Wall hack thingy

This shoud be called a 'teleport hack' instead of 'wall hack' really, considering the way it functions, but as wall hack is more well known I will have it be called as such ;)

Well, I was having some fun trying out some things and figured I'd share it with you guys. I know there is already a thread about wall hacks, and I'm not sure whether that one works or not, but for giggles here's mine.

I'll be uploading it in a minute.


edit: alrighty, uploaded it

You basically use the numpad keys 0 - 9 for moving forward, backwars, sideways, diagonally up and down. It works like a compass kinda, so numpad8 is north, numpad9 is northeast, numpad6 is east, etcetera. 5 is up, 0 is down.

It definitely works on PWI. Feel free to try it on other servers though.

Here's a video: XD

I named it Rayden in honour of the awesomeness of Rayden in Mortal Kombat I, popping up behind enemies was just too cool :p

nice, looks like u been busy xD, hows the pack opening going lol

Quote:

Originally Posted by chaosbeta nice, looks like u been busy xD, hows the pack opening going lol

lol, I don't have the coins to buy one :o

So pack opening not going so fast hehe sorry

o lol, do u play pwi, if so which sever

Yeah i do play pwi ever since they shut down ms :p hot chars on most. servers , none high lvl though, only play casually... No cash either lol as i dont bot myself. ;)

OMG, pwning tool for farming high level dungeons. I'll try it on PW-RU.
(hope offests are configurable, because our clients definetely differ alot)

upd: oh, shi... it's w/o sources.... don't want to lurk in it with dizassembler, sorry.

It finds it's own offsets, so might work on other versions also :P

And I don;t mind whther you use it, there's prolly others around also, just sharing it for fun :)

Thanks, but can i ask you a little question?

How safe is this, what kind of "messages" does this send to the server?

I don't want to get banned the first thing i do.. :o

Also, why is it so infected! I think i can trust you but 3 droppers is weird.

[Only registered and activated users can see links. Click Here To Register...]

I don't have a clue why it says it's infected, nor do I know what a dropped trojan is lol. It would be nice if it listed what caused the scanner to think it had that trojan. NOt sure if three detections is a lot out of that list, but yeah it's always use at your own risk of course ;)

edit: all I can find are how to prevent false positives on drug or pregnancy tests zzzz :o

What my program does:
-Show the 'gui' (lol what a fine piece of art it is)
-When you press a numpadKey:
*check if the active window belongs to elementclient.exe
*if it is the first time you press the hotkey while you have a window belonging to elementclient.exe active, it will
1)retrieve the location of the exe
2) load it into memory
3) use regexp to find the baseAddress, SendPacket function address, movePacketCounter offset, moveSpeed offset
*It will then inject opcode into memory for sending movement packets in the direction depending on the button you pressed
*increase your movement counter
*update your location in client to the desired direction

You should be able to replicate this using what i've posted about packetSending over time.

Obviously I've used this tool myself a few times and I haven't gotten banned :D I'm reluctant to post the source code because I'd rather not see it fixed real soon. It's coded in C#, so there might be a decompiler available for that? Or I could explain in more detail how everything works exactly over PM of course so you can code your own lil tool :)

Quote:

Originally Posted by Interest07 I don't have a clue why it says it's infected, nor do I know what a dropped trojan is lol. It would be nice if it listed what caused the scanner to think it had that trojan. NOt sure if three detections is a lot out of that list, but yeah it's always use at your own risk of course ;) edit: all I can find are how to prevent false positives on drug or pregnancy tests zzzz :o What my program does: -Show the 'gui' (lol what a fine piece of art it is) -When you press a numpadKey: *check if the active window belongs to elementclient.exe *if it is the first time you press the hotkey while you have a window belonging to elementclient.exe active, it will 1)retrieve the location of the exe 2) load it into memory 3) use regexp to find the baseAddress, SendPacket function address, movePacketCounter offset, moveSpeed offset *It will then inject opcode into memory for sending movement packets in the direction depending on the button you pressed *increase your movement counter *update your location in client to the desired direction You should be able to replicate this using what i've posted about packetSending over time. Obviously I've used this tool myself a few times and I haven't gotten banned :D I'm reluctant to post the source code because I'd rather not see it fixed real soon. It's coded in C#, so there might be a decompiler available for that? Or I could explain in more detail how everything works exactly over PM of course so you can code your own lil tool :)

I don't have a clue how c # language works, but if you are willing to try i would love to hear how it works! ^-^

What is your preferred language to program in? I can usually adapt quite well :)

Hmmm, apparently my WQ bot is getting 5 false positives :o

And that contains the source code too, to prove they're actually false. SO 3 isn't even a bad score :D

Quote:

Originally Posted by Interest07 Yeah i do play pwi ever since they shut down ms :p hot chars on most. servers , none high lvl though, only play casually... No cash either lol as i dont bot myself. ;)

o lol, if u play lostcity, ill hook ya up with some packs np

nice, new hack finally :D

I wonder why a lot of things are detected as infected nowadays :rolleyes: .

Quote:

Originally Posted by chaosbeta o lol, if u play lostcity, ill hook ya up with some packs np

Hehe, I don;t play on PvP servers :(

Quote:

Originally Posted by Smurfin nice, new hack finally :D I wonder why a lot of things are detected as infected nowadays :rolleyes: .

They prefer to err on the safe side, rather than have people moaning to them something was infected when they didn't detect it. Besides, most programs here (mine included) do use things like readprocessmemory, writeprocessmemory, createremorethread and other fun functions that could be used for bad things I suppose.

The dropper thing is apparently just a name they use when the file is 'suspicious'. As in, they don't know whether it has a virus, but the user is to watch out.