Micromacro for game with sourceCode

Page 1 of 2 1 2
07/03/2009 13:54 meilleur#1
I finded this tool it look a great one I cant try it at the moment with rappelz, I hope you'ill do It use Lua scriptand let me know if it work

[Only registered and activated users can see links. Click Here To Register...]

[Only registered and activated users can see links. Click Here To Register...]

[Only registered and activated users can see links. Click Here To Register...]
07/03/2009 20:17 Night Dragon#2
This looks promising.. hopefully I will have some free time to take a look at it.

Thanks for the post meilleur!
07/03/2009 23:25 Gertos#3
hmmm, the function look like the normal API functions for the remote mouse control.
And all this functions are blocked.

Or do they use any special tricks to prevent the blocking ?
07/04/2009 00:28 meilleur#4
Quote:
Originally Posted by Gertos View Post
hmmm, the function look like the normal API
Yes I noticed that in the code source, I dont think will work without bypass :(
maybe someone can try it, I havn't rappelz in my hands
07/04/2009 05:41 Night Dragon#5
Well that's ok if it doesn't work.. there will be a bot out soon. Altaric2 has helped me with my roadblock and he is working on a bot as well so either one of us will be releasing one soon.
07/04/2009 05:59 urn357#6
Quote:
Originally Posted by Night Dragon View Post
Well that's ok if it doesn't work.. there will be a bot out soon. Altaric2 has helped me with my roadblock and he is working on a bot as well so either one of us will be releasing one soon.
Awesome..I take that as an update Night..lol
07/04/2009 12:26 groovie1#7
lol urn :) Greaaattt ND :)

Did you already tryied to use a rootkit for bypass GameGuard ?

I wanted do it, but i dont have any test comp. atm =/

Otherwise, Pinnacle working like a charm =)
07/04/2009 18:04 meilleur#8
Quote:
Originally Posted by groovie1 View Post
lol urn :) Greaaattt ND :)

Did you already tryied to use a rootkit for bypass GameGuard ?

I wanted do it, but i dont have any test comp. atm =/

Otherwise, Pinnacle working like a charm =)
maybe set a fake server and update gg to old , what is the oldest version rappelz have used? or we can use any old version?
07/04/2009 18:11 Night Dragon#9
Quote:
Originally Posted by meilleur View Post
maybe set a fake server and update gg to old , what is the oldest version rappelz have used? or we can use any old version?
Yeah I tried emulating GG with Apache webserver but the farthest back in GG revisions you can go is 10 versions old or it doesn't work.. so in the end I felt it wasn't worth the time since GG likes to roll out updates often enough.

@groovie1: Haven't tried a rootkit to bypass GG because I don't know enough about rootkits yet. Besides, GG is much like a rootkit itself. Do you think that using a rootkit to defeat a rootkit could work?
07/04/2009 18:19 meilleur#10
Quote:
Originally Posted by Night Dragon View Post
Yeah I tried emulating GG with Apache webserver but the farthest back in GG revisions you can go is 10 versions old or it doesn't work.. so in the end I felt it wasn't worth the time since GG likes to roll out updates often enough.
I tried to decrypt the .ini this morning to find server but without result,I know that we need 2 key to decrypt file ini and des, I think I have found them by using Hex workshop but how to use them?
07/04/2009 18:27 Night Dragon#11
Quote:
Originally Posted by meilleur View Post
I tried to decrypt the .ini this morning to find server but without result,I know that we need 2 key to decrypt file ini and des, I think I have found them by using Hex workshop but how to use them?
Here is the Rappelz US INI and CFG files decrypted:

Code:
INI:

[GAMEMON]
GAME_NAME=RappelzUS
UPDATE_SERVER=nprotect.gpotato.com
UPDATE_PATH=/nProtect/GameGuard/RealServer/
BACKUP_SERVER=
BACKUP_PATH=
OPTION_VALUE=0
SPEEDCHECK_INTERVAL=1000
GAMECRC=1
USE_GGSCAN=1
LOG_SERVER=211.233.43.45
SENDERRLOG=2


CFG:

[GAME]
GAME_NAME=RappelzUS
SENDERL=1

[FILE101]
DESCRIPTION=nProtect GameGuard Engine
FILENAME=GameMon.npz
REALFILENAME=GameMon.des
DESTINATION={appgg}
VERSION=2008.10.29.1
CRC32=869723454
OPTION=0

[FILE102]
DESCRIPTION=nProtect GameGuard Engine
FILENAME=npgg9x.npz
REALFILENAME=npgg9x.des
DESTINATION={appgg}
VERSION=2008.8.28.1
CRC32=4142835861
OPTION=0

