[Mini Guide]Bypassing the new added debugger detection

[Zeroxelli]

Quote:

Originally Posted by _fobos_

A) Thing is, it does get loaded in the process. What function gets called to load a DLL into memory? Exactly, patch that if you don't want it loaded into memory.

B) It doesn't, since there is no use to attaching a bot to a client if you can not bot because you get restricted.

C) Wrong there, I can debug just fine, I can run Conquer thru a debugger just fine as well. And I can bot cliented just fine as well.

D) I have come to a conclusion? Seems to me you have come to the conclusion that I came to a conclusion, I simply stated that it simply wouldn't help him to get past the 1 day restriction. And the restriction being completely server sided is also false.

So now let's all get to the conclusion that telling someone he is wrong is a no go.

Make your own DLL with the same functions.

 Spoiler

trolled.

[{ Angelius }]

Quote:

Originally Posted by shitboi

Thanks for you reply angelius... I have already figured out what needed to be done. I most debug using CheatEngine (though most of you will disagree), but i simply can't get olly to do real time debugging on Conquer. Anyways my problem is solved for now.

You welcome

Quote:

Originally Posted by IAmHawtness

Works fine here, I can easily attach Cheat Engine to Conquer without doing any modifications at all.
The reason that the IsDebuggerPresent patch is needed is for when you're debugging Conquer.exe during launch. If you don't patch IsDebuggerPresent, you won't be able to launch Conquer through a debugger.

It really seemed useless to me as the process terminated either way...but that explains it and i guess i was mistaken

Quote:

Originally Posted by _fobos_

A) Thing is, it does get loaded in the process. What function gets called to load a DLL into memory? Exactly, patch that if you don't want it loaded into memory.

B) It doesn't, since there is no use to attaching a bot to a client if you can not bot because you get restricted.

C) Wrong there, I can debug just fine, I can run Conquer thru a debugger just fine as well. And I can bot cliented just fine as well.

D) I have come to a conclusion? Seems to me you have come to the conclusion that I came to a conclusion, I simply stated that it simply wouldn't help him to get past the 1 day restriction. And the restriction being completely server sided is also false.

So now let's all get to the conclusion that telling someone he is wrong is a no go.

A-I don't give a crap if its loaded into the process memory or not what i care about is to stop the threads inside that dll from being created threads that takes care of the anti-debugging shit and all i had to do is a 2 bytes patch is there anything easier than that ?

B- It does.. the bot is online for hours everyday and i never got restricted in fact spamming the server non stop with data is the only thing that got me restricted :|

C- Yeah its clear enough

D- is stupid enough to even try and replay back to it

[_fobos_]

Quote:

Originally Posted by { Angelius }

@ _fobos_

A- By doing what i did in that video you are simply bypassing all the functions/anti-debugging techniques that the tqanp.dll contains just like its never been loaded into the process...

B- The point of this thread is to give the memory based bots that uses the debugging techniques the ability to Attach/debug conquer.exe again

C- Disabling the IsDebuggerPresent function will not do you any good and it will not let you attach or debug conquer.exe

D- seems like you have come to a conclusion that what i did in that video should stop the 1 day restriction thing... so let me correct you by saying that it has nothing to do with it, and that the 1 day restriction thing is server sided

@ shitboi

If your intention is to debug conquer.exe using something like ollydbg there is some library's/plugins that can hide the debugger for you so you don't have to do any of this.

Quote:

Originally Posted by Zeroxelli

Make your own DLL with the same functions.

 Spoiler

trolled.

Bwhahaha, totally!

@ angelicus, too lazy to even press quote for that one.

A. "A- By doing what i did in that video you are simply bypassing all the functions/anti-debugging techniques that the tqanp.dll contains just like its never been loaded into the process..."
"I don't give a crap if its loaded into the process memory or not"
Contradiction there.

B) That simply does not make any sense since the same anti debugging techniques are also used in the main Conquer.exe as well not only in the DLL; which you also have to patch.
Google anti debugging techniques, you'll find some more. Next to that I find this answer again very contradicting to your answer before as well, you say " 1 day restriction thing is server sided " while here you say you run the bot for hours without getting restricted. I'm sorry but I'm not even trying here..

D) I do not understand what you mean by "replay back to it",

When I first answered in your thread I didn't even mean to be a dick, I meant to explain something to someone who asked a question, just like you should. You make false statements which I then point out, and contradict yourself in multiple answers. And I still don't mean to be a dick here, think it's nice you try though.

Anyway I have seen enough of this thread, it's clear you do not like to be told you're wrong.

[{ Angelius }]

Quote:

Originally Posted by _fobos_

Bwhahaha, totally!

@ angelicus, too lazy to even press quote for that one.

A. "A- By doing what i did in that video you are simply bypassing all the functions/anti-debugging techniques that the tqanp.dll contains just like its never been loaded into the process..."
"I don't give a **** if its loaded into the process memory or not"
Contradiction there.

B) That simply does not make any sense since the same anti debugging techniques are also used in the main Conquer.exe as well not only in the DLL; which you also have to patch.
Google anti debugging techniques, you'll find some more. Next to that I find this answer again very contradicting to your answer before as well, you say " 1 day restriction thing is server sided " while here you say you run the bot for hours without getting restricted. I'm sorry but I'm not even trying here..

D) I do not understand what you mean by "replay back to it",

When I first answered in your thread I didn't even mean to be a ****, I meant to explain something to someone who asked a question, just like you should. You make false statements which I then point out, and contradict yourself in multiple answers. And I still don't mean to be a **** here, think it's nice you try though.

Anyway I have seen enough of this thread, it's clear you do not like to be told you're wrong.

You are not a **** you are a saint... now i'm going to finish watching my movie before i read the whole thing and change my mind about you.

[Zeroxelli]

Easy there tiger, this forum isn't here for people to have spite. If you have a problem with someone, you should take it to PM and keep out of the public's eye. That goes for everyone.

[xmen01235]

My private proxy is working fine when my client is loaded via cogen hook method. How I wish I am an assembly literate so that I can explore on that olydbg or CE things and help in my own little way lol...

[I don't have a username]

Quote:

Originally Posted by xmen01235

How I wish I am an assembly literate so that I can explore on that olydbg or CE things and help in my own little way lol...

Maybe go learn asm?

[tanelipe]

Good job, +thanks. I can now actually use the newer OllyDBG to go through the file.