|
You last visited: Today at 00:18
Advertisement
[Release] Int HackShield Killer.
Discussion on [Release] Int HackShield Killer. within the Kal Online forum part of the MMORPGs category.
09/30/2008, 21:41
|
#31
|
elite*gold: 20 
Join Date: Apr 2008
Posts: 820
Received Thanks: 177
|
ya tipps pls 
|
|
|
|
09/30/2008, 22:21
|
#32
|
elite*gold: 0
Join Date: Jan 2008
Posts: 533
Received Thanks: 131
|
A = 0 (A ist ausgeschaltet, 1 = An , 0=Aus)
Daraufhin Out = xyz
B= 0 (B ist auch aus!)
Daraufhin Out = xyz
->
Expell
Irgendwie sowas? 
|
|
|
|
|
09/30/2008, 22:33
|
#33
|
elite*gold: 42
Join Date: Jun 2008
Posts: 5,425
Received Thanks: 1,888
|
Bringt euch doch eh nix, denkt ihr echt IHR seit fähig int-hs zu killen/disabeln?
Syntex ist dazu in der lage, aber ihr nicht...
ahjo, den post hier schnell lesen, mahatma löscht ihn gleich wieder :>
|
|
|
|
|
09/30/2008, 22:46
|
#34
|
elite*gold: 20
Join Date: Feb 2008
Posts: 558
Received Thanks: 151
|
MoepMeep lasst sie doch probieren und ja ich denke schon das einige von uns in der lage sind :P
|
|
|
|
|
09/30/2008, 22:48
|
#35
|
elite*gold: 0
Join Date: Oct 2007
Posts: 406
Received Thanks: 15
|
heut wieder bisschen dumm
|
|
|
|
|
09/30/2008, 22:50
|
#36
|
elite*gold: 20
Join Date: Feb 2008
Posts: 558
Received Thanks: 151
|
Aalso ich habs schon raus ^^ guckt euch mal die dynamic load library an und zieht HackShield.exe durchen dissambler
|
|
|
|
|
09/30/2008, 22:52
|
#37
|
elite*gold: 20
Join Date: Feb 2008
Posts: 558
Received Thanks: 151
|
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x10001c41
timedatestamp.....: 0x48e0bd79 (Mon Sep 29 11:35:21 2008)
machinetype.......: 0x14c (I386)
( 5 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x1136 0x1200 6.15 ea805fa0c3d4fb8ee20d7fd6b07379f8
.rdata 0x3000 0xb04 0xc00 4.98 d53182a5c288072429b275ecd76378aa
.data 0x4000 0x288b8 0x200 1.91 62549c55c591b063cf31da502e11d411
.rsrc 0x2d000 0x2b0 0x400 5.20 23c8a02e9f7e393e18171bdb8263e565
.reloc 0x2e000 0x458 0x600 4.18 c51aeddc29a012335337b1293b25ad9c
( 3 imports )
> KERNEL32.dll: AllocConsole, SetConsoleTextAttribute, SetConsoleTitleA, GetStdHandle, GetProcAddress, GetModuleFileNameA, GetModuleHandleA, VirtualProtect, GetSystemTimeAsFileTime, GetCurrentProcessId, GetTickCount, QueryPerformanceCounter, IsDebuggerPresent, SetUnhandledExceptionFilter, UnhandledExceptionFilter, GetCurrentProcess, TerminateProcess, InterlockedCompareExchange, Sleep, InterlockedExchange, GetCurrentThreadId
> USER32.dll: MessageBoxA
> MSVCR90.dll: _open_osfhandle, _fdopen, __2@YAPAXI@Z, _encode_pointer, _malloc_crt, fprintf, _encoded_null, _decode_pointer, _initterm, _initterm_e, _amsg_exit, _adjust_fdiv, __CppXcptFilter, _crt_debugger_hook, __clean_type_info_names_internal, _unlock, __dllonexit, _lock, _onexit, _except_handler4_common, ___V@YAXPAX@Z, fopen, printf, _beginthread, fflush, __iob_func, strstr, scanf, malloc, sprintf, free, memset