[FILE103]
DESCRIPTION=nProtect GameGuard Engine
FILENAME=npggNT.npz
REALFILENAME=npggNT.des
DESTINATION={appgg}
VERSION=2008.11.6.1
CRC32=4082795929
OPTION=0

[FILE104]
DESCRIPTION=nProtect GameGuard Engine
FILENAME=npsc.npz
REALFILENAME=npsc.des
DESTINATION={appgg}
VERSION=2008.10.17.1
CRC32=2587108299
OPTION=0

[FILE105]
DESCRIPTION=nProtect GameGuard Engine
FILENAME=nppt9x.npz
REALFILENAME=nppt9x.vxd
DESTINATION={sys}
VERSION=
CRC32=317793346
OPTION=0
NOAUTH=1

[FILE106]
DESCRIPTION=nProtect GameGuard Engine
FILENAME=npptNT2.npz
REALFILENAME=npptNT2.sys
DESTINATION={sys}
VERSION=2005.1.5.1
CRC32=3155204954
OPTION=0
NOAUTH=1

[FILE107]
DESCRIPTION=nProtect GameGuard Engine
FILENAME=RappelzUS.npz
REALFILENAME=RappelzUS.ini
DESTINATION={appgg}
VERSION=
CRC32=647524985
OPTION=0

[FILE108]
DESCRIPTION=nProtect GameGuard Engine
FILENAME=Splash.npz
REALFILENAME=Splash.jpg
DESTINATION={appgg}
VERSION=
CRC32=2971505257
OPTION=0
NOAUTH=1

[FILE109]
DESCRIPTION=nProtect GameGuard Engine
FILENAME=ggscan.npz
REALFILENAME=ggscan.des
DESTINATION={appgg}
VERSION=2007.1.4.1
CRC32=743185152
OPTION=0

[FILE110]
DESCRIPTION=nProtect GameGuard Engine
FILENAME=GameGuard.npz
REALFILENAME=GameGuard.des
DESTINATION={appgg}
VERSION=2008.10.9.1
CRC32=73712318
OPTION=0

[FILE111]
DESCRIPTION=nProtect GameGuard Engine
FILENAME=npgmup.npz
REALFILENAME=npgmup.des
DESTINATION={appgg}
VERSION=2008.9.5.1
CRC32=392531468
OPTION=0
[FILE112]
DESCRIPTION=nProtect GameGuard Engine
FILENAME=TeCtrl.dll.npz
REALFILENAME=TeCtrl.dll
DESTINATION={commonty}
VERSION=2007.11.28.0
CRC32=713920901
OPTION=1
NOAUTH=1
[FILE113]
DESCRIPTION=nProtect GameGuard Engine
FILENAME=tyav32.dll.npz
REALFILENAME=tyav32.dll
DESTINATION={commonty}
VERSION=2008.6.30.0
CRC32=868374099
OPTION=1
NOAUTH=1
[FILE114]
DESCRIPTION=nProtect GameGuard Engine
FILENAME=TYAVP_000.npz
REALFILENAME=TYAVP_000.bin
DESTINATION={commonty}
VERSION=2008.06.30.00
CRC32=1002723047
OPTION=1
NOAUTH=1
[FILE115]
DESCRIPTION=nProtect GameGuard Engine
FILENAME=TYAVP_001.npz
REALFILENAME=TYAVP_001.bin
DESTINATION={commonty}
VERSION=
CRC32=2951889252
OPTION=1
NOAUTH=1
[FILE116]
DESCRIPTION=nProtect GameGuard Engine
FILENAME=TYAVP_002.npz
REALFILENAME=TYAVP_002.bin
DESTINATION={commonty}
VERSION=
CRC32=984643044
OPTION=1
NOAUTH=1
[FILE117]
DESCRIPTION=nProtect GameGuard Engine
FILENAME=TYAVP_003.npz
REALFILENAME=TYAVP_003.bin
DESTINATION={commonty}
VERSION=
CRC32=51465540
OPTION=1
NOAUTH=1
[FILE118]
DESCRIPTION=nProtect GameGuard Engine
FILENAME=TYAVP_004.npz
REALFILENAME=TYAVP_004.bin
DESTINATION={commonty}
VERSION=
CRC32=2554135690
OPTION=1
NOAUTH=1
[FILE119]
DESCRIPTION=nProtect GameGuard Engine
FILENAME=TYAVP_005.npz
REALFILENAME=TYAVP_005.bin
DESTINATION={commonty}
VERSION=
CRC32=362524108
OPTION=1
NOAUTH=1
[FILE120]
DESCRIPTION=nProtect GameGuard Engine
FILENAME=TYAVP_006.npz
REALFILENAME=TYAVP_006.bin
DESTINATION={commonty}
VERSION=
CRC32=1176384015
OPTION=1
NOAUTH=1
[FILE121]
DESCRIPTION=nProtect GameGuard Engine
FILENAME=TYAVP_007.npz
REALFILENAME=TYAVP_007.bin
DESTINATION={commonty}
VERSION=
CRC32=1515698260
OPTION=1
NOAUTH=1
[FILE122]
DESCRIPTION=nProtect GameGuard Engine
FILENAME=TYAVP_008.npz
REALFILENAME=TYAVP_008.bin
DESTINATION={commonty}
VERSION=
CRC32=173037933
OPTION=1
NOAUTH=1
[FILE123]
DESCRIPTION=nProtect GameGuard Engine
FILENAME=TYAVP_009.npz
REALFILENAME=TYAVP_009.bin
DESTINATION={commonty}
VERSION=
CRC32=1118868415
OPTION=1
NOAUTH=1
So there it is.. good luck!

