The Official BJX Work Thread

[Cryptic]

Quote:

Originally posted by ededdyedwardo+Aug 18 2005, 05:49--></span><table border='0' align='center' width='95%' cellpadding='3' cellspacing='1'><tr><td>QUOTE (ededdyedwardo @ Aug 18 2005, 05:49)</td></tr><tr><td id='QUOTE'> <!--QuoteBegin--luddo9@Aug 17 2005, 23:16
Noobs lvl 1-5
Chicken lvling

lol funny. Hey that could be useful for finding PK tickets and selling them at 6k. Or, it could be for the really LAZY players who can't wait for 20 minutes. [/b][/quote]
Do you guys, not only eddy, understand that this is not a thread for you to come and chat in? It's a files only thread. And some more important/talented people can post very very specific questions. Otherwise, take it to PM.

[recoiled]

Quote:

Originally posted by mojoed+Aug 18 2005, 11:08--></span><table border='0' align='center' width='95%' cellpadding='3' cellspacing='1'><tr><td>QUOTE (mojoed @ Aug 18 2005, 11:08)</td></tr><tr><td id='QUOTE'><!--QuoteBegin--recoiled@Aug 18 2005, 09:19
Outbound TCP connection
Remote address,service is (69.59.185.108,5816)
Process name is "C:&#092;Documents and Settings&#092;Owner&#092;My Documents&#092;My Downloads&#092;bjx1.1&#092;bjx1.1&#092;cfye_epvp_l oco.exe"

this so called patch doesnt stop our passwords being sent out.
its just sends them to another persons computer.
morons.
atlease his statement is true.
it doesnt reach the bjx server.... just his

hmmm lets see...
Search results for: 69.59.185.108
OrgName: ServePath, LLC
OrgID: SERVEP
Address: 650 Townsend Street
Address: Suite 252
City: San Francisco
StateProv: CA
PostalCode: 94103
Country: US
ReferralServer: rwhois://rwhois.servepath.com:4321

wonder who ServePath is... lets look them up too... google google google... ding



well we better take a look... just to be sure...

that last one looks kinda familiar

moro... ah you know the rest ps. nice first post

and i know this is the wrong thread for this stuff.. sorry[/b][/quote]
Reverse DNS for 69.59.185.108
Location: United States [City: Hialeah, Florida]
Answer:
69.59.185.108 PTR record: customer-reverse-entry.69.59.185.108. [TTL 3600s] [A=None] *ERROR* A record does not point back to original IP.

whois for 69.59.185.108
NetRange: 69.59.128.0 - 69.59.191.255
Comment:

quote from
ServePath is Silicon Valley's #1 Dedicated Server specialist.

traceroute
Hop T1 T2 T3 Best Graph IP Hostname Dist TTL Ctry Time
1 0 0 0 0.5 ms
66.36.240.2 AS0
IANA-RSVD-0 c-vl102-d1.acc.dca2.hopone.net. 255 US Unknown: 833fd014
2 0 0 0 0.5 ms [+0ms]

66.36.224.226 AS0
IANA-RSVD-0 ge4-0.core1.dca2.hopone.net. 0 miles [+0] 254 US Unix: 23:24:17.797
3 1 1 1 1.8 ms [+1ms]

66.36.224.18 AS3
MIT-GATEWAYS ge3-0.core1.iad1.hopone.net. 0 miles [+0] 253 US Unknown: 85063cd9
4 75 77 75 75 ms [+73ms]

66.36.224.30 AS0
IANA-RSVD-0 ge2-0-1.core1.pao1.hopone.net. 0 miles [+0] 252 US Unknown: 8500d963
5 75 91 91 75 ms [+0ms]

198.32.176.78 AS0
IANA-RSVD-0 border-core2-ge1-0.sfo2.servepath.net. 0 miles [+0] 251 US Unix: 23:24:27.234
6 93 76 77 76 ms [+0ms]

69.59.136.19 AS0
IANA-RSVD-0 access2-ge0-1-3.sfo2.servepath.net. 0 miles [+0] 250 US Unix: 23:24:27.282
7 * * 76 76 ms [+0ms]

69.59.185.108 AS0
IANA-RSVD-0
[Reached Destination]customer-reverse-entry.69.59.185.108. 0 miles [+0] 122 US [Router did not respond]


from what i see i cant get anywhere near the conqueronline servers with THAT ip address

i see that conqueronline only runs 2 ips from that site and they are

Windows 2000 Microsoft-IIS/5.0 69.59.149.193
Windows 2000 Microsoft-IIS/5.0 218.66.102.79

which indeed is no 69.59.185.108

so it seems to me that someone has bought an ip/dedicated server from the site. and in a desperate attempt to be seen as a 'conqueronline' ip address :P

so until you can prove so further.

i deem this program
backdoored

(some people do play with exploits/bots them selves =])

[Eldrad]

someones gotat fix the disconnecting problem :S TQ can lock your accounts now

[DevilSword]

i hope chocoman can explain it.
Mebe 69.59.185.108 is his localhost address and
He forgot to change it to "localhost" after cracking it.

Anyway best thing u do for now is changing ur pw if ur acc hasnt been hacked.

[chocoman4k]

Quote:

Originally posted by DevilSword@Aug 19 2005, 08:46
i hope chocoman can explain it.
Mebe 69.59.185.108 is his localhost address and
He forgot to change it to "localhost" after cracking it.

Anyway best thing u do for now is changing ur pw if ur acc hasnt been hacked.

Does anyone else connect to that IP who can tell me which server you play on?

[Mal3x]

this guy has no incentive to hack...
but i recommend that you use the hack with a secondary character, better safe den sowi

[recoiled]

205.209.152.249
202.66.43.40
202.66.43.41
202.66.43.16

are the following ips the origional bjx connect to.
if you block them it wont connect. in the end.
your still gona get 'hacked' if you dont change your pass str8 away

anyway if u guys think any of my info (look above) helped

+ karma me :P

[chocoman4k]

From recoiled's signature I found out he was playing on the Phoenix server.
So I made a new character on the Phoenix server and logged the packets.
And see there, the original Conquer Online client connects to 69.59.185.108.

recoiled:
Before you made the assumption that I was stealing your l/p's you should've checked where the original Conquer Online client connected to, which was for you to 69.59.185.108.

[DevilSword]

ooh wat a relief
i ve been using chocoman hack since couple days straight and i havent been hacked.

[recoiled]

how can you verify this?
please do

[chocoman4k]

Quote:

Originally posted by recoiled+Aug 19 2005, 12:56--></span><table border='0' align='center' width='95%' cellpadding='3' cellspacing='1'><tr><td>QUOTE (recoiled @ Aug 19 2005, 12:56)</td></tr><tr><td id='QUOTE'> how can you verify this?
please do [/b]

OK, once again for you step by step.
You think 69.59.185.108 is the backdoor server I set up.
Download a packet sniffer, eg. EtherDetect which is not so complex therefore good for newbies.
Install it. Run it, click Try it.
Sniffer/Select Network Adapter. Choose the adapter you're connected with and click OK.
Click Sniffer/Start.
Open op Conquer Online, go to the Wild Kingdom/Phoenix server.
Login there and click Enter.
On the left side of EtherDetect you will see the connections.

1 13:33:57.312 192.168.1.3:3254 69.59.142.13:9958 TCP 12 13:33:58.343 <- login server
2 13:33:58.343 192.168.1.3:3255 69.59.185.108:5816 TCP 38 13:34:09.406 <- phoenix game server

See the IP in the connections log? It is a Conquer Online game server as the ORIGINAL client connected to it. And now please don't come with something like "my Conquer Online might be backdoored too.". Everyone who plays on the Phoenix server connects to 69.59.185.108.

Edit:

Quote:

Originally posted by -recoiled@Aug 19 2005, 01:35
from what i see i cant get anywhere near the conqueronline servers with THAT ip address

i see that conqueronline only runs 2 ips from that site and they are

Windows 2000 Microsoft-IIS/5.0 69.59.149.193
Windows 2000 Microsoft-IIS/5.0 218.66.102.79

which indeed is no 69.59.185.108

Oh? How can you see that? What about the Conquer Online login server 69.59.142.13?
Your are wrong my friend, they are running a whole block of IP's there.

<!--QuoteBegin--recoiled@Aug 19 2005, 01:35
so it seems to me that someone has bought an ip/dedicated server from the site. and in a desperate attempt to be seen as a 'conqueronline' ip address :P

so until you can prove so further.

i deem this program
backdoored smile.gif [/quote]
Doing pointless reverse dns resolves, traceroutes and whoises doesn't make the crack backdoored.
Perhaps now you would like to send a mail to Conquer Online why they built in a backdoor in the bjx bot.
Waiting for your final comment.

[AngelusInkubus]

I got the same error on it > Unable to hook zffy.dll
I run Windows ME.

[DevilSword]

Quote:

Originally posted by AngelusInkubus@Aug 19 2005, 14:24
I got the same error on it > Unable to hook zffy.dll
I run Windows ME.

i dun think bjx support win me
only win xp

[chocoman4k]

Quote:

Originally posted by AngelusInkubus@Aug 19 2005, 14:24
I got the same error on it > Unable to hook zffy.dll
I run Windows ME.

Check your PM so that we don't ruin Cryptic's thread.
If you're new to the forum and don't know what PM is, click the "X new messages" item from the above menu.

Edit: Could someone check if the original CFYE.exe runs on Windows ME, 98 or 95? You just need to run it don't need to login.

[DevilSword]

chocoman this is wat my firewall logs with ur bjx hack
it connects to
64.151.104.220:5816 --> is this diamond ip address co i play in diamond