Jump to content
This Topic
--> Place your ad text here <--
Get Free Banners - Giveaway MaxCheaters.com
We're Rebuilding – Join Our Staff Team

[HOT SHARE] L2 Sublimity Walker

TILEMACHOS

By TILEMACHOS
in Botting [English]

 Share

Recommended Posts

Anarchy Enthusiast

Anarchy

Posted
Posted

As much as I would like to show you walker on dex, I'm not gonna even try and register on their stupid shit, but I can attach ollydbg to the process and view the memory fine, as I already knew I could.

TILEMACHOS Newbie

TILEMACHOS

Posted
  • Author
Posted
  On 9/19/2010 at 11:29 PM, Anarchy said:

As much as I would like to show you walker on dex, I'm not gonna even try and register on their stupid shit, but I can attach ollydbg to the process and view the memory fine, as I already knew I could.

Enigma is not so simple as you think ;)

killik Newbie

killik

Posted
Posted

well Anarchy you  belittle Tilemachos and show off your great knowledge

 

Even if all those protections out there are made by kids and are useless and you have that great pool of knowledge so -beep-ing what?

You dont seem break those "miserable" protections  and share it with others since "you wont bother wasting your time "

So why do you waste your time belittleing ppl who do help?

Do us all a favour and stop wasting your time really

 

Even if you think that tilemachos isnt as knowledgeable as you i guess if it works in the end no one cares ;)

Anarchy Enthusiast

Anarchy

Posted
Posted

Enigma might not be simple but that doesn't change the fact I can still view Kasha's code without any problem.

 

I'll show you an example.

13157919.jpg

 

The code highlighted (and a few lines above it) in that screenshot is the code responsible for setting the IP address that the client connects to by hooking Engine.dll's connect function, in plain code no encryption.

I admit Kasha does some good tricks to hide what he's doing like searching for specific bytes in the engine to find the address rather than directly referencing it, but I can still see it.

 

@killik

I'm not showing off "my great knowledge" I don't need to prove what I know to anyone. This start out simply as me pointing out that tilemachos may not of been the author considering the apparent lack of knowledge of the protection system, he is the one who turned this into a flameoff.

TILEMACHOS Newbie

TILEMACHOS

Posted
  • Author
Posted
  On 9/20/2010 at 12:17 AM, Anarchy said:

Enigma might not be simple but that doesn't change the fact I can still view Kasha's code without any problem.

 

I'll show you an example.

13157919.jpg

 

The code highlighted (and a few lines above it) in that screenshot is the code responsible for setting the IP address that the client connects to by hooking Engine.dll's connect function, in plain code no encryption.

I admit Kasha does some good tricks to hide what he's doing like searching for specific bytes in the engine to find the address rather than directly referencing it, but I can still see it.

 

@killik

I'm not showing off "my great knowledge" I don't need to prove what I know to anyone. This start out simply as me pointing out that tilemachos may not of been the author considering the apparent lack of knowledge of the protection system, he is the one who turned this into a flameoff.

 

Well now try to add breakpoints...what will happen...?

And of Course i want to see Lineage2 running completely from the debbuger...

Acctually u can't see something special of the protection...

Anarchy Enthusiast

Anarchy

Posted
Posted
  On 9/20/2010 at 12:22 AM, TILEMACHOS said:

Well now try to add breakpoints...what will happen...?

And of Course i want to see Lineage2 running completely with the debbuger attached...

.... Of course you can't run it with a debugger... You can easily simulate breakpoints by writing a module to hook the address you want information from and print it to file... Not that you even need to with most protections and from what I've seen so far that includes Kasha's
TILEMACHOS Newbie

TILEMACHOS

Posted
  • Author
Posted
  On 9/20/2010 at 12:29 AM, Anarchy said:

.... Of course you can't run it with a debugger... You can easily simulate breakpoints by writing a module to hook the address you want information from and print it to file... Not that you even need to with most protections and from what I've seen so far that includes Kasha's

 

Well i actually managed to run it from a debbuger ollydbg ICE...

Let me tell you something...the  only way to do the job is fully unpack the file and then add those breakpoints...

Try what you saying and you ll do nothing..

TILEMACHOS Newbie

TILEMACHOS

Posted
  • Author
Posted
  On 9/20/2010 at 1:09 AM, mpj123 said:

Kasha did implement anti debugging protections, you cant just load it straight from the debugger as TILE said

 

Yes it's true...But there are some techniques to unpack enigma and break in but it's really tricky to do that..i managed to partial unpack some enigma protected files..but not completely...enigma really sucks

Anarchy Enthusiast

Anarchy

Posted
Posted

Kasha's anti-debugging technique's suck tbh.

They mainly consist of attempting to output debug strings and if it succeeds then that means a debugger is running, EXTREMELY easy to get around by hooking OutputDebugString.

 

But I give up, you can carry on believing that Kasha is the god of anti-bots that's your choice, there's obviously no convincing you, it doesn't bother me any it just gains him some more sheep customers.

heybroftw Newbie

heybroftw

Posted
Posted
  On 9/20/2010 at 1:25 AM, Anarchy said:

Kasha's anti-debugging technique's suck tbh.

They mainly consist of attempting to output debug strings and if it succeeds then that means a debugger is running, EXTREMELY easy to get around by hooking OutputDebugString.

 

But I give up, you can carry on believing that Kasha is the god of anti-bots that's your choice, there's obviously no convincing you, it doesn't bother me any it just gains him some more sheep customers.

 

Ok mate just shut the fuck up now. He gave us a bot that worked. Stop trying to get your e penis any bigger. If you want to get it bigger then post a working OOG walker for this server. If not then please shut the fuck up with your angry nerd rants.

 

Imo a mod should of blocked you for a day for spamming this thread. Anyway thank you OP for the working walker. Looking forward for the OOG walker ;)

TILEMACHOS Newbie

TILEMACHOS

Posted
  • Author
Posted
  On 9/20/2010 at 1:25 AM, Anarchy said:

Kasha's anti-debugging technique's suck tbh.

They mainly consist of attempting to output debug strings and if it succeeds then that means a debugger is running, EXTREMELY easy to get around by hooking OutputDebugString.

 

But I give up, you can carry on believing that Kasha is the god of anti-bots that's your choice, there's obviously no convincing you, it doesn't bother me any it just gains him some more sheep customers.

 

Actually antidebugging tricks are not added by Kasha...How you ever packed files with Enigma Protector??

 

I supose you must read here first before say anything about this protection

 

Kasha is not the God for me..

Enigma protector gives supperb protection and fast execution

 

http://www.enigmaprotector.com/en/home.html

niggafgt Newbie

niggafgt

Posted
Posted

I notice more and more bots running around on Nova, this might not be a keylogger as I assumed before, but still I'm kind of not willing to use it since some people were posting screens that showed it's a trojan. Can anyone make things clear?

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing


×
×
  • Create New...