another HackShield bypass method

12/07/2011 15:05 ruan5212#46
fail to run on China Mabinogi client

Hope Yiting could save Chinese Mabier in someday T___T
12/07/2011 20:04 Yiting#47
Quote:
Originally Posted by ruan5212 View Post
fail to run on China Mabinogi client
Try KR_TEST version on page 4, CN server is using new interface same with KR.
12/08/2011 14:46 eeaanndd#48
Thanks
12/08/2011 17:12 Yiting#49
Quote:
Originally Posted by Yiting View Post
Hi everyone,

I made a new one could completely replace HackShield.....
You can just delete HShield folder if you use this one, you don't need it any more. :cool:

Important:
- This is experimental version, it may not work if HackShield update the server.
- Do NOT use on other mabinogi server, currently for US server only.

I try this version on CN server whole day (they don't ban my location), and nothing goes wrong.
That means HackShield has been broken, and this isn't just a bypass any more.

So.... I think this shouldn't be released in public, and I will stop answering anything about it.


By the way, I'm playing mabinogi on TW server, and still not getting HackShield started using.....
12/08/2011 19:21 tylian1#50
I'd still classify it as a bypass, unless you're completely emulating HackShield's API at this point. :P

Also aww, this was one of my favourite bypasses. I've grown seriously sick of having to stack hack upon hack upon hack upon hack just to have simple mods working. :/


Edit: Upon a second look it actually does look like a HS Emulator.. well I'll be .. xD
12/08/2011 21:08 Heavenlyhero#51
I'm pretty sure he's classified it as a hackshield emulator..
12/08/2011 22:47 Yiting#52
Let me share some idea here. :)


After finished the first version, I start hacking the driver part, cause driver cannot be applied very complicated protection as an application.

About one week later, I finished crypto and hash function used in driver.
So I could just hook DeviceIoControl API, and let HackShield believes driver has been running.

After that, I could directly launch HackShield in Visual Studio.......:cool:
I think it's not hard for many people to trace HackShield via debugger.

Then three days later, I made the experimental version just only one dll without any exe file. All HackShield operation was performed by itself.
12/10/2011 06:06 imperf#53
cool
it works.
but kaspersky doesn't like it
12/10/2011 16:35 icolose#54
does this also work for vindictus?
12/11/2011 17:03 mylovein#55
Quote:
Originally Posted by Yiting View Post
Let me share some idea here. :)


After finished the first version, I start hacking the driver part, cause driver cannot be applied very complicated protection as an application.

About one week later, I finished crypto and hash function used in driver.
So I could just hook DeviceIoControl API, and let HackShield believes driver has been running.

After that, I could directly launch HackShield in Visual Studio.......:cool:
I think it's not hard for many people to trace HackShield via debugger.

Then three days later, I made the experimental version just only one dll without any exe file. All HackShield operation was performed by itself.
great,but how can i use pake?:confused:
12/11/2011 17:25 Yiting#56
Quote:
Originally Posted by imperf View Post
cool
it works.
but kaspersky doesn't like it
I update a new one on first post, it shouldn't be complained by antivirus anymore...... (i guess
12/12/2011 03:48 imperf#57
thanks
12/12/2011 07:09 492341716#58
thank you
12/12/2011 08:17 apmx#59
it doesn't work on EU server xD
Error Code:0x00000206
12/12/2011 10:44 muaamaizi#60
it doesn't work on WinXP
Error :"0x01941545" Instruction references memory of "0x00000001".This memory has not "read".