[Discussion] Dll Hooking and AutoITX

So... I'm not sure if this is the proper place to discuss such a topic, but I've been stalking and every now and then I see a glimmer of intellect amongst this group.

If any of you have used AutoITX (the COM/DLL interface to AutoIT), I'm sure you know that you can program using just about any language that supports COM programming, or DLL imports, which is a rather large group of languages.

Now, please excuse me if I say something completely wrong, as this is not my field of expertise (actually, programming, in general, is not my field of expertise, but let's ignore that for now).

The issue that many/most of us have when trying to write bots/mod/hack Mabinogi is the inability to directly access Mabinogi's API. Through use of a disassembler, we can see the public functions in the various DLLs that Mabinogi links to. Having access to these functions, in my opinion, will make modding/botting a lot easier, especially for writing the "Game-breaking" mods. It is my understanding that Mabipake is based on this premise, although I could very well be wrong. However, because Mabipake is semi-public, and finding the right mods for Mabipake isn't trivial, I have little faith in its longevity; I would prefer a homebrew solution. I was wondering if anyone else has had this thought, or has meaningful insight to add.

Odds are I don't know nearly enough about the inner workings of DLL injections, among other topics, to make this happen, but I'm always interested in learning.

So... I'd like to open up the floor to discussions about this topic. If you don't have anything meaningful to say, please don't say it. (Things such as "Can you give me your mods" would not constitute meaningful).

Kthx.

When you hook a program to the client it gets detected as a game hack and the client shuts down. the best bet would be to unpack themida and bypass hackshield then go in and use mabipake and pake mods

From my interpretation you basically want to create an English version of mabipake that would make it simpler for the NA community to create botting similar to mabipake mods correct?

Interesting, now for my two cents.

Quote:

The issue that many/most of us have when trying to write bots/mod/hack Mabinogi is the inability to directly access Mabinogi's API.

That's not 100% true. With IDA we can see how the functions work. Using C++, GetProcAddress works just about as well in a way to call the function. The main problem is that practical uses of the API are limited from what I've seen.

Let's look at the sample source for pake mods included in the mabipake archive.

You can see here how the mabipake function is called. The mabinogi API SHOULD be able to be used similarly.

Really dude?

Injections are the same thing as loading a dll into the memory, like how mabipake is loaded by client.exe due to being a dinput8.dll proxy.

Anyways, this thread is about dll hooking, not mabipake or bypasses.

Quote:

Originally Posted by Huynh. From my interpretation you basically want to create an English version of mabipake that would make it simpler for the NA community to create botting similar to mabipake mods correct?

In essence, this is what the end result would more or less be. However, the way HS detects hooks is interesting to me. What is it that makes it possible for certain applications (fastcook, most notably), to hook Mabi without being detected? Does fastcook do anything stealthy? I don't know.

I'm just throwing ideas out there. I won't lie, there's no way I can write something as practical and powerful as mabipake. I just feel like there's more talent in the community than is being exploited (or maybe all these exploitations of talent are just beyond the scope of what I can see).

As far as just bypassing HS and using mabipake goes, I'd be all for that, if I could find the mod(s) I was looking for. Maybe one of you has it? If so, I'd be willing to negotiate to get my hands on something, maybe? =D. Anyways, if not, I'm trying to do something that I can use to replicate its functionality... even though I'm quite sure its way beyond the scope of what I'm comfortable with, but what's learning if you never go out of your comfort zone, right? =D

I thought Fastcook was detected? Last time I tried it was a couple months ago. Did something change to make it not-detectable?

Quote:

Originally Posted by shadowsforu I thought Fastcook was detected? Last time I tried it was a couple months ago. Did something change to make it not-detectable?

I don't know, I thought it wasn't. My understanding was that the CRT (CRTX on win7) patch was enough for fastcook to get by.

no... anything that hooks the client is detected

Really? I must be in some sort of fantasy land then since I am using cook on XP pro and a (spits) VISTA system and only 1 XP home system has Failsheild screaming at me. Mind you cook has limited useful functionality but it is good at what it does do well, that is announcements and logging.

that's odd because HS should scream at you no matter...

Quote:

Originally Posted by tbstewa no... anything that hooks the client is detected

That's a lie and you know it.

ok 99% of things that hook get detected

Quote:

Originally Posted by tbstewa ok 99% of things that hook get detected

>_> More lies. I was surprised at my own fallacy yesterday when Fastcook actually went undetected. Now, to emulate Nao timer through Fastcook. Hehehehe.

Quote:

Originally Posted by tbstewa ok 99% of things that hook get detected

Stop saying percentages.

The reason hackshield detects certain things is because it detects THE WAY IT HOOKS. Not just because it hooks, I mean, look at nogiparty, and fantasia...

Hackshield detects things not by HOW IT HOOKS, but how it "looks". It has a database file that contains signatures of things like WPE(/rPE) and Mabipake and perpetually scans the memory for such signatures.

I've hooked tons of my own little creations and none of them were detected only because Hackshield didn't have a signature of it that would mark it as a target.