TKC-Community
Hacking and Art => Armed Assault 3 => Armed Assault 2 => Topic started by: joker10 on May 27, 2011, 05:25:56 pm
-
Dear fellow members,
Need some help. I am able to use the zump hack in other servers however when I join this particular A2L Zargabad Server, I'm not able to move at all upon loading into the server. I'm frozen and unable to do anything. I've used both methods of the hack, one is using the warfare2vehicle pbo that was released here and another is by spawning the actual zump pbo and addon-spoofing it. The hack works in other servers however when I join this particular server, I'm frozen and unable to do anything. I have to then press Alt F4 to forcefully shut down the game.
Is there anything particular that the server administrators have done to detect this? How can we possibly over-ride this? If anyone is able to share info, please do not hesitate to share your wisdom here or to me in a PM if your afraid double agents will use this info against us.
Many thanks in advance, and thank you for a wonderful community and website.
-
Either look at the mission file and see how you are being detected, or hex edit your client to stop disableUserInput from working.
-
Removed for the lulz
-
Either look at the mission file and see how you are being detected, or hex edit your client to stop disableUserInput from working.
-
How do I possibly hex edit and do that? Could you guys possibly teach me how to do that? In a pm or something?
I would sincerely appreciate if you could share your knowledge. Thanks.
Oh & Matt, Expect us.
-
Just grab any hex editor and search and replace any references to disableUserInput to something of equal length.
Eg. disableUserInput -> lolwutsUserInput
-
Could Some one tell us how step by step?
-
Note that the hex-editing of disableuserinput is just one way of disabling it, so if you just happened to start checking the exe for changes, it could still be bypassed.
Too bad, Matt + Jones.
-
You don't need to hex-edit anything, you can hook the disableUserInput script function callback, it's extremely easy to find and disable :icon_thumbsup
NOTE: Hex editing/hooking this function might help you, but it isn't everything!
if ((isClass (configFile >> "CfgPatches" >> "Ribalion"))) exitWith
{
[] execVM "nc.sqf";
};
if((isClass (configFile >> "CfgPatches" >> "ACCPack")))exitWith
{
[] execVM "nc.sqf";
};
if((isClass (configFile >> "CfgPatches" >> "Schleiflshackpack")))exitWith
{
[] execVM "nc.sqf";
};
if((isClass (configFile >> "CfgPatches" >> "awk_ch34tsDevString_ak")))exitWith
{
[] execVM "nc.sqf";
};
if((isClass (configFile >> "CfgPatches" >> "loki_lk")))exitWith
{
[] execVM "nc.sqf";
};
if((isClass (configFile >> "CfgPatches" >> "zump")))exitWith
{
[] execVM "nc.sqf";
};
if((isClass (configFile >> "CfgPatches" >> "water")))exitWith
{
[] execVM "nc.sqf";
};
if((isClass (configFile >> "CfgPatches" >> "gerk")))exitWith
{
[] execVM "nc.sqf";
};
if((isClass (configFile >> "CfgPatches" >> "mors_anygear")))exitWith
{
[] execVM "nc.sqf";
};
if((isClass (configFile >> "CfgPatches" >> "CHN_TroopMon")))exitWith
{
[] execVM "nc.sqf";
};
if((isClass (configFile >> "CfgPatches" >> "AlexanderPack")))exitWith
{
[] execVM "nc.sqf";
};
if((isClass (configFile >> "CfgPatches" >> "MRMEDIC_TroopMon")))exitWith
{
[] execVM "nc.sqf";
};
//Gman
{player sidechat format["%1 I AM A CHEATER",_x]} foreach thislist;
disableuserinput true;
processInitCommands;
diag_log format["HACK DETECTED: %1 tried to join with a hack!", _x];
MRMEDIC UR EXPOSED! lol
if you want to fix this, try avoiding the scans, or else you'll be logged as well (and banned later most likely)
-
MRMEDIC UR EXPOSED! lol
lol
-
Well here's a bypass which WILL STILL DETECT YOU but your keys won't be frozen (it also might be helpful for other scripts which disable your input for whatever reason)
int __cdecl new_disableUserInput_cb( int a1, int a2, int a3 )
{
*( DWORD* )( a3 + 4 ) = 0;
return pdisableUserInput_cb( a1, a2, a3 );
}
pdisableUserInput_cb = ( disableUserInput_cb_t ) GDet.Create( ( BYTE* ) 0x006E2394, ( BYTE* ) new_disableUserInput_cb, DETOUR_TYPE_JMP );
Now if I could only figure out how isClass works... HUMMMM :icon_thumbsup
EDIT:
Note, you can also hook execVM, but if they changed the name of nc.sqf it wouldn't be helpful
EDIT:
For the easiest method though, and if you have your own PBO, just change the detected bits around O___o
-
or change the d to a p :smile
pis ableuserinput
or lock the variable to 0 or
even better ..uninstall the game and snap the dvd , grab a beer , get some mates over to the house , have a party , forget about bi and their shit series of games ..problem solved , can i get an amen?
-
All that a2l does is check to see if certain words exist in any of your pbo's, these words being the names of hack programs or their authors. If the words are found, then it runs the nc.sqf script which disables user input. You can evade a2l simply by changing a couple letters in your hacked PBO, no getting rid of "disableUserInput" required. Just check what are the words (listed in init.sqf) that trigger nc.sqf. Then go to your hack .pbo and change all these words (Gerk, Ribalion and Water) to something that is the same length, but make sure any words that are .sqf file names are changed to something that occupies the same alphabetical order (ie, changing "Gerk" to "Merk" will fuck it up because then Merk.sqf should be somewhere else in the compiled pbo... but changing it to "Germ" will be fine since Germ.sqf should be in the same place Gerk.sqf was).
-
All that a2l does is check to see if certain words exist in any of your pbo's, these words being the names of hack programs or their authors. If the words are found, then it runs the nc.sqf script which disables user input. You can evade a2l simply by changing a couple letters in your hacked PBO, no getting rