|
You last visited: Today at 17:14
Advertisement
[Discussion] Dll Hooking and AutoITX
Discussion on [Discussion] Dll Hooking and AutoITX within the Mabinogi forum part of the MMORPGs category.
04/26/2010, 15:39
|
#1
|
elite*gold: 0 
Join Date: Sep 2009
Posts: 359
Received Thanks: 124
|
[Discussion] Dll Hooking and AutoITX
So... I'm not sure if this is the proper place to discuss such a topic, but I've been stalking and every now and then I see a glimmer of intellect amongst this group.
If any of you have used AutoITX (the COM/DLL interface to AutoIT), I'm sure you know that you can program using just about any language that supports COM programming, or DLL imports, which is a rather large group of languages.
Now, please excuse me if I say something completely wrong, as this is not my field of expertise (actually, programming, in general, is not my field of expertise, but let's ignore that for now).
The issue that many/most of us have when trying to write bots/mod/hack Mabinogi is the inability to directly access Mabinogi's API. Through use of a disassembler, we can see the public functions in the various DLLs that Mabinogi links to. Having access to these functions, in my opinion, will make modding/botting a lot easier, especially for writing the "Game-breaking" mods. It is my understanding that Mabipake is based on this premise, although I could very well be wrong. However, because Mabipake is semi-public, and finding the right mods for Mabipake isn't trivial, I have little faith in its longevity; I would prefer a homebrew solution. I was wondering if anyone else has had this thought, or has meaningful insight to add.
Odds are I don't know nearly enough about the inner workings of DLL injections, among other topics, to make this happen, but I'm always interested in learning.
So... I'd like to open up the floor to discussions about this topic. If you don't have anything meaningful to say, please don't say it. (Things such as "Can you give me your mods" would not constitute meaningful).
Kthx.
|
|
|
|
04/26/2010, 19:00
|
#2
|
elite*gold: 240
Join Date: Jun 2009
Posts: 1,069
Received Thanks: 188
|
When you hook a program to the client it gets detected as a game hack and the client shuts down. the best bet would be to unpack themida and bypass hackshield then go in and use mabipake and pake mods
|
|
|
|
|
04/26/2010, 21:40
|
#3
|
elite*gold: 0
Join Date: May 2009
Posts: 286
Received Thanks: 32
|
From my interpretation you basically want to create an English version of mabipake that would make it simpler for the NA community to create botting similar to mabipake mods correct?
|
|
|
|
|
04/27/2010, 01:24
|
#4
|
elite*gold: 0
Join Date: Oct 2009
Posts: 498
Received Thanks: 110
|
Interesting, now for my two cents.
Quote:
|
The issue that many/most of us have when trying to write bots/mod/hack Mabinogi is the inability to directly access Mabinogi's API.
|
That's not 100% true. With IDA we can see how the functions work. Using C++, GetProcAddress works just about as well in a way to call the function. The main problem is that practical uses of the API are limited from what I've seen.
Let's look at the sample source for pake mods included in the mabipake archive.
Code:
WriteLog = (func_WriteLog)GetProcAddress(GetModuleHandle("dinput8.dll"), "WriteLog" );
if( WriteLog )
WriteLog( "sample1.dll‰Šú‰»Š®—¹\n" );
return 1;
You can see here how the mabipake function is called. The mabinogi API SHOULD be able to be used similarly.
Code:
Odds are I don't know nearly enough about the inner workings of DLL injections, among other topics, to make this happen, but I'm always interested in learning.
Really dude?
Injections are the same thing as loading a dll into the memory, like how mabipake is loaded by client.exe due to being a dinput8.dll proxy.
Anyways, this thread is about dll hooking, not mabipake or bypasses.
|
|
|
|
|
04/27/2010, 04:03
|
#5
|
elite*gold: 0
Join Date: Sep 2009
Posts: 359
Received Thanks: 124
|
Quote:
Originally Posted by Huynh.
From my interpretation you basically want to create an English version of mabipake that would make it simpler for the NA community to create botting similar to mabipake mods correct?
|
In essence, this is what the end result would more or less be. However, the way HS detects hooks is interesting to me. What is it that makes it possible for certain applications (fastcook, most notably), to hook Mabi without being detected? Does fastcook do anything stealthy? I don't know.
I'm just throwing ideas out there. I won't lie, there's no way I can write something as practical and powerful as mabipake. I just feel like there's more talent in the community than is being exploited (or maybe all these exploitations of talent are just beyond the scope of what I can see).
As far as just bypassing HS and using mabipake goes, I'd be all for that, if I could find the mod(s) I was looking for. Maybe one of you has it? If so, I'd be willing to negotiate to get my hands on something, maybe? =D. Anyways, if not, I'm trying to do something that I can use to replicate its functionality... even though I'm quite sure its way beyond the scope of what I'm comfortable with, but what's learning if you never go out of your comfort zone, right? =D
|
|
|
|
|
04/27/2010, 16:09
|
#6
|
elite*gold: 0
Join Date: Nov 2009
Posts: 486
Received Thanks: 229
|
I thought Fastcook was detected? Last time I tried it was a couple months ago. Did something change to make it not-detectable?
