BY-PASS hackshield RF novus rising summary

Quote:

Originally Posted by jhejay01 turning off the kernel is way to sophisticated. as well us building up a HS that wont inject the DLL of RF. bypassing new RFPH is very easy just do some experiment inside the hackshield folder and thats it! nasa en-ph ^^ 1st, method sa BIN. edit nyo. hanapin nyo yung "Declaration na" "Game Hack Ditected" 2nd, wag nlng kayu mag tanong kung pano. C++ gamitin nyo. "UPX" ang pag pack nila sa RF exe. nandun lahat kailangan nyo. enjoy. as you notice inside the hackshield folder may mga nadagdag na files just do something to this new 3 folder... and xmpre sa files na psapi.dll and EHsvc.dll.. i know u knew it... what i did is to make a dummy files or to fool the game that it really uses the real hackshield. Let's start with the files that come along with hackshield, these are: - EhSvc.dll the main Hackshield file, contains the HackShield class used by Engine.dll, does the basic functions like loading/unloading its kernel mode driver, file integrity scanning, memory integrity scanning. the checksum generated by the integrity scans are used to authenticate with the game-server - v3warpns.v3d and v3warpds.v3d contain each a kernel mode driver (.sys file) in encrypted from, one v3d contains a win9x driver the other a winNT driver. once the driver has been loaded it will protect the ro process from being accessed (read/write) by every non-kernel mode programm (example: taskmanager) - v3pro32s.dll i didn't look at it yet, but i suspect it to be the loader for the .sys driver files (.v3d files) maybe not written by Hackshield creators - EGRNAP.dll and EGRNAPX2.dll ahhnlab "anti-virus" scanning libs, probably used to scann for programms like packet sniffers, memory editors etc - Hshield.log produced by EhSvc.dll, its encrypted with an evolving XOR key, i've reversed that algo, its included in my hackshield emu source & there's a ready to use decryption tool in SagaTools, however it doesn't contain much useful info (basically logs detections/checksum errors for gravity/hackshield to investigate) - psapi.dll a proccess helper library by Microsoft, nothing special clue : 1. bypass HS. 2.edit rf bin. (EHSvc.dll related) 3.edit rf.exe using XVI32 [launcher] (edit it so the patcher wont patch your edited HS folder) Check nio ha sa en-ph folder ng rf eh may mga hidden files which is a process status helper. Hindi katulad dati na 3 lang ang DLL, ngaun more than 10 na. CCR put it there for a reason. Hindi lang psapi.dll ang tumatakbo ngaun madami pa. Ung iba naddc kahit ma bypass pa nila kasi ngaun may server side checks na ginagawa ang server ng LU per client na nakakonek sa kanila so if 1 of the DLL's doesn't respond, disconnected kayo. ALL THOSE THINGS WAS IDEAS COMBINED IM THIS FORUM.... PAG USAPAN NATIN PARA MAGAWA NA :):):):):):):):):):):)

Quote:

Originally Posted by jhejay01 turning off the kernel is way to sophisticated. as well us building up a HS that wont inject the DLL of RF. bypassing new RFPH is very easy just do some experiment inside the hackshield folder and thats it! nasa en-ph ^^ 1st, method sa BIN. edit nyo. hanapin nyo yung "Declaration na" "Game Hack Ditected" 2nd, wag nlng kayu mag tanong kung pano. C++ gamitin nyo. "UPX" ang pag pack nila sa RF exe. nandun lahat kailangan nyo. enjoy. as you notice inside the hackshield folder may mga nadagdag na files just do something to this new 3 folder... and xmpre sa files na psapi.dll and EHsvc.dll.. i know u knew it... what i did is to make a dummy files or to fool the game that it really uses the real hackshield. Let's start with the files that come along with hackshield, these are: - EhSvc.dll the main Hackshield file, contains the HackShield class used by Engine.dll, does the basic functions like loading/unloading its kernel mode driver, file integrity scanning, memory integrity scanning. the checksum generated by the integrity scans are used to authenticate with the game-server - v3warpns.v3d and v3warpds.v3d contain each a kernel mode driver (.sys file) in encrypted from, one v3d contains a win9x driver the other a winNT driver. once the driver has been loaded it will protect the ro process from being accessed (read/write) by every non-kernel mode programm (example: taskmanager) - v3pro32s.dll i didn't look at it yet, but i suspect it to be the loader for the .sys driver files (.v3d files) maybe not written by Hackshield creators - EGRNAP.dll and EGRNAPX2.dll ahhnlab "anti-virus" scanning libs, probably used to scann for programms like packet sniffers, memory editors etc - Hshield.log produced by EhSvc.dll, its encrypted with an evolving XOR key, i've reversed that algo, its included in my hackshield emu source & there's a ready to use decryption tool in SagaTools, however it doesn't contain much useful info (basically logs detections/checksum errors for gravity/hackshield to investigate) - psapi.dll a proccess helper library by Microsoft, nothing special clue : 1. bypass HS. 2.edit rf bin. (EHSvc.dll related) 3.edit rf.exe using XVI32 [launcher] (edit it so the patcher wont patch your edited HS folder) Check nio ha sa en-ph folder ng rf eh may mga hidden files which is a process status helper. Hindi katulad dati na 3 lang ang DLL, ngaun more than 10 na. CCR put it there for a reason. Hindi lang psapi.dll ang tumatakbo ngaun madami pa. Ung iba naddc kahit ma bypass pa nila kasi ngaun may server side checks na ginagawa ang server ng LU per client na nakakonek sa kanila so if 1 of the DLL's doesn't respond, disconnected kayo. ALL THOSE THINGS WAS IDEAS COMBINED IM THIS FORUM.... PAG USAPAN NATIN PARA MAGAWA NA :):):):):):):):):):):)

Quote:

Originally Posted by ujeen all i can say is nawawalang gana na ako sa mga online games... puro nlng bug hacks cheat nakikita ko.... no matter what the developer will do to their game to make it safe, it is still a programming language that can be edit and bypass... ika nga eh walang padlock na ginawa na walang kasamang susi.... hays sana sing taba ng utak nyo ang utak ko... ang masasabi ko lang ay magaling ang pinoy napu2nta nga lang sa kalokohan... ^_^

Quote:

Originally Posted by soulhart ARAL ulit ako ng Computer Classes para mas MADALI ko tong intindihin...

Quote:

Originally Posted by novusdeathole nde tinuturo sa skul yan sariling sikap yan...