another HackShield bypass method

[ruan5212]

fail to run on China Mabinogi client

Hope Yiting could save Chinese Mabier in someday T___T

[Yiting]

Quote:

Originally Posted by ruan5212

fail to run on China Mabinogi client

Try KR_TEST version on page 4, CN server is using new interface same with KR.

[eeaanndd]

Thanks

[Yiting]

Quote:

Originally Posted by Yiting

Hi everyone,

I made a new one could completely replace HackShield.....
You can just delete HShield folder if you use this one, you don't need it any more.

Important:
- This is experimental version, it may not work if HackShield update the server.
- Do NOT use on other mabinogi server, currently for US server only.

I try this version on CN server whole day (they don't ban my location), and nothing goes wrong.
That means HackShield has been broken, and this isn't just a bypass any more.

So.... I think this shouldn't be released in public, and I will stop answering anything about it.


By the way, I'm playing mabinogi on TW server, and still not getting HackShield started using.....

[tylian1]

I'd still classify it as a bypass, unless you're completely emulating HackShield's API at this point. :P

Also aww, this was one of my favourite bypasses. I've grown seriously sick of having to stack hack upon hack upon hack upon hack just to have simple mods working. :/


Edit: Upon a second look it actually does look like a HS Emulator.. well I'll be .. xD

[Heavenlyhero]

I'm pretty sure he's classified it as a hackshield emulator..

[Yiting]

Let me share some idea here.


After finished the first version, I start hacking the driver part, cause driver cannot be applied very complicated protection as an application.

About one week later, I finished crypto and hash function used in driver.
So I could just hook DeviceIoControl API, and let HackShield believes driver has been running.

After that, I could directly launch HackShield in Visual Studio.......
I think it's not hard for many people to trace HackShield via debugger.

Then three days later, I made the experimental version just only one dll without any exe file. All HackShield operation was performed by itself.

[imperf]

cool
it works.
but kaspersky doesn't like it

[icolose]

does this also work for vindictus?

[mylovein]

Quote:

Originally Posted by Yiting

Let me share some idea here.


After finished the first version, I start hacking the driver part, cause driver cannot be applied very complicated protection as an application.

About one week later, I finished crypto and hash function used in driver.
So I could just hook DeviceIoControl API, and let HackShield believes driver has been running.

After that, I could directly launch HackShield in Visual Studio.......
I think it's not hard for many people to trace HackShield via debugger.

Then three days later, I made the experimental version just only one dll without any exe file. All HackShield operation was performed by itself.

great,but how can i use pake?

[Yiting]

Quote:

Originally Posted by imperf

cool
it works.
but kaspersky doesn't like it

I update a new one on first post, it shouldn't be complained by antivirus anymore...... (i guess

[imperf]

thanks

[492341716]

thank you

[apmx]

it doesn't work on EU server xD
Error Code:0x00000206

[muaamaizi]

it doesn't work on WinXP
Error :"0x01941545" Instruction references memory of "0x00000001".This memory has not "read".