U Need Help Protecting Hackers

juggalo2 · Post by **juggalo2** » Thu Jan 05, 2006 4:09 am

hell u may all wonder whats do i have to offer everyone u know thos pescky client hack well and teh stupid log port well i can chnag th log port in ur client to not read 2848 as default but i can chnager to eny port u want. also i cna chnage teh version of it for u to in cleint and masin so only atsht cleint will work with the main.

to resqust plz posted of pm me hope i cna help

RageIlluminati · Post by **RageIlluminati** » Thu Jan 05, 2006 7:59 am

firstly... there is no point of changing port.. with nmap or some portscanner.. you can always figure out new port... and change the port on client you want to use which has hexed with hacks...

secondly, changing version... this should be useful only then... if you can change the version at server too.. so if anybody try to get with some other default 3.51 client... he gets an error: Server and client version does not mach or smthing...

thirdly... everyone have this binarydata memory patcher hack... so if you change port or version, that does not count... still you can apply your hacks with this memorypatcher... every newbie wannabe hacker knows how to use it...

you should try to figure out technics... how to disable memory patcher... and find an good packer.. with what you can pack your client.. so nobody couldn't open it... then is good protection enough.. to change WS name...

for this memory patcher protect.. you can try out some packers.. that protect against memorypatching.. but mostly they can be unpacked by reverse-engineering guys... maybe would be good idea to make something that changes this default 3.51 clients memory structure.. so this good known patcher would not work.. and as far as I know.. 99% of HBplayers does not know.. how to write new memorypatcher... so we get rid of 99% client hackers.. for a while...

Scale · Post by **Scale** » Thu Jan 05, 2006 10:05 am

I myself found a way to pack a client preventing generic unpacking and also becuase its home made it has no unpacker on the web.

The only problem is that every address of the default 3.51 client is known and i cant find a way to change that without having to rebuild the client from 2.20 sources

snoopy81 · Post by **snoopy81** » Thu Jan 05, 2006 5:20 pm

99% of HBplayers does not know.. how to write new memorypatcher... so we get rid of 99% client hackers.. for a while...

Either your server becomes attractive enougth for skilled hackers or you're safe. And there very few skilled people, and many retired ones.

The main threat for a private server is people using products found here, such as Memory patcher or Extasis Hack.

If it's really hard to protect efficienttly against people that wrote those hacks, it's far more easy to protect against people that are only able to use them.

juggalo2 · Post by **juggalo2** » Fri Jan 06, 2006 1:37 am

just tyring to help well for get it i wont eny more

snoopy81 · Post by **snoopy81** » Fri Jan 06, 2006 12:28 pm

just tyring to help well for get it i wont eny more

I meant you ideas are good, I used/coded similar ones for my server too. But an efficient protection is really hard to build.
Every hoster must start with simple idea, and build his own system, as "generic" protection systems will become well known, as their "holes"...

juggalo2 · Post by **juggalo2** » Fri Jan 06, 2006 12:41 pm

ok

)

RageIlluminati · Post by **RageIlluminati** » Fri Jan 06, 2006 2:27 pm

juggalo2 wrote: just tyring to help well for get it i wont eny more

I didn't lame you or smthing.. I took just out problems with ideas.. and tryed to give you directions what sould be developed...

No-1 · Post by **No-1** » Mon Jan 09, 2006 11:00 am

For binary's patcher why dont u do what locobans server does?It shut the client down as soon as u open the hbhax patcher just like what inter did for tsearch.And since they dont have the source they wont be able to change the name so its blocked for ever unless binary does another one.

RageIlluminati · Post by **RageIlluminati** » Mon Jan 09, 2006 12:20 pm

No-1 wrote: For binary's patcher why dont u do what locobans server does?It shut the client down as soon as u open the hbhax patcher just like what inter did for tsearch.And since they dont have the source they wont be able to change the name so its blocked for ever unless binary does another one.

emmm... binarydatas hacks name can be changed..

snoopy81 · Post by **snoopy81** » Mon Jan 09, 2006 9:34 pm

For binary's patcher...

There 2 really efficient ways:
-1 (easyest)
Just dl the coments or sources of the memory patcher, then modify your client in a way that addresses patched by this memory patcher move, even a little bit. Any atttemp to use this memory patcher, will at best not work, at worst crash the client. ( But one could rewrite this specifically for your edited client )
Can be achieved 2 ways: change the exe structure (I guess it's possible, but don't know how), or hex the client (change jumps, invert instructions...). This way works fine.

-2 (more difficult)
Perform a memory CRC check of the client, and send result to the server. If the exe was hacked the server would know. (Started that but still not completed)
( Still possible to hack that, but really few people have the skill for that)

<span style='color:blue'>Most Hacks attenpts, you can protect against.
But you must know how the hack works, and have some control over server(s) and client. Either you code your own server/clients or you're skilled enougth to modify compiled exe...</span>
When your protections will be known, some skilled hacker may find a new way. So keep up to date !

RageIlluminati · Post by **RageIlluminati** » Tue Jan 10, 2006 8:47 am

snoopy81 wrote: or hex the client (change jumps, invert instructions...). This way works fine.

tell me more... give an example or manual how to do that...

what does it mean: jumps, instructions