|
You last visited: Today at 22:34
Advertisement
Hackshield Bypass idea
Discussion on Hackshield Bypass idea within the Mabinogi forum part of the MMORPGs category.
06/06/2011, 08:59
|
#1
|
elite*gold: 0 
Join Date: Feb 2011
Posts: 6
Received Thanks: 0
|
Hackshield Bypass idea
For those of us interested in getting rid of that pesky little thing that ruins all our lives, why not look into defeating hackshield locally? By that I mean, why not effectively empty out its.. *cough* nonessential information (things that make sure we're not hacking) and fool its checking methods (checksums, things of that sort) into thinking all its data was still there? Basically, still letting it look, but not let it know what its looking for. Unless such hack-checking isn't entirely client-side?
|
|
|
|
06/06/2011, 10:47
|
#2
|
elite*gold: 0
Join Date: Mar 2010
Posts: 912
Received Thanks: 112
|
I'm guessing that's what most hackshield bypasses do. But actually doing the modification to do that is quite hard... (I'm talking to you, Themidia)
|
|
|
|
|
06/06/2011, 11:04
|
#3
|
elite*gold: 0
Join Date: Feb 2011
Posts: 6
Received Thanks: 0
|
Hmm... But it seems like most bypasses add to or modify the data that hackshield uses, I'm thinking to just remove it completely. And of course, it'd either take a lot of work, a lot of time or both, I'd assume. I just wanted to make sure something like that hadn't been attempted and found to be impossible. XD
Personally, methinks someone should just get their hands on the Mabi source so we don't have to deal with all of this XD But that's just me.
|
|
|
|
|
06/06/2011, 12:27
|
#4
|
elite*gold: 0
Join Date: Sep 2009
Posts: 1,528
Received Thanks: 613
|
To my knowledge, you can still detour, which is probably what a lot of bypasses do.
Oh, and hackshield is required to login, and stay logged in, btw.
|
|
|
|
|
06/06/2011, 13:03
|
#5
|
elite*gold: 0
Join Date: Feb 2011
Posts: 6
Received Thanks: 0
|
Quote:
Originally Posted by adam_j
Oh, and hackshield is required to login, and stay logged in, btw.
|
So don't remove it completely, just its data. What I'm saying here is to keep hackshield, and have it respond to the server as if everything were going fine, but client-side it has nothing to check your computer against, only instructions on how to make it seem like everything is okay, and modified checking values so it doesn't notice it doesn't have the other data anymore.
Basically, making spoofing an "all clear" state for the sake of the server Hackshield's only purpose.
|
|
|
|
|
06/06/2011, 13:06
|
#6
|
elite*gold: 0
Join Date: Sep 2009
Posts: 1,528
Received Thanks: 613
|
Quote:
Originally Posted by adam_j
To my knowledge, you can still detour, which is probably what a lot of bypasses do.
Oh, and hackshield is required to login, and stay logged in, btw.
|
^
Basically, the check happens, but the HS module is never told that anything is wrong, as the message to it was detoured.
Also, I'm fairly sure that HS will simply lol at you if you edit the DLL itself. Checksums and all that.
If that's what you're suggesting, it's not really very clear..
What you're proposing seems extremely complex, and would take a LOT longer than simply replying to the relevant module "yeah, everything's cool".
|
|
|
|
|
06/06/2011, 13:14
|
#7
|
elite*gold: 0
Join Date: Feb 2011
Posts: 6
Received Thanks: 0
|
But what a lot of people, including yours truly, are looking for is a way to completely disable Hackshield rather than just avoid catching a particular mod (possibly allowing for free packet editing and other things of that sort again). So basically since hackshield would keep sending the "all clear" no matter what we did, we could pretty much do anything within the abilities of the client (i.e. that wouldn't cause the client to crash, that is realistically possible)
|
|
|
|
|
06/06/2011, 13:15
|
#8
|
elite*gold: 0
Join Date: Sep 2009
Posts: 1,528
Received Thanks: 613
|
Please don't make me quote myself again.
FYI:
Hackshield never says "LOL I FOUND -specific modification-, NO CLIENT FOR U!"
It gives you a fairly broad category.
Thus, what you are asking is what I've been saying, but instead of wasting hours upon hours removing all the data, you just say "Yep. Everything's fine here."
|
|
|
|
|
06/06/2011, 13:34
|
#9
|
elite*gold: 0
Join Date: Feb 2011
Posts: 6
Received Thanks: 0
|
Hmmm... It seems like it'd take even more work to detour as reliably as a removal like this (conceptually 100% success rate), since there are multiple functions to detour, one could miss a few. I suppose it'd be effective enough, if done thoroughly, although another factor to consider is permanence, and I don't know which one if either is more likely for that since Nexon/DevCAT reallllly like patching whatever we decide to mess with. Regardless, I think I'll try it after I get out of school for summer, if nothing else it'll be fun for me  Mostly the point of the thread was to see if it had been tried yet, like I said.
|
|
|
|
|
06/06/2011, 13:57
|
#10
|
elite*gold: 0
Join Date: Sep 2009
Posts: 1,528
Received Thanks: 613
|
Okay, well gl with that..
