bonesaw

If you can't read the guides here, google is your friend.

Wrong section.

Locked.

Boom.

Locked.

a) ENGLISH section, so ENGLISH only.

b) Too many spammers saying the same thing: "HLapex is dead". Yes it is in 99,9% of the servers, some lame servers left to patch.

c) *Locks and throws the key away*

Well, I don't know what application they might be running and what data they might be getting to hardware-ban people. This have been used since 2005 (or before) by Punkbuster and might still be used by it, but L2 doesn't have Punkbuster. You must find out what this application is grabbing from your system to be checked on server before you get in, so you can try to spoof it. HWSpoof spoofs hd vendor, nic mac and some other stuff I think, not sure, never used it and it's quite old. Don't got the time to do it, but if anyone got it, just get a sniffer and try to see what their application is doing.

Tools that could be used:

cprocess - good to see all files being used by a process. (injected files, dlls etc)

network chemistry packetyzer - a good free sniffer.

process explorer (procxp) - shows process tree in real time.

tcpview - shows which process is using a connection.

comodo firewall - it has a HIDS included, so when you run a program, it'll ask for what to do, if it should run or not, if it should access the internet or not and you can check the logs after so you know what's going on. I use ZoneAlarmPro myself, not free, but Comodo is free.

Have fun.

Heh, not really an exploit, but anyway, I've done that before... the player almost died, but he stopped attacking when he was almost dead.

I used reflect damage on the npc with one char and buffed the player just after, so he would attack quicker/stronger.

Almost worked. *snap*

Been a few months since I've done it anyway, nice to see noobs still attack NPCs on DN, always nice to get free stuff and laugh at them! ;D

http://www.maxcheaters.com/forum/index.php?action=profile;u=14787

Check last posts, dozens on same day, all useless.

Don't think L2phx is for beginners, it's not that easy. Don't think you'll get answers on that. Wrong section btw, locked.

Use search for answers...

Wrong section.

Locked.

Indeed sltbnjr, but that would be the part of grabbing hardware stuff to make an ID or just send the MAC of the NIC. But it can be changed easilly anyway and hardware spoof probably changes it. If it doesn't, you can always use macshift to do it or even the windows driver itself.

Okay, time to explain some stuff to people who know nothing about networking.

Your ISP has a few ranges of IP's it can assign to their clients.

So let's say your ISP have the range 150.150.x.x to distribute, it's a B class IP range, this means they have 65k IPs to distribute for their clients.

The 150.150 part won't ever change if they only have this range, because they buy that range from InterNIC or other place, but legal places that sell IP ranges, so they buy the IP range 150.150.0.0/16, the 16 part is the subnet mask, which means 255.255.0.0.

The 16 means 1111111.1111111.0000000.00000000, you count the 1's from left to right and as you can see, it's 16 "1" bits, reason why it's /16.

128+64+32+16+8+4+2+1 = 255, that's binary, reason why it's 255.255.0.0.

Okay, so now you know IP adressing, first step taken. Yay!

Conclusion: If your L2 server admin banned 150.150.0.0 entirely, that would mean 150.150.0-255.0-255, which means, you won't ever get in anymore if your ISP always assign you that IP range. You're screwed. That's a subnet IP ban, but you see, if they do that, they will not only ban you, they will ban 65k IPs, banning a few dozens of players with the same ISP. Now, that's bad.

They could've banned only your IP if it's static. Your IP could be assigned like this, if you have a cable modem, for example:

Your modem have a MAC address, which is (theorically) unchangeable. Whenever you want to connect, you turn on the modem. It'll connect into the HFC (management) network and get an invalid IP, maybe from 10.0.0.0/8 network. It'll then connect to your ISP's DHCP server, which will give you a valid IP for your PC. Great, now you can surf the web! Now, if your ISP gives static IPs to their clients, anytime you ask the DHCP server for an IP and if it's static, you will always get the same IP. If it's dynamic, your IP will be assigned to your for X time (configurable in the server), if you turn off your modem for some time, it won't be assigned to you anymore, it'll assign you other IP from the same range, if there's only one for your region - if it's region based, for example.

So, you have 2 choices of IP assignment, static and dynamic. Great. Step 2 taken. All about IP assignment.

Now, you said it's hardware based. This could be truth, if you're running some application they made/got which is needed to connect to their server, it could get some info from your hardware and make an ID number based on that, then they could just ban that ID and you would be 'hardware banned'. Of course if you changed your hardware, you would get unbaned. That's why there are things like "Hardware spoofer", to change that ID.

I don't know if such a thing does even exist for L2 servers, never seen it before, could you tell if you run any application/loader to play on this server? Does it run any weird exe file? Does it connect anywhere? You could run a sniffer to see what's being passed from this application to this X place, if you have the knowledge to do it. I would use a sniffer named Packetyzer, it's free and very good.

Hardware step taken, yay.

You must first know how they can ban you so you can try to bypass it. If you don't know, then it's unbypassable.

"Mac address ban - Cisco provides it" <- this makes no sense at all. btw, I'm Cisco certified and it has nothing to do with that...

MAC is local to your network, it's not passed through internet nor it is through any network outside your LAN, routers do not forward MAC, only hubs and switches do, in case of switches, only if both hosts are on the same VLAN, else it won't.

Well, they said you can change your IP 10000 times and you won't still be able to login.

Your IP range varies from 83.0.0.0 to 83.255.255.255 probably, this is an A class IP range. It's 83.0.0.0/8. If they banned 83.0.0.0 entirelly, then you can only change your ISP, if that's the case. You can't spoof your IP unless you use a proxy, but that would add latency, which is not good for games, which need lowest latency possible. I see you have a "hKey", maybe that's the ID for your hardware. You may want to change that hKey, if possible, I'm not sure if it is possible.

Try making a new account, maybe your account is banned/deleted and you won't be able to login anymore, with any IP or any hardware. If that's the case, there's nothing else to do anymore.

Hope you understand it. ;D

1 year old topic.

Stop being stupid, bah.

Locked.

gg. locked.

This has nothing to do with Lineage 2 nor with Exploit...

Locked.

Too much spam for nothing.

Locked.

Indeed, as sess said. I was about to lock it and burn it down, but since he posted first, I'll respect it.

This section is for EXPLOITS, not for "I have an exploit but I'm not giving it away! Na nana naaa naaa naaaa naaaa!".

And if you're giving it to GM first, then it'll get fixed not only there, he will post on post-pacific and it'll get fixed everywhere.

So this is BS, even if it works.

http://www.maxcheaters.com/forum/index.php?topic=2167.0

Sure you did found, yeah, yeah. Very new. No credits given. Not the right section for questions either.

Locked.

Wrong section.

Locked.

http://www.maxcheaters.com/forum/index.php?action=profile;u=3976

Gonna use pub section from now on to report so we won't get double reports.  ;D

Too bad this thread is 1 year old, huh?

Locked.

Do NOT undig old threads.

Karma reduced.

Locked.

Spamtastic.

You wrote a lot of stuff but you could just say "attack vulnerabilities found in the OS or applications of the DB server instead of the game server app itself".

May work, may not. I've seen admins put sql password of user "sa" (sa = system admin // accepting outside connections, not default) like "abc1".

Possible. But not an exploit.

Locked.

...okay, but this is not the bot section...

Locking until a mod move it to avoid bumping.

Sorry, wrong section.. just a discussion which leads to nowhere..

Locked.

Should I start laughing now or should I wait?

A program that asks for USER and PASSWORD to do "magic"?

Try not even be connected to internet and apply any of the "tricks".

It'll say "Added successfully" because it's the only option in the program, it just never fails. It doesn't even send any packet (sniffed).

If it was a program to auto the process of trying to exploit something, it would NOT need user/password.

It would inject a dll into the L2 process and then run from there. To avoid GG, it COULD be a mini-client only for hacking. But that's NOT the case. It doesn't have the structure for a mini-client. But it does have a SSL dll. Why would you need a SSL dll for a mini-client that doesn't even use it, as far as I know?

Why is there a "MAIL TO" and "RCPT TO" in the disassemble? It sends an email to somewhere, after grabbing some info.

Makes no sense.

Crap.

Locked.