ghost and huhuhaha

Private Discussion on Helbreath Hack Development, (Do not release hacks which are talked about in here to the rest of the forum unless you write the hacks)
Post Reply
charlie
Outpost4lyfe
Posts: 3324
Joined: Sun Apr 06, 2003 12:24 am
Location: Mt GOD
Contact:
Contact charlie

Post by charlie »

hey i got korean test server exe off a friend and it looks like siementech is trying a new type of protection its still protected with asp and all but when you execute the file it asks you to run from helbreath.exe (the updater program i assume) ive been trying what i know to try and bypass it but im not really sure where to add nops and all ill upload the program ive work out its at 49D9**

Girlfriends are dedicated hookers.
Top
huhuhaha
Regular
Posts: 30
Joined: Wed Nov 19, 2003 12:10 pm

Post by huhuhaha »

:huh: Protection? :lol:
Judging from their abilities in handling simple bug/loophole I doubt this any protection at all & I'm right. They're using commandline parameter.
"TestServer" or "TestServermihosoft".

Code: Select all

0049D8D7  |. BF 14454C00              mov     edi, _TeHelGa.004C4514                          ;  ASCII "TestServer"
0049D8DC  |. 83F9 0F                  cmp     ecx, 0F
0049D8DF  |. B9 05000000              mov     ecx, 5
0049D8E4  |. 8BF2                     mov     esi, edx
0049D8E6  |. 76 46                    jbe     short _TeHelGa.0049D92E
0049D8E8  |. 33C0                     xor     eax, eax
0049D8EA  |. 66:F3:A7                 repe    cmps word ptr es:[edi], word ptr [esi]
0049D8ED  |. 75 72                    jnz     short _TeHelGa.0049D961

into

0049D8E6     EB 79                    jmp     short _TeHelGa.0049D961
Top
charlie
Outpost4lyfe
Posts: 3324
Joined: Sun Apr 06, 2003 12:24 am
Location: Mt GOD
Contact:
Contact charlie

Post by charlie »

:lol: thanks dude :wub:
Girlfriends are dedicated hookers.
Top
Post Reply

Return to “Helbreath Hack Source Development”