Anti-hacking

snoopy81 · Post by **snoopy81** » Mon Oct 31, 2005 8:00 pm

The main issue here is that mosts available clients have been compressed then decrypted at least once.... That makes the job more difficult/risky for other crypters...

Second issue is changing IPs...
either you distribute a nex client everytime, either you patch the client...
using a patcher that's able to find the proper IP, and patch the client exe!
---that can't be crypted!

I wrote PatchIP, that can recover the IP on a given URL, then modify your client automatically. We use it without major issue since summer 2003.

RageIlluminati · Post by **RageIlluminati** » Mon Nov 07, 2005 1:26 pm

hi, does anybody got newer version of Armadillo that prevents memory patchers?
some links would be nice.. I would like to test it:-D

locobans · Post by **locobans** » Mon Nov 07, 2005 3:19 pm

<a href='http://store.digitalriver.com/servlet/C ... S&Env=BASE' target='_blank'>http://store.digitalriver.com/servlet/C ... nv=BASE</a>

So snoopy you mean you can use a link instead of an ip in a client? such as...testing.no-ip.org :unsure:

snoopy81 · Post by **snoopy81** » Tue Nov 08, 2005 8:19 pm

So snoopy you mean you can use a link instead of an ip in a client? such as...testing.no-ip.org

This could be easelly coded if you compile own client..
Either there is an option in 220 source to use a config file for IP..

As I still use already compiled Aspacked/unaspacked client as most people around, I needed an easy way to host without fixed IP, without having people dl a new client every day.
So I wrote a launcher prog that goes on a known FTP, fetches an INI file, then reads the current IP in this file. After that my prog can patch the client with uptodate IP.
The hoster only need to update the INI file on FTP server when IP changes...

The problem here, was that you coudn't crypt the client ! And patch the IP in the exe...

KLKS · Post by **KLKS** » Thu Nov 10, 2005 1:02 am

i know people underground who can unpack latest aspack and armadillo

but not that it matters anyway ..........

Cleroth · Post by **Cleroth** » Thu Nov 10, 2005 5:03 pm

Yea, those packers are getting old.

RageIlluminati · Post by **RageIlluminati** » Wed Nov 23, 2005 10:26 am

hi... as far as I know.. many 2.24 sources using servers are in trouble with HGhackers...

I figured out little solution.. if you change in source builtdate (default is 1126 or 521 or smthing?) then compile your HGserver.exe and change that value in gateserver config and keep this number in a secret.. then these HGhacks can't connect to your server?
unless they know your builtdate...

as I don't use 2.24 sources anymore... I haven't tested this idea.. but could anyone confirm, is my idea wrong or not..

Dax · Post by **Dax** » Wed Nov 23, 2005 12:07 pm

RageIlluminati wrote: hi... as far as I know.. many 2.24 sources using servers are in trouble with HGhackers...

I figured out little solution.. if you change in source builtdate (default is 1126 or 521 or smthing?) then compile your HGserver.exe and change that value in gateserver config and keep this number in a secret.. then these HGhacks can't connect to your server?
unless they know your builtdate...

as I don't use 2.24 sources anymore... I haven't tested this idea.. but could anyone confirm, is my idea wrong or not..

But if you host your own gate and still send packets to logs from hg.. Find another method.

Jaap · Post by **Jaap** » Wed Nov 23, 2005 2:33 pm

Dax wrote:
RageIlluminati wrote: hi... as far as I know.. many 2.24 sources using servers are in trouble with HGhackers...

I figured out little solution.. if you change in source builtdate (default is 1126 or 521 or smthing?) then compile your HGserver.exe and change that value in gateserver config and keep this number in a secret.. then these HGhacks can't connect to your server?
unless they know your builtdate...

as I don't use 2.24 sources anymore... I haven't tested this idea.. but could anyone confirm, is my idea wrong or not..
But if you host your own gate and still send packets to logs from hg.. Find another method.

You don't even have to establish a connection to the gateserver. Only the worldserver is what you need.

The gateserver and worldserver don't cooperate too.

Dax · Post by **Dax** » Wed Nov 23, 2005 2:45 pm

Jaap wrote:
Dax wrote:
RageIlluminati wrote: hi... as far as I know.. many 2.24 sources using servers are in trouble with HGhackers...

I figured out little solution.. if you change in source builtdate (default is 1126 or 521 or smthing?) then compile your HGserver.exe and change that value in gateserver config and keep this number in a secret.. then these HGhacks can't connect to your server?
unless they know your builtdate...

as I don't use 2.24 sources anymore... I haven't tested this idea.. but could anyone confirm, is my idea wrong or not..
But if you host your own gate and still send packets to logs from hg.. Find another method.
You don't even have to establish a connection to the gateserver. Only the worldserver is what you need.

The gateserver and worldserver don't cooperate too.

But I think the HG hack going around these days isnt edited to not require a gate connection, if it was RageIlluminati wouldnt be saying change the build date.

Ice-T · Post by **Ice-T** » Wed Nov 23, 2005 9:23 pm

gate is secure anyways, but if you could connect to the gate of a server, you could have lots of fun:)

snoopy81 · Post by **snoopy81** » Fri Nov 25, 2005 10:24 pm

hi... as far as I know.. many 2.24 sources using servers are in trouble with HGhackers...

Really ?
A function to detect false Admins is already here, and change onr line of character file data is enought to be sure the hacked character will not come back on a real server.
Of course a real hacker could snif the packets and detect th trick, but most hackers only take tools they find on the net...

Off course an other better way would be the coding of an extra value, so the wouldbe hacker would need to recompile his parasitic server for this new coded value....

Dax · Post by **Dax** » Sat Nov 26, 2005 7:02 am

snoopy81 wrote:
hi... as far as I know.. many 2.24 sources using servers are in trouble with HGhackers...
Really ?
A function to detect false Admins is already here, and change onr line of character file data is enought to be sure the hacked character will not come back on a real server.
Of course a real hacker could snif the packets and detect th trick, but most hackers only take tools they find on the net...

Off course an other better way would be the coding of an extra value, so the wouldbe hacker would need to recompile his parasitic server for this new coded value....

But any adding of vars needs to be coded to the loginserver's packets. No login code is going around these days. And you dont need admin lvl +4 to be a hacker.. Can quite easily edit the character leaving it with 0 admin level.

KLKS · Post by **KLKS** » Sat Nov 26, 2005 1:11 pm

u guys could just stick a firewall with ACL and all this stupid problems will go away. if its not authorised, it wont work

Cleroth · Post by **Cleroth** » Sat Nov 26, 2005 6:48 pm

Leave it KLKS. They're all lazy and stupid.