Jump to content
MaxCheaters Official Group on Discord
-> Place your ad text here <-
LINEAGE2.GOLD INTERLUDE SERVER ON ESSENCE CLIENT

[EXCLUSIVE SHARE] IG WALKER FOR KASHA PROTECTION (L2Elixir,L2Dex etc.) UPDATED!!

TILEMACHOS

By TILEMACHOS
in Botting [English]

 Share

Recommended Posts

MasterWalker Newbie

MasterWalker

Posted
Posted

On this server (http://www.lineageii.com.br/) that told you test, the run up to L2Walker IG, as well as on any other server that has Kasha, and it looks to use a method of very stupid. But you must use two clients as emir0n suggested.

 

PS: Note that AntiBot is stopped, which makes the detection of L2fork, Proxifier and L2Walker.

 

See the picture:

 

10581034.jpg

 

23073702.jpg

 

49266519.jpg

 

TILEMACHOS Newbie

TILEMACHOS

Posted
  • Author
Posted

As i Understand you can continue login in Gameserver even if Process Explorer is detected and Closed??

I think Patch with a loader is a good idea to bypass some Threads that running...

I have to learn if that can be done...i ll start a search about loaders on Enigma Protector and VmProtect...

You gave me a good idea now and if cam be done there will be no any obstacle for any protection bypass :D

I ll need some time to do this because i have used loaders ony for simple apps and not L2

 

__________

 

UPDATE :

 

Not a good idea...Both Packer are strong Protected against Loaders.. :/

emir0n Newbie

emir0n

Posted
Posted

looks good

anyway its also possible to make the crossconnection with original client/clean client+l2net

anyway bit OT : hidetoolz for win7/x64 still not out ? didnt find any updated version till now

 

MasterWalker Newbie

MasterWalker

Posted
Posted

As i Understand you can continue login in Gameserver even if Process Explorer is detected and Closed??

I think Patch with a loader is a good idea to bypass some Threads that running...

I have to learn if that can be done...i ll start a search about loaders on Enigma Protector and VmProtect...

You gave me a good idea now and if cam be done there will be no any obstacle for any protection bypass :D

I ll need some time to do this because i have used loaders ony for simple apps and not L2

 

__________

 

UPDATE :

 

Not a good idea...Both Packer are strong Protected against Loaders.. :/

 

Tilemachos, even with the detected ProcessExplorer I can still log in, because when I see that Kasha has detected the process, then I shall adjourn the l2.exe action, and then active again, so that the notification window does not close the antibot consequently the login screen of the client also does not close. So just use the method suggested by emir0n (L2Fork, Proxifier and L2Walker IG / OOG).

 

But we do not know how long this method will work, because the antibot can be corrected.

MasterWalker Newbie

MasterWalker

Posted
Posted

If lineageii.com.br worked with non-BR ip's, I'd show you how to make a clean system folder. Kasha protection is really easy to disable.

You could then do a clean system of Lineage II as an example?

 

I believe that IP is not BR.

TILEMACHOS Newbie

TILEMACHOS

Posted
  • Author
Posted

looks good

 

anyway bit OT : hidetoolz for win7/x64 still not out ? didnt find any updated version till now

 

HideToolz is Just a Program that works Like Phant0m Plugin for OllyDbg...It is Using a "Non Plug n Play Device" Driver that is Loaded when you are Starting the program...

You can find the Devices in : Control Panel -> Device Manager : View -> Show Hidden Devices and now look Down in the Devices for "Non Plug n Play Drivers"  There you can Find the Drivers are Created From proccess like HideToolz and Proccess Explorer

 

The Same uses the Enigma Protector (Loads up his own Divice witch is a "Proccess Explorer" by it Self) to trace for Hidden and Illigal Proccess by the Name of the Driver...Here is a really Good Program Very Similar for Searching what i m talking About and can see anything running on Computer : RootKit UnHooker (WinXP Only)

 

 

I don't Remember what is the Name is Used by HideToolz but i can Change it in a Debbuger :D

That means Even if it is not working and HideToolz can be Detected i can make them Stealth again...!