|
|
|
|
|
06/06/2011, 21:00
|
#11
|
elite*gold: 240
Join Date: Jun 2009
Posts: 1,069
Received Thanks: 188
|
this is an idea of what hackshield and the client communicate to each other. if you can EMULATE this data set then you can play with mods. (note this is just a sample of the log taken from an actual file but some information is masked)
[00:02:06.969]{FEE6147A-2032-47B1-AE59-B18C1815AF48} GUID : XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
[00:02:06.985]{D147F14F-F419-4B04-BEDF-A0C281031569} HASH : XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
[00:02:06.985]{BBD55FA1-C16F-4DE8-990E-70DCAFF79F5B}
[00:02:07.359][AntiCpXCnt][_AntiCpXCnt_MakeResponse] dwRequestLength = 56
[00:02:07.359][AntiCpXCnt][SetMemoryScanContext] pRequestBody : nPageGroupSize = 40
[00:02:07.359][AntiCpXCnt][SetMemoryScanContext] pRequestBody : ulImageBase = XXXXXXX
[00:02:07.359][AntiCpXCnt][SetMemoryScanContext] pRequestBody : nNumberOfCodeSections = 1
[00:02:07.359][AntiCpXCnt][SetMemoryScanContext] pRequestBody : CodeSectionIndex, ulStartAddress, ulSize = CodeSectionIndex = 0, uiStartAddress = XXXXXXX, uiSize = XXXXXXX
[00:02:07.359]{392018DA-8C28-4011-B6F8-F8AEB48CE117}
[00:02:07.359]{1B0D2D5C-95AE-4595-B16A-A1C795139E37}
[00:02:07.375]{D147F14F-F419-4B04-BEDF-A0C281031569} HASH : XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
[00:02:07.390]{BBD55FA1-C16F-4DE8-990E-70DCAFF79F5B}
[00:07:06.631][AntiCpXCnt][_AntiCpXCnt_MakeResponse] dwRequestLength = 40
[00:07:06.631]{8527FE8E-C58B-4572-9B50-11F0E3257B1B}
[00:07:06.631]{BBD55FA1-C16F-4DE8-990E-70DCAFF79F5B}
[00:07:06.647]{CEF81677-D587-4887-963C-0AC391A2B0E1} CRC : XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
[00:12:06.621][AntiCpXCnt][_AntiCpXCnt_MakeResponse] dwRequestLength = 40
[00:12:06.621]{8527FE8E-C58B-4572-9B50-11F0E3257B1B}
[00:12:06.652]{D147F14F-F419-4B04-BEDF-A0C281031569} HASH : XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
[00:12:06.668]{BBD55FA1-C16F-4DE8-990E-70DCAFF79F5B}
|
|
|
|
|
06/06/2011, 22:42
|
#12
|
elite*gold: 0
Join Date: Jan 2009
Posts: 435
Received Thanks: 43
|
Can you upload all the logs and decrypted data you have anne post a link? Also maybe the decryption key?
|
|
|
|
|
06/06/2011, 22:51
|
#13
|
elite*gold: 0
Join Date: Sep 2009
Posts: 1,528
Received Thanks: 613
|
|
|
|
|
|
06/06/2011, 23:21
|
#14
|
elite*gold: 0
Join Date: Oct 2009
Posts: 449
Received Thanks: 61
|
What about Esl.dll can you do anything in there? I recall something about cshell, is there anything you can do with it?
|
|
|
|
 |
Similar Threads
|
Idea for GG Bypass
10/26/2010 - Soldier Front Hacks, Bots, Cheats & Exploits - 2 Replies
I've got a question about USF And a GG bypass,
Well yesterday I was thinking maybe someone maybe even me, could try to delete the GG scan file and either create a second one or find a way to change the website directory to re-download it to download an older or tell it to go on without it.
Just an idea no flaming please.
thanks,
Lord
|
[Hackshield]Bypass the new protection hackshield
01/25/2010 - Silkroad Online - 2 Replies
Today i was so mad from agbot so i found the loader lite 3...
so i tried to connect with him to ibot (port : 16000) and failed cuz of the hackshield .... so i tried to rename the "hackshield" file dictory and it was full of success ... but i dont know .. should i get banned for it? (i bought silks)
if no ill post here the download and guide...
Thank's alot : Kobbi :)
|
Idea for GG Bypass
12/05/2009 - Soldier Front Hacks, Bots, Cheats & Exploits - 4 Replies
I've got a question about USF And a GG bypass,
Well yesterday I was thinking maybe someone maybe even me, could try to delete the GG scan file and either create a second one or find a way to change the website directory to re-download it to download an older or tell it to go on without it.
Just an idea no flaming please.
EDIT: Just Tested it tried to hex it tried to replace it with PSF GGscan tried to totally get rid of it, I don't get it but 3 cheers for all that hack creators.
...
|
New Bypass Idea *IDEA NOT A HACK*
01/19/2009 - Soldier Front - 5 Replies
Think about it..xfire to bypass GameGuard.
I dunno about anyone else or why it hasn't been mentioned ..or maybe it has.
But let me give you an example of what i mean.
You would Inject your "wallhack.dll" into the xfire.exe process.
Then Login to xFire.Then login to SF and let your Xfire ingame Load up.
Since xfire layers its chat windows over the SF screen freely without causing the ALT+TAB error
that means its has some kind of control over the D3D.
|
Warehouse Bypass Idea
04/08/2006 - Conquer Online 2 - 4 Replies
Well, I was thinking, you need to input ur pass the first time you access your warehouse when logged into a server, and tahts the only time, so if you could send a packet to the server which either made it seem like you never logged out or that you have already input your warehouse pass then you could bypass it entirely. Im pretty sure its serverside, that the server re-cognises when you re-connect that you ahve to input your pass, rather than the client, so, was wondering how easy this would...
|
All times are GMT +1. The time now is 22:36.
|
|
