[REL] Unpacked HackShield

Hello,

this is the first time i post something on EPvP,i come from InForge's ES Section and i have experience about hacking,reverse engineering,etc...
I want to post here because i think IF's section is not capable to do something TRUE,i find too many lamers or kids,so,well,i hope i can find someone better here :p

Please,if you are asking something or just saying something in this thread: TYPE ENGLISH,i can't understand german :D

[Only registered and activated users can see links. Click Here To Register...]

Well,anyway,what i have i done?
I just unpacked Themida,now you can clearly see anything in EHSvc module,extracting resources (Eagle Eye <3) and sh*t like that,with this you can build a bypass.


Here you can download it:
[Only registered and activated users can see links. Click Here To Register...] (ElSword IT)
[Only registered and activated users can see links. Click Here To Register...] (ElSword FR)

If you need a "deep" documentation,here's the official SDK:
[Only registered and activated users can see links. Click Here To Register...]

I don't post a VirusTotal scan,because are just libreries,fisically you wouldn't execute the code,just analysing it with IDA.

Credits:
Me.


This EHSvc comes from ElSword IT,if you need ES DE's one just upload it on Mediafire and i'll unpack it.

If you successfully found the bytes to patch,let me know ;)
Moreover,if you found the bytes to patch but you don't know how to inject the bypass just ask me,i know the way :D

Cya and good luck :)

Your Website is exactly 1 month old. You are only 18. Your Admin E-Mail is just a spam E-Mail... Do you really think, you have any chances?
And why don't you just put your releases in the attachment? Way easier for every one to download.

Quote:

Originally Posted by Dosatron01 Your Website is exactly 1 month old. You are only 18. Your Admin E-Mail is just a spam E-Mail... Do you really think, you have any chances? And why don't you just put your releases in the attachment? Way easier for every one to download.

My website is older than 1 month,just changed domain name.
I'm 18,but it changes nothing,i know many people came here of the same age and done same things as me,anyway i can't find any reference about my age and the release :rolleyes:

I use my own website because i find it easier to use an FTP Client and because it is a public release :) it is a direct download,it is MORE easy than downloading from attachments.

Chances about what? :P
Spam mail? what are you talking about?

Quote:

Originally Posted by d3v1l401 My website is older than 1 month,just changed domain name. I'm 18,but it changes nothing,i know many people came here of the same age and done same things as me,anyway i can't find any reference about my age and the release :rolleyes: I use my own website because i find it easier to use an FTP Client and because it is a public release :) it is a direct download,it is MORE easy than downloading from attachments. Chances about what? :P Spam mail? what are you talking about?

It just doesn't seem very trustful, that is all.
And all of these informations are from googling your website.

Quote:

Originally Posted by d3v1l401 because i think IF's section is not capable to do something TRUE,i find too many lamers or kids,so,well,i hope i can find someone better here :p

It's so good to hear something like that, ti quoto al 200% :)

Quote:

Originally Posted by Dosatron01 It just doesn't seem very trustful, that is all.

He's very trusted in our Elsword forum, don't worry.

Mm... Good job unpacking, but, few people in that forum know how works ida/olly, and exists easy ways to bypass it. But i think i know how to bypass launcher, just patching one db(string). Tomorrow i'll try do it. Add me on skype pls: ernilos

Quote:

Originally Posted by Dosatron01 It just doesn't seem very trustful, that is all. And all of these informations are from googling your website.

Dude,just because you don't know me here,does not mean i'm not known somewhere else.
I have years of experience about these things :)
I know i'm new and you don't trust me,i know it because i have the same behavior you have with me right now.
Trust me,i'm an engineer :D

Anyway,trusted or not,technically it should be analysed by IDA / Olly,if you don't trust me enough and if you have a minimum of RE skills you can easily understand i'm not lieing :p

Quote:

Originally Posted by d3v1l401 This EHSvc comes from ElSword IT,if you need ES DE's one just upload it on Mediafire and i'll unpack it.[/spoiler]

Can you unpack this ElSword FR [Only registered and activated users can see links. Click Here To Register...] ?

Quote:

Originally Posted by Sahibah Can you unpack this ElSword FR [Only registered and activated users can see links. Click Here To Register...] ?

Here it is:
[Only registered and activated users can see links. Click Here To Register...]

Quote:

Originally Posted by d3v1l401 Here it is: [Only registered and activated users can see links. Click Here To Register...]

i got this error:

Forbidden

You don't have permission to access /Releases/EHSvc_ES_FR.dll on this server.

Quote:

Originally Posted by Sahibah i got this error: Forbidden You don't have permission to access /Releases/EHSvc_ES_FR.dll on this server.

Strange thing,here it is:
[Only registered and activated users can see links. Click Here To Register...]

Quote:

Originally Posted by d3v1l401 Strange thing,here it is: [Only registered and activated users can see links. Click Here To Register...]

thank you ^^

it is a what?

does this work on Elsword ES? ^^

Quote:

Originally Posted by Karui does this work on Elsword ES? ^^

It isn't even a hack.