Beware bot users read this

NateLawliet · 01/24/2011, 12:37

Hahaha as I suspected.

hiiro · 01/24/2011, 13:21

Quote:

Originally Posted by Inathero

Just tested those addys and they don't work. The correct addys are:

password: Game.exe+AD4D58
username: Game.exe+AD4CD8

Those must be the addresses for the International BoI Client. What I posted on the first page were for the Philippine BoI Client. Were you using the International Client when you found those address? If you did I will add them to the first post so people know about them.

Inathero · 01/24/2011, 23:57

Quote:

Originally Posted by hiiro

Those must be the addresses for the International BoI Client. What I posted on the first page were for the Philippine BoI Client. Were you using the International Client when you found those address? If you did I will add them to the first post so people know about them.

Yep, that's international addys.

Also safety lock seems to be not saved in the game raw, so as long as a person uses safety lock on everything (like myself) there will be no worries in the event someone hijacks the account

Typed this on phone

kulas2k2 · 01/25/2011, 11:31

a game that includes password and username on its offsets... the game is so easy to play and looks like it easy to get hacked if the bot developer is Evilllll.... XD

My420Time · 08/02/2011, 23:39

So, this is still very much a huge issue. Tested today to see if they had fixed this and they haven't. With that said be very careful who you trust and what programs you run. You can look at these values at any point not just during the initial log on. Even if your running the program in a sandbox if it is able to attach to the game it is very much able to send your information off.

Cylith · 08/03/2011, 00:55

Quote:

Originally Posted by hiiro

I mailed heero from openkore.com and he told me that Battle of Immortals has a serious flaw, It stores your username and password in memory in raw format and not encrypted. Since I was playing BoI PH I told him to show me so he gave me these memory addresses and asked me to use Cheat Engine.

Philippine BoI Client Address:
---------------------------
For Username
Address: game.exe+A3DDA8
Type: Text
No. of Characters: 30
Unicode: unchecked

For Password
Address: game.exe+A3DE28
Type: Text
No. of Characters: 30
Unicode: unchecked

These are the locations he told me you can try checking them yourself.

So before using any bots always ask yourself if you can trust the makers of that bot or not. Just a warning for others thats all, I dont want anyone to flame me but I just had to put this out in the open.

Edit added International Addresses (thanks Inathero)::

Internation BoI Client Address
---------------------------
For Username
Address: Game.exe+AD4CD8
Type: Text
No. of Characters: 30
Unicode: unchecked

For Password
Address: Game.exe+AD4D58
Type: Text
No. of Characters: 30
Unicode: unchecked

A bot can be detected only if have direct relation with the game.That
means that the bot create log files that can be sended or dll that hook & cant release the game until the game close down.Then yes,that bot is detectable.But if simulate the keys with the bot & run the bot as normal application,without the bot creating anything in your computer,exept its
own process (if need more security,rename the bot as...torrent.exe) no need to worry about.After all ,that we all do when open the client.Pressing buttons.How can be detected a bot that simulate my fingers on the keyboard? It cant......

My420Time · 08/03/2011, 01:08

Quote:

Originally Posted by Cylith

A bot can be detected only if have direct relation with the game.That
means that the bot create log files that can be sended or dll that hook & cant release the game until the game close down.Then yes,that bot is detectable.But if simulate the keys with the bot & run the bot as normal application,without the bot creating anything in your computer,exept its
own process (if need more security,rename the bot as...torrent.exe) no need to worry about.After all ,that we all do when open the client.Pressing buttons.How can be detected a bot that simulate my fingers on the keyboard? It cant......

You completely missed the point of this thread. It has nothing to do with Perfect World detecting that your using a bot but instead of how they programmed certain things, such as leaving your username and password in memory in clear text.

Cylith · 08/03/2011, 01:39

Quote:

Originally Posted by My420Time

You completely missed the point of this thread. It has nothing to do with Perfect World detecting that your using a bot but instead of how they programmed certain things, such as leaving your username and password in memory in clear text.

Am i?....Really? take a look at theese

" So before using any bots always ask yourself if you can trust the makers of that bot or not. Just a warning for others thats all, I dont want anyone to flame me but I just had to put this out in the open. "

" True but at least some bot coders release their source code (btw I admire your work since you also release your source unlike others).

Other bot makers here hardly release their code out of fear it might get stolen now that this flaw is know perhaps they will also release their code for verification. Either way its all up to the end user if he trusts guys that dont release source code. "

" Lemme understand abit please and sorry if im wrong.
Bot makers can find out our account/password from BOI ? "

" Yes, the problem here is that the BoI Client stores your username password in raw format on your computers memory. like this "myusername mypassword" and anyone can just READ that memory address and send those values out.

Since most bots here are precompiled EXE's I figured I should post this to warn users of such flaws. Don't get me wrong I am not saying that the bot programmers here do this since I have close to zero knowledge when it comes to decompiled programs but it still leaves the question "Can my account be hacked?" "

The half topic is for bots & bot creators.So i say that cant be detected a bot that leaving no traces in pc & not hook the client itself & that means that have more secure function for the user.If still think that maybe infos gonna send out from the bot that use,set the firewall to block the traffic for the bot...in & out too.....

Inathero · 08/03/2011, 01:45

Apparently you can not use your higher cognitive functions in your brain to understand what this topic is about.

We are saying that when you log into your client, PWE saves the user name and password in plain text and it is very easy to extract it. So becareful of what bots, or other programs, you download since it's very easy to extract it.

