So... you might have noticed the KalOnline no longer let you use dbghelp or d3dx9_29.dll with proxies.
Kal-Online checking mechanism is very simple -> Get some information about file and compare (Size, version and such things).
At the moment I have 3 solutions in my mind (Though there are more).
Right now I'm going to show you fixing by DETOUR
So how does it works?
It's pretty easy:
They are using 3 functions we are interested in
-> CreateFileA (They are using it for GetFileInformationByHandle)
-> GetFileVersionInfoSizeA
-> GetFileVersionInfoA
Where is the trick?
All those functions has filename as one of their input argument.
We will detour all original functions and we will be checking for filename.
If the filename is our proxy-dll, then change the filename to name of original dll.
Check the source for better understanding.
Delete or add any pieces to make the source faster (Yea I haven't spent much time on this so please be understanding)
You can ask a question about the source or mechanism. Please try to avoid asking a incredibly easy questions.
Update #00:
This update fixes the synchronization with version.dll .
There were 2 possible errors:
-> Our detours were attached too late.
-> Our detours weren't loaded because version.dll wasn't loaded yet (attached too early)
How does this fix works?
Adding another detour on kernel32.LoadLibraryA.
Were checking for version.dll if it's being loaded -> If yes
Place the rest of the detours.
hm its most of the first steps with ollydbg to jump over msgbox, i think its good release but u only need little basics in ollydbg =/
Edit: now no one learned how to fix proxy dll, just copy&paste ur source
I'm afraid it would take too much time to include technical details such as showing everyone how to work with debugger - If I had so much time I would invest it into Response Server :P . There are a dozen of tutorials about debugging they can read. And this fix also isn't very difficult to understand.
I could also draw some crappy schemes about how those detours works exactly, but again: there are a lot of other discussions about hooks and detours on this or other forums.
Of-course they can Copy&Paste the source now, but soon or later some of them will work with assembly and they will try to understand how does it work exactly (Even though it's very simple as I already said.)
Anyways, advice from me for the newbies -> if you want to understand the code, study it now... before it will get fixed. After the fix it will become more and more complex. New bypass methods will be invented and after time it might be possible, that the idea of Proxy-DLLs would reach the state "too-difficult-to-make-a-bypass". As the game security updates the DLL injections via different methods are going to be also little bit more complex.
first of all. its very very nice that you released a good stuff
but you should delete it because here are only leecher.
as you can see, 25 ppl's downloaded this dll and you got only 4 thanks ?
just sad
well just stfu guys most of u even leeched a way to bypass this check and now u talk oh oh was so easy...... most of u. too only learned from epvp releases only cuz your **** ic bots get all time blocked? cry me a river.... pehh write with phone suxx... when i got my internet back i wil release again some stuff...
well just stfu guys most of u even leeched a way to bypass this check and now u talk oh oh was so easy...... most of u. too only learned from epvp releases only cuz your **** ic bots get all time blocked? cry me a river.... pehh write with phone suxx... when i got my internet back i wil release again some stuff...
du hast schon recht...aber wenn man wenigstens halb so viele THANKS bekommen würde wie man die datei downgeloadet hat, wäre das doch viel besser oder nicht ?
im pretty sure thiesius dont cares about stupid virtual thanks.
and for this bypass you dont need 1 line asm and you dont need to run kal in a debugger
Here is a video tut by MrSm!th about Ms Detours 1.5
can't get it why you keep releasing stuff & helping the leechers thiesus.
1) I'm releasing only simple stuff
2) Among the leechers are also guys who aren't yet so experienced, but they are willing to learn (IT students or the guys/girls who has programming as a hobby/work)
3) I also had to learn from some material and now I think it's my turn to contribute
[FRAGE] WAS IST PROXY WAS MACHT MAN DAMIT ? [PROXY] 11/12/2010 - Main - 7 Replies Hallo Com! ,
Ich habe das Wort Proxy schon oftr gehört , aber immernoch nicht verstanden was das ist und was man damit macht.
Jemand meinte das wäre so was Anonymes ...
Also bitte ich hier um eine gute Erklärung ;)
Danke!
Proxy geht nicht/Proxy doesn´t work 08/10/2010 - Metin2 Private Server - 0 Replies Folgendes Problem:
Squid ist installiert.
Startet anscheinend nicht richtig, funktioniert einfach nicht.
Die Meldung welche kommt, wenn man startet:
2010/08/10 17:02:26| Starting Squid Cache version 2.7.STABLE9 for i386-portbld-freebsd7.1...
2010/08/10 17:02:26| Process ID 1952
2010/08/10 17:02:26| With 11095 file descriptors available
2010/08/10 17:02:26| Using kqueue for the IO loop
Wer will ne Proxy ? Ja genau du willst ne Proxy xD ! 07/23/2010 - Metin2 Private Server - 11 Replies Moin,
Wer hat einen Root-Server und will eine Proxy ?
Proxy:
Proxy ermöglicht dir deine IP zu ändern die dan auch die selbe bleibt.
Dadurch hast du auf einem DynDNS oder Root-Server 24/7 GM-Rechte.....
Ich hab nen Install script das ich den auch Pub machen werde
Aber davor testen möchte.
4326 PROXY FIX Post All Proxy Fixes Here 11/26/2006 - CO2 Exploits, Hacks & Tools - 22 Replies post only the fixes for proxy here plz dont post original file. NO QUESTIONS PLZ. DONT ASK FOR ORIGINAL QOPROXY. just search and hope u dont get the keylogged version :P
Fix for patch4326 (not really an intentional patch for proxy. required little editing ;))
replace old ini in qoproxy folder with this one
![[Fix] Proxy-DLL](https://www.elitepvpers.com/forum/iconimages/kal-hacks-bots-cheats-exploits/fix-proxy-dll_ltr.gif){kind=small}
