For those of us interested in getting rid of that pesky little thing that ruins all our lives, why not look into defeating hackshield locally? By that I mean, why not effectively empty out its.. *cough* nonessential information (things that make sure we're not hacking) and fool its checking methods (checksums, things of that sort) into thinking all its data was still there? Basically, still letting it look, but not let it know what its looking for. Unless such hack-checking isn't entirely client-side?
Hackshield Bypass idea
06/06/2011 08:59
Epic Shion#1
06/06/2011 10:47
kotarou3#2
I'm guessing that's what most hackshield bypasses do. But actually doing the modification to do that is quite hard... (I'm talking to you, Themidia)
06/06/2011 11:04
Epic Shion#3
Hmm... But it seems like most bypasses add to or modify the data that hackshield uses, I'm thinking to just remove it completely. And of course, it'd either take a lot of work, a lot of time or both, I'd assume. I just wanted to make sure something like that hadn't been attempted and found to be impossible. XD
Personally, methinks someone should just get their hands on the Mabi source so we don't have to deal with all of this XD But that's just me.
Personally, methinks someone should just get their hands on the Mabi source so we don't have to deal with all of this XD But that's just me.
06/06/2011 12:27
adam_j#4
To my knowledge, you can still detour, which is probably what a lot of bypasses do.
Oh, and hackshield is required to login, and stay logged in, btw.
Oh, and hackshield is required to login, and stay logged in, btw.
06/06/2011 13:03
Epic Shion#5
So don't remove it completely, just its data. What I'm saying here is to keep hackshield, and have it respond to the server as if everything were going fine, but client-side it has nothing to check your computer against, only instructions on how to make it seem like everything is okay, and modified checking values so it doesn't notice it doesn't have the other data anymore.Quote:
Oh, and hackshield is required to login, and stay logged in, btw.
Basically, making spoofing an "all clear" state for the sake of the server Hackshield's only purpose.
06/06/2011 13:06
adam_j#6
^Quote:
Oh, and hackshield is required to login, and stay logged in, btw.
Basically, the check happens, but the HS module is never told that anything is wrong, as the message to it was detoured.
Also, I'm fairly sure that HS will simply lol at you if you edit the DLL itself. Checksums and all that.
If that's what you're suggesting, it's not really very clear..
What you're proposing seems extremely complex, and would take a LOT longer than simply replying to the relevant module "yeah, everything's cool".
06/06/2011 13:14
Epic Shion#7
But what a lot of people, including yours truly, are looking for is a way to completely disable Hackshield rather than just avoid catching a particular mod (possibly allowing for free packet editing and other things of that sort again). So basically since hackshield would keep sending the "all clear" no matter what we did, we could pretty much do anything within the abilities of the client (i.e. that wouldn't cause the client to crash, that is realistically possible)
06/06/2011 13:15
adam_j#8
Please don't make me quote myself again.
FYI:
Hackshield never says "LOL I FOUND -specific modification-, NO CLIENT FOR U!"
It gives you a fairly broad category.
Thus, what you are asking is what I've been saying, but instead of wasting hours upon hours removing all the data, you just say "Yep. Everything's fine here."
FYI:
Hackshield never says "LOL I FOUND -specific modification-, NO CLIENT FOR U!"
It gives you a fairly broad category.
Thus, what you are asking is what I've been saying, but instead of wasting hours upon hours removing all the data, you just say "Yep. Everything's fine here."
06/06/2011 13:34
Epic Shion#9
Hmmm... It seems like it'd take even more work to detour as reliably as a removal like this (conceptually 100% success rate), since there are multiple functions to detour, one could miss a few. I suppose it'd be effective enough, if done thoroughly, although another factor to consider is permanence, and I don't know which one if either is more likely for that since Nexon/DevCAT reallllly like patching whatever we decide to mess with. Regardless, I think I'll try it after I get out of school for summer, if nothing else it'll be fun for me :D :D :D Mostly the point of the thread was to see if it had been tried yet, like I said.
06/06/2011 13:57
adam_j#10
Okay, well gl with that..
06/06/2011 21:00
tbstewa#11
this is an idea of what hackshield and the client communicate to each other. if you can EMULATE this data set then you can play with mods. (note this is just a sample of the log taken from an actual file but some information is masked)
06/06/2011 22:42
razer951#12
Can you upload all the logs and decrypted data you have anne post a link? Also maybe the decryption key?
06/06/2011 22:51
adam_j#13
[Only registered and activated users can see links. Click Here To Register...]
06/06/2011 23:21
harrybong1#14
What about Esl.dll can you do anything in there? I recall something about cshell, is there anything you can do with it?