|
You last visited: Today at 07:09
Advertisement
[Fix] Proxy-DLL
Discussion on [Fix] Proxy-DLL within the Kal Hacks, Bots, Cheats & Exploits forum part of the Kal Online category.
03/11/2011, 20:24
|
#16
|
elite*gold: 0
Join Date: Dec 2005
Posts: 152
Received Thanks: 10
|
****, Inix fixed this one fast:
|
|
|
03/11/2011, 21:30
|
#17
|
elite*gold: 220
Join Date: Jun 2007
Posts: 3,768
Received Thanks: 1,126
|
Quote:
Originally Posted by DrogenViech
****, Inix fixed this one fast:
|
hf at learning =) the source was just an example
|
|
|
03/11/2011, 21:56
|
#18
|
elite*gold: 0
Join Date: Dec 2010
Posts: 1,196
Received Thanks: 682
|
Ok now you have to debugg kal and look how the new filecheck works and disarm it.
Or you just nop the filecheck, which might be easier
|
|
|
03/11/2011, 22:55
|
#19
|
elite*gold: 0
Join Date: Feb 2011
Posts: 4
Received Thanks: 0
|
Am i totally wrong if i see the check here
Code:
0047D100 - 55 - push ebp
0047D101 - 8B EC - mov ebp,esp
0047D103 - 83 EC 1C - sub esp,1C
0047D106 - 83 7D 08 00 - cmp dword ptr [ebp+08],00
0047D10A - 74 06 - je 0047D112
0047D10C - 83 7D 0C 00 - cmp dword ptr [ebp+0C],00
0047D110 - 75 0A - jne 0047D11C : [OpenRegKey+17CE]
0047D112 - B8 57000780 - mov eax,80070057
0047D117 - E9 C1000000 - jmp 0047D1DD
0047D11C - 8D 45 FC - lea eax,[ebp-04]
0047D11F - 50 - push eax
0047D120 - 8B 4D 08 - mov ecx,[ebp+08]
0047D123 - 51 - push ecx
0047D124 - E8 6D3E2300 - call 006B0F96 : [->GetFileVersionInfoSizeA]
0047D129 - 89 45 F8 - mov [ebp-08],eax
0047D12C - 83 7D F8 00 - cmp dword ptr [ebp-08],00
0047D130 - 0F86 A2000000 - jbe 0047D1D8
0047D136 - 8B 55 F8 - mov edx,[ebp-08]
0047D139 - 52 - push edx
0047D13A - E8 83FA2300 - call 006BCBC2
0047D13F - 83 C4 04 - add esp,04
0047D142 - 89 45 EC - mov [ebp-14],eax
0047D145 - 8B 45 EC - mov eax,[ebp-14]
0047D148 - 89 45 F4 - mov [ebp-0C],eax
0047D14B - 83 7D F4 00 - cmp dword ptr [ebp-0C],00
0047D14F - 75 0A - jne 0047D15B
0047D151 - B8 0E000780 - mov eax,8007000E
0047D156 - E9 82000000 - jmp 0047D1DD
0047D15B - 8B 4D F4 - mov ecx,[ebp-0C]
0047D15E - 51 - push ecx
0047D15F - 8B 55 F8 - mov edx,[ebp-08]
0047D162 - 52 - push edx
0047D163 - 6A 00 - push 00
0047D165 - 8B 45 08 - mov eax,[ebp+08]
0047D168 - 50 - push eax
0047D169 - E8 223E2300 - call 006B0F90 : [->GetFileVersionInfoA]
0047D16E - 85 C0 - test eax,eax
0047D170 - 74 54 - je 0047D1C6
0047D172 - C7 45 F0 00000000 - mov [ebp-10],00000000
0047D179 - 8D 4D F8 - lea ecx,[ebp-08]
0047D17C - 51 - push ecx
0047D17D - 8D 55 F0 - lea edx,[ebp-10]
0047D180 - 52 - push edx
0047D181 - 68 B8ED6E00 - push 006EEDB8 : [0000005C]
0047D186 - 8B 45 F4 - mov eax,[ebp-0C]
0047D189 - 50 - push eax
0047D18A - E8 FB3D2300 - call 006B0F8A : [->VerQueryValueA]
0047D18F - 85 C0 - test eax,eax
0047D191 - 74 33 - je 0047D1C6
0047D193 - 83 7D F0 00 - cmp dword ptr [ebp-10],00
0047D197 - 74 2D - je 0047D1C6
0047D199 - 8B 4D 0C - mov ecx,[ebp+0C]
0047D19C - 8B 55 F0 - mov edx,[ebp-10]
0047D19F - 8B 42 08 - mov eax,[edx+08]
0047D1A2 - 89 41 04 - mov [ecx+04],eax
0047D1A5 - 8B 4D 0C - mov ecx,[ebp+0C]
0047D1A8 - 8B 55 F0 - mov edx,[ebp-10]
0047D1AB - 8B 42 0C - mov eax,[edx+0C]
0047D1AE - 89 01 - mov [ecx],eax
0047D1B0 - 8B 4D F4 - mov ecx,[ebp-0C]
0047D1B3 - 89 4D E8 - mov [ebp-18],ecx
0047D1B6 - 8B 55 E8 - mov edx,[ebp-18]
0047D1B9 - 52 - push edx
0047D1BA - E8 F61E2500 - call 006CF0B5
0047D1BF - 83 C4 04 - add esp,04
0047D1C2 - 33 C0 - xor eax,eax
0047D1C4 - EB 17 - jmp 0047D1DD
0047D1C6 - 8B 45 F4 - mov eax,[ebp-0C]
0047D1C9 - 89 45 E4 - mov [ebp-1C],eax
0047D1CC - 8B 4D E4 - mov ecx,[ebp-1C]
0047D1CF - 51 - push ecx
0047D1D0 - E8 E01E2500 - call 006CF0B5
0047D1D5 - 83 C4 04 - add esp,04
0047D1D8 - B8 05400080 - mov eax,80004005
0047D1DD - 8B E5 - mov esp,ebp
0047D1DF - 5D - pop ebp
0047D1E0 - C3 - ret
|
|
|
03/11/2011, 23:22
|
#20
|
elite*gold: 0
Join Date: Feb 2009
Posts: 256
Received Thanks: 474
|
Detours still works perfectly for me. Make sure the functions got detoured. Also keep in mind the whole thing is about timing - The detours has to be placed before the check is executed = depends on speed of computer.
Of-course there are still other solutions... such as changing the "jump if equal" to "always jump".
@lortemail
I can't check it atm but it's easy to find -> let the engine display error message box and return back into engine code section.
|
|
|
03/12/2011, 02:42
|
#21
|
elite*gold: 0
Join Date: Dec 2010
Posts: 1,196
Received Thanks: 682
|
simply look at the call stack
and there should be a call made out off the engine.exe
|
|
|
03/12/2011, 15:40
|
#22
|
elite*gold: 10
Join Date: Jul 2009
Posts: 396
Received Thanks: 19
|
i gave you thanks because you help hacking community
even though i don't know a **** =)
|
|
|
03/14/2011, 12:25
|
#23
|
elite*gold: 46
Join Date: Mar 2006
Posts: 2,589
Received Thanks: 1,198
|
I think your method isnt that good
you invested to much time with detours , just make a codecave and rip the check off.
|
|
|
03/14/2011, 20:03
|
#24
|
elite*gold: 0
Join Date: Feb 2009
Posts: 256
Received Thanks: 474
|
Don't think I even use this method. I have my different ways .
However to put together those detours is a matter of 2 mins on MSDN to copy signatures of those functions
|
|
|
03/14/2011, 21:29
|
#25
|
elite*gold: 46
Join Date: Mar 2006
Posts: 2,589
Received Thanks: 1,198
|
true but I like your clean coding style ... youre thinkin of what youre doin i like
i wish there would be more people out there release their source codes, did you know that this section has a underground topic? some people in there im included but its dead there , nobody is contributin or workin on something...
it would be cool to see some active people and start coding some bad *** good bot or hacktool for kal
|
|
|
03/14/2011, 21:55
|
#26
|
elite*gold: 0
Join Date: Feb 2009
Posts: 256
Received Thanks: 474
|
Quote:
Originally Posted by syntex
true but I like your clean coding style ... youre thinkin of what youre doin i like
i wish there would be more people out there release their source codes, did you know that this section has a underground topic? some people in there im included but its dead there , nobody is contributin or workin on something...
it would be cool to see some active people and start coding some bad *** good bot or hacktool for kal
|
I prefer working with classes, however such code would be much more difficult to read for the newbies (Where is the Entry Point, where are exports initialized and so on).
I don't know about any private topic in this section.
Look at me, I have all essential stuff needed to work on clientless. Even tested and proved to work. And I don't have time to work on it. I think it's rather laziness combined with lack of time.
|
|
|
03/15/2011, 04:34
|
#27
|
elite*gold: 0
Join Date: Jun 2010
Posts: 53
Received Thanks: 3
|
well.. a few of people who knows (Thanks) but i think they are all talked and said thanks to u it's enough for getting Fame Right?
|
|
|
03/15/2011, 14:12
|
#28
|
elite*gold: 46
Join Date: Mar 2006
Posts: 2,589
Received Thanks: 1,198
|
youre dumb, its not about gettin fame.. its about educate youre self and havin fun while coding **** ..
yea thiesius classes are more diffucult to read and your release is all fine
the only problem is to find sparetime - learnin , work , hobbys, friends and so on :]
|
|
|
03/16/2011, 00:29
|
#29
|
elite*gold: 0
Join Date: Jan 2009
Posts: 915
Received Thanks: 134
|
Quote:
Originally Posted by syntex
it would be cool to see some active people and start coding some bad *** good bot or hacktool for kal
|
didnt you said 1 month ago that you dont care anymore about kal and stuff - waste of time etc? :P
back2topic:
good job thiesus (as always) :P
|
|
|
03/16/2011, 22:32
|
#30
|
elite*gold: 46
Join Date: Mar 2006
Posts: 2,589
Received Thanks: 1,198
|
hehe , kal is a waste of time ... but coding for it for education purpose is ok :]
i dont like to play the game anymore and I dont think that you can make alot of business with kal but you can still have fun coding some weird **** for it
|
|
|
|
|
Similar Threads
|
[FRAGE] WAS IST PROXY WAS MACHT MAN DAMIT ? [PROXY]
11/12/2010 - Main - 7 Replies
Hallo Com! ,
Ich habe das Wort Proxy schon oftr gehört , aber immernoch nicht verstanden was das ist und was man damit macht.
Jemand meinte das wäre so was Anonymes ...
Also bitte ich hier um eine gute Erklärung ;)
Danke!
|
Proxy geht nicht/Proxy doesn´t work
08/10/2010 - Metin2 Private Server - 0 Replies
Folgendes Problem:
Squid ist installiert.
Startet anscheinend nicht richtig, funktioniert einfach nicht.
Die Meldung welche kommt, wenn man startet:
2010/08/10 17:02:26| Starting Squid Cache version 2.7.STABLE9 for i386-portbld-freebsd7.1...
2010/08/10 17:02:26| Process ID 1952
2010/08/10 17:02:26| With 11095 file descriptors available
2010/08/10 17:02:26| Using kqueue for the IO loop
|
Wer will ne Proxy ? Ja genau du willst ne Proxy xD !
07/23/2010 - Metin2 Private Server - 11 Replies
Moin,
Wer hat einen Root-Server und will eine Proxy ?
Proxy:
Proxy ermöglicht dir deine IP zu ändern die dan auch die selbe bleibt.
Dadurch hast du auf einem DynDNS oder Root-Server 24/7 GM-Rechte.....
Ich hab nen Install script das ich den auch Pub machen werde
Aber davor testen möchte.
|
4326 PROXY FIX Post All Proxy Fixes Here
11/26/2006 - CO2 Exploits, Hacks & Tools - 22 Replies
post only the fixes for proxy here plz dont post original file. NO QUESTIONS PLZ. DONT ASK FOR ORIGINAL QOPROXY. just search and hope u dont get the keylogged version :P
Fix for patch4326 (not really an intentional patch for proxy. required little editing ;))
replace old ini in qoproxy folder with this one
|
All times are GMT +2. The time now is 07:09.
|
|