And if this helped you.. you know where the Thanks button is!
07/04/2009 18:33 meilleur#12
Quote:
Originally Posted by Night Dragon View Post
Here is the Rappelz US INI and CFG files decrypted:

Code:
INI:

[GAMEMON]
GAME_NAME=RappelzUS
UPDATE_SERVER=nprotect.gpotato.com
UPDATE_PATH=/nProtect/GameGuard/RealServer/
BACKUP_SERVER=
BACKUP_PATH=
OPTION_VALUE=0
SPEEDCHECK_INTERVAL=1000
GAMECRC=1
USE_GGSCAN=1
LOG_SERVER=211.233.43.45
SENDERRLOG=2


CFG:

[GAME]
GAME_NAME=RappelzUS
SENDERL=1

[FILE101]
DESCRIPTION=nProtect GameGuard Engine
FILENAME=GameMon.npz
REALFILENAME=GameMon.des
DESTINATION={appgg}
VERSION=2008.10.29.1
CRC32=869723454
OPTION=0

[FILE102]
DESCRIPTION=nProtect GameGuard Engine
FILENAME=npgg9x.npz
REALFILENAME=npgg9x.des
DESTINATION={appgg}
VERSION=2008.8.28.1
CRC32=4142835861
OPTION=0

[FILE103]
DESCRIPTION=nProtect GameGuard Engine
FILENAME=npggNT.npz
REALFILENAME=npggNT.des
DESTINATION={appgg}
VERSION=2008.11.6.1
CRC32=4082795929
OPTION=0

[FILE104]
DESCRIPTION=nProtect GameGuard Engine
FILENAME=npsc.npz
REALFILENAME=npsc.des
DESTINATION={appgg}
VERSION=2008.10.17.1
CRC32=2587108299
OPTION=0

[FILE105]
DESCRIPTION=nProtect GameGuard Engine
FILENAME=nppt9x.npz
REALFILENAME=nppt9x.vxd
DESTINATION={sys}
VERSION=
CRC32=317793346
OPTION=0
NOAUTH=1

[FILE106]
DESCRIPTION=nProtect GameGuard Engine
FILENAME=npptNT2.npz
REALFILENAME=npptNT2.sys
DESTINATION={sys}
VERSION=2005.1.5.1
CRC32=3155204954
OPTION=0
NOAUTH=1

[FILE107]
DESCRIPTION=nProtect GameGuard Engine
FILENAME=RappelzUS.npz
REALFILENAME=RappelzUS.ini
DESTINATION={appgg}
VERSION=
CRC32=647524985
OPTION=0

[FILE108]
DESCRIPTION=nProtect GameGuard Engine
FILENAME=Splash.npz
REALFILENAME=Splash.jpg
DESTINATION={appgg}
VERSION=
CRC32=2971505257
OPTION=0
NOAUTH=1

[FILE109]
DESCRIPTION=nProtect GameGuard Engine
FILENAME=ggscan.npz
REALFILENAME=ggscan.des
DESTINATION={appgg}
VERSION=2007.1.4.1
CRC32=743185152
OPTION=0

[FILE110]
DESCRIPTION=nProtect GameGuard Engine
FILENAME=GameGuard.npz
REALFILENAME=GameGuard.des
DESTINATION={appgg}
VERSION=2008.10.9.1
CRC32=73712318
OPTION=0

[FILE111]
DESCRIPTION=nProtect GameGuard Engine
FILENAME=npgmup.npz
REALFILENAME=npgmup.des
DESTINATION={appgg}
VERSION=2008.9.5.1
CRC32=392531468
OPTION=0
[FILE112]
DESCRIPTION=nProtect GameGuard Engine
FILENAME=TeCtrl.dll.npz
REALFILENAME=TeCtrl.dll
DESTINATION={commonty}
VERSION=2007.11.28.0
CRC32=713920901
OPTION=1
NOAUTH=1
[FILE113]
DESCRIPTION=nProtect GameGuard Engine
FILENAME=tyav32.dll.npz
REALFILENAME=tyav32.dll
DESTINATION={commonty}
VERSION=2008.6.30.0
CRC32=868374099
OPTION=1
NOAUTH=1
[FILE114]
DESCRIPTION=nProtect GameGuard Engine
FILENAME=TYAVP_000.npz
REALFILENAME=TYAVP_000.bin
DESTINATION={commonty}
VERSION=2008.06.30.00
CRC32=1002723047
OPTION=1
NOAUTH=1
[FILE115]
DESCRIPTION=nProtect GameGuard Engine
FILENAME=TYAVP_001.npz
REALFILENAME=TYAVP_001.bin
DESTINATION={commonty}
VERSION=
CRC32=2951889252
OPTION=1
NOAUTH=1
[FILE116]
DESCRIPTION=nProtect GameGuard Engine
FILENAME=TYAVP_002.npz
REALFILENAME=TYAVP_002.bin
DESTINATION={commonty}
VERSION=
CRC32=984643044
OPTION=1
NOAUTH=1
[FILE117]
DESCRIPTION=nProtect GameGuard Engine
FILENAME=TYAVP_003.npz
REALFILENAME=TYAVP_003.bin
DESTINATION={commonty}
VERSION=
CRC32=51465540
OPTION=1
NOAUTH=1
[FILE118]
DESCRIPTION=nProtect GameGuard Engine
FILENAME=TYAVP_004.npz
REALFILENAME=TYAVP_004.bin
DESTINATION={commonty}
VERSION=
CRC32=2554135690
OPTION=1
NOAUTH=1
[FILE119]
DESCRIPTION=nProtect GameGuard Engine
FILENAME=TYAVP_005.npz
REALFILENAME=TYAVP_005.bin
DESTINATION={commonty}
VERSION=
CRC32=362524108
OPTION=1
NOAUTH=1
[FILE120]
DESCRIPTION=nProtect GameGuard Engine
FILENAME=TYAVP_006.npz
REALFILENAME=TYAVP_006.bin
DESTINATION={commonty}
VERSION=
CRC32=1176384015
OPTION=1
NOAUTH=1
[FILE121]
DESCRIPTION=nProtect GameGuard Engine
FILENAME=TYAVP_007.npz
REALFILENAME=TYAVP_007.bin
DESTINATION={commonty}
VERSION=
CRC32=1515698260
OPTION=1
NOAUTH=1
[FILE122]
DESCRIPTION=nProtect GameGuard Engine
FILENAME=TYAVP_008.npz
REALFILENAME=TYAVP_008.bin
DESTINATION={commonty}
VERSION=
CRC32=173037933
OPTION=1
NOAUTH=1
[FILE123]
DESCRIPTION=nProtect GameGuard Engine
FILENAME=TYAVP_009.npz
REALFILENAME=TYAVP_009.bin
DESTINATION={commonty}
VERSION=
CRC32=1118868415
OPTION=1
NOAUTH=1
So there it is.. good luck!

And if this helped you.. you know where the Thanks button is!
well...I prefere jsut say thank you...no iam kiding I'ill push it, maybe you can tell me how you have done that?
07/04/2009 18:39 Night Dragon#13
Quote:
Originally Posted by meilleur View Post
well...I prefere jsut say thank you...no iam kiding I'ill push it, maybe you can tell me how you have done that?
Sure, its right here: [Only registered and activated users can see links. Click Here To Register...]

Also if you want a good tutorial on the emulation you can check this out:
[Only registered and activated users can see links. Click Here To Register...]
07/04/2009 20:26 groovie1#14
Quote:
Originally Posted by Night Dragon View Post
@groovie1: Haven't tried a rootkit to bypass GG because I don't know enough about rootkits yet. Besides, GG is much like a rootkit itself. Do you think that using a rootkit to defeat a rootkit could work?
I dont know ... that's why i asked ^^

I'll try to tell you why this idea, in english ... should be hard ^^

Few days before my post, i read on the net that GG inject some code in all runing process, to detect macro/bot script, and to block it.
I read too that rootkit can falsify some windows query. Especially the one about running process ... I thought GG probably use this same function to get process list, where inject the code.
And if u can hide a process for GG ... it was my reasoning ^^

Maybe all is wrong, but im interessing about bot and GG recently :), and I try to help as i can

I tryied to edit most of this post with online translater :mofo:
07/04/2009 23:54 Gertos#15
I have tried to hide my old bot with a rootkit.

1. start old bot
2 start rootkit and hide the bot
3. start GG + Rappelz
4. try to send data via SendKey to from bot to rappelz

But I had no success with this way.

GG is modifiying the running programms ... but it does more as well.
It also modifies the running windows software and places there own code into it.
Page 1 of 2 1 2