Anyone can open up already made hack?

NCSlayer · 01/01/2008, 07:03

Well here's what i have, found bot and all sorts of hack in Chinese, they work on Chinese international server and when i try MY-EN server the game just crash. There is no way the Chinese international server is not more updated than the current MY-EN.

So if anyone can, i'll post the two bots. One's for botting, one's for wallhack, fly inside dungeon

哈哈哈 · 01/02/2008, 20:42

How many hackers are there in warlords anyways >_>

voe01 · 01/03/2008, 18:07

if you post them.. more people can try to find something usefull

hakkai999 · 01/05/2008, 15:07

Can you post now so that we could analyze how they made the hack?

manuela · 01/05/2008, 15:48

NCslayer check your PMs,
if anyone else is somewhat fluent with chinese,let me know.
some useful board does have a crazy securitycheck to get a account,something with type the picture into the line next to it,but the trick is..its chinese letters
half of the board is locked for ppl with account,otherhalf is nearly unreadable with googletranslation.

atm i only look for the short injection,what i have to place into the right adress,to get this to somewhat useful,i got the right adresses,for fly,jump,swimming (airswim),also for the dungeonpart (like flylock),the prob is,there must be some sort of DLL injected to get around it...its all doable with CE,simple said

short said,someone with Fluent Chinese knowledge,send me a pm

voe01 · 01/05/2008, 16:30

why dont you post the adresses? im interesseted in these adresses

manuela · 01/05/2008, 17:11

the adresses you get in less then 5 minutes by urself,using CE.
btw,the adresses r NOT static,means.. you have to use pointer to figure them out every single clientstart.
a small hint here..
flyingcoord (high,the 3rd coord) is a floating number, and use counter 10
should make it more simple to get behind the numbers.

its not that i wont give you my adresses,but they wont help you,they change with every login,with every clientstart,with every single memorypositioning.

you wont be able to NOP them,or even to inject some small things,like instead of +2 a -2
it needs to use atleast for the high.. 4 differend values..

short example
wallpart 004058b4 - 7445
flying 00459ab9 - 6a0a
movement 006b88b8 - 8908

try to get behind the values,try to get behind the pointers,and how to figure this values,and how to increase them,or decrease them(example..to fall down under the dungeon,and move there to a ..lets say,stone (fb59 5stone quest,as example)
with this knowlegde,its doeable in less then 10 minutes,without getting hurt,but even that wont help you much
we need the right dll injection,to get a list of all pointers,else you sit there for a couple of hourse,to follow every jump,every memorycopy,just to get a quest done what doesnt take much time at all.

bojox3m · 01/05/2008, 18:18

its doable but looks ****** hell to me >_<

manuela · 01/05/2008, 19:30

short tut,its quite simple..(this tut wont make you do anything else,then understanding what you have todo,to get startet with memory search and looking around)
again, this tut does NOT get you hand in hand over or under or behind a dungeon,its just a helper toget you into the right direction.

lazy english,sorry,but iam sure your russian is worse then my english.
one rule,if you have CE,do the tutorial,very careful,please,atleast up to stage 8,else you wont get far with this here

1. open ce & your client

2.bind ce to your client (ignore the pwprotect,its just for errors,nothing to secure or think about,you could even close it with taskmanager)

3.take a wing,prefer a priest..(endless fly,more time to scan)

4. select floating (there where 4byte is normaly) and unknown value..

5. scan once,you could but mustnd freeze the client,it wont matter here
because we dont look for a exact value(its not like jump with exactly numbers like 1/2/0)

6.change the high,lets say increase it,atleast a half coord,if you wanne get sure,one coord

7.search again,but this time you select increased value

8.do that more often with increase/decrease hight,untill you get down to a oversight to several thousends,or even hundreds

9.move to bottom,and select as next search .. changed value

10 next..DONT MOVE DONT JUMP DONT EVEN TOUCH THE CLIENT
and check if still numbers r roaming between some ranges,if yes..just select, NO CHANGE (unchanged)in value,because your value didnt change,you are at the bottom,you dont raise or lower it,like in flight

11. if you get some sort of oversight,get a look into your list,you will notice a long list of numbers,several hundreds, from here..move into client and fly up
12.all the numbers move, because your client flyes,or lets say hovers,bit up n down,from the wings,its normal..
now,make it careful,and delete numbers by hand what cant be real (that needs a bit experience,better keep some more,if you dunnot know what to remove) but example.if a number moves between 0.1 and 50000 .. its a wrong one
13.check your high,if its lets say 45, filter a range,between 40 and 550
(yes 550,because most floating numbers r 10times your ingame number)

now you should see around 80-110 numbers,thats fine for now
check the mem-adress from them,it should be pretty easy to figure out,what ranges they are,like
one at 03xxxxxx,one at 04xxxxxx,and the most others at around 08xxxxxx
or even higher

the multiple shown r mostly (not always!!) memory copys,and most useless for us
now just do what the tutorial from CE told you,and make a simple write tracking
means, click "what writes to"(of course after you selected the few single numbers to the list downside)
and you will see some of them have such nice stuff written like
xxxxxxx-8907 -mov[edi],eax
yyyyyy-d95f34 -fstp dword ptr [edi+34]
that means your are on the right way
now just check this whole bunch of numbers,and make use of disassembler,and you will need a couple of pointer,(what you learned to use from CE tutorial)

and if you got what you wanted,just set a injection,with some useful code

................................

simple said,make yourself a list,with adresses,and remember the way you got it.
you could careful play around with freeze,and with increase value,but!! this can and will often crash the client,means ..because its a DMA (dynamical mem adress) it will change,you need todo all again
better you understand the lines behind the whole adress,and what the disassambler shown you,then you could simple increase the value,with a short injection.but!! even that can make the client crash,you cannot!! use it for teleport,no..it wont work,
but you can get under the ground,or over the dungeonheaven (i would suggest to try this careful,and not outside a instance,else ppl see you doing that,a bit high+ or - is np,but if you look out of the bottom ..it could be courious..sorta)

the same way works with north/south and east/West, a number under 0,i would not use at all..
and with my hint 2 postings up,you should easy figure out,how to make use of this postings.

and remember getting behind the code,is more useful then just trying to change the numbers (values),
and whoever trys to NOP it.. all you get is a clientcrash..dont think about it

CE is all what you need,and for the first tryouts,the tutorial form CE,nothing else

what i need,is a chinesespeaking one,else you cant make a good selfrunning tool(like a trainer/tool/cheat)because the pointer changes the DMA,and without a good tool,it is hard to figure out,where it points to the next clientstart,and i will not,make a hand to hand tutorial,just to get everyone everytime around every corner.i just give some ideas,and waypoints..but until i get anyone with chinese,i wont get more forward,then doing all by hand,for myself.

(and no,so far no ban,while using this)