Tutorial Cara Membuat Cheat Crossfire


Source Crossfire Public
[Image: Crossfire20130111_0001.jpg]

Hack Base Crossfire Public (28 May 2013 UNDETECTED)

Feature : AUTO ON
1. WallHack
2. SeeGhost
3. Crosshair

Caranya :
Ini merupakan pembelajaran sederhana untuk membuat hack sehingga anda dapat mengembangkannya menjadi sebuah hack yang benar - benar sesuai keinginan anda. Anda harus menyiapkan beberapa aplikasi seperti Visual studio 2008 (Atau yang terbaru) dan Microsoft DirectX 9.0 SDK (Summer 2004 atau 2010). Dibawah ini kami menggunakan Visual studio 2008 dan MS DirectX 9.0 SDK (Summer 2004).
Didalam source ini sudah ada beberapa fitures seperti wallhack, chams dan seeghost.

File - New Project - (Pilih) Visual C++ - Win32 Project - Win32 Application Wizard (Next)- Pilih DLL Dan Empty Project - Finish - (Masukan source)

#include <windows.h>
#include <stdio.h>
#include <d3d9.h>
#include <d3dx9.h>

#pragma comment(lib, "d3d9.lib")
#pragma comment(lib, "d3dx9.lib")

DWORD DIPD3D9, retDIPD3D9;

__declspec( naked ) HRESULT WINAPI DIPMidfunction( )
{
static LPDIRECT3DDEVICE9 pDevice;

__asm
{
MOV EDI, EDI
PUSH EBP
MOV EBP, ESP
MOV EAX, DWORD PTR SS:[EBP + 0x8]
MOV DWORD PTR DS:[pDevice], EAX
}

pDevice->SetRenderState( D3DRS_ZENABLE, D3DZB_FALSE );
pDevice->SetRenderState( D3DRS_LIGHTING, D3DZB_FALSE );
__asm
{
POP EBP
JMP retDIPD3D9
}
}

BYTE DrawCrossHair[] = {0x90,0x90,0x90,0x90,0x90,0x90, 0x55, 0x8B, 0xEC, 0x83, 0xEC, 0x40, 0x8D, 0x45, 0xC0, 0x50, 0x8B, 0x4D, 0x08, 0x8B, 0x11, 0x8B, 0x45, 0x08, 0x50, 0xFF, 0x92, 0xC0, 0x00, 0x00, 0x00, 0x8B, 0x4D, 0xC8, 0xD1, 0xE9, 0x89, 0x4D,
0xEC, 0x8B, 0x55, 0xCC, 0xD1, 0xEA, 0x89, 0x55, 0xE8, 0x8B, 0x45, 0xEC, 0x2B, 0x45, 0x0C, 0x89, 0x45, 0xD8, 0x8B, 0x4D, 0xE8, 0x89, 0x4D, 0xDC, 0x8B, 0x55, 0xEC, 0x03, 0x55, 0x0C, 0x89, 0x55,
0xE0, 0x8B, 0x45, 0xE8, 0x03, 0x45, 0x10, 0x89, 0x45, 0xE4, 0x8B, 0x4D, 0xEC, 0x89, 0x4D, 0xF0, 0x8B, 0x55, 0xE8, 0x2B, 0x55, 0x0C, 0x89, 0x55, 0xF4, 0x8B, 0x45, 0xEC, 0x03, 0x45, 0x10, 0x89,
0x45, 0xF8, 0x8B, 0x4D, 0xE8, 0x03, 0x4D, 0x0C, 0x89, 0x4D, 0xFC, 0x6A, 0x00, 0x6A, 0x00, 0x8B, 0x55, 0x14, 0x52, 0x6A, 0x01, 0x8D, 0x45, 0xD8, 0x50, 0x6A, 0x01, 0x8B, 0x4D, 0x08, 0x8B, 0x11,
0x8B, 0x45, 0x08, 0x50, 0xFF, 0x92, 0xAC, 0x00, 0x00, 0x00, 0x6A, 0x00, 0x6A, 0x00, 0x8B, 0x4D, 0x14, 0x51, 0x6A, 0x01, 0x8D, 0x55, 0xF0, 0x52, 0x6A, 0x01, 0x8B, 0x45, 0x08, 0x8B, 0x08, 0x8B,
0x55, 0x08, 0x52, 0xFF, 0x91, 0xAC, 0x00, 0x00, 0x00, 0x8B, 0xE5, 0x5D, 0xC3,0x90};

