[INFO] IBot datas and tip to make a crack

RBence13 · 06/01/2012, 17:06

Hi everybody!

Some days ago I decided to make a crack for ibot,but I stuck,so now I release infos about the bot.
First of all,everybody knows that ibot communicates with a server on TCP
at mail.majar.com (82.98.86.167) on 8084 port.
I had an idea,that I block this,and forward the mail.majar.com to localhost,and I simulate that is the server.
I did some tests and I realized how many packet's and bits arrives when somebody login with ibot:
So the bot get these packet's with unkown content:
1. packet 4 bits
2. packet 441 bits
3. packet 4 bits
4. packet 77 bits

These means,that the first packet consists of a number,the second is 63 letters,the third is a number too,and the forth includes 11 characters.

I could block the server with firewall,but I had no idea about forward it to localhost.
But with this mechanic I could bot 3 days with ibot trial,cause I didn't die,or jumped a gate,and I blocked the server,so it didn't get any info.
The only backwards is that,I can't login back without trial.

If somebody can make a programme,which forwards 82.98.86.167 to localhost on port 8084 and she/he send it to me I will make the crack's other part and I will release it.

(I used tcpview to see these datas,and firewall to block. If I could do this,we would use this crack forever,cause if the bot doesn't get the info that there is an update,then we can login with it.)

I hope this information will be useful for hackers.

metra3 · 06/01/2012, 17:11

C:\Windows\System32\drivers\etc\hosts. try to write adress you forward to, then the original adress.

~~cypershot~~ · 06/01/2012, 17:12

Did you try use WP66?

RBence13 · 06/01/2012, 17:14

Quote:

Originally Posted by cypershot

Did you try use WP66?

No,cause I don't know how to use it for this.

Quote:

Originally Posted by metra3

C:\Windows\System32\drivers\etc\hosts. try to write adress you forward to, then the original adress

It only forwards https to localhost,but I have already tried.

xxDr-Shadowxx · 06/01/2012, 17:17

You dont need to modify this, there is a more easiest way...

metra3 · 06/01/2012, 17:21

try program PortTunnel. Maybe it'll help you

L1m4ro · 06/01/2012, 17:23

For the informaton - thanks!
You can't crack this bot. It is protected with JET which is almost un-unpackable.
Only way is to trick it as you tried to, I look forward this

RBence13 · 06/01/2012, 17:24

Quote:

Originally Posted by xxDr-Shadowxx

You dont need to modify this, there is a more easiest way...

For example?
I won't buy ibot,and now there is a crack for it,which doesn't work and I don't know how to make a file,what send fakeids to the server..

L1m4ro · 06/01/2012, 17:26

Simulating the server is almost unpossble, GL with this, lol
I'll anyway help you by 'trying' to make a redirection program. Will PM you if any success.

EDIT: Use this:

Quote:

Originally Posted by metra3

try program PortTunnel. Maybe it'll help you

I'll try to crack the program ^^

~~Dr.Toni-old~~ · 06/01/2012, 17:28

Quote:

Originally Posted by darkunited

For the informaton - thanks!
You can't crack this bot. It is protected with JET which is almost un-unpackable.
Only way is to trick it as you tried to, I look forward this

You can crack every program

How can KBot exist?!
How can give it Photoshop cracks?
Steam Cracks?
Game Cracks?
And so on?

xungoman · 06/01/2012, 17:31

Hi everyone, you can use the same method that Kbot. It is just a codecave that replace the bytes that you want, as for example License Server IP or name or all that you need. Ivan patch krnxxx.dll to add a call to his kbot.dll then replace data and return the control to Ibot. Easy

L1m4ro · 06/01/2012, 17:37

Quote:

Originally Posted by Toni_Damager

You can crack every program

How can KBot exist?!
How can give it Photoshop cracks?
Steam Cracks?
Game Cracks?
And so on?

Quote:

Originally Posted by darkunited

...It is protected with JET which is almost un-unpackable.

I am not the PRO of PROs

yusaca · 06/01/2012, 18:22

Quote:

Originally Posted by xungoman

Hi everyone, you can use the same method that Kbot. It is just a codecave that replace the bytes that you want, as for example License Server IP or name or all that you need. Ivan patch krnxxx.dll to add a call to his kbot.dll then replace data and return the control to Ibot. Easy

Easy but 4 days each update...

RBence13 · 06/01/2012, 18:30

Quote:

Originally Posted by metra3

try program PortTunnel. Maybe it'll help you

This was a good idea,but it only works when I set the blind address to a fix ip,and it isn't possibble to set 82.98.86.167.
But anyway thanks!

xxDr-Shadowxx · 06/01/2012, 18:30

You can edit easily the http request to or from darkorbit

It's the same for the connection from ibot to the game server

just suppose u want to bot on accA

1°)Juste create a new account on DO (i call it accB)
2°)Connect accA trought Ibot
3°)When Ibot wants to connect to game (license checked) just intercept the request for connecting to the game as accB and modify it to get connected to accA

But, i dont know yet if ibot checks later the account connected