Go Back   GamerzPlanet - For All Your Online Gaming Needs!! > ijji Games > Gunz Online > Gunz General Discussion
Reload this Page Release Trinity's anti-hack
Home GzP Upload GzP Arcade Register All Albums FAQDonate Calendar Gameroom Today's Posts

Gunz General Discussion Anything Gunz related apart from hacking.


Trinity's anti-hack

Gunz General Discussion


Reply
 
Thread Tools Display Modes
Old 10-31-2009, 01:10 PM   #1
Scurvy
Registered User
 
Last Online: 11-16-2009 11:35 AM
Join Date: Sep 2009
Posts: 32
Rep Power: 0
Rep Points: 14
Scurvy is on a distinguished road
Feedback: (0)
Points: 1,989.14
Bank: 0.00
Total Points: 1,989.14
Trinity's anti-hack
Was just wondering if someone had a hand on it yet. I've posted this up a few minutes ago somewhere on this forum:

Quote:
Originally Posted by Scurvy View Post
Nothing is as worse as Trinity's, lol. I've been looking into that this afternoon by accident, was just wondering. They simply edit the hash that is generated from Gunz.exe. Mostly by an absolute zero (XOR).

ASM: (Taken from aikido.dII)
Code:
10004930   8B4424 10        MOV EAX,DWORD PTR SS:[ESP+10]
10004934   32C9             XOR CL,CL
10004936   C600 23          MOV BYTE PTR DS:[EAX],23
10004939   C640 01 11       MOV BYTE PTR DS:[EAX+1],11
1000493D   8848 02          MOV BYTE PTR DS:[EAX+2],CL
10004940   8848 03          MOV BYTE PTR DS:[EAX+3],CL
10004943   8848 04          MOV BYTE PTR DS:[EAX+4],CL
10004946   8848 05          MOV BYTE PTR DS:[EAX+5],CL
10004949   8848 06          MOV BYTE PTR DS:[EAX+6],CL
1000494C   8848 07          MOV BYTE PTR DS:[EAX+7],CL
1000494F   8848 08          MOV BYTE PTR DS:[EAX+8],CL
10004952   8848 09          MOV BYTE PTR DS:[EAX+9],CL
10004955   8848 0A          MOV BYTE PTR DS:[EAX+A],CL
10004958   8848 0B          MOV BYTE PTR DS:[EAX+B],CL
1000495B   8848 0C          MOV BYTE PTR DS:[EAX+C],CL
1000495E   8848 0D          MOV BYTE PTR DS:[EAX+D],CL
10004961   C640 0E 02       MOV BYTE PTR DS:[EAX+E],2
10004965   C640 0F 32       MOV BYTE PTR DS:[EAX+F],32
10004969   C3               RETN
In C++ that would be:
Code:
//Load the value that is loaded into the EAX register first, that's the 4th parameter, which would be the MD5 hash of Gunz.exe.
BYTE byMD5Hash[] = {
    0x23, 0x11, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x2, 0x32
}
I'll make an update for Trinity first. For now, this doesn't work anymore and most likely will get you banned. Therefore, don't use it, and a lock is requested.

Once again, I don't promise anything yet. I've got a lot more to do. Might take a few days, might take a few weeks.
Someone has found this already? Or any other checks?
Scurvy is offline   Reply With Quote
Old 10-31-2009, 02:51 PM   #2
Aesmade
I am the lizard king
 
Last Online: Today 03:31 AM
Join Date: Jul 2009
Posts: 258
Rep Power: 1
Rep Points: 56
Aesmade will become famous soon enough
Feedback: (0)
Points: 857.68
Bank: 3,040.48
Total Points: 3,898.16
Re: Trinity's anti-hack
Open aikido.dII in olly, search for referenced strings, all of the checks are there. I've bypassed it a couple times, can't be arsed to make a bypass for the latest version, though I doubt it's much different, I prolly just need to update some addresses.
Aesmade is offline   Reply With Quote
Reply

Bookmarks

« Previous Thread | Next Thread »
Thread Tools
Display Modes
Hybrid Mode Hybrid Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off
Forum Jump

All times are GMT -7. The time now is 03:47 AM.
 

Copyright ©2009, GamerzPlanet.Net
Visits: