Jump to content
The Best Lineage 2 Mods – Free & Custom
Get Free Banners - Giveaway MaxCheaters.com
We're Rebuilding – Join Our Staff Team

Bypass Anti-Phx L2Sandora(I Think Its Lameguard)

anath3ma

By anath3ma
in Hacks & Cheats [English]

 Share

Recommended Posts

anath3ma Newbie

anath3ma

Posted
Posted (edited)

tools :

  • ollydbg

how to video : http://www.megaupload.com/?d=8QVJDX6K

keep in mind as they have anti-bot packets in gameserver are encrypted but you can find the encryption key or u can generate your own here u can see how the key generated
 

0040112A  |. FF15 10804000  CALL DWORD PTR DS:[<&KERNEL32.GetTickCou>; [GetTickCount

00401130  |. 50            PUSH EAX

00401131  |. 8945 10        MOV DWORD PTR SS:[EBP+10],EAX

00401134  |. E8 DC000000    CALL L2.00401215

00401139  |. 59            POP ECX

0040113A  |. E8 E8000000    CALL L2.00401227

0040113F  |. 8945 08        MOV DWORD PTR SS:[EBP+8],EAX

00401142  |. C165 08 10    SHL DWORD PTR SS:[EBP+8],10

00401146  |. E8 DC000000    CALL L2.00401227

0040114B  |. 8BF8          MOV EDI,EAX

0040114D  |. 037D 08        ADD EDI,DWORD PTR SS:[EBP+8]

00401150  |. E8 D2000000    CALL L2.00401227

00401155  |. 8945 08        MOV DWORD PTR SS:[EBP+8],EAX

00401158  |. C165 08 10    SHL DWORD PTR SS:[EBP+8],10

0040115C  |. FF15 28804000  CALL DWORD PTR DS:[<&KERNEL32.GetCurrent>; [GetCurrentProcessId

00401162  |. 0345 08        ADD EAX,DWORD PTR SS:[EBP+8]

00401165  |. 50            PUSH EAX                                ; /<%08X>

00401166  |. 8BC7          MOV EAX,EDI                              ; |

00401168  |. 3345 10        XOR EAX,DWORD PTR SS:[EBP+10]            ; |

0040116B  |. 50            PUSH EAX                                ; |<%08X>

0040116C  |. 57            PUSH EDI                                ; |<%08X>

0040116D  |. 68 AC864000    PUSH L2.004086AC                        ; |Format = "%08X%08X%08X"

00401172  |. 53            PUSH EBX                                ; |s

00401173  |. FF15 2C814000  CALL DWORD PTR DS:[<&USER32.wsprintfW>]  ; \wsprintfW

00401179  |. 8B3D 38804000  MOV EDI,DWORD PTR DS:[<&KERNEL32.SetEnvi>;  kernel32.SetEnvironmentVariableW

0040117F  |. 83C4 14        ADD ESP,14

00401182  |. 53            PUSH EBX                                ; /Value

00401183  |. 68 88864000    PUSH L2.00408688                        ; |VarName = "__lameLauncher__"

00401188  |. FFD7          CALL EDI                                ; \SetEnvironmentVariableW

0040118A  |. 68 84864000    PUSH L2.00408684                        ; /Value = "1"

0040118F  |. 68 64864000    PUSH L2.00408664                        ; |VarName = "OMP_NUM_THREADS"

00401194  |. FFD7          CALL EDI                                ; \SetEnvironmentVariableW

i will not move further btw the server sucks so it doesnt worth the time to decrypt the gameserver packets

 

Edited by Universe
  • 2 years later...
Versus Newbie

Versus

Posted
Posted

Hi, sorry for post, but I need to bypass that server.

Server have security for all bot's, like l2tower, l2net.

When I turn on l2net, game off :(

Yeah, lameguard can do that :D

Just pm anath3ma, with a small paysafe, i'm sure he'll be able to assist you.

  • 4 weeks later...

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing


  • Posts

    • Zacapa
      developer alert_GIANNIS

      By Zacapa · Posted

      someone ban again this piece of shit this guy is a virus we should make an antikara or karabytes
    • VibeSms
      Vibe-sms.net – sms activations. Over 60 countries

      By VibeSms · Posted

      🍂 The cost on Vibe-sms is dropping, like autumn leaves falling from the trees.     It’s a little sad to watch the last days of summer fade away with its warmth, but that’s how the world works  every season has its own rules. The same goes for our prices: they are gradually but steadily going down, opening up new opportunities and great deals. 💸   🌍 USA is already at the minimum, and Europe, Asia, and dozens of other countries will follow soon. Don’t miss out  fresh rates are waiting for you!   Website link — https://vibe-sms.net/ Our Telegram channel — https://t.me/vibe_sms
    • flatronn
      developer alert_GIANNIS

      By flatronn · Posted

      You didn't tell me anywhere that you wanted core.jar as proof, I have everything ready for an independent developer to review. All the conversations, all your edits. I won't settle anything with you, so you can threaten me again and damage my name.
    • Out of Time
      developer alert_GIANNIS

      By Out of Time · Posted

      So what? Did i say anything wrong? You have no idea what source/compile is. I still wait for your .jar or source to be posted since you say i destroyed the compiled version of yours. Why you don't post it? Are you afraid that people will just see few addon lines and you did not even know that your source and compiled had different things? I should not even waste 2 minute to fix your raidboss_spawnlist thing.    Your mentally ill. What you posted is our primary deal nothing against me.  Because all he does is post whatever i write as if i hide and i did not say any mod to join and check my discord. i want him actual post something against me or any offenses i did. I also requested him several hours ago to post his .jar where my code "HACKED" his server but he wont post.    Nobody should allow open a random topic and cause issues to other's life without proofs. I demand punishment and soon unless he post evidence that i hurt his server or left him or did not make what he asked. 
    • flatronn
      developer alert_GIANNIS

      By flatronn · Posted

  • Topics

×
×
  • Create New...

AdBlock Extension Detected!

Our website is made possible by displaying online advertisements to our members.

Please disable AdBlock browser extension first, to be able to use our community.

I've Disabled AdBlock