COoperative

~~DeathByMoogles~~ · 02/28/2011, 20:38

Quote:

Originally Posted by hudsonmw

SUGGESTION:

Add monk xp skill to list

1,725 Replies, 62,919 Views, and you don't think that has been suggested before?

Quote:

Originally Posted by londonman

I got botjailed also but it was only the chars I was botting
Here is what I do

1) don't have my main logged on the same comp while botting, I had my main on another comp afk.

2) dont make your botting acct have the same email as ur main.

I did not have gamechecker deleted so thats prob the reason why my two chars got Bj.

Srry for bad grammar on my iPhone

That's one possibility.
Could've been that you didn't change assembly info.

Hero0o · 02/28/2011, 20:41

well u main that all my accounts will be sent to jail? i got my main in botjail
Edit:well i just tried only the account who was using the bot will be sent to botjail i only got botjailed on 1 char

Projekti · 02/28/2011, 20:49

I just Downloaded Conquer online to my other computer, aswell with COoperative, but it doest work with this computer o.O even tho clean client, it says "not loaded" and "failed to attach to client" what could be the problem ?

E/ Problem solved, Runned as Administrator

hudsonmw · 02/28/2011, 20:52

Quote:

Originally Posted by DeathByMoogles

1,725 Replies, 62,919 Views, and you don't think that has been suggested before?

I'm sure there have been more witty comments such as yours compared

Besides that, I searched before posting and only egys with super bad english requested it. I assumed it was overlooked because of that fact

~~DeathByMoogles~~ · 02/28/2011, 20:58

Quote:

Originally Posted by

heya.
i had this program for 2 days and bot a fue hours
today i loged in and only my seller whas online. when this happent.
now my main my seller and my noob is in botjail.
and only my main and noob had botted a fue hours.

i dont know what u mean by gamechecker and where can i find it ??
change assembly info...... wtf is that ?
somebody explain this to me?

any tips to come out of botjail? i send an email to tq that i whaqs innocent and that my seller whas only online, some say conquer screwt up alot of innocent people are inbotjail right now,

or ust pay 2DB ?
hope this will be fixed cause this sucks

This is what made me write my signature.

~~IAmHawtness~~ · 02/28/2011, 21:09

Quote:

Originally Posted by DeathByMoogles

My thoughts:

There's a detection system, whether it be 91GameCheck.exe or a function written in the actual client itself, and what it does it scans the running processes, and looks for known bots (Bot.exe with the description "CoBot", COoperative.exe with the description "Ventrilo") and if detected, it automatically raises a flag, and a notification is sent to TQ with the IP address of the computer, and all currently logged in accounts. Then, the accounts currently logged in are all sent to botjail without question, and the IP address is monitored over the next 24 hours or so to see what other accounts are logged in, and they too are botjailed.

I may be wrong, that's just how I assume they are doing it.
Probably isn't 100% accurate but it's a good starting place for anti-detection methods to blossom from.

I'm pretty sure NdSafeDll.dll has something to do with their anti-cheat system too. People might want to delete that too.

Sunnie · 02/28/2011, 21:10

Quote:

Originally Posted by DeathByMoogles

This is what made me write my signature.

Haha, i was just about to type that

DBM, i have respect for u

U really helped me out in this thread

And i'll thank u for each post

~~DeathByMoogles~~ · 02/28/2011, 21:11

Quote:

Originally Posted by IAmHawtness

I'm pretty sure NdSafeDll.dll has something to do with their anti-cheat system too. People might want to delete that too.

Code:

005864FE  |. 8B35 4C917D00  MOV ESI,DWORD PTR DS:[<&KERNEL32.GetProc>;  kernel32.GetProcAddress
00586504  |. 68 CC5B8B00    PUSH Conquer.008B5BCC                    ; /ProcNameOrOrdinal = "ScanFile"
00586509  |. 57             PUSH EDI                                 ; |hModule
0058650A  |. FFD6           CALL ESI                                 ; \GetProcAddress
0058650C  |. 68 C05B8B00    PUSH Conquer.008B5BC0                    ; /ProcNameOrOrdinal = "CheckFile"
00586511  |. 57             PUSH EDI                                 ; |hModule
00586512  |. 8945 FC        MOV DWORD PTR SS:[EBP-4],EAX             ; |
00586515  |. FFD6           CALL ESI                                 ; \GetProcAddress

Nope, nothing to do at all with anti-cheat.
You could hook into it and NOP the scan function.

Quote:

Originally Posted by Sunnie

Haha, i was just about to type that

DBM, i have respect for u U really helped me out in this thread
And i'll thank u for each post

Thanks, I appreciate that.

~~DeathByMoogles~~ · 02/28/2011, 21:22

Quote:

Originally Posted by

Okej this isnt what i askt for and i aint a clueless noob.
i found gamecheck.
do i need to delete the whole map where it is sitting in ? or only gamecheck.
still dont know what change assembly info means, and DBM u aint helping.

btw iamhawntness good program exept for the botjail part.

