DragonHunter

Yooo folks haven't posted here for years whatsup

just a beta preview of my new program L2MITM

Lineage2 - Man In The Middle

This program is able to dump the username and password of the person who is going to login

The program decrypts the RSA-1024bit, Blowfish, Xor encryption of the game

Just a early stage of the project,

It's also having a simple plugin system so you're able to do a lot and have fun with scripting different stuff

For now I made a plugin that will dump the username and password to a file

And a other plugin that would attack the next monster when you killed it (bot)

You could make a lot outta this :)

Haven't been doing some gamehacks for such time so why not

I thought I'd be also funny to break to spoof the RSA Key so I was able to decrypt the username and password hehe ^_^

Haven't seen anyone so far breaking the RSA for this game so maybe I'm the first 1

Breaking the RSA 1024bit costed me 2 full days messing around with spoofing it and setting all the offsets correct etc

Note: No game hooks are being used, the program is written 100% in C#

Video: L2MITM Beta Preview

I think I'll release this program soon when I'm completely done with the plugin system etc

Oh well stay tuned for updates  :good sir:

Maybe people remember my L2PacketX, well this 1 can do more stuff soon

Just copy ur accounts table to another database like 'test' and change in the design access_level to accessLevel and thats the fix :P

ok for the noobs that still dont understand anything...

fillin the username/password/database/ip connect to the database and it will get a list with usernames from the players and it will try to crack the passwords this was just for education only so use it at ur local database !

http://www.youtube.com/watch?v=EaNmQ6R04hk

Woh, awesome work dude, again. Very useful

I will test it.

 

You can hide this topic for 500 views  >:(

 

EDIT :

 

I get error when i start the cracker  :o

I use Nod32 but it's disabled !

you must install .net framework 3.5

http://www.microsoft.com/downloads/details.aspx?FamilyId=333325fd-ae52-4e35-b531-508d977d32a6&displaylang=en

Oh ye btw.... this works for every chronicle

Ok this is a new program i made in C# it will use a wordlist to crack the l2j passwords

This will require a mysql database with the table 'accounts'

It will load all the usernames and it will try to crack all the passwords from the usernames

Have fun  8)

I also made a wordlist of 1.373.238 words i made some long time ago... this is included with the l2j password cracker

Download: http://www.4shared.com/file/3kvDgHIn/L2J_Password_Cracker.html

Soon a l2j password bruteforcer will come... be patient :D

Ok since maxtor still didnt made those sections cuz i dunno why... or he dont want to make those sections whatever

but anyways

#include <detours.h>

//Prototype of the original ShellAboutW API
int (__stdcall *ShellAboutWD_o)( HWND hWnd, LPCWSTR szApp, LPCWSTR szOtherStuff, HICON hIcon);

//Hooked ShellAboutW API
int __stdcall ShellAboutWD(HWND hWnd, LPCWSTR szApp, LPCWSTR szOtherStuff, HICON hIcon)
{
        return ShellAboutWD_o(hWnd, L"DragonHunter [LeetCoders]", L"The about API/Function is hooked by DragonHunter ;D!", hIcon); //Return to original api function
}

BOOL APIENTRY DllMain( HMODULE hModule,
                       DWORD  ul_reason_for_call,
                       LPVOID lpReserved
                     )
{
    switch (ul_reason_for_call)
    {
    case DLL_PROCESS_ATTACH:
        HANDLE ShellAboutWDProcessAddress; //Hold the ShellAboutW API memory address

        ShellAboutWDProcessAddress    =  GetProcAddress(
                                                        GetModuleHandle(L"Shell32"), //DLL Library
                                                        "ShellAboutW"                 //API/Function
                                                      );
        //Since we now have the memory address of ShellAboutW we can finally start the hook process :)


        if(ShellAboutWDProcessAddress != 0) //Check if memory address is found (Error-Handling)
        {
            ShellAboutWD_o = (            //Set the original API/Function
                int (__stdcall *)(        //Prototype
                HWND hWnd, LPCWSTR szApp, LPCWSTR szOtherStuff, HICON hIcon)) //Prototype
                DetourFunction(                        //Api-Hook ShellAboutW
                (PBYTE)ShellAboutWDProcessAddress,    //Get memory address
                (PBYTE)ShellAboutWD);                //Set ShellAboutWD_o -> ShellAboutWD
        }
        break;
    case DLL_PROCESS_DETACH:
            if(ShellAboutWDProcessAddress != 0)
            {
                DetourRemove(
                    (PBYTE)ShellAboutWDProcessAddress,    //Unhook the API/Function
                    (PBYTE)ShellAboutWD);
            }
        break;
    }
    return TRUE;
}

And this is the output

Have fun...

Coded by DragonHunter

l2 max dont have 1k people online...

its have 600-800max but think that peoples want to exp their buffer and have double accounts so they can exp them so 300-400 but for sure not all are exp their buffer so we can say again 500-600:D

l2mxc ftw!!!

wtf?

its not about l2 its about the forum read next time lol'd

right over here :P

http://www.youtube.com/watch?v=_8J7hkHGDUs

If you think that you are experienced with coding add me max14l2@hotmail.com . I want to give you info about my plan. Thanks!

 

Αward for your job : 100€

100 euro ? what do you need... a rootkit ?

just pm me what you need and ill see if i can make it for you

We have in this forum 68.597 Members and there are just daily 1000 members online

Is this a fail  or win ?

3243

nvm im good boy :P

btw did you thought about encrypting ur EOF data ?

I don't if u did that but should be better :P

Program work's but it's very old method and doeasn't work in 99% servers....

 

 

Scan Virus:

http://www.virustotal.com/en/analisis/86a1a901217ea25c5abf5941faf1162d65abc5c7b625bfcf8b62cea7a3540759-1271109222

lol thats just a virus scan of the .rar file thats always shown virusless -.-'

sorry for double post runtime+scantime stub added

lol i thought you said it will not be posted for free :P

FAIL xD

lol just join hackforums ... they got everything already :P

is scantime only

lol that sucks... so your just dumping the virus on the pc and it will become detected

Useless :P

scantime+runtime crypted ?

Holy gral,dude's they really have a problem,i play cs someties to with my clan,but we dont scream like those aliens.

They really need to go to psycho

ye it was realy insane... but funny at the sametime when i was online in that server lol:P

why do i get trojan horse?

you don't read or you dont understand english... but read the first fuckin post -.-'

The virus scan will show that there is a virus but there is not because i've protected my program realy hard this time to be sure some dum asses can't get the source code from it!

Am I in a good way?

 

If you did read you knew that he was not able to connect to the database... doesnt matter if username or password is then incorrect