Exiled Bot Crack Guide

[Sixstrings]

 Spoiler

google and download OllyDbg V1.10 and these plugins:

ODBGScript v1.82.6
StrongOD 0.4.8.892
PhantOm 1.79

copy the plugins into plugin folder

start ollydbg, click plugins -> PhantOm -> Options
check -protect DRx, uncheck everything else, save

click plugins -> StrongOD -> Options
check HidePEB, *Kernelmode, !*Kill BadPE Bug, Skip Some Exceptions
uncheck everything else, save

close ollydbg, edit ollydbg.ini, change this line:
DriverName=fengyue0
to
DriverName=whatever




The first step is unpacking the bot and removing TheMida protection.
We will use a readymade script to do this. The script works only on win x32,
if you are running windows x64 (like me), you will need vmware with win x32
to run the script.

The script can be found here:


download the script, copy Themida - Winlicense Ultra Unpacker 1.0.txt into scripts folder,
copy ARImpRec.dll into scripts folder,
edit Themida - Winlicense Ultra Unpacker 1.0.txt and enter the full dll path like this:

HERE_ENTER_YOUR_DLL_PATH_TO_ARIMPREC_DLL:
mov ARIMPREC_PATH, "C:\odbg110\Scripts\ARImpRec.dll"

also edit line 876:

free HEAP_PATCHSEC
to
// free HEAP_PATCHSEC

Ollydbg needs to be configured properly to run the script,
start ollydbg, click Options -> Debugging options
Watch the first tut video that comes with the script,
pause on every olly config page he clicks,
make sure to setup your ollydbg accordingly


Now we are ready to remove TheMida,
start ollydbg
press F3 -> open ExiledBot.exe
click plugins -> ODbgscript -> Script Window
click Plugins -> ODbgScript -> Run script -> Themida - Winlicense Ultra Unpacker 1.0.txt
when the script pauses -> press space to resume
when asked to bypass VMWare checks click YES if you are running in VMWare,

when the script pauses here:
1967 pause
1968 pause
1969 pause
1970 sub FIRST_API_ADDR_FOUND, 04

hold space until this loop is done, cancel the Assemble window that opens

when asked to fix direct API JUMPs click NO,
when the script is finished, you will find ExiledBot_DP.exe in your bot folder
If you have trouble running the script, read the info text files, watch the tut videos, read the thread at tuts4you.


The second step is modifying the code and cracking the bot.
press F3, open ExiledBot_DP.exe
click view -> Executable modules,
click on the first line 04000000,
now you are at the first command of the bot.exe,
rightclick -> search for -> all referenced text strings,
in the result window rightclick -> search text -> "RESPONSE",
double click the line with ASCII "RESPONSE",
now you are back in the disassembler window,
scroll up and click on the JE command right above,
press space, enter NOP (x fill with NOP's), click Assemble, close assemble window,
there are three more JE commands to remove,
search text "USAGE_ID", "STATUS", "USES", in disassembler window replace the JE commands right above with NOPs,

removing these 4 JE commands will make the bot start in elite mode with invalid username/password,
but there's a runtime check, setting the bot back to non-elite after 25secs,

rightclick on the disassembler window -> search for -> Binary string
enter in HEX field: E8 75 FF FF FF, press OK
the first call command is not the one we are looking for, press ctrl-L to find the second,
now remove this call command, press space and NOP it,

now the bot stays in elite mode, but it still phones home, so let's remove that also,
search for text -> "No Connection", remove (NOP) the JNZ command 2 lines above


we are done, time to save the new file,
rightclick on disassembler window -> copy to executable -> All modifications
click copy all, rightclick on result window -> save file

test the cracked exe, enter anything as username/password.
The level 60 check (or 45 now?) is still there, no need to remove it as we run in elite mode.

[A. Musti]

Can u pls explain what the Bot can do?

Edit: So its a bot leveling til 60? Is it picking up all the drops by itself and equiping stuff he needs to run higher lvl places?

[Sushey]

Quote:

Originally Posted by °`_´°

Can u pls explain what the Bot can do?

Edit: So its a bot leveling til 60? Is it picking up all the drops by itself and equiping stuff he needs to run higher lvl places?

It is just a guide how to crack the "exiled bot" programmed by exiled bot.

[Varclias]

Your guide is meaningless if you require tools you not only don't provide, but don't even state where to get them from.

Telling people to "just google," means nothing. Google is the largest web-crawler that has ever existed. You might as well just be saying, just look through the entire internet until you find the three obscure programs that require forum admission to download.

As far as that goes, this thread should be closed for lack of content and purpose. The user does not own or is involved with any of the three programs you are told to download, for another program they are trying to illegally exploit.

