWORD) asdijaiosd53455, &masdijaiosd53455, sizeof(masdijaiosd53455), NULL);
sasdijaiosd53455 = masdijaiosd53455 + asdijaiosd53456;
WriteProcessMemory(asdijaiosd53452, (LPVOID*)(DWORD) sasdijaiosd53455, &asdijaiosd53457, sizeof(asdijaiosd53457), NULL);

}


void CTestDlg::Onfsdfsdfosdok4542()
{
asdijaiosd53454(0x1376340,0x4c,42);
}



but can someone tell me how to add this code in and how to call it ?


void Hook( )
{
DWORD dwPbclBase = ( DWORD )GetModuleHandle( "pbcl.dll" );
pPBPerformCheck = ( PBPerformCheck_t )DetourFunction( ( BYTE * )( dwPbclBase + 0xA36FC), ( BYTE * )_PBPerformCheck, 6 );
}

L O L Z O R F A U S T !!1111111111111

Look. Take any debugger (OlyDbg works fine). Then open your hack.

Then right click on the main screen, and press search for... all referenced text strings. Now Right click, and select find. Search for the string masdijaiosd53455. I guarantee it will NOT be there.
You don't need to change variable names! when compiled, the compiler just puts them into the debugger variables, such as EAX, EBX, EDI etc. The original variable names are not recorded.

But here's what I will tell you.
When you open your hack, and scroll all the way to the top, The first string you see is WarRock. That's because, things in quotes DO get cached.

Almost everyone DOES NOT KNOW that this is the easiest way that a hack gets detected. WarRock is the first string in this file, and therefore, the program detects it, and you are pwned.

...SO! Since FindWindow requires a CHAR to run, we can sort of trick the hack scanner. Since CHARs can be written to individually, you can input the letters of WarRock into the variable manually. This is how you do it:


DWORD ProcessId;
HANDLE hProcess;
HWND hWnd;

void Memory()
{
char WarRock[8];
WarRock[1] = 'a';
WarRock[7] = 0;
WarRock[5] = 'c';
WarRock[3] = 'R';
WarRock[4] = 'o';
WarRock[0] = 'W';
WarRock[2] = 'r';
WarRock[6] = 'k';

hWnd = FindWindow(0, WarRock);
GetWindowThreadProcessId(hWnd, &ProcessId);
hProcess = OpenProcess(PROCESS_ALL_ACCESS|PROCESS_VM_OPERATIO N|PROCESS_VM_READ|PROCESS_VM_WRITE|PROCESS_QUERY_I NFORMATION, FALSE, ProcessId);
}
Now, This works, because WarRock is not in quotes, but it points to the variable containing the string, "Warrock".

All is executed the same way, but is less detectable. Also, if you compress your executable using a program called nPack or TELock, it will also help mask your strings.

Also. You can randomise the order in which the letters are written to the variable. For example, you can have

WarRock[5] = 'c';
WarRock[7] = 0;
WarRock[0] = 'W';
WarRock[6] = 'k';
WarRock[4] = 'o';
WarRock[2] = 'r';
WarRock[3] = 'R';
WarRock[1] = 'a';
and have it still work.

You can also take the letters, and put them in random spots in the executable, so that they're not all in the same spot, then they REALLY won't find it. Just 2 things you gotta make sure. That you aren't writing to them INSIDE of a function, AND that char Warrock is declared in the header.

And i didn't mean to be mean using the lolzorfaust, I just wanted to draw attention to this post, since it's so gay that nobody knows about how useful this stuff can be.



EDIT:
virus7799, That address is the pb freeze address, and has been released a long time ago, but not too many people know that the same pb version is still out and it still works AHEM!@

can you learn me in teamviewer, how to change all text strings with debugger?


and the warrock char quotes

That's it right there! Just take the code I put there, and copy/paste it instead of your Memory() function

And you don't change those strings in a debugger, you change them in the program. Keep this principle in mind when creating your program. Every THING inside of a quote gets cached, and can be detected.

ok i did like you said, ad i tryed to find all text strings after i changed warrock from quates. i dotn find it, you are geinous! and i leaved all main strings like their orginal strings

but i got another problem now!

when i log in server withotu hack

i got kicked 0 min?

"punkbuster kicked player for 0 minutes REstrictiion Disallowed program/driver 79161"

i want to make d3d, but cant find a good tut to start with stamina or weapon hack!


void Hook( )
{
DWORD dwPbclBase = ( DWORD )GetModuleHandle( "pbcl.dll" );
pPBPerformCheck = ( PBPerformCheck_t )DetourFunction( ( BYTE * )( dwPbclBase + 0xA36FC), ( BYTE * )_PBPerformCheck, 6 );
}

i think the new adress is sub_10055FC5, but how do i add in this cpp, and how do i call it, when i add it it say

'pPBPerformCheck' : undeclared identifier


You getting that error because u need to define it first and u also need to include detours.h,you can download that somewhere on microsoft website but google it,you might find it