Shaiya Edit ServerVersion And GameVersion

Shaiya_Origens · 10/21/2014, 05:05

Open this tutorial come to explain to you how to protect your server with version and editing the version in the exe
as well as we did in game shaiya origens!Hope you all enjoy..

Many know that to change the version of your server just go
> Login01> command and run the command / vchg with the eight digit number of the version you choose example:
/vchg 00000158
After changing his version run the command / vchkon
to change the version in the game exe Open OllyDbg
Open Game exe Right click the mouser Search for >> All referenced Strings
Search text ServerVersion you will find "ServerVersion [0x%X]" Double click on
In Arg3 is the value of the version of the game Something like
PUSH 11091400
PUSH >>11091400<< Version
three lines above will also have a version of the game PUSH 11091400
just edit there with version 8 digits that you want to run OllyDbg
After the Save Game exe
Remember to change the Login01 shaiya server on the same version that you changed the game exe with the command
/ vchg + number edited in game
/vchg 11091400
After changing Server and Game Protect with Themida
Thus you will avoid your server player use hacker as Speedy Hacker and Some other...
Video below for those who do not understand ...
I hope you liked it ...
Sorry for the English
By:Shaiya Origens

<iframe width="420" height="315" src="//www.youtube.com/embed/sJY3a3gVpps" frameborder="0" allowfullscreen></iframe>

Truth1010 · 10/21/2014, 10:14

Just a general question. Why would/does this actually work for what you stated (speed hack, etc)

Surely those types of hacks do not depend solely on the "server version" being a specific number (158) for example, and they will work on all server versions (159 or other)

and at the end you state to protect with Themida... Then isn't this the part that blocks use of those 'hacks' and the version change simply has no real effect?

Just asking, as I've never seen someone suggest those changes before.

Also, No iframe here.

JuuF · 10/21/2014, 10:17

Quote:

Originally Posted by Truth1010

Just a general question. Why would/does this actually work for what you stated (speed hack, etc)

Surely those types of hacks do not depend solely on the "server version" being a specific number (158) for example, and they will work on all server versions (159 or other)

and at the end you state to protect with Themida... Then isn't this the part that blocks use of those 'hacks' and the version change simply has no real effect?

Just asking, as I've never seen someone suggest those changes before.

Also, No iframe here.

Themida protects against memory editing and other stuff, probably he wrote that because If you pack your game.exe people wont be able to find your version so they wont be able to edit another game.exe to connect your game.

Truth1010 · 10/21/2014, 10:21

Yea, that it what i assumed, but still to your knowledge would a simple edit of the server version number actually have the effect of stopping hacks like he states?

Thanks for the input Juuf

JuuF · 10/21/2014, 10:26

Quote:

Originally Posted by Truth1010

Yea, that it what i assumed, but still to your knowledge would a simple edit of the server version number actually have the effect of stopping hacks like he states?

Thanks for the input Juuf

I'm not sure but i don't think a version number would have any other effect than version check, which blocks you to connect to game server.

vodanh_style · 10/21/2014, 13:17

Thank you for tutorial !
So . I can't find "ServerVersion" from file Game.exe .
Pls help me !

Shaiya_Origens · 10/21/2014, 18:07

Our intention was just as JuuF spoke

Before our team wore only Themida poren with cheat engine with the player discovering the IP and edited another game exe to use the hacker.
If Adm modify the version of the server and enable / vchkon
the jogardor will have to guess what is the version of the game to change another game exe.

Truth1010 · 10/21/2014, 19:39

Thanks you for the explanation. I was assuming that was the case, but wasn't certain from your original description. I'm not sure how effective this method will be all around, but it should stop from some hacks at least

nubness · 10/21/2014, 20:46

Quote:

Originally Posted by Shaiya_Origens

...

English, ************ ? Do you speak it ? Truth1010 got your point, even if it's far from the truth.

Brag about your little client security one more time and I'll show you just how secure it is.

Shaiya_Origens · 10/21/2014, 21:27

"I hope you enjoyed ...
Sorry for the English "
Nubness
I said this because I'm Brazilian and I used Google Translate to do the tutorial in English being that even with translator could leave some words err in translating the tutorial.
Protection test of our Client's what we try to work day and night not care about attempted invasion to our server only help us find the gaps and correct them, not fear invasion!
Sorry the video up to the level Truth1010
had sent after I see your post above the video had not updated the page yet!