When you have more than a text script for something that you have not only no reviews, no content, no substance at all for, then you should make a thread.

~"v"~

[Sixstrings]

Quote:

Originally Posted by Varclias

Your guide is meaningless if you require tools you not only don't provide, but don't even state where to get them from.

Telling people to "just google," means nothing. Google is the largest web-crawler that has ever existed. You might as well just be saying, just look through the entire internet until you find the three obscure programs that require forum admission to download.

As far as that goes, this thread should be closed for lack of content and purpose. The user does not own or is involved with any of the three programs you are told to download, for another program they are trying to illegally exploit.

When you have more than a text script for something that you have not only no reviews, no content, no substance at all for, then you should make a thread.

~"v"~

haha, you are so dumb my friend, you made my day. you begged me several times under different names per pm to send you a cracked version, if you can't follow a simple step-by-step guide you better sell your pc and pay more attention in school (first grade or second already?)

[Varclias]

Quote:

Originally Posted by Sixstrings

haha, you are so dumb my friend, you made my day. you begged me several times under different names per pm to send you a cracked version, if you can't follow a simple step-by-step guide you better sell your pc and pay more attention in school (first grade or second already?)

Contribute something that is not worthless.

[tatadamir]

Quote:

Originally Posted by Varclias

Contribute something that is not worthless.

u don't need this thread? Don't open it, there are people that asked for this guide and we are all grateful to Sixstrings

[Shimoli]

We want tuts like that dude me i want to crack another bot apart from exiled bot, will it be possible?

[tatadamir]

It might be similar, I am still learning how to do this but I believe first you need to check what packer they used. ExeinfoPe application is nice for that, if the protection is Themida like in exiled bot you can remove protection using this guide. The elite protection on the other hand is probably done in different way.

[Sethios]

i did everything you listed in the tut, even saw the vid and ran it twice to make sure i checked all the right things, yet i still get the msg

An internal exception occured (Address: 0x...)
please, contact . Thank you

right after it asks me to bypass VMWare checks
any ideas?

EDIT: downloaded a fresh version of OllyDbg V1.10 and reconfigured it again like in the tutotial, reinstaled DirectX SDK...worked fine this time tnx for the share!

[Sixstrings]

Quote:

Originally Posted by Sethios

i did everything you listed in the tut, even saw the vid and ran it twice to make sure i checked all the right things, yet i still get the msg

An internal exception occured (Address: 0x...)
please, contact . Thank you

right after it asks me to bypass VMWare checks
any ideas?

have you set ollydgb to ignore custom exceptions or ranges: 00000000...FFFFFFFF (Options->Debugging options->Exceptions) ?

have you configured StrongOD and PhantOm plugins?
----
start ollydbg, click plugins -> PhantOm -> Options
check -protect DRx, uncheck everything else, save

click plugins -> StrongOD -> Options
check HidePEB, *Kernelmode, !*Kill BadPE Bug, Skip Some Exceptions
uncheck everything else, save
----

Someone reported something similar running the script in vmware with Win XP. If you are on vmware/XP too, you could try with (mini)Win7 x32 instead.

[Testlord1234]

Any changes on the method after 0.16c? I was doing it thx to ur guide but after 0.16c I'm not able to eport a working .exe anymore..

Help? :-D

[Sixstrings]

Quote:

Originally Posted by Testlord1234

Any changes on the method after 0.16c? I was doing it thx to ur guide but after 0.16c I'm not able to eport a working .exe anymore..

Help? :-D

I just checked, yes you are right, the runtime check has changed on 0.16c.
When you search for the binary string (runtime check), enter in HEX field now:
E8 E0 FE FF FF, press OK
the first result is the right one now, remove (NOP) that call (don't press ctrl-L).

I must admit, the last version I used myself was 0.15i, I have not started POE for a while now bc I'm busy with other things. Tell me if there are any problems during botting in the long run and I'll look into it.

[Ýunalescas]

Quote:

Originally Posted by Varclias

Your guide is meaningless if you require tools you not only don't provide, but don't even state where to get them from.

Telling people to "just google," means nothing. Google is the largest web-crawler that has ever existed. You might as well just be saying, just look through the entire internet until you find the three obscure programs that require forum admission to download.

As far as that goes, this thread should be closed for lack of content and purpose. The user does not own or is involved with any of the three programs you are told to download, for another program they are trying to illegally exploit.

When you have more than a text script for something that you have not only no reviews, no content, no substance at all for, then you should make a thread.

~"v"~

hahaha to goood
this side is better for you :

[LordRogan]

Well does anyone have a working version of Exiled-Bot 0.16c are care to share it?