Issue on DLL hooking to Conquer's Loader

06/04/2016 18:17 amonaptra#1
Hey , I'm trying to hook up a dll into my client's loader so that CSV3config.ini will no longer have use to me . Therefore , Hide my IP and Auth Port from anyone.

I'm having an issue with the pattern[] of the packet processor , I believe that TQ changes it by the time changes.

PHP Code:
BYTE pattern[] = { 0x6c0x320x720x650x760x650x720x730x650x650x6e0x670x690x6e0x650x650x720x690x6e0x67 }; // HINT: read the hex values
    bool wildcards[] = { 000100101111001101};
    PBYTE match = (PBYTE)FindMemoryPattern(patternwildcards19);

    if (match == NULL)
    {
        sprintf(szDebug"failed 1", (DWORD)match);
        MessageBoxA(NULLszDebug"ERROR"MB_OK);
        return;
    } 
However, I get an error "Failed1" while running my loader with the new dll. Which means the FindMemoryPattern() function isn't true because it didnt find any MemoryPattern's attached to my pattern[]. It's probably because my pattern[] or the wildcards[] bool is out of dated or needs to be updated with TQ's latest. I dont have any idea where to find the current working pattern for my DLL to work .

Help is pretty much appreciated , Ty.
06/04/2016 18:25 pro4never#2
I'm not the person to ask regarding dll injection or client side security but trying to 'hide' your servers ip/port is a waste of time. The client still has to connect to it so they can use any network monitor to get the ip/port with essentially 0 effort.

If you're intending this DLL to handle client security or other more advanced functions then more power to you but if the entire point of the project is to hide your server's ip, that's not gonna be a useful thing to do.

I could be wrong but I seem to remember the new patch csv3 loader also overwriting password or auth server encryption so you'd need to do that as well in your loader for it to function.

Best of luck in your project! I'm sure someone else here can offer a bit more direct advice on the DLL side of things.
06/04/2016 18:27 amonaptra#3
Quote:
Originally Posted by pro4never View Post
I'm not the person to ask regarding dll injection or client side security but trying to 'hide' your servers ip/port is a waste of time. The client still has to connect to it so they can use any network monitor to get the ip/port with essentially 0 effort.

If you're intending this DLL to handle client security or other more advanced functions then more power to you but if the entire point of the project is to hide your server's ip, that's not gonna be a useful thing to do.

I could be wrong but I seem to remember the new patch csv3 loader also overwriting password or auth server encryption so you'd need to do that as well in your loader for it to function.

Best of luck in your project! I'm sure someone else here can offer a bit more direct advice on the DLL side of things.
My project's main point isnot to hide my IP and AuthPort ofc , because it could be attained with many other methods. However, I really wanted to expand my client sided security against bots / hacks /speeds etc, or atleast make it sensitive to the most popular speed/botting softwares. I hope someone jumps up with a solution soon .
06/07/2016 11:51 { Angelius }#4
You could search for these instead.
Code:
unsigned char Receive_Bytes[] = { 0x83, 0x4D, 0xFC, 0xFF, 0x8B, 0x4D, 0xF4, 0x64, 0x89, 0x0D, 0x00, 0x00, 0x00, 0x00, 0x59, 0x5F, 0x5E, 0x5B };
unsigned char Send_Bytes[] = { 0x8D, 0x46, 0x04, 0x0F, 0xB7, 0x08, 0x51, 0x50 };
That's if you know wtf you are doing of-course.
06/08/2016 20:00 amonaptra#5
Quote:
Originally Posted by { Angelius } View Post
You could search for these instead.
Code:
unsigned char Receive_Bytes[] = { 0x83, 0x4D, 0xFC, 0xFF, 0x8B, 0x4D, 0xF4, 0x64, 0x89, 0x0D, 0x00, 0x00, 0x00, 0x00, 0x59, 0x5F, 0x5E, 0x5B };
unsigned char Send_Bytes[] = { 0x8D, 0x46, 0x04, 0x0F, 0xB7, 0x08, 0x51, 0x50 };
That's if you know wtf you are doing of-course.
I've a poor knowledge with C++. So, literally , I dont know if replacing my pattern[] with Receive_Bytes[] will fix it or not . If you can clarify some stuff for me , It'd be great.
06/08/2016 20:39 melon123#6
pm me i think i could help u