BYTE WALLCALL[] = {0x90,0x90,0x90,0x90,0x90,0x90, 0x55, 0x8B, 0xEC, 0x83, 0xEC, 0x0C, 0xC7, 0x45, 0xF8, 0x00, 0x00, 0x00, 0x00, 0x8D, 0x45, 0xF4, 0x50, 0x8D, 0x4D, 0xFC, 0x51, 0x8D, 0x55, 0xF8, 0x52, 0x6A, 0x00, 0x8B, 0x45, 0x08, 0x8B, 0x08,
0x8B, 0x55, 0x08, 0x52, 0xFF, 0x91, 0x94, 0x01, 0x00, 0x00, 0x83, 0x7D, 0xF4, 0x2C, 0x75, 0x3F, 0x6A, 0x00, 0x6A, 0x07, 0x8B, 0x45, 0x08, 0x8B, 0x08, 0x8B, 0x55, 0x08, 0x52, 0xFF, 0x91, 0xE4,
0x00, 0x00, 0x00, 0x6A, 0x00, 0x68, 0x89, 0x00, 0x00, 0x00, 0x8B, 0x45, 0x08, 0x8B, 0x08, 0x8B, 0x55, 0x08, 0x52, 0xFF, 0x91, 0xE4, 0x00, 0x00, 0x00, 0x6A, 0xFF, 0x68, 0x8B, 0x00, 0x00, 0x00,
0x8B, 0x45, 0x08, 0x8B, 0x08, 0x8B, 0x55, 0x08, 0x52, 0xFF, 0x91, 0xE4, 0x00, 0x00, 0x00, 0x8B, 0xE5, 0x5D, 0xC3, 0x90};

BYTE NAKED_DIP[] = {0x90,0x90,0x90,0x90,0x90,0x90, 0x8B, 0xFF, 0x55, 0x8B, 0xEC, 0x68, 0x00, 0xFF, 0xFF, 0xFF, 0x6A, 0x01, 0x6A, 0x05, 0x3E, 0x8B, 0x4D, 0x08, 0x51, 0xE8, 0xE8, 0xFF, 0x00, 0x00,
0x83, 0xC4, 0x10, 0x3E, 0x8B, 0x55, 0x08, 0x52, 0x90, 0x90, 0x90, 0x90, 0x90, 0x83, 0xC4, 0x04, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90};

void *DetourFunc(BYTE *src, const BYTE *dst, const int len)
{
BYTE *jmp = (BYTE*)malloc(len+5);
DWORD dwBack;

VirtualProtect(src, len, PAGE_READWRITE, &dwBack);
memcpy(jmp, src, len); 
jmp += len;
jmp[0] = 0xE8;
*(DWORD*)(jmp+1) = (DWORD)(src+len - jmp) - 5;
src[0] = 0xE9;
*(DWORD*)(src+1) = (DWORD)(dst - src) - 5;
for( int i=5; i < len; i++ )
src[i] = 0x90;
VirtualProtect(src, len, dwBack, &dwBack);
return (jmp-len);
}

void MakeCall(BYTE* paddress, DWORD yourfunction, DWORD dwlen)
{
DWORD dwOldProtect, dwBkup, dwRelAddr;
VirtualProtect(paddress, dwlen, PAGE_EXECUTE_READWRITE, &dwOldProtect);
dwRelAddr = (DWORD) (yourfunction - (DWORD) paddress) - 5;
*paddress = 0xE8;
*((DWORD*) (paddress + 0x1)) = dwRelAddr;
for(DWORD x = 0x5; x < dwlen; x++) *(paddress + x) = 0x90;
VirtualProtect(paddress, dwlen, dwOldProtect, &dwBkup);
return;
}

bool bCompare(const BYTE* pData, const BYTE* bMask, const char* szMask)
{
for(;*szMask;++szMask,++pData,++bMask)
if(*szMask=='x' && *pData!=*bMask) return 0;
return (*szMask) == NULL;
}