( 0 exports )
die dll
und das der injector
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x4023e0
timedatestamp.....: 0x46891128 (Mon Jul 02 14:52:24 2007)
machinetype.......: 0x14c (I386)
( 4 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x8d8e 0x9000 6.56 f063c15e7dfce6e6f207322d71865720
.rdata 0xa000 0x18c4 0x2000 4.13 6ca14782e7e5a809002cc49bfb78051b
.data 0xc000 0x2d34 0x1000 2.68 852b2f19db7f0283891fc2be6e3ae44a
.rsrc 0xf000 0x31c70 0x32000 4.53 c8ea309137b7c22c6cd1d85f97e9dfe0
( 3 imports )
> KERNEL32.dll: GetModuleHandleA, GetTickCount, OpenProcess, GetCurrentProcessId, Process32Next, Process32First, CreateToolhelp32Snapshot, Thread32Next, Thread32First, GetModuleFileNameA, WaitForSingleObject, CreateRemoteThread, GetProcAddress, WriteProcessMemory, VirtualAllocEx, VirtualProtect, LCMapStringA, HeapSize, SetEndOfFile, ReadFile, GetLocaleInfoA, GetCPInfo, GetFileAttributesA, CloseHandle, CreateFileA, CreateMutexA, GetLastError, CreateThread, VirtualFreeEx, Sleep, ExitProcess, GetStartupInfoA, GetCommandLineA, GetVersionExA, HeapFree, TerminateProcess, GetCurrentProcess, QueryPerformanceCounter, GetCurrentThreadId, GetSystemTimeAsFileTime, WriteFile, SetFilePointer, GetStdHandle, UnhandledExceptionFilter, FreeEnvironmentStringsA, GetEnvironmentStrings, FreeEnvironmentStringsW, WideCharToMultiByte, GetEnvironmentStringsW, SetHandleCount, GetFileType, HeapDestroy, HeapCreate, VirtualFree, GetStringTypeA, MultiByteToWideChar, GetStringTypeW, HeapAlloc, VirtualAlloc, HeapReAlloc, SetStdHandle, FlushFileBuffers, GetSystemInfo, VirtualQuery, LoadLibraryA, RtlUnwind, InterlockedExchange, GetACP, GetOEMCP, LCMapStringW
> USER32.dll: MessageBoxA, DialogBoxParamA, DestroyWindow, EndDialog
> ADVAPI32.dll: LookupPrivilegeValueA, AdjustTokenPrivileges, OpenProcessToken
( 0 exports )
|
|
|
|
|
09/30/2008, 22:53
|
#38
|
elite*gold: 42
Join Date: Jun 2008
Posts: 5,425
Received Thanks: 1,888
|
@lolsen blubb? Heute mal wieder nen bisschen dumm? :>
|
|
|
|
|
09/30/2008, 22:59
|
#39
|
elite*gold: 20
Join Date: Feb 2008
Posts: 558
Received Thanks: 151
|
MoepMeep du bist ganz schön Arogant ^^
ich hab hunger ... ich geh was essen
|
|
|
|
|
09/30/2008, 23:01
|
#40
|
elite*gold: 42
Join Date: Jun 2008
Posts: 5,425
Received Thanks: 1,888
|
Bin ich, was dagegegen? :P
bringste mir was mit? xP
|
|
|
|
|
09/30/2008, 23:03
|
#41
|
elite*gold: 281
Join Date: Oct 2007
Posts: 6,248
Received Thanks: 887
|
Quote:
Originally Posted by Therawarp
MoepMeep du bist ganz schön Arogant ^^
ich hab hunger ... ich geh was essen
|
Quote:
Originally Posted by MoepMeep
Bin ich, was dagegegen? :P
bringste mir was mit? xP
|
B2T PLS!
wenn ihr chatten wollt schreibt euch pm's oder geht ins offtopic (ansonsten gibts noch icq und msn...)
danke für die aufmerksamkeit...
