Be carefull with all L2.ini modifications

[Gudzy]

Sometimes i see when a lot of ppl downloading aplications which gives you some abilities in game like seeing throug walls (wallhack), makeing difrence beetween chests and boxes ect. I suggest to be carefull because there is great tip how to obtain all passwords even from whole server. How to do it ? You just need two things installmaker, your own prepared l2.ini and your own l2j server. I can write more information if you are interested.

 

Anyway do not install it. It usually work like that you instal wallhack, then you cant login onto your L2 server. You use updater and everything is ok. Is it ok ? No :) you just lost your account. So be carefull and use only your own modifications or tested by your trusted friends. I was able to obtain passwords of all ppl in many bog clans in some network so be carefull.

[Nero]

It's better you have a random ip to do that. I see many developers can see who try enter in DB. I hope they don't catch me. :P

[qesaras]

can u give some more info about how to obtain the passwords ?? :P

[TEOxtrm]

can u give some more info about how to obtain the passwords ?? :P

 

hm want to steal pass???? :P

[kaguyakun]

It's better you have a random ip to do that. I see many developers can see who try enter in DB. I hope they don't catch me. :P

 

Do you even read the post?

 

can u give some more info about how to obtain the passwords ?? :P

 

I guess he meant this: Make a custom l2.ini that connects to your own l2j server, then when tricked ppl enters the Id/Pass(official server I.E), it'll save on l2jdb..

But I still can't understand how he'll decrypt the passwords from db.

[Gudzy]

You haven't to decrypt :) Modify login server scripts a little and your passwords wont be stored crypted. How to do it look at old L2j scripts. Passwords werent crypted there.

[gurgur]

You phisher! L2 makes people evil and greedy for sure.

 

It's better you have a random ip to do that. I see many developers can see who try enter in DB. I hope they don't catch me.

In contrary, it has to be static IP or smtg like noip. Or, if l2.ini accepts domainnames, no problems at all. Not sure about that. There's no trying to enter in server db, instead, nabs are tyring to login to your fake server.

 

And, this shouldn't work if the server is asking people to connect by modding the hosts file. hosts will override all redirects at the end and you won't get your phish. :P

[Desdemona]

i make own l2.ini modified with l2encdec

[Terax]

L2FileEdit is better

[Philipe]

all programs that you install has the chance that have keylogger and you lost you account... you need becarefull with all programs that you install that refer l2.

[Mathim]

Good , and helpfull tip . Thanx . I'm using L2FileEdit..and everythink is Ok.

[iPwned]

Nice Guide, thanks you! Have fun!:P

[Wampik]

i always use l2endec for that. for my safety

[vprc0m]

very good. write more, if possible

[Makyura]

I wanna steal some pass just tell me how :P