This is (hopefuly) going to be an easy to understand tutorial,
which will show you, how to bypass the HackShield included in the official DE Client.
Code:
Warning!: Clients bypassing HackShield are easily detected by the Server,
since HackShield sends security packets to the server every few
minutes.
If you are going to ByPass HackShield,
you should only use test accounts!
Required Tools:
Step 1: Analyzing
Quote:
To get started, we have to analyze the Client first.
The best of all free analyzing tools is PEiD.
Simply download and unpack it, and drag and drop the Client onto it's GUI.
UPX is nothing else than a simple packer. Since it's a free open-source Tool,
you can download it from their sourceforge project site (link posted above)
Step 2: Unpacking
Quote:
UPX is a simple command line based tool. Once you've downloaded and unpacked UPX,
you can simply use a batch file, to unpack the Client.
The Batch-File could look like this:
Code:
upx -d -o TClient_unpacked.exe TClient.exe
(i've attached my batch file to the post)
just put Client, Batch-File, and the UPX-packer into one and the same Dir
once the analyzing is completed, we will have to check, where the HackShiel dll gets loaded.
to do that, we'll simply check each single dll, which gets loaded by the LoadLibraryA function.
5. Rightclick again, and open the modular calls window.
Now all of those Calls should be red marked.
Once that happend, we can run the client using F9.
It will break, whenever a dll gets loaded into the client now.
So we have to check the upper right box containing the registers
to notice, which dll gets loaded.
7. Press F9 until we find a dll stored in \HShield\...
Now that we've found the call, which runs the LoadLibraryA function,
we will have to trace it back, to the call, which starts the injection, to remove that one.
8. Scroll up to the Entry Point of the function. Entry points are allways marked by $!
19. Remove the Breakpoints from the MessageBoxA functions, since we don't need them anymore (simmilar to Step 11)
20. Reset the client, apply both patches again and run or save the client, since we're done now =)
Bypassing the Hackshield will DC you from Time to Time, since the security packets won't get send to the server.
So after all you got a max of 5-10minutes online for reversing the client.
Bonus:
Quote:
I'll attach the Normal, Unpacked and Unpacked_Patched client to this Post, as a proof of concept =)
to patch the Client to run it without HS isn't that complicated. You get dc after 20 seconds because you don't send the correct packet to the server. But i'm fair and give you a thanks for this work.
to patch the Client to run it without HS isn't that complicated. You get dc after 20 seconds because you don't send the correct packet to the server. But i'm fair and give you a thanks for this work.
Well, i'm not playin' 4story.
In the last days there have been lots of questions about the hs in 4story. All i did was downloading the client, and remove the hs, to open a gate for beginner reversing engineers.
To build real hacks/cracks, it would be necessary, to know the game system...
to patch the Client to run it without HS isn't that complicated. You get dc after 20 seconds because you don't send the correct packet to the server. But i'm fair and give you a thanks for this work.
if you are so good why you don't have you done a tutorial?
Ist wohl neben dem "Modify the tcd Files"-Tutorial das wohl Hilfreichste, was in diesem gesamten Jahr 2011 im 4Story Bereich veröffentlicht wurde.
In dieser Sektion auch nur ein paar Kentnisse zu erwerben ist leider fast unmöglich.
Jedenfalls 5* und ein Thanks für das Tutorial.
eine kleine Sache..das Unpacken geht ja praktisch auch direkt mit PEiD.
Ist wohl neben dem "Modify the tcd Files"-Tutorial das wohl Hilfreichste, was in diesem gesamten Jahr 2011 im 4Story Bereich veröffentlicht wurde.
In dieser Sektion auch nur ein paar Kentnisse zu erwerben ist leider fast unmöglich.
Jedenfalls 5* und ein Thanks für das Tutorial.
eine kleine Sache..das Unpacken geht ja praktisch auch direkt mit PEiD.
wie bereits erwähnt habe ich selbst keinen account für dieses spiel, und bin auch nicht darann interessiert. bin nur über anfragen in der coding section auf diese aufmerksam geworden, und war erschüttert, als ich gesehen habe, wie anfängern hier die tür vor der nase zugeschlagen wird.
gerade bei spielen wie diesem, wo es bis vor kurzem anscheinend noch möglich war ungehindert den client zu erforschen, sollte man sein bereits erworbenes wissen auch mit der community teilen.
hoffen wir, dass es einige leute vielleicht anregt ebenfalls mal etwas fürs allgemeinwohl zu tun. ich bin mir sicher das es auch hier leute gibt, welche den client lange genug analysiert haben, um einzelne client funktionen genaustens erklären zu können.
hey, quick question real fast from a noob<~~~~ umm, those downloads at the bottom of ur post, is the unpatched tclient the full bypass? so could i just replace my original TClient in the game with that one and it will work?
hey, quick question real fast from a noob<~~~~ umm, those downloads at the bottom of ur post, is the unpatched tclient the full bypass? so could i just replace my original TClient in the game with that one and it will work?
full bypass means, that it's not for normal usage.
as mentioned many times, this will make you disconnect every few minutes.
beside that, u'll be easily detected by the server as cheater, since u're not sending the security packets.
Keine Ahnung warum sich hier bei keinem Fragen auftun, liegt wohl daran, dass 98% einfach nur am Download des fertigen TClients interessiert sind.
Jedenfalls komme ich an einem Punkt nicht weiter.
Also mein Problem:
1.Ich hab die calls von LoadLibaryA "gebreakpoint" & doppelklicke den ersten Breakpoint.
Keine Ahnung warum sich hier bei keinem Fragen auftun, liegt wohl daran, dass 98% einfach nur am Download des fertigen TClients interessiert sind.
Jedenfalls komme ich an einem Punkt nicht weiter.
Also mein Problem:
1.Ich hab die calls von LoadLibaryA "gebreakpoint" & doppelklicke den ersten Breakpoint.
HSHIELD BYPASS TUTORIAL FOR M2FISH/TUTORIAL DE BYPASS HSHIELD PENTRU FISHBOT 07/21/2011 - Metin2 - 5 Replies English:
HI GUYS!
HERE IS ONLY ONE STEP TO BYPASS THE HSHIELD ! U HAVE TO EXCHANGE THE HSHIELD FOLDER FROM METIN2 FOLDER WITH THIS ONE MEGAUPLOAD - The leading online storage and file delivery service PASS FOR INSTALL: deusmortem
Romanian:
Salut lume!
Aveti de facut un singur lucru pentru a trece de hackshieldul metinului: schimbati folderul hshield din dosarul metin2 cu acesta MEGAUPLOAD - The leading online storage and file delivery service parola pentru instalare : deusmortem
i...
Urgent Help:Hackshield-build 4.3.30.0 03/05/2011 - General Coding - 0 Replies Can someone tell me how to bypass this hackshield? i haven't found anything useless on google...
The game with the hackshield is Avalon Heroes. Hackshield version:4.3.30.0
I just need someone to tell me how to bypass it.That's all. Pls urgent help.
[Hackshield]Bypass the new protection hackshield 01/25/2010 - Silkroad Online - 2 Replies Today i was so mad from agbot so i found the loader lite 3...
so i tried to connect with him to ibot (port : 16000) and failed cuz of the hackshield .... so i tried to rename the "hackshield" file dictory and it was full of success ... but i dont know .. should i get banned for it? (i bought silks)
if no ill post here the download and guide...
Thank's alot : Kobbi :)
![[Tutorial] How to Build a Hackshield Bypass](https://www.elitepvpers.com/forum/iconimages/4story-hacks-bots-cheats-exploits/tutorial-how-build-hackshield-bypass_ltr.gif){kind=small}
