Jump to content

Recommended Posts

Posted

Well you cannot modify l2.bin without unpacking but its not needed to unpack it. You are writing a bot, not some crack so packer means literally ntohing because u focus on runtime.

 

By the way, what do you want to achieve in the end?

 

Im interested  because I want to learn RE, RPM/WPM, and maybe later packet analysis.. I tried with Lena's tutorials but they seem so outdated and i lost my motivation after awhile. I know a bit C#, I already managed to create a console application which reads bytes that i need from memory, but this is so easy/basic compared to RE and Hooking :P

 

So basically,

you inject your dll in l2.bin -> 

using faction GetModuleHandle to retrive gameguard.des ->

Then im loosing it a bit because IDA - DeAssembly uses a fuction qmemcpy which I have no idea what it is..

 

Its something like that in my mind inject -> getmodulehandle -> getprocaddress -> virtualprotect

 

Sorry if I said something stupid (probably I did) but everything is so messy in my head.. :P

Posted (edited)

well lenas tutorials are great for beginners. You have to get used to clean compiled code and go with small steps... i remember how o started i had to go through every tut like 5 times because i did not understand anything. If you are gettin headache from clean compiled code then tell me what do you see here

 

 

 

EHP8yRT.png

 

 

 

 

Do you see whats goin on here? XD

 

And to answer

 


Its something like that in my mind inject -> getmodulehandle -> getprocaddress -> virtualprotect

 

 

There are tons of ways to prevent dll injection. Do you know what exactly happens when you are loading the dll? Dont use getprocaddress. lameguard = insta ban, smartguard = insta ban.  And virtualprotect on sg = ban also.

 

How do i know that?

Edited by Szakalaka
Posted (edited)

It looks like virtualized to me lol. Anyway, thanks alot for your time. I thought anti-cheats wouldn't be so complex but im totally wrong. I'll start again with Lena's Tutorials :)

 

Do you think C# is viable for patching ? 

Edited by fxb0t
Posted (edited)

a lot of knowledge but im on mechanical engineer...

 

Szaka, with cliext 1.0.0.9 there is any solution? for 1.0.0.6 i just use injector with tower dll, but now i cant inject without kick in few minutes.(or in char select)

with the old suspent methots i cant do it.  (now i have anti cheat .exe)

 

with adr 1.71 the client just shut down or get disconnect on char select.

 

http://i.imgur.com/Hvusvoa.png

 

 

 

 

 
Edited by mariuda
Posted

@Szakalaka

Maybe You have something to "scam" lameguard and run more clients? For example 9 at l2tales?

 

I know there is sandboxie, virtual machines, but need 2 adrenaline keys for that:/

Posted

@Szakalaka

Maybe You have something to "scam" lameguard and run more clients? For example 9 at l2tales?

 

I know there is sandboxie, virtual machines, but need 2 adrenaline keys for that:/

at mxc is shared mac id changer for tales 

Posted

AchYlek You mean Stergios hwid changer? It need 2 Cards or Card + WiFi. And it change PC name, so my windows 10 is getting lost, and asking me for active everytime i change it this way.

I can pay for something like .dll that will do it when i run L2, or any other tool that wont affect Windows activation etc.

Posted

does this bypass work on L2 averia 10x?

suspend game at char select, kick dsetups and inject tower, but sometimes u will get error when your window is unactive, for that pm szakalaka 

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.




×
×
  • Create New...