Results 1 to 6 of 6

Thread: [CoD4] PunkBuster Information

  1. #1
    Join Date
    Nov 2009
    Posts
    10
    Thanks
    4
    Thanked 7 Times in 4 Posts

    Post [CoD4] PunkBuster Information

    I posted this at another forum, and am extending the sharing here on netCoders. This is for Call of Duty 4, running the latest PB client (v2.258 | A1407), however should be portable to other PB-enabled games.


    1. Memory Scans

    Code:
    int ( *o_iPBMemScan ) ( DWORD, DWORD ); // pbclBase + 0x181E
    int _declspec( naked )iPBMemScan( DWORD dwStart, DWORD dwSize )
    {
    	__asm 
    	{
    		pushad
    
    		add dwSize, 0x3F
    	}
    
    	if( bInServer )
    	{
    		if( dwStart == 0x401000 && dwSize == 0xFF000 )
    		{
    			// 1000 FF000
    			// Remove Detours
    		}
    
    		if( dwStart == 0x500000 && dwSize == 0x100000 )
    		{
    			// 100000 100000
    			// Remove Detours
    		}
    
    		if( dwStart == 0x600000 && dwSize == 0x90FFF )
    		{
    			// 200000 90FFF
    			// Remove Detours
    		}
    
    		if( dwSize == pbclBase + 0xDB89B )
    		{
    			// End Of Scan - Safe To Restore Detours
    		}
    	}
    
    	__asm
    	{
    		sub dwSize, 0x3F
    		
    		popad
    
    		jmp [ o_iPBMemScan ]
    	}
    }

    2. Game Memory / Module Scan Strings

    Code:
    char* szStrScan = "\0";
    
    #define NUM_SCANS 4
    
    char* szScanPool[] = {
    	"M * 1000 ff000 "
    	"M * 200000 90fff "
    	"M * 100000 100000 "
    	"M \\pbcl.dll 1000 0 "
    };
    
    int ( *o_iPBModuleScans )( void ); // pbclBase + 0x46E6F
    int _declspec( naked ) iPBModuleScans( void )
    {
    	__asm 
    	{
    		pushad
    
    		mov szStrScan, ecx
    	}
    	
    	for( int scanNum = 0; scanNum < NUM_SCANS; scanNum++ )
    	{
    		if( !strcmp( szStrScan, szScanPool[scanNum] ) )
    		{
    			if( scanNum == 3 )
    			{
    				// Remove PunkBuster Detours, Including This One
    				// Create Timed Thread To Restore PunkBuster Detours
    			}
    			else
    			{
    				// Remove Game Detours
    				// Create Timed Thread To Restore Detours
    			}
    		}
    	}
    
    	__asm 
    	{
    		popad
    
    		jmp o_iPBModuleScans
    	}
    }

    3. Clean Screenshots

    Code:
    // Local Screenshots ( pb_getSs    ) - pbclBase + 0x44247
    // Server Screenshots( pb_sv_getSs ) - pbclBase + 0x3BF94
    
    void DisableVisuals( void )
    {
    	// Remove Visuals
    	
    	// Com_Frame() x 3
    	
    	// Enable Visuals
    }
    
    int ( *o_iPBScreens )( void );
    int __declspec( naked ) iPBScreens( void )
    {
    	__asm
    	{
    		pushad
    		
    		call DisableVisuals
    	}
    
    	__asm
    	{
    		popad
    
    		jmp o_iPBScreens
    	}
    }

    Enjoy, while it lasts!

  2. The Following 4 Users Say Thank You to Messiah For This Useful Post:

    icy (23rd December 2011), King-OrgY (26th December 2011), lolzoruslockus (23rd December 2011), Murder4higher (25th December 2011)

  3. #2
    Join Date
    Jan 2010
    Location
    America
    Posts
    244
    Thanks
    510
    Thanked 172 Times in 120 Posts

    Default

    is this ur own code or does credit go else where? but its nice
    [SIGPIC][/SIGPIC]

  4. #3
    Join Date
    Nov 2009
    Posts
    10
    Thanks
    4
    Thanked 7 Times in 4 Posts

    Default

    Quote Originally Posted by Murder4higher View Post
    is this ur own code or does credit go else where? but its nice
    This is my code.

  5. The Following User Says Thank You to Messiah For This Useful Post:

    Murder4higher (25th December 2011)

  6. #4
    Join Date
    Jun 2000
    Posts
    603
    Thanks
    241
    Thanked 994 Times in 330 Posts

    Default

    Quote Originally Posted by Messiah View Post
    This is my code.
    do we had sex together in the past few years?
    i think i remember your name
    killzar?
    taurine?
    anyone?
    Last edited by King-OrgY; 26th December 2011 at 17:35.

  7. #5
    Join Date
    Nov 2009
    Posts
    10
    Thanks
    4
    Thanked 7 Times in 4 Posts

    Default

    Quote Originally Posted by King-Orgy View Post
    do we had sex together in the past few years?
    i think i remember your name
    killzar?
    taurine?
    anyone?
    Haha. No, I don't think so. I do recognize the name "Taurine" however. I'm pretty sure he was a member here and at Game Deception

  8. #6
    Join Date
    Jun 2009
    Location
    https://www.downloadedskills.com/
    Age
    28
    Posts
    421
    Thanks
    65
    Thanked 686 Times in 216 Posts

    Default

    Quote Originally Posted by Messiah View Post
    Haha. No, I don't think so. I do recognize the name "Taurine" however. I'm pretty sure he was a member here and at Game Deception
    He still is at GD, Soldier Of Fortune GOLD "Taurines SOFbot" was one of the first hack releases I can remember.
    Last edited by PocketMonster; 26th December 2011 at 19:59.

  9. The Following User Says Thank You to PocketMonster For This Useful Post:

    Messiah (26th December 2011)

Visitors found this page by searching for:

punkbuster module scan

cod4 punkbuster scans for

punkbuster detours

a1407 punkbuster

pbcl.dll thread cod4

cod4 pb_getss not working

cod4 pbcl.dll memory scans

cod4 pbcl.dll scan

cod4 detouring pb

punkbuster scanning in cod4

cod 4 pb_getss

cod4 pb_getss

pb_getss inurl:forum

eg.naked punkbuster cod4

punkbuster detour

Current Version: PB v1.828 A1407 C.258

pb cod4 v2.258

void _declspec( naked ) h_ServerScreenshot( void )

punkbuster v2.258 a1407

detour punkbuster

SEO Blog

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •