Jump to content
MaxCheaters Official Group on Discord
-> Place your ad text here <-
We're Rebuilding – Join Our Staff Team

[EXCLUSIVE SHARE] IG WALKER FOR KASHA PROTECTION (L2Elixir,L2Dex etc.) UPDATED!!

TILEMACHOS

By TILEMACHOS
in Botting [English]

 Share

Recommended Posts

MasterWalker Newbie

MasterWalker

Posted
Posted

On this server (http://www.lineageii.com.br/) that told you test, the run up to L2Walker IG, as well as on any other server that has Kasha, and it looks to use a method of very stupid. But you must use two clients as emir0n suggested.

 

PS: Note that AntiBot is stopped, which makes the detection of L2fork, Proxifier and L2Walker.

 

See the picture:

 

10581034.jpg

 

23073702.jpg

 

49266519.jpg

 

TILEMACHOS Newbie

TILEMACHOS

Posted
  • Author
Posted

As i Understand you can continue login in Gameserver even if Process Explorer is detected and Closed??

I think Patch with a loader is a good idea to bypass some Threads that running...

I have to learn if that can be done...i ll start a search about loaders on Enigma Protector and VmProtect...

You gave me a good idea now and if cam be done there will be no any obstacle for any protection bypass :D

I ll need some time to do this because i have used loaders ony for simple apps and not L2

 

__________

 

UPDATE :

 

Not a good idea...Both Packer are strong Protected against Loaders.. :/

emir0n Newbie

emir0n

Posted
Posted

looks good

anyway its also possible to make the crossconnection with original client/clean client+l2net

anyway bit OT : hidetoolz for win7/x64 still not out ? didnt find any updated version till now

 

MasterWalker Newbie

MasterWalker

Posted
Posted

As i Understand you can continue login in Gameserver even if Process Explorer is detected and Closed??

I think Patch with a loader is a good idea to bypass some Threads that running...

I have to learn if that can be done...i ll start a search about loaders on Enigma Protector and VmProtect...

You gave me a good idea now and if cam be done there will be no any obstacle for any protection bypass :D

I ll need some time to do this because i have used loaders ony for simple apps and not L2

 

__________

 

UPDATE :

 

Not a good idea...Both Packer are strong Protected against Loaders.. :/

 

Tilemachos, even with the detected ProcessExplorer I can still log in, because when I see that Kasha has detected the process, then I shall adjourn the l2.exe action, and then active again, so that the notification window does not close the antibot consequently the login screen of the client also does not close. So just use the method suggested by emir0n (L2Fork, Proxifier and L2Walker IG / OOG).

 

But we do not know how long this method will work, because the antibot can be corrected.

MasterWalker Newbie

MasterWalker

Posted
Posted

If lineageii.com.br worked with non-BR ip's, I'd show you how to make a clean system folder. Kasha protection is really easy to disable.

You could then do a clean system of Lineage II as an example?

 

I believe that IP is not BR.

TILEMACHOS Newbie

TILEMACHOS

Posted
  • Author
Posted

looks good

 

anyway bit OT : hidetoolz for win7/x64 still not out ? didnt find any updated version till now

 

HideToolz is Just a Program that works Like Phant0m Plugin for OllyDbg...It is Using a "Non Plug n Play Device" Driver that is Loaded when you are Starting the program...

You can find the Devices in : Control Panel -> Device Manager : View -> Show Hidden Devices and now look Down in the Devices for "Non Plug n Play Drivers"  There you can Find the Drivers are Created From proccess like HideToolz and Proccess Explorer

 

The Same uses the Enigma Protector (Loads up his own Divice witch is a "Proccess Explorer" by it Self) to trace for Hidden and Illigal Proccess by the Name of the Driver...Here is a really Good Program Very Similar for Searching what i m talking About and can see anything running on Computer : RootKit UnHooker (WinXP Only)

 

 

I don't Remember what is the Name is Used by HideToolz but i can Change it in a Debbuger :D

That means Even if it is not working and HideToolz can be Detected i can make them Stealth again...!

