CRC Collision vs Bypass

08/31/2011 20:05 KevSmash#1
Whats the deal with all these bypasses?

CRC is not a cryptographic hash like SHA512 or MD5 (broken), it's a checksum and can be broken with a pencil and paper if you understand the algorithm, or brute forced (it's not strong)-- as it's not intensive or very hard to brute force by adding padding.

Think about it, do you want to dig around in olly and iderpro all day or just add some garbage to the end of the file?

Edit: vulnerable much?
08/31/2011 20:15 tylian1#2
There are bypasses because it's easier than spoofing the CRC.

If I remember correctly, the CRC isn't calculated by the client. HackShield actually sends small fragments of memory to the server to be check-summed and validated. It would be hard to spoof that without creating an exact memory copy of the client and detouring the CRC memory read to it.

Thus why bypassing the CRC altogether is easier.
08/31/2011 20:31 Checkbox#3
I chose "show me proofs". I believe you wrote this not having any clue what you are talking about.
08/31/2011 20:46 KevSmash#4
Quote:
Originally Posted by tylian1 View Post
There are bypasses because it's easier than spoofing the CRC.

If I remember correctly, the CRC isn't calculated by the client. HackShield actually sends small fragments of memory to the server to be check-summed and validated. It would be hard to spoof that without creating an exact memory copy of the client and detouring the CRC memory read to it.

Thus why bypassing the CRC altogether is easier.

Feh, I had assumed that HS would read the actual dlls and check them against known CRCs all client side. Wouldn't that have been a cake walk and blessing for those of us with no working bypass. Then again, wouldn't it be only half a cake walk to edit the known CRC :/ guess I did not think about this very much like CheckBox said.
08/31/2011 21:51 anthonyjr2#5
Quote:
Originally Posted by Checkbox View Post
I chose "show me proofs". I believe you wrote this not having any clue what you are talking about.
I didn't even know you still looked at these forums.
08/31/2011 22:15 Celestial Link#6
Dude.... You act like it's that difficult to bypass HS otherwise... If you had been wise, you would have watched closely on some accounts.
09/03/2011 03:07 razielsama101#7
Quote:
Originally Posted by Celestial Link View Post
Dude.... You act like it's that difficult to bypass HS otherwise... If you had been wise, you would have watched closely on some accounts.
^^ Derp yo. Some of you people really make shit sound complicated =/