So inform me if HideToolz are Detected and i ll Share a Version that is Stealth :D

 

I did the Same with Proccess Explorer wich i renamed it in Navicat Explorer ("NaviExp" for Driver Name) :D

 

L2.Net has an Internal Proccess Name tottaly Different from that we can see...Oddi Knows offcourse what i am talking About and i have to say that doing this is Clever...

 

Ps: Oddi The Source Obscufator that your team is using on L2.NET Believe me is doing Great Job and it worths the Moneys that you guys Spend ;)

 

Tilemachos, even with the detected ProcessExplorer I can still log in, because when I see that Kasha has detected the process, then I shall adjourn the l2.exe action, and then active again, so that the notification window does not close the antibot consequently the login screen of the client also does not close. So just use the method suggested by emir0n (L2Fork, Proxifier and L2Walker IG / OOG).

 

But we do not know how long this method will work, because the antibot can be corrected.

 

Nice Exploit found by MasterWalker :D :D

 

If lineageii.com.br worked with non-BR ip's, I'd show you how to make a clean system folder. Kasha protection is really easy to disable.

 

Oddi you mean that you can make a new clean system that can directly connect to the server with out any Problem and hacks Attached on? Some but i think all Server Systems are including a file...the L2.dll wich is essensial to make the connection and the purpose of this file is packet Crypt/Decrypt...

Just tell that you can do what i understand!!!  :o  :D

TILEMACHOS Newbie

TILEMACHOS

Posted
  • Author
Posted

Normally after Detecting a Tools it should Countdown until Kill the Client...

This will fixed fast guys...But there is Something i hope Kasha reads :

 

YOU 'LL NEVER STOP US WITH A STUPID ENIGMA PROTECTOR :D :D

 

1) WE CAN CHANGE NAMES TO DRIVERS

2) WE CAN CHANGE NAMES TO APPS

3) WE CAN BRUTE CRC (soon i ll share that and works for every packer)

4) SOON WE'LL CAN UNPACK AND CRACK

 

KISSES HAPPY NEW YEAR

[move]-=WITH LOVE NAVICAT=-[/move]

 

Oddi Newbie

Oddi

Posted
Posted

Oddi you mean that you can make a new clean system that can directly connect to the server with out any Problem and hacks Attached on? Some but i think all Server Systems are including a file...the L2.dll wich is essensial to make the connection and the purpose of this file is packet Crypt/Decrypt...

Just tell that you can do what i understand!!!  :o  :D

 

Take a look at this:

http://insane-gamers.com/showthread.php/9462-SOLVED-www.beyond.lt

 

That server uses kasha protection, with my system folder both walker and l2net works with no tools.

TILEMACHOS Newbie

TILEMACHOS

Posted
  • Author
Posted

Take a look at this:

http://insane-gamers.com/showthread.php/9462-SOLVED-www.beyond.lt

 

That server uses kasha protection, with my system folder both walker and l2net works with no tools.

 

I think that this Server is Protected by Kasha but the only changed thing is the Blowfish...

If they payed for this they are really Jerks

This Server has not the L2.dll (AES) if there was you ll get ConnectionTimeout (Disconnect)

Like L2DEX does...hope you understand me :)

 

This Server has a packed Engine.dll with Enigma so you can't just debbug Dump etc. and find the Moded Blowfish in there...

So i think you find the blowfish while sniffing the TCP connection and you patched a clean system with Bfishy.dll and set in L2.ini IP to Localhost for redirecting the Connection on L2.NET... Am i Right??

 

Offcourse this is a low Protection for servers...and if there are Server patched like this one by Kasha there are LOL easy to break hehe

emir0n Newbie

emir0n

Posted
Posted

when i remember right the early versions of kasha were just changing the blowfish and they were monitoring the process names for unwanted applications and nothing more ...

anyway ... does kasha protection come with free updates,or do u have to buy them to stay "uptodate" ?  :o

TILEMACHOS Newbie

TILEMACHOS

Posted
  • Author
Posted

when i remember right the early versions of kasha were just changing the blowfish and they were monitoring the process names for unwanted applications and nothing more ...

anyway ... does kasha protection come with free updates,or do u have to buy them to stay "uptodate" ?  :o

 

Well as i know...

You Send your System to Kasha from account that you creating after paying

He gives you a file save Folder on his site where you can login with username and Pass to a link he gives you...

You Send the unprotected original system that you made and anything Server side that need to be changed and after he adds the protection you get the files from your Web folder...

I once found the L2DEx link Space i'll look and i ll post it as a proof :P

 

Anyway really noobie change only blowfish but i understand that some servers has not enough money to spend...

 

____________________________________________________________________

UPDATE : Link that Admins from L2DEX are Connected with Kasha (Web Folder)

I am sure that in this Folder there is all essential files that Lineage.ro won't Leaked somewhere..Unprotected System,Server Side Auth etc. :D :D

 

Lineage.ro Web Folder

Think Someone can Bruteforce or what else and Login??

_____________________________________________________________________

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing


  • Posts

    • Nightw0lf
      Attack Speed problem with ultra status server [aCis]

      By Nightw0lf · Posted

      aCis (“another Crappy interlude server”) is a commercial project I would not use even if paid. l2jfrozen yes, a 10 year old, effectively dead project produces more reliable results and at least works. l2jhellas also works. aCis might as well be renamed KPMIS (“Keep Paying My Interlude Server”): endless fixes, freemium, and no realistic path to true L2OFF parity, but its recommended like hell. lucera is even better the downside is you just need to dive into code and no sources   lets leave it at that
    • sitehunter
      Exelo Combo Tool v.2

      By sitehunter · Posted

      Download Here: https://sitehunterus.blogspot.com/2025/12/exelo-combo-tool-v2.html VirusTotal https://www.virustotal.com/gui/file/2acd067847ee092c7986f55c9f77620d89505d1c0bda34a0ee8f55b9c2905c11?nocache=1 Visit my Blogger list to download 100% free software https://www.freetoolss.com/ https://blackhat8.blogspot.com/ https://hack-crack9.blogspot.com/ https://hackernoons.blogspot.com/ https://sharetools99.blogspot.com/
    • Tryskell
      Attack Speed problem with ultra status server [aCis]

      By Tryskell · Posted

      Care to detail why ?   L2JHellas probably got the same issue, it's inherent to L2J if you don't rework Player intentions (and solving it with a Config < 500 attack is stupid, if it works for attack it works for other types of desires), also last time I checked L2JHellas he was using my changesets to fix its own stuff (which is ok, copy-paste my knownlist system which is 10y old is fine, but don't say it will act different since it's literally the same sub-system).   About Lucera code source isn't available so it's easy to say it's better, internally you got no clue what is happening and RU forks got the "feeling" to get everything, but everything is half done, everytime I put an eye on such sources (whatever based on l2ru, they only know how to copy-paste each other).   In the other hand, you seem to use aCis since years (I think I see your name since a decade, and you still use it since you made this topic :   Be a little more appreciative about the work done, it's not only mine but my community aswell, and if you find something, consider to report rather than getting such an idiotic behavior.   I understand you're not forced to share any type of fixes, and than people tend to feel superior when they fix something than aCis didn't yet fix. The thing is, for each bug you found, I found and fixed 10x more than you.   409 is way beyond 382 in all possible ways, if you believe the versus good for you, but don't make ppl believe it's the case, because it's not. There's at least 400+ fixed issues (and that's counting 10 issues by revision, which is kinda low) and entire new systems (spawns, SCHs, pathfind, whole AI implemented, Desire system,...).
    • VPSLab
      — VPSLAB — Fast & Private RDP/VPS | 100% Instant Setup

      By VPSLab · Posted

      Active & Taking Orders!
    • Williams
      Attack Speed problem with ultra status server [aCis]

      By Williams · Posted

      better than using 409... Search for L2jHellas or Lucera and you won't have any headaches.

  • Topics

×
×
  • Create New...

AdBlock Extension Detected!

Our website is made possible by displaying online advertisements to our members.

Please disable AdBlock browser extension first, to be able to use our community.

I've Disabled AdBlock