That's what that person's saying. I know you're saying that your bot uses only key presses and stuff, but that's not the issue. Also, to let you know, your bot is programmed in AutoIt. In AutoIt, you can use readprocessmemory to read data from the game. That allows you to read and extract the player's username and password. So no matter what, the possibility is still there to have your user and pass stolen.

Now if you are so dull and you can not understand what I wrote, read the last 3 quotes you quoted

"Bot makers can find out our account/password from BOI ?"

"Yes, the problem here is that the BoI Client stores your username password in raw format on your computers memory. like this "myusername mypassword" and anyone can just READ that memory address and send those values out."

""Can my account be hacked?""

That's what the main purpose of this thread is. If you are still confused, please do express.

Also why he's saying "bots" all the time is because the main program you download for boi are bots. The only other program you can download is basically a speedhack, but the majority and most common programs are bots, hence why the person said "bot".

Cylith · 08/03/2011, 01:56

"That's what that person's saying. I know you're saying that your bot uses only key presses and stuff, but that's not the issue. Also, to let you know, your bot is programmed in AutoIt. In AutoIt, you can use readprocessmemory to read data from the game. That allows you to read and extract the player's username and password. So no matter what, the possibility is still there to have your user and pass stolen."

Cant be stolen password from the bot that NOT hook the client.My bot use the active window to send signals to the keys for its function,simulating the same way we hit the keys.That means ,if minimize the client,the bot is " blind" & can "see" again when select again the game as active window.But the same actions we do when we not use bot.Open the client & using the keyboard....For the readprocessmemory
of AutoIt,i doubt because the 95% of its cycle the bot is under "sleep"command.It opens to send the signal & again falling to sleep......as all loops do.....

Inathero · 08/03/2011, 02:01

ffs. apparently you're still not understanding

Just to let you know, you're not the center of the universe. There are other people and other programs out there like the xAuto team, LiveDown team, and My420Time.

People use those bots. Those bots are very advanced and read data from the game to determine what events to do, instead of blindly pressing keys in a loop.

Most bots, and people who have any knowledge in programming, work like this as it's a very superior method to what you're doing with the blind clicking

Also, DLL inject is easy to see and notice that the program hooks onto the client, but using a simple win32 api such as ReadProcessMemory, there is no such detection and it is hard to block it from hooking on the game unless the game itself hooks that API, which this one doesn't. Therefore it is easy to access the user and pass.

I know you're trying to promote and advertise your bot, but like I said, your bot isn't the only one out there, there are ALOT more bots out there that people use. And the majority of the bots use readprocessmemory to make the bot "smart" to know what to do.

Cylith · 08/03/2011, 02:21

Quote:

Originally Posted by Inathero

ffs. apparently you're still not understanding

Just to let you know, you're not the center of the universe. There are other people and other programs out there like the xAuto team, LiveDown team, and My420Time.

People use those bots. Those bots are very advanced and read data from the game to determine what events to do, instead of blindly pressing keys in a loop.

Most bots, and people who have any knowledge in programming, work like this as it's a very superior method to what you're doing with the blind clicking

Also, DLL inject is easy to see and notice that the program hooks onto the client, but using a simple win32 api such as ReadProcessMemory, there is no such detection and it is hard to block it from hooking on the game unless the game itself hooks that API, which this one doesn't. Therefore it is easy to access the user and pass.

I know you're trying to promote and advertise your bot, but like I said, your bot isn't the only one out there, there are ALOT more bots out there that people use. And the majority of the bots use readprocessmemory to make the bot "smart" to know what to do.

while 1 =1
Sleep(4500)
Send("{Tab}",0)
Sleep(850)
Send("1",0)
Sleep(7000)
WEnd

Where is the readprocessmemory to that script?????
Even without compile it,can run it while have open the AutoIt & works.......

Inathero · 08/03/2011, 02:22

See, you proven my point that you think you're the only bot maker in the world.

The purpose of this post is to say that your username and password isn't hidden in boi and can be easily extracted.

Are you so dull that you can not understand that? Or are you so egocentric that you believe the person who created this post is talking only about your bot? Please do answer, I am indeed curious at your inability to understand this simple concept =\

Cylith · 08/03/2011, 02:32

Quote:

Originally Posted by Inathero

See, you proven my point that you think you're the only bot maker in the world.

The purpose of this post is to say that your username and password isn't hidden in boi and can be easily extracted.

Are you so dull that you can not understand that? Or are you so egocentric that you believe the person who created this post is talking only about your bot? Please do answer, I am indeed curious at your inability to understand this simple concept =\

You mention the readprocessmemory & i just give you an example of a non-readprocessmemory ,7 line,simple bot........

" True but at least some bot coders release their source code (btw I admire your work since you also release your source unlike others). "
That include & me in.......so yes,it speak for me too......

Inathero · 08/03/2011, 02:37

K so you're both dull and egocentric, what an amazing combo.

Anyways, I'll end my argument talking to any user who happens to be reading on this.

Be careful of what programs you download for BoI. Your user information is broad daylight and very easy to be stolen. So just be careful, don't download anything a user with like 5 posts wants to give out, because there is a higher risk of that program being a stealer.

So good luck, be careful, and have fun ^^.

And yes, there have been cases where a person's user and pass was stolen in this method ( I know a couple friends that had this happen to them ) So i'm not making all this stuff up.