So inform me if HideToolz are Detected and i ll Share a Version that is Stealth :D

 

I did the Same with Proccess Explorer wich i renamed it in Navicat Explorer ("NaviExp" for Driver Name) :D

 

L2.Net has an Internal Proccess Name tottaly Different from that we can see...Oddi Knows offcourse what i am talking About and i have to say that doing this is Clever...

 

Ps: Oddi The Source Obscufator that your team is using on L2.NET Believe me is doing Great Job and it worths the Moneys that you guys Spend ;)

 

Tilemachos, even with the detected ProcessExplorer I can still log in, because when I see that Kasha has detected the process, then I shall adjourn the l2.exe action, and then active again, so that the notification window does not close the antibot consequently the login screen of the client also does not close. So just use the method suggested by emir0n (L2Fork, Proxifier and L2Walker IG / OOG).

 

But we do not know how long this method will work, because the antibot can be corrected.

 

Nice Exploit found by MasterWalker :D :D

 

If lineageii.com.br worked with non-BR ip's, I'd show you how to make a clean system folder. Kasha protection is really easy to disable.

 

Oddi you mean that you can make a new clean system that can directly connect to the server with out any Problem and hacks Attached on? Some but i think all Server Systems are including a file...the L2.dll wich is essensial to make the connection and the purpose of this file is packet Crypt/Decrypt...

Just tell that you can do what i understand!!!  :o  :D

TILEMACHOS Newbie

TILEMACHOS

Posted
  • Author
Posted

Normally after Detecting a Tools it should Countdown until Kill the Client...

This will fixed fast guys...But there is Something i hope Kasha reads :

 

YOU 'LL NEVER STOP US WITH A STUPID ENIGMA PROTECTOR :D :D

 

1) WE CAN CHANGE NAMES TO DRIVERS

2) WE CAN CHANGE NAMES TO APPS

3) WE CAN BRUTE CRC (soon i ll share that and works for every packer)

4) SOON WE'LL CAN UNPACK AND CRACK

 

KISSES HAPPY NEW YEAR

[move]-=WITH LOVE NAVICAT=-[/move]

 

Oddi Newbie

Oddi

Posted
Posted

Oddi you mean that you can make a new clean system that can directly connect to the server with out any Problem and hacks Attached on? Some but i think all Server Systems are including a file...the L2.dll wich is essensial to make the connection and the purpose of this file is packet Crypt/Decrypt...

Just tell that you can do what i understand!!!  :o  :D

 

Take a look at this:

http://insane-gamers.com/showthread.php/9462-SOLVED-www.beyond.lt

 

That server uses kasha protection, with my system folder both walker and l2net works with no tools.

TILEMACHOS Newbie

TILEMACHOS

Posted
  • Author
Posted

Take a look at this:

http://insane-gamers.com/showthread.php/9462-SOLVED-www.beyond.lt

 

That server uses kasha protection, with my system folder both walker and l2net works with no tools.

 

I think that this Server is Protected by Kasha but the only changed thing is the Blowfish...

If they payed for this they are really Jerks

This Server has not the L2.dll (AES) if there was you ll get ConnectionTimeout (Disconnect)

Like L2DEX does...hope you understand me :)

 

This Server has a packed Engine.dll with Enigma so you can't just debbug Dump etc. and find the Moded Blowfish in there...

So i think you find the blowfish while sniffing the TCP connection and you patched a clean system with Bfishy.dll and set in L2.ini IP to Localhost for redirecting the Connection on L2.NET... Am i Right??

 

Offcourse this is a low Protection for servers...and if there are Server patched like this one by Kasha there are LOL easy to break hehe

emir0n Newbie

emir0n

Posted
Posted

when i remember right the early versions of kasha were just changing the blowfish and they were monitoring the process names for unwanted applications and nothing more ...

anyway ... does kasha protection come with free updates,or do u have to buy them to stay "uptodate" ?  :o

TILEMACHOS Newbie

TILEMACHOS

Posted
  • Author
Posted

when i remember right the early versions of kasha were just changing the blowfish and they were monitoring the process names for unwanted applications and nothing more ...

anyway ... does kasha protection come with free updates,or do u have to buy them to stay "uptodate" ?  :o

 

Well as i know...

You Send your System to Kasha from account that you creating after paying

He gives you a file save Folder on his site where you can login with username and Pass to a link he gives you...

You Send the unprotected original system that you made and anything Server side that need to be changed and after he adds the protection you get the files from your Web folder...

I once found the L2DEx link Space i'll look and i ll post it as a proof :P

 

Anyway really noobie change only blowfish but i understand that some servers has not enough money to spend...

 

____________________________________________________________________

UPDATE : Link that Admins from L2DEX are Connected with Kasha (Web Folder)

I am sure that in this Folder there is all essential files that Lineage.ro won't Leaked somewhere..Unprotected System,Server Side Auth etc. :D :D

 

Lineage.ro Web Folder

Think Someone can Bruteforce or what else and Login??

_____________________________________________________________________

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing


  • Posts

    • Kowalskiz
      Christmas is approaching. Let's discuss the Xmas event NPC

      By Kowalskiz · Posted

      I'm using Myext64 HF and recently tried to replicate the "br_xmas09_event" Raising Rudolph Event. Detailed event information can be found at https://legacy-lineage2.com/news/_rudolf_the_red.html After configuring .eventdata.xml and starting the server, t  server log shows: 12/02/2025 15:39:01.809, [NO_ERROR] SpawnEx2 [br_xmas2009_invisible][schuttgart20_npc2213_xs03m1] [1][0][0][0][0][346796390] 12/02/2025 15:39:02.057, DummyPacket received from L2Server 12/02/2025 15:39:02.058, server socket close 312ac(f0820224) error(997) 12/02/2025 15:39:02.058, [CallStack][tid:0][tick:2][0] Begin 12/02/2025 15:39:02.058, [CallStack][tid:0][tick:2][1][0] void __cdecl IOThreadCallback::IOThread_common(void) 12/02/2025 15:39:02.059, [CallStack][tid:0][tick:2][2][1] void IOThread_common 1 12/02/2025 15:39:02.059, [CallStack][tid:0][tick:2][3][2] void __cdecl CIOSocketEx<class CIOBufferEx<16384> >::Close(void) 12/02/2025 15:39:02.059, [CallStack][tid:0][tick:2][4][3] void __cdecl CServerSocket::OnClose(void) 12/02/2025 15:39:02.059, [CallStack][tid:0][tick:2][5] End l2server log: 12/02/2025 15:39:02.112, npc server closed(127.0.0.1) error: 64 read buffer size: (server:0 npc:0) 12/02/2025 15:39:02.112, [NO_ERROR] L2Server is under protection mode!!! 12/02/2025 15:39:02.112, [NO_ERROR] L2Server is under protection mode!!! 12/02/2025 15:39:02.112, [NO_ERROR] L2Server is under protection mode!!! 12/02/2025 15:39:02.131, dwTime[0] < 80 !!!!!!! 12/02/2025 15:39:02.131, [CallStack][tid:7][tick:1][0] Begin 12/02/2025 15:39:02.132, [CallStack][tid:7][tick:1][1][0] void __cdecl IOThreadCallback::IOThread_common(void) 12/02/2025 15:39:02.132, [CallStack][tid:7][tick:1][2][1] void IOThread_common 1 12/02/2025 15:39:02.132, [CallStack][tid:7][tick:1][4][3] void __cdecl NpcSocket::OnClose(void) 12/02/2025 15:39:02.132, [CallStack][tid:7][tick:1][3][2] void __cdecl CIOSocketEx<class CIOBufferEx<16384> >::Close(void) 12/02/2025 15:39:02.132, [CallStack][tid:7][tick:1][5] End 12/02/2025 15:39:31.767, server closed(127.0.0.1) Error: 64 Read buffer size: (server:0 npc:0) 12/02/2025 15:39:31.768, [NO_ERROR] Logout All Characters : 1   The NPC server sent a packet to the L2 server while generating the br_xmas2009_invisible game NPC server, and the NPC server subsequently crashed.     After some digging, I found a clue in a very old MXC post, but the fix was for the GF version. The whole problem is in l2server side support for NPC function CreateOnePrivateNearUser. It sends CreatePacket but Koreans made some changes in it (added instance ID) so it got broken. As Santa event is the only AI that uses this function, they probably don't know about it    So is there a way to fix this problem, specifically for Myext64 HF? I'd be happy to buy him coffee.
    • Tryskell
      How to start learning Java using Lineage 2 as an example?

      By Tryskell · Posted

      Offtopic, personal attacks, probably too old to use that much memes and what's YOUR actual contribution to L2J, in order I laugh aswell ?   The main poster quotes my pack so I answer accordingly, while you advertise L2JFrozen in both of your posts - discontinued since 2014 (? 1132 rev), with none taking back the open source lead while anyone could.   If you're somewhat affiliated to hopzone, you probably packed way more money than me. Packs don't make any type of money (barely 100e/month) and if you would follow me, you would know there are ways to handle it or even getting paid.   Hope I was short enough, 🧂🤡.
    • byPain
      [SHARE] Beatiful Landing page for ur lineage 2 project

      By byPain · Posted

      Hi guys, this is a CMS im sharing for lineage 2 servers, im tired of the crap i see on new release servers. Dont let me start on the IA developed ones lmao.   📋 Description Free and open source template to create landing pages for Lineage 2 private servers. Designed with a dark fantasy theme and modern animations. ✨ Current Features This FREE version includes: Complete Landing Page - Professional design ready to use Multi-language Support - Spanish, English, Portuguese Dark Fantasy Theme - With animated UI elements Server Information - Rates, features, and rules Olympiad Ranking - Rankings display Download Section - For game client Skins and Animations Gallery Streaming Widget - Twitch/Kick integration Fully Customizable - Via configuration files ❌ Not Included in Free Version ❌ User Registration System ❌ Online Players Counter ❌ Donation Panel 💎 Premium Integrations IntegrationPrice Registration System $50 USD Online Players Counter $50 USD Donation Panel $50 USD   📧 Contact: https://gh0tstudio.com 🛠️ Tech Stack Technology    Version    Description React              19.2.0       UI Library TypeScript       5.8.2        Static typing Vite                 6.2.0         Build tool TailwindCSS   CDNCSS    Framework Lucide React   0.554.0         Icons i18next           23.16.0       Internationalization react-i18next   15.1.0        React bindings for i18n All documentation provided for AI AGENTS to make changes on the ui texts and so on. u can have a look on the cms fully working with donation panel, online count and register via: https://crmlineage2.vercel.app/ https://github.com/6h0T/CRM-LINEAGE2-FREE If u are in the lookings to develop a unique website for ur projects, u can dm me or contact me throw my socials on my profile. all code has encrypted references so any type of rebranding, copying or selling without authorization will result in take downs
    • byPain
      [WTB] L2 website + account panel + donate panel

      By byPain · Posted

      Hello dude, i can help u out, i reached to u via DM, my studio is https://gh0tstudio.com i have worked with almost 40 brands on developing Private Lineage and Mu online servers, dashboard for vote pages and more. I sent u some examples too
    • protoftw
      Graphic/Html Designs - Protojah

      By protoftw · Posted

      L2 TARTARUS - HTML DESIGN       L2 KOMBAT - ANIMATED BORDER   L2 SERENITY - ANIMATED LOGO   L2 ARCANE - COMMUNITY BOARD     L2 AMERIKA - ADVERTISING BANNER   L2 ZERON - ADVERTISING BANNER  

  • Topics

×
×
  • Create New...

AdBlock Extension Detected!

Our website is made possible by displaying online advertisements to our members.

Please disable AdBlock browser extension first, to be able to use our community.

I've Disabled AdBlock