Truth1010 · 10/21/2014, 23:53

I would love to see a little more input on this from Nubness as i can't logically see how changing any 'version number' would have any effects on blocking hacks etc.

Not too sure what the TB vid link was about either, as no-one asked to see any modifications of an EP6 (or any EP) client with skills, levels,hp,mp or sp. And all of those 'fixes' have already been done and released here in the past, more than once.. So it's nothing new.

Other than the Themida packing, to obscure memory reading in your game.exe nothing here, to my knowledge would actually have any real effect, other than as Juuf said, stopping people with a 'non-matching' game.exe version with certain modifications from accessing your server. But again, even that knowledge isn't new around here... and i'm not sure why / how it took 2 years to figure out that Themida (or equivalent programs) do the job that they do.

Shaiya_Origens · 10/22/2014, 00:19

I think you still do not understand why the tutorial!
About Themida is true is not nothing new.
Now Find me some tutorial posted on the version that falerei that is not new but it took a long time to figure it out and not think anything about someone explain this!
About fix HP MP SP is also not new news here unless of course the level 80
Because you will find always find Maximum level 70!
Hugs will not answer any more about it!
Thanks for the comments
I hope for those who served have liked

nubness · 10/22/2014, 00:19

Quote:

Originally Posted by Truth1010

I would love to see a little more input on this from Nubness [...]

Client sided protection was always something of vital importance to a private server's game play, and I can tell you that as of this day, October 22, 2014, there is only one server whose client is completely secure against any hack -

.

The most common method admins have been using against cheats is packing the game.exe. While that's a decent option that will prevent the lazy from digging further after the game detects a hack and crashes, it's fairly easy to get another game.exe, modify the IP address to the one of the server you're trying to be a bad boy in.

Later on, admins started changing the ports for the Login and the Game server services. While that's an even better option on top of packing the executable, and maybe not as easy to get past, it still can be bypassed by anyone who knows how to follow

.

A little bit about the version check:
RebeccaBlack's

has the option to bypass the client version check. Those who were curious to see what gets changed when you patch your game.exe with that option, it changes the version to FF FF FF FF, which is UInt32.MaxValue. I was told it causes an overflow on the server check, which is why it lets the client through.

So far, the only server (that I'm aware of) where this trick doesn't work is Shaiya Tactics.

While working on the

, the only way I could get past the version check was by finding it in their packed game.exe and applying the same one in mine.

Some time after that, Shaiya Tactics introduced another security patch, in which the new version was obfuscated inside their already packed executable. God bless Eric Heijnen and Oleh Yuschuk. Thanks to them it only took me around 10 minutes to get past the obfuscated version, thus rendering a Shaiya Tactics security patch useless for the second time.

As you can see, all it takes to get past client security is a little reverse engineering knowledge and a guy with a vendetta.

NOTE : Anything that is executed on the client side can be exploited, and I mean anything. The question is how long it's going to take, and whether it's worth the time spent.

P.S. This post was not meant to bash Shaiya Tactics whatsoever. I was merely expressing my admiration for them actually attempting to do more than most other servers ever did in matter of client security.

Truth1010 · 10/22/2014, 08:29

Thanks for all that info there, I'm sure it will help a couple more people to understand about client/server security and what things really are of little help to actual security.

Most of what you wrote should be considered as common sense. And it is well known (In IT Security) that Obfuscation is no true form of security and only delays the determined, as you said

The problem with most 'packers' is that the vast majority of them either have multiple guides for automatic un-packing, or how to do it manually yourself, so that to me is also not a very valid form of security (again, for someone determined)

Would love to get a peak into what LilPro actually managed with Exile's server/game security, but i know it would be wasted on me and my little amount of knowledge. He truly was/is a **** genius

Thanks again for the explanation (Nubness) and the mini release (Origens) even if it's not great for security, it is bound to deter the lazy or less knowledgeable attackers/exploiters.

minhxh · 10/22/2014, 15:20

does not work with Vietnamese game.exe file ??

thanks for share :3