are there new scan ranges or api detections ? becuz i had only an d3d hack on atm and i got kicked for game hook

Yours, Haxing

yeah there out was updated today :dead:

http://www.darkhex.us/forum/showpost.php?p=1730&postcount=6

could this help?

Nah thats not related.

What I am putting my money on is that they've done exactly what Drunken Cheetah predicted months ago.

This is what he said:



LPDIRECT3DDEVICE9 Device;//from engine....
DWORD hDX = (DWORD)GetModuleHandle("d3d9.dll");
PIMAGE_OPTIONAL_HEADER poh=(PIMAGE_OPTIONAL_HEADER) OPTHDROFFSET(hDX);
if (&Device->DrawIndexPrimitive < hDX || &Device->DrawIndexPrimitive > hDX + poh->SizeOfImage) Detected = true;


----------------------
That's an example of "Hook" detection, A check like that would make the stealth injection and any recompiled versions detected. Ok, before anyone gets upset...it's not helping PB, as they have used this method in america's army...it's just the next level of detection they will most likely use, and it was bypassed in AA. after that everyone switched to uscript bots cause DirectX hacks couldn't compete.

I have also found that their not detecting my hack if I remove all the d3d hooks and leave in my vTable hooks for minimap, tags etc. So that means they aren't detecting game functions hooks and only d3d hooks.

As for bypassing this, im thinking a vTable hook on the d3d functions you need which point to a spare area in d3d9.dll which simply jumps to the real hook function in your .dll. That way &Device->DrawIndexPrimitive will look like the function is in d3d9.dll.

Does someone has more infos about their new D3D hook detection and how to bypass it?

I have also noticed they have updated their screenshot method. Looks like the good old gpa/ddc method wont work. I'm thinking they are using the screenshot method in AA but I havent checked it out. Any info with regards to screenshots? and what type of bans/kicks are resulting from basic D3D hacks?

2min kick at the moment

Does someone has more infos about their new D3D hook detection and how to bypass it?

open your eyes :P look above

it's not just D3D. my hack uses no direct 3d hooks or code at all and it's detected. not sure why. can you post your kick message and ID?

best,
cal

my error says:

You have been been kicked via Punkbuster: for (0) minutes...
Restrictions: corrupted file/memory [125003]

this is mine

thats the same one im getting with mine. Well actually I got a 2 min kick.

i got an game hook 12*** and used mem+D3d in 1 dll cant try it out for the exact voilation. got for the 6 th time guid banned it seems that punkbuster guid bans for the first persons afther update/detection cuz an friend of mine got an day ofther kicked (everytime) and got not guid banned strange

Yours, Haxing

it's not just D3D. my hack uses no direct 3d hooks or code at all and it's detected. not sure why. can you post your kick message and ID?

best,
cal

my error says:

You have been been kicked via Punkbuster: for (0) minutes...
Restrictions: corrupted file/memory [125003]

this is mine

I used to get the same error a while back when I changed mem in renddx9.dll that where custom offsets that PB did not recognize as a hack, but did seem to notice that the memory failed the crc check.

what if you forced the game to use the d3d8 instead of the d3d9...

pb dont scan the d3d8...

T0m, I think your on to something here.

open your eyes :P look above

I saw that post but I was hoping some of the experts like DC or anyone who has already beaten this detection would post some more infos how it works and how they bypassed it.


what if you forced the game to use the d3d8 instead of the d3d9...

pb dont scan the d3d8...

Are you sure its possible to force the game in DX8 mode? I always thought its DX9 only ...



So does anyone come up with a workaround yet?? Any help in this direction would be greatly appreciated.

Are you sure its possible to force the game in DX8 mode? I always thought its DX9 only ...


The game uses function thats d3d9 only, so making it use d3d8 is not an option.

Is this detection for BF2 Demo aswell. Because my friend, who only has the demo only, uses d3d hack all the time in the demo servers. I told him about how lots of people were getting banned by the d3d hack, and he said his was still undetected. I even asked him to check the PB versions and he said it was the current.

Nah they only do these checks on the full version of the game. So hes safe for now.