DWORD FindPattern(DWORD dwAddress,DWORD dwLen,BYTE *bMask,char * szMask)
{
for(DWORD i=0; i<dwLen; i++)
if (bCompare((BYTE*)(dwAddress+i),bMask,szMask)) return (DWORD)(dwAddress+i);
return 0;
}


BOOL WINAPI DllMain ( HINSTANCE hDll, DWORD dwReason, LPVOID lpReserved )
{
DisableThreadLibraryCalls(hDll);
if (dwReason == DLL_PROCESS_ATTACH)
{
DWORD dwBack;

DWORD hD3D = (DWORD)LoadLibrary("d3d9.dll");
if(hD3D)
{
DWORD HookDrawCrosshair = hD3D + 0xEC000;
DWORD HookNAKED = hD3D + 0xDC000;
DWORD HookWALLS = hD3D + 0xFC000;

DWORD HookedD3D = FindPattern(hD3D, 0x128000, (PBYTE)"\x8B\xFF\x55\x8B\xEC\x5D\x00\x00\x00\x00\x00\xCC\xCC\xCC\xCC\xCC\x8B\xFF\x55\x8B​\xEC\x51", "xxxxxx?????xxxxxxxxxxx"); //XP OS

if(!HookedD3D)
{
DWORD HookedD3DA = FindPattern(hD3D, 0x128000, (PBYTE)"\xC3\x90\x90\x90\x90\x90\x8B\xFF\x55\x8B\xEC\x5D\xEB\x00\x90\x90\x90\x90\x90\x8B​\xFF\x55\x8B\xEC\x6A\xFF", "xxxxxxxxxxxxx?xxxxxxxxxxxx"); //Win 7 OS
HookedD3D = HookedD3DA + 0x6;
}

VirtualProtect((void *)(HookWALLS - 6), 1000, PAGE_READWRITE, &dwBack);
memcpy((void *)(HookWALLS - 6),&WALLCALL,sizeof(WALLCALL));
VirtualProtect((void *)(HookWALLS - 6), 1000, dwBack, &dwBack);

VirtualProtect((void *)(HookDrawCrosshair - 6), 1000, PAGE_READWRITE, &dwBack);
memcpy((void *)(HookDrawCrosshair - 6),&DrawCrossHair,sizeof(DrawCrossHair));
VirtualProtect((void *)(HookDrawCrosshair - 6), 1000, dwBack, &dwBack);

VirtualProtect((void *)(HookNAKED - 6), 1000, PAGE_READWRITE, &dwBack);
memcpy((void *)(HookNAKED - 6),&NAKED_DIP,sizeof(NAKED_DIP));
VirtualProtect((void *)(HookNAKED - 6), 1000, dwBack, &dwBack);

MakeCall((BYTE *)(HookNAKED + 0x13),HookDrawCrosshair ,5);
MakeCall((BYTE *)(HookNAKED + 0x20),HookWALLS ,5);

DetourFunc((BYTE *)(HookNAKED + 0x28),(BYTE *)(HookedD3D + 5),5);
DetourFunc((BYTE *)(HookedD3D),(BYTE *)HookNAKED,5);
retDIPD3D9 = ( HookedD3D + 0x6 ) + 0x6;
DetourFunc( ( PBYTE )( HookedD3D + 0x6 ), ( PBYTE )DIPMidfunction, 5 );


}
}

return TRUE;
}


Tahap selanjutnya : KLIK GAMBAR UNTUK MEMPERBESAR
[Image: xc.JPG]
[Image: D3D.JPG]

Build Projek anda

Maaf bila saya gk kasih Link Downloadnya, usaha sendiri yah sob Yes

Sign up here with your email address to receive updates from this blog in your inbox.