Results 1 to 6 of 6

Thread: [CoD4] PunkBuster Information

  1. #1
    Join Date
    Nov 2009
    Posts
    10

    Post [CoD4] PunkBuster Information

    I posted this at another forum, and am extending the sharing here on netCoders. This is for Call of Duty 4, running the latest PB client (v2.258 | A1407), however should be portable to other PB-enabled games.


    1. Memory Scans

    Code:
    int ( *o_iPBMemScan ) ( DWORD, DWORD ); // pbclBase + 0x181E
    int _declspec( naked )iPBMemScan( DWORD dwStart, DWORD dwSize )
    {
    	__asm 
    	{
    		pushad
    
    		add dwSize, 0x3F
    	}
    
    	if( bInServer )
    	{
    		if( dwStart == 0x401000 && dwSize == 0xFF000 )
    		{
    			// 1000 FF000
    			// Remove Detours
    		}
    
    		if( dwStart == 0x500000 && dwSize == 0x100000 )
    		{
    			// 100000 100000
    			// Remove Detours
    		}
    
    		if( dwStart == 0x600000 && dwSize == 0x90FFF )
    		{
    			// 200000 90FFF
    			// Remove Detours
    		}
    
    		if( dwSize == pbclBase + 0xDB89B )
    		{
    			// End Of Scan - Safe To Restore Detours
    		}
    	}
    
    	__asm
    	{
    		sub dwSize, 0x3F
    		
    		popad
    
    		jmp [ o_iPBMemScan ]
    	}
    }

    2. Game Memory / Module Scan Strings

    Code:
    char* szStrScan = "\0";
    
    #define NUM_SCANS 4
    
    char* szScanPool[] = {
    	"M * 1000 ff000 "
    	"M * 200000 90fff "
    	"M * 100000 100000 "
    	"M \\pbcl.dll 1000 0 "
    };
    
    int ( *o_iPBModuleScans )( void ); // pbclBase + 0x46E6F
    int _declspec( naked ) iPBModuleScans( void )
    {
    	__asm 
    	{
    		pushad
    
    		mov szStrScan, ecx
    	}
    	
    	for( int scanNum = 0; scanNum < NUM_SCANS; scanNum++ )
    	{
    		if( !strcmp( szStrScan, szScanPool[scanNum] ) )
    		{
    			if( scanNum == 3 )
    			{
    				// Remove PunkBuster Detours, Including This One
    				// Create Timed Thread To Restore PunkBuster Detours
    			}
    			else
    			{
    				// Remove Game Detours
    				// Create Timed Thread To Restore Detours
    			}
    		}
    	}
    
    	__asm 
    	{
    		popad
    
    		jmp o_iPBModuleScans
    	}
    }

    3. Clean Screenshots

    Code:
    // Local Screenshots ( pb_getSs    ) - pbclBase + 0x44247
    // Server Screenshots( pb_sv_getSs ) - pbclBase + 0x3BF94
    
    void DisableVisuals( void )
    {
    	// Remove Visuals
    	
    	// Com_Frame() x 3
    	
    	// Enable Visuals
    }
    
    int ( *o_iPBScreens )( void );
    int __declspec( naked ) iPBScreens( void )
    {
    	__asm
    	{
    		pushad
    		
    		call DisableVisuals
    	}
    
    	__asm
    	{
    		popad
    
    		jmp o_iPBScreens
    	}
    }

    Enjoy, while it lasts!

  2. #2
    Join Date
    Jan 2010
    Location
    America
    Posts
    244

    Default

    is this ur own code or does credit go else where? but its nice
    [SIGPIC][/SIGPIC]

  3. #3
    Join Date
    Nov 2009
    Posts
    10

    Default

    Quote Originally Posted by Murder4higher View Post
    is this ur own code or does credit go else where? but its nice
    This is my code.

  4. #4
    Join Date
    Jun 2000
    Posts
    603

    Default

    Quote Originally Posted by Messiah View Post
    This is my code.
    do we had sex together in the past few years?
    i think i remember your name
    killzar?
    taurine?
    anyone?
    Last edited by King-OrgY; 26th December 2011 at 17:35.

  5. #5
    Join Date
    Nov 2009
    Posts
    10

    Default

    Quote Originally Posted by King-Orgy View Post
    do we had sex together in the past few years?
    i think i remember your name
    killzar?
    taurine?
    anyone?
    Haha. No, I don't think so. I do recognize the name "Taurine" however. I'm pretty sure he was a member here and at Game Deception

  6. #6
    Join Date
    Jun 2009
    Location
    https://www.downloadedskills.com/
    Age
    29
    Posts
    421

    Default

    Quote Originally Posted by Messiah View Post
    Haha. No, I don't think so. I do recognize the name "Taurine" however. I'm pretty sure he was a member here and at Game Deception
    He still is at GD, Soldier Of Fortune GOLD "Taurines SOFbot" was one of the first hack releases I can remember.
    Last edited by PocketMonster; 26th December 2011 at 19:59.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •