|
You last visited: Today at 08:21
Advertisement
[request] Riders of Icarus / Nexon Game Security Bypass
Discussion on [request] Riders of Icarus / Nexon Game Security Bypass within the Trading forum part of the The Black Market category.
07/18/2016, 15:13
|
#1
|
elite*gold: 0
Join Date: Apr 2010
Posts: 153
Received Thanks: 11
|
[request] Riders of Icarus / Nexon Game Security Bypass
Hello,
I am looking for bypass for nexon game security, mainly needed for Riders of Icarus. Would like to search for some hacks there. Any informations would be appreciated.
|
|
|
08/01/2016, 05:17
|
#2
(?)
|
elite*gold: 0
Join Date: Sep 2013
Posts: 62
Received Thanks: 1
|
im trying find one too
|
|
|
08/02/2016, 09:52
|
#3
(?)
|
elite*gold: 0
Join Date: Jun 2016
Posts: 6
Received Thanks: 0
|
One of my friend facing the same problem. But he told me some way out by some hacks.
|
|
|
08/02/2016, 20:37
|
#4
(?)
|
elite*gold: 0
Join Date: Apr 2012
Posts: 379
Received Thanks: 10
|
cheat engine?
|
|
|
08/06/2016, 00:41
|
#5
(?)
|
elite*gold: 0
Join Date: Jul 2010
Posts: 17
Received Thanks: 2
|
there are bots / teleports but nothing public atm ! If someone has any info pls Post it here
thx
|
|
|
08/06/2016, 22:17
|
#6
|
elite*gold: 0
Join Date: Apr 2010
Posts: 153
Received Thanks: 11
|
any idea where to contact with devs and buy it?
|
|
|
08/15/2016, 15:36
|
#7
(?)
|
elite*gold: 0
Join Date: Mar 2016
Posts: 61
Received Thanks: 19
|
you guys are aware that you can use cheat engine on the game without the anti-cheat detecting it right? A bypass at that point isn't really necessary however it isn't too hard to figure out. If the game doesn't have an heartbeat for it's anti-cheat then you can simply delete the .dll/files for the anti-cheat or if you want to be smart you can find where it is initialized and disable it from there so the anti-cheat never gets launched.
Source:
Code:
#include <stdint.h>
#include <Shlwapi.h>
#pragma comment(lib, "Shlwapi.lib")
#define BLACKCIPHER_EXE "BlackCipher.aes"
typedef BOOL(WINAPI* CreateProcessWPtr)(LPCWSTR, LPWSTR, LPSECURITY_ATTRIBUTES, LPSECURITY_ATTRIBUTES, BOOL, DWORD, LPVOID, LPCWSTR, LPSTARTUPINFO, LPPROCESS_INFORMATION);
CreateProcessWPtr _CreateProcessW = (CreateProcessWPtr)GetProcAddress(GetModuleHandleA("Kernel32.dll"), "CreateProcessW");
BOOL WINAPI CreateProcessW_Hook(LPCWSTR lpApplicationName, LPWSTR lpCommandLine, LPSECURITY_ATTRIBUTES lpProcessAttributes, LPSECURITY_ATTRIBUTES lpThreadAttributes, BOOL bInheritHandles, DWORD dwCreationFlags, LPVOID lpEnvironment, LPCWSTR lpCurrentDirectory, LPSTARTUPINFOW lpStartupInfo, LPPROCESS_INFORMATION lpProcessInformation)
{
size_t chars_converted = 0; // used by wcstombs_s and mbstowcs_s
char application_name_mb[512] = { "(nullptr)\0" }; // multibyte versions of the strings in the params
char command_line_mb[512] = { "(nullptr)\0" };
char current_directory_mb[512] = { "(nullptr)\0" };
BOOL res;
char buf[MAX_PATH] = { 0 }; // used by GetModuleNameA
PSTR cmd_line_end; // pointer to the double quote after BlackCipher.aes in the cmd line
size_t cmd_line_end_size; // size of the buffer after cmd_line_end
int is_bc_executable = 0; // 1 if the call is related to BlackCipher.aes
WCHAR replaced_cmd[512] = { 0 }; // modified cmd line (BlackCipher.aes -> BlackCipher.aes2)
do {
if (lpApplicationName && wcstombs_s(&chars_converted, application_name_mb, 512, lpApplicationName, 512) == -1) {
Log(L"wcstombs_s failed for lpApplicationName (%s)\n", lpApplicationName);
break;
}
if (lpCommandLine && wcstombs_s(&chars_converted, command_line_mb, 512, lpCommandLine, 512) == -1) {
Log(L"wcstombs_s failed for lpCommandLine (%s)\n", lpCommandLine);
break;
}
if (lpCurrentDirectory && wcstombs_s(&chars_converted, current_directory_mb, 512, lpCurrentDirectory, 512) == -1) {
Log(L"wcstombs_s failed for lpCurrentDirectory (%s)\n", lpCurrentDirectory);
break;
}
is_bc_executable = StrStrIA(command_line_mb, BLACKCIPHER_EXE) != NULL;
// replace BlackCipher.aes with BlackCipher.aes2
if (is_bc_executable)
{
cmd_line_end = StrStrIA(command_line_mb, BLACKCIPHER_EXE) + 15;
cmd_line_end_size = MAX_PATH - (cmd_line_end - command_line_mb);
memmove_s(cmd_line_end + 1, cmd_line_end_size - 1, cmd_line_end, cmd_line_end_size - 1);
*cmd_line_end = '2';
if (mbstowcs_s(&chars_converted, replaced_cmd, 512, command_line_mb, 512))
{
Log(L"mbstowcs_s failed for command_line_mb (%s)\n", command_line_mb);
break;
}
lpCommandLine = replaced_cmd;
}
} while (0);
res = _CreateProcessW(lpApplicationName, lpCommandLine, lpProcessAttributes, lpThreadAttributes, bInheritHandles, dwCreationFlags, lpEnvironment, lpCurrentDirectory, lpStartupInfo, lpProcessInformation);
return res;
}
static uint32_t maple_pid = 0, maple_dump = 0, maple_base = 0, maple_size = 0;
typedef BOOL(WINAPI* ReadProcessMemoryPtr)(HANDLE, LPCVOID, LPVOID, SIZE_T, SIZE_T *);
ReadProcessMemoryPtr _ReadProcessMemory = (ReadProcessMemoryPtr)GetProcAddress(GetModuleHandleA("KernelBase.dll"), "ReadProcessMemory");
BOOL WINAPI ReadProcessMemory_Hook(HANDLE hProcess, LPCVOID lpBaseAddress, LPVOID lpBuffer,SIZE_T nSize, SIZE_T *lpNumberOfBytesRead)
{
BOOL res;
int spoofed = 0;
uint32_t pid = (uint32_t)GetProcessId(hProcess);
uint32_t current_pid = (uint32_t)GetCurrentProcessId();
LPCVOID original_base = lpBaseAddress;
if (pid == maple_pid || pid == current_pid)
{
if (GetProcessId(hProcess) == maple_pid && (uint32_t)lpBaseAddress >= maple_base && (uint32_t)lpBaseAddress < maple_base + maple_size) {
lpBaseAddress = (LPCVOID)((uint32_t)lpBaseAddress - maple_base + maple_dump);
spoofed = 1;
}
if (GetProcessId(hProcess) == GetCurrentProcessId() && (uint32_t)lpBaseAddress >= MS_Memory_Start && (uint32_t)lpBaseAddress < MS_Memory_End)
{
lpBaseAddress = (LPCVOID)((uint32_t)lpBaseAddress - MS_Memory_Start + MS_Memory);
Log(L"!!!BC tried to check its own memory!!!");
spoofed = 1;
}
}
res = _ReadProcessMemory(hProcess, lpBaseAddress, lpBuffer, nSize, lpNumberOfBytesRead);
return res;
}
typedef LPVOID PCLIENT_ID;
#define STATUS_ACCESS_DENIED 0xC0000022
typedef NTSYSAPI NTSTATUS(NTAPI* NtOpenProcessPtr)(PHANDLE ProcessHandle, ACCESS_MASK AccessMask, POBJECT_ATTRIBUTES ObjectAttributes, PCLIENT_ID ClientId);
NtOpenProcessPtr _NtOpenProcess = (NtOpenProcessPtr)GetProcAddress(GetModuleHandleA("ntdll.dll"), "NtOpenProcess");
NTSTATUS NTAPI NtOpenProcess_Hook(PHANDLE ProcessHandle, ACCESS_MASK AccessMask, POBJECT_ATTRIBUTES ObjectAttributes, PCLIENT_ID ClientId)
{
NTSTATUS res;
uint32_t pid;
AccessMask |= PROCESS_QUERY_INFORMATION; // Ensures that we'll have permission to get PID
res = _NtOpenProcess(ProcessHandle, AccessMask, ObjectAttributes, ClientId);
pid = (uint32_t)GetProcessId(*ProcessHandle);
if (!res && pid != maple_pid)
{
Log(L"Blocking NtOpenProcess for pid %.08X\n", pid);
res = STATUS_ACCESS_DENIED;
*ProcessHandle = NULL;
}
return res;
}
typedef NTSYSAPI NTSTATUS(NTAPI* NtReadVirtualMemoryPtr)(HANDLE ProcessHandle, PVOID BaseAddress, PVOID Buffer, ULONG NumberOfBytesToRead, PULONG NumberOfBytesReaded);
NtReadVirtualMemoryPtr _NtReadVirtualMemory = (NtReadVirtualMemoryPtr)GetProcAddress(GetModuleHandleA("ntdll.dll"), "NtReadVirtualMemory");
NTSTATUS NTAPI NtReadVirtualMemory_Hook(HANDLE ProcessHandle, PVOID BaseAddress, PVOID Buffer, ULONG NumberOfBytesToRead, PULONG NumberOfBytesReaded)
{
if (GetProcessId(ProcessHandle) == maple_pid)
{
Log(L"Blocking NtReadVirtualMemory for address %.08X\n", BaseAddress);
return STATUS_ACCESS_DENIED;
}
return _NtReadVirtualMemory(ProcessHandle, BaseAddress, Buffer, NumberOfBytesToRead, NumberOfBytesReaded);
}
|
|
|
08/19/2016, 21:25
|
#8
(?)
|
elite*gold: 0
Join Date: Sep 2013
Posts: 62
Received Thanks: 1
|
what this cod do? didint get it...
|
|
|
08/21/2016, 02:28
|
#9
(?)
|
elite*gold: 0
Join Date: Jul 2010
Posts: 17
Received Thanks: 2
|
...holy **** i only read ohhh nexonguard is easy to hack ....no protection ...blabla...but there is nothing to find on the internet ....guys if you know something then share...thx
|
|
|
08/24/2016, 21:20
|
#10
(?)
|
elite*gold: 0
Join Date: Mar 2016
Posts: 61
Received Thanks: 19
|
Quote:
Originally Posted by talker666
...holy **** i only read ohhh nexonguard is easy to hack ....no protection ...blabla...but there is nothing to find on the internet ....guys if you know something then share...thx
|
My team and I already made a teleport tool for it and so on.
we are going to make a bot and sell
|
|
|
08/25/2016, 01:50
|
#11
(?)
|
elite*gold: 0
Join Date: Jul 2010
Posts: 17
Received Thanks: 2
|
let me know ...i will buy instant
|
|
|
08/30/2016, 14:37
|
#12
(?)
|
"Ich muss noch viel von dir lernen" - Sm!th'17
elite*gold: 2325
Join Date: Dec 2010
Posts: 21,628
Received Thanks: 9,628
|
General Gaming Discussion -> Trading
#moved…
|
|
|
02/04/2019, 21:57
|
#13
(?)
|
elite*gold: 0
Join Date: Jan 2010
Posts: 28
Received Thanks: 0
|
Any hacks for Riders of Icarus?
|
|
|
Similar Threads
|
[Selling] Riders of Icarus Gold! (EU)
07/19/2016 - Trading - 1 Replies
As the title says.
Safe trade! Only handmade gold!
Server - Velzeroth
10g-1 EUR
100g-9 EUR
200g-17 EUR
Trusted only!
Pm here or Skype
|
[Selling] Riders of Icarus Elite Account
07/04/2016 - Trading - 0 Replies
hi i sell here my Riders of Icarus Account.
Account including a Level 16 Priest male on Europe Server.
I accept only PayPal.
Price 20€
Greets Creed7
|
All times are GMT +2. The time now is 08:21.
|
|