|
|
|
|
|
04/27/2010, 18:44
|
#7
|
elite*gold: 0
Join Date: Sep 2009
Posts: 359
Received Thanks: 124
|
Quote:
Originally Posted by shadowsforu
I thought Fastcook was detected? Last time I tried it was a couple months ago. Did something change to make it not-detectable?
|
I don't know, I thought it wasn't. My understanding was that the CRT (CRTX on win7) patch was enough for fastcook to get by.
|
|
|
|
|
04/27/2010, 20:36
|
#8
|
elite*gold: 240
Join Date: Jun 2009
Posts: 1,069
Received Thanks: 188
|
no... anything that hooks the client is detected
|
|
|
|
|
04/27/2010, 21:26
|
#9
|
elite*gold: 0
Join Date: Aug 2009
Posts: 113
Received Thanks: 4
|
Really? I must be in some sort of fantasy land then since I am using cook on XP pro and a (spits) VISTA system and only 1 XP home system has Failsheild screaming at me. Mind you cook has limited useful functionality but it is good at what it does do well, that is announcements and logging.
|
|
|
|
|
04/27/2010, 22:08
|
#10
|
elite*gold: 240
Join Date: Jun 2009
Posts: 1,069
Received Thanks: 188
|
that's odd because HS should scream at you no matter...
|
|
|
|
|
04/27/2010, 23:47
|
#11
|
elite*gold: 0
Join Date: Oct 2009
Posts: 498
Received Thanks: 110
|
Quote:
Originally Posted by tbstewa
no... anything that hooks the client is detected
|
That's a lie and you know it.
|
|
|
|
|
04/28/2010, 06:14
|
#12
|
elite*gold: 240
Join Date: Jun 2009
Posts: 1,069
Received Thanks: 188
|
ok 99% of things that hook get detected
|
|
|
|
|
04/28/2010, 17:15
|
#13
|
elite*gold: 0
Join Date: Nov 2009
Posts: 486
Received Thanks: 229
|
Quote:
Originally Posted by tbstewa
ok 99% of things that hook get detected
|
>_> More lies. I was surprised at my own fallacy yesterday when Fastcook actually went undetected. Now, to emulate Nao timer through Fastcook. Hehehehe.
|
|
|
|
|
04/28/2010, 22:52
|
#14
|
elite*gold: 0
Join Date: Oct 2009
Posts: 498
Received Thanks: 110
|
Quote:
Originally Posted by tbstewa
ok 99% of things that hook get detected
|
Stop saying percentages.
The reason hackshield detects certain things is because it detects THE WAY IT HOOKS. Not just because it hooks, I mean, look at nogiparty, and fantasia...
|
|
|
|
|
04/29/2010, 04:18
|
#15
|
elite*gold: 0
Join Date: Apr 2010
Posts: 4
Received Thanks: 0
|
Hackshield detects things not by HOW IT HOOKS, but how it "looks". It has a database file that contains signatures of things like WPE(/rPE) and Mabipake and perpetually scans the memory for such signatures.
I've hooked tons of my own little creations and none of them were detected only because Hackshield didn't have a signature of it that would mark it as a target.
|
|
|
|
 |
|
Similar Threads
|
C++ D3D Hooking
08/24/2009 - C/C++ - 12 Replies
Hallo zusammen,
ich stehe gerade vor folgendem Problem:
ich habe eine DLL und einen Loader gecoded, jedoch will ich anstelle des Loader einen Injecter haben, sprich: das spiel, in das injected werden soll, soll schon laufen. Natürlich hab ich das ganze schon probiert, jedoch werden die D3D-funktionen nicht wirklich gehookt, da die DLL auf ein Direct3DCreate9 wartet. Da diese Funktion aber wahrscheinlich direkt beim Starten des "Opfer-Spiels" ausgeführt wird, werden deswegen die anderen...
|
cabal discussion. and program discussion xtrap killer
08/02/2009 - Cabal Online - 1 Replies
now alot of people had the chance of trying how to hack and such, google only gave me small hints on bypassing and factors. on my search of learning how to bypass xtrap i came across an interesting pogram... " Xtrap Killer 2279"
a person named of Irius or some sort made the program.
Cheat Engine :: View topic - X-trap Killer 2275
it was at the cheatengine site so i thought maybe the community can take a look at it! since this is trusting enough.
i managed to understand how to...
|
AutoItX: WinGetHandle
01/26/2008 - General Coding - 0 Replies
Einen wunderschönen guten Morgen allerseits, ich bin mittlerweile etwas müde, darum kann es sein, dass das, was ich schreibe keinen Sinn ergibt, also ist das Lesen dieses Textes ab dieser Stelle auf eigene Gefahr.
Ich wollte einige Funktionen von AutoIt in ein freepascal Projekt einbinden und habe erstmal festgestellt, dass bei weitem nicht alle Funktionen in der Dll zur Verfügung gestellt werden, aber die, die ich haben will sind da, von daher schon mal kein Problem.
Jetzt komme ich...
|
[BIETE] API Hooking
06/18/2006 - Tutorials - 2 Replies
http://xalonsspace.xa.funpic.de/api-hooking.html
Viel Spaß,würde mich über Feedback freuen ;)
|
All times are GMT +1. The time now is 17:16.
|
|
![[Discussion] Dll Hooking and AutoITX](https://www.elitepvpers.com/forum/iconimages/mabinogi/discussion-dll-hooking-autoitx_ltr.gif){kind=small}