You sir, are infact, a clueless noob.

~~IAmHawtness~~ · 02/28/2011, 21:25

Quote:

Originally Posted by DeathByMoogles

Nope, nothing to do at all with anti-cheat.

Hmm, I haven't really looked into the whole anit-cheat system at all since I've never had to. I guess I'll check it out tomorrow

~~DeathByMoogles~~ · 02/28/2011, 21:35

Quote:

Originally Posted by IAmHawtness

Hmm, I haven't really looked into the whole anit-cheat system at all since I've never had to. I guess I'll check it out tomorrow

You think NOP'ing the function in NdSafeDll.dll would work?
I think it's 5 bytes.

Code:

00586504  |. 68 CC5B8B00    PUSH Conquer.008B5BCC      ; /ProcNameOrOrdinal = "ScanFile"

So then...

Code:

memcpy((LPVOID)0x00586504,"/x90/x90/x90/x90/x90",5)

That may not be right.
I'm not 100% sure how many bytes that address is.
68 CC5B8B00
That's 5 right?
68 = 1, CC = 1, 5B = 1, 8B = 1, and 00 = 1 right?
1+1+1+1+1=5

Write a hook in the .exe and have it do that.

raplost · 02/28/2011, 22:07

Quote:

Originally Posted by DeathByMoogles

My thoughts:

There's a detection system, whether it be 91GameCheck.exe or a function written in the actual client itself, and what it does it scans the running processes, and looks for known bots (Bot.exe with the description "CoBot", COoperative.exe with the description "Ventrilo") and if detected, it automatically raises a flag, and a notification is sent to TQ with the IP address of the computer, and all currently logged in accounts. Then, the accounts currently logged in are all sent to botjail without question, and the IP address is monitored over the next 24 hours or so to see what other accounts are logged in, and they too are botjailed.

I may be wrong, that's just how I assume they are doing it.
Probably isn't 100% accurate but it's a good starting place for anti-detection methods to blossom from.

Hm, if they detect botter for their IPs, there's a way to change it or not? Idk, maybe using No-Ip, just wondering !

~~DeathByMoogles~~ · 02/28/2011, 22:23

Quote:

Originally Posted by raplost

Hm, if they detect botter for their IPs, there's a way to change it or not? Idk, maybe using No-Ip, just wondering !

Lol, are you retarded?

No-Ip is not a proxy, It's a DUC (Dynamic Update Client).

Here's what it does, in a nutshell.

Your IP = 97.0.0.1
Application "A" needs to connect to your IP in order to function properly.
Unfortunately, you do not have a static IP, so tomorrow your IP might be 97.0.0.3.

When you run the No-IP DUC, it uses a static hostname ("raplost.no-ip.biz", for example) that fowards to your dynamic IP.

Here's an example:

WITHOUT DUC:
Day 1 -
Application "A" Attempts to connect to - 97.0.0.1
Your IP - 97.0.0.1
Connection - Successful
Day 2 -
Application "A" Attempts to connect to - 97.0.0.1
Your IP - 97.0.0.3
Connection - Unsuccessful
Day 3 -
Application "A" Attempts to connect to - 97.0.0.1
Your IP - 97.0.0.7
Connection - Unsuccessful

WITH DUC:
Day 1 -
Application "A" Attempts to connect to - raplost.no-ip.biz
raplost.no-ip.biz = 97.0.0.1
Your IP - 97.0.0.1
Connection - Successful
Day 2 -
Application "A" Attempts to connect to - raplost.no-ip.biz
raplost.no-ip.biz = 97.0.0.3
Your IP - 97.0.0.3
Connection - Successful
Day 3 -
Application "A" Attempts to connect to - raplost.no-ip.biz
raplost.no-ip.biz = 97.0.0.7
Your IP - 97.0.0.7
Connection - Successful

If you want to avoid them getting your IP, possible programs you could use include:
Tor
Proxifier
Hotspot Shield

sarariu · 02/28/2011, 22:26

i may be wrong but not so long ago zftqat folder , tqwea.dll , and some functions in conquer.exe were used to prevent botting and getting u botjailed.maybe some of that is still active.
IAW the bot is awsome and by far the best free bot.you could put a link to sharecash or cpalead for survey download for the ppl who want to support u.

~~DeathByMoogles~~ · 02/28/2011, 22:34

Quote:

Originally Posted by sarariu

i may be wrong but not so long ago zftqat folder , tqwea.dll , and some functions in conquer.exe were used to prevent botting and getting u botjailed.maybe some of that is still active.
IAW the bot is awsome and by far the best free bot.you could put a link to sharecash or cpalead for survey download for the ppl who want to support u.

I wouldn't mind a sharecash link.
Martin deserves it.
I have sharecash downloaders though, lol.

Also, whatever happened to this COOperative?