|
|
|
|
|
09/30/2008, 23:04
|
#42
|
elite*gold: 0
Join Date: May 2008
Posts: 106
Received Thanks: 11
|
.reloc 0x2e000 0x458 0x600 4.18 c51aeddc29a012335337b1293b25ad9c
is bei der zweiten ncih vorhanden und die entrypoint-adressen sind verschieden xD .. öööh? und jez xD
|
|
|
|
|
09/30/2008, 23:05
|
#43
|
elite*gold: 46
Join Date: Mar 2006
Posts: 2,589
Received Thanks: 1,198
|
Quote:
Originally Posted by Therawarp
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x10001c41
timedatestamp.....: 0x48e0bd79 (Mon Sep 29 11:35:21 2008)
machinetype.......: 0x14c (I386)
( 5 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x1136 0x1200 6.15 ea805fa0c3d4fb8ee20d7fd6b07379f8
.rdata 0x3000 0xb04 0xc00 4.98 d53182a5c288072429b275ecd76378aa
.data 0x4000 0x288b8 0x200 1.91 62549c55c591b063cf31da502e11d411
.rsrc 0x2d000 0x2b0 0x400 5.20 23c8a02e9f7e393e18171bdb8263e565
.reloc 0x2e000 0x458 0x600 4.18 c51aeddc29a012335337b1293b25ad9c
( 3 imports )
> KERNEL32.dll: AllocConsole, SetConsoleTextAttribute, SetConsoleTitleA, GetStdHandle, GetProcAddress, GetModuleFileNameA, GetModuleHandleA, VirtualProtect, GetSystemTimeAsFileTime, GetCurrentProcessId, GetTickCount, QueryPerformanceCounter, IsDebuggerPresent, SetUnhandledExceptionFilter, UnhandledExceptionFilter, GetCurrentProcess, TerminateProcess, InterlockedCompareExchange, Sleep, InterlockedExchange, GetCurrentThreadId
> USER32.dll: MessageBoxA
> MSVCR90.dll: _open_osfhandle, _fdopen, __2@YAPAXI@Z, _encode_pointer, _malloc_crt, fprintf, _encoded_null, _decode_pointer, _initterm, _initterm_e, _amsg_exit, _adjust_fdiv, __CppXcptFilter, _crt_debugger_hook, __clean_type_info_names_internal, _unlock, __dllonexit, _lock, _onexit, _except_handler4_common, ___V@YAXPAX@Z, fopen, printf, _beginthread, fflush, __iob_func, strstr, scanf, malloc, sprintf, free, memset
( 0 exports )
die dll
und das der injector
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x4023e0
timedatestamp.....: 0x46891128 (Mon Jul 02 14:52:24 2007)
machinetype.......: 0x14c (I386)
( 4 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x8d8e 0x9000 6.56 f063c15e7dfce6e6f207322d71865720
.rdata 0xa000 0x18c4 0x2000 4.13 6ca14782e7e5a809002cc49bfb78051b
.data 0xc000 0x2d34 0x1000 2.68 852b2f19db7f0283891fc2be6e3ae44a
.rsrc 0xf000 0x31c70 0x32000 4.53 c8ea309137b7c22c6cd1d85f97e9dfe0
( 3 imports )
> KERNEL32.dll: GetModuleHandleA, GetTickCount, OpenProcess, GetCurrentProcessId, Process32Next, Process32First, CreateToolhelp32Snapshot, Thread32Next, Thread32First, GetModuleFileNameA, WaitForSingleObject, CreateRemoteThread, GetProcAddress, WriteProcessMemory, VirtualAllocEx, VirtualProtect, LCMapStringA, HeapSize, SetEndOfFile, ReadFile, GetLocaleInfoA, GetCPInfo, GetFileAttributesA, CloseHandle, CreateFileA, CreateMutexA, GetLastError, CreateThread, VirtualFreeEx, Sleep, ExitProcess, GetStartupInfoA, GetCommandLineA, GetVersionExA, HeapFree, TerminateProcess, GetCurrentProcess, QueryPerformanceCounter, GetCurrentThreadId, GetSystemTimeAsFileTime, WriteFile, SetFilePointer, GetStdHandle, UnhandledExceptionFilter, FreeEnvironmentStringsA, GetEnvironmentStrings, FreeEnvironmentStringsW, WideCharToMultiByte, GetEnvironmentStringsW, SetHandleCount, GetFileType, HeapDestroy, HeapCreate, VirtualFree, GetStringTypeA, MultiByteToWideChar, GetStringTypeW, HeapAlloc, VirtualAlloc, HeapReAlloc, SetStdHandle, FlushFileBuffers, GetSystemInfo, VirtualQuery, LoadLibraryA, RtlUnwind, InterlockedExchange, GetACP, GetOEMCP, LCMapStringW
> USER32.dll: MessageBoxA, DialogBoxParamA, DestroyWindow, EndDialog
> ADVAPI32.dll: LookupPrivilegeValueA, AdjustTokenPrivileges, OpenProcessToken
( 0 exports )
|
Tut mir leid, aber bringt dir rein garnichts.
|
|
|
|
|
10/01/2008, 12:03
|
#44
|
elite*gold: 20
Join Date: Feb 2008
Posts: 558
Received Thanks: 151
|
och menno xD aber so ist es besser struckturiert ^^
|
|
|
|
|
10/01/2008, 17:51
|
#45
|
elite*gold: 20
Join Date: Apr 2008
Posts: 820
Received Thanks: 177
|
"Defeating Hackshield
Disabling Hackshield is pretty easy and means basically hooking/patching the functions "StartServiceW" of the Hackshield class which is an export of EhSvc.dll.
Either its wrapper inside of Engine.dll, or directly in EhSvc.dll. Just do nothing and return - that's all.
However, after doing that MakeGUIDAckMsg() and MakeAckMsg(), both exports of EhSvc.dll will stop working and therefore we can't authenticate with the gameserver anymore.
To solve that issue one way would be to patch all "has hackshield been started" checks in side of those Make..Msg() functions,it will work fine. To understand it , we have to look at how these functions "generate" the authentication answers.[...]"
MakeGuidAckMsg heisst, dass überprüft wird, ob das hackshield läuft. Falls es aus ist, wird man im falle von kal expelled. Man müsste nen patch/prog/dll schreiben, welche hackshield vormacht, dass kal läuft, aber ich glaube ausser ne handvoll leute hier kriegt das keiner hin ...
|
|
|
|
 |
|
Similar Threads
|
{RELEASE}Getting Neb's Xign Killer working with all hacks{RELEASE}
10/04/2009 - Dekaron Exploits, Hacks, Bots, Tools & Macros - 21 Replies
UPDATING to Picture Tutorial
100% working NO DC picture tutorial..........coming soon
TEMPORARY: steps 1 - 15
Step 1 : Install client , Update client , Load game , Login , load map , close game
Step 2 : Put the Dekaron_CRC_Bypass_v2.0.rar into bin and extract it
Step 3 : Open the launcher that was just extracted to the bin folder.
Step 4 : Click Select File... when the Select File... window loads up navigate to you bin folder and double click dekaron.exe, then click Launch
|
Hackshield killer
08/23/2008 - Rappelz - 3 Replies
hey guys ive found a rappelz hackshield killer whats workin but ill not release it here now ^^ ill check some things before like speedhack and other things ^^
|
[RELEASE] Hackshield killer for KOCP
02/14/2008 - Kal Online - 49 Replies
Yeah here i will release a little tool for you :P
Cause a few people said i can nothing and bloodx too i wanted to give you little present :)
This is just a little show off before our really hack will be released :)
If you ask what the hell do you want with this, then you are a nooby leecher -.-
the pros will know what they can do know ^^ well .. if they would be pros they had coded it themself .. nvm :P
Credits:
|
All times are GMT +1. The time now is 00:19.
|
|
![[Release] Int HackShield Killer.](https://www.elitepvpers.com/forum/iconimages/kal-online/release-int-hackshield-killer_ltr.gif){kind=small}
