|
You last visited: Today at 23:16
Advertisement
Simple guid for avoiding Hackshield
Discussion on Simple guid for avoiding Hackshield within the SRO Private Server forum part of the Silkroad Online category.
05/21/2011, 23:35
|
#1
|
elite*gold: 0 
Join Date: Oct 2010
Posts: 392
Received Thanks: 294
|
Simple guid for avoiding Hackshield
I was looking through the forums when i found this.
Should this be a solution for removing the hackshield permanently or temporary?
I haven't tried it out yet so maybe someone could tell me if he or she have tried it out 
|
|
|
|
05/21/2011, 23:50
|
#2
|
elite*gold: 260
Join Date: Aug 2008
Posts: 560
Received Thanks: 3,753
|
It's helpful to get around applications that have been blacklisted, but that's about it.
To completely avoid signature scanning identification, you'd need to use something like Themida and recompile your programs with their macros for VM and runtime Encryption. This way, when the code is in memory, it won't carry the same signature that HackShield is looking for, so it remains "undetected".
The biggest problem with most of anything else is, once the program has been unpacked in memory and are ran, it's as if you didn't have any protection on it in the first place, so that's why detection can still occur. This is also why most packets are pretty easy to get unpacked.
Either way though, Hackshield will still be running, so it needs to be emulated to permanently remove it. Then, you don't have to worry about any signature scanning. Alternatively, it might be possible to come up with enough patches to their code in memory (a bypass) so it never detects anything, but it'll still be running.
|
|
|
|
|
05/22/2011, 00:16
|
#3
|
elite*gold: 0
Join Date: Dec 2007
Posts: 1,354
Received Thanks: 1,278
|
Quote:
Originally Posted by pushedx
It's helpful to get around applications that have been blacklisted, but that's about it.
To completely avoid signature scanning identification, you'd need to use something like Themida and recompile your programs with their macros for VM and runtime Encryption. This way, when the code is in memory, it won't carry the same signature that HackShield is looking for, so it remains "undetected".
The biggest problem with most of anything else is, once the program has been unpacked in memory and are ran, it's as if you didn't have any protection on it in the first place, so that's why detection can still occur. This is also why most packets are pretty easy to get unpacked.
Either way though, Hackshield will still be running, so it needs to be emulated to permanently remove it. Then, you don't have to worry about any signature scanning. Alternatively, it might be possible to come up with enough patches to their code in memory (a bypass) so it never detects anything, but it'll still be running.
|
ok now in english ?xD
~alot of work~
btw arent you milkyway from old tsro?
|
|
|
|
|
05/22/2011, 00:37
|
#4
|
elite*gold: 0
Join Date: Sep 2007
Posts: 405
Received Thanks: 198
|
Quote:
Originally Posted by pushedx
It's helpful to get around applications that have been blacklisted, but that's about it.
To completely avoid signature scanning identification, you'd need to use something like Themida and recompile your programs with their macros for VM and runtime Encryption. This way, when the code is in memory, it won't carry the same signature that HackShield is looking for, so it remains "undetected".
The biggest problem with most of anything else is, once the program has been unpacked in memory and are ran, it's as if you didn't have any protection on it in the first place, so that's why detection can still occur. This is also why most packets are pretty easy to get unpacked.
Either way though, Hackshield will still be running, so it needs to be emulated to permanently remove it. Then, you don't have to worry about any signature scanning. Alternatively, it might be possible to come up with enough patches to their code in memory (a bypass) so it never detects anything, but it'll still be running.
|
**** 
|
|
|
|
|
05/22/2011, 01:15
|
#5
|
elite*gold: 0
Join Date: Oct 2010
Posts: 392
Received Thanks: 294
|
Quote:
Originally Posted by pushedx
It's helpful to get around applications that have been blacklisted, but that's about it.
To completely avoid signature scanning identification, you'd need to use something like Themida and recompile your programs with their macros for VM and runtime Encryption. This way, when the code is in memory, it won't carry the same signature that HackShield is looking for, so it remains "undetected".
The biggest problem with most of anything else is, once the program has been unpacked in memory and are ran, it's as if you didn't have any protection on it in the first place, so that's why detection can still occur. This is also why most packets are pretty easy to get unpacked.
Either way though, Hackshield will still be running, so it needs to be emulated to permanently remove it. Then, you don't have to worry about any signature scanning. Alternatively, it might be possible to come up with enough patches to their code in memory (a bypass) so it never detects anything, but it'll still be running.
|
You seems to know this really good.
Would it be too much work for asking you to help us out with this ?
Removing the hackshield from elitesro
|
|
|
|
|
05/22/2011, 02:17
|
#6
|
elite*gold: 0
Join Date: Nov 2009
Posts: 321
Received Thanks: 129
|
Quote:
Originally Posted by pushedx
It's helpful to get around applications that have been blacklisted, but that's about it.
To completely avoid signature scanning identification, you'd need to use something like Themida and recompile your programs with their macros for VM and runtime Encryption. This way, when the code is in memory, it won't carry the same signature that HackShield is looking for, so it remains "undetected".
The biggest problem with most of anything else is, once the program has been unpacked in memory and are ran, it's as if you didn't have any protection on it in the first place, so that's why detection can still occur. This is also why most packets are pretty easy to get unpacked.
Either way though, Hackshield will still be running, so it needs to be emulated to permanently remove it. Then, you don't have to worry about any signature scanning. Alternatively, it might be possible to come up with enough patches to their code in memory (a bypass) so it never detects anything, but it'll still be running.
|
You can still hide the code or virtualize it and you dont need emulation 
|
|
|
|
 |
Similar Threads
|
[Guide] Tips for trying to avoid simple HackShield detection
03/09/2015 - SRO Guides & Templates - 7 Replies
About:
As of recently, Hackshield has been detecting a lot of tools. While there are many ways for this to be done, Hackshield currently uses very simple methods for Silkroad. This could change at any time, but for now they seem to be using a really simple protection mode. In this guide, I will go over two approaches that can help, but are not permanent solutions to avoiding Hackshield detection in the most commonly used and detected tools.
ResHack:
Download: ResHack Version 3.4.0 ...
|
Avoiding Bot jail ,,,,
10/10/2008 - Conquer Online 2 - 31 Replies
Avoiding Bot jail ,,,
everybody wanan be safe and stay out from bot jail , in the semi time everybody don't have much time to plvl his 2nd rb tro at lap 4 <lol> , i mean its boring and soo slow , and all like sometime to speed or use any helping hax .
so some people have a big experience in avoiding bot jail as i see . so each one post his way to avoid geting pot jail , and some simple advice for nubs like me to stay safe and out of jail xD .
i will start :
1) be careful when u drop...
|
Avoiding Pop Up
07/01/2008 - CO2 Exploits, Hacks & Tools - 0 Replies
Ok THIS IS REALLY SIMPLE TRICK I MADE IT UP I USE IT EVERY DAY
U KNOW THE CTRL+ALT+DEL? (TASK MANGER) WELL USE THAT TO CLOSE CONQUER AND NO POP UP COMES UP.
VERY SIMPLE EH? WHEN UR GETTING ATTACKED (IF U ARE A NOOB) AND U CANT HANDLE IT USE THT AND IT WONT TAKE THT LONG TO GET BACK ON.
:)
HOPE IT HELPES YOU
+K IS WELCOME :)
|
Avoiding CO pop-up
07/01/2008 - CO2 Exploits, Hacks & Tools - 6 Replies
o.o some people might know that the CO popup can be very laggy when exiting a client, and for players using doubledesktop or w/e to hide it from their parents this can be very bad XD
well for those who dont wanna download anything extra to prevent them from popping up, theres a lil bypass if you didnt know
Keep a www.co.91.com/index window open when you exit the client. It will automatically stop the pop up. =o
i know, its not very worthy of a thread but this is for the minority who...
|
Avoiding disconnect?
02/27/2008 - Cabal Online - 4 Replies
I've modified AutoIT code posted by others to make a simple punching bot for skill leveling.
I've found this to work best by my choice of location- an area with just one spawn, so my character can sit there and punch it whenever it respawns without having to worry about anything else.
I've noticed that after going afk, however, I'll come back and find myself disconnected. So, I was wondering if anyone knows when/how the server knows when to disconnect you. How can this be avoided? It's...
|
All times are GMT +2. The time now is 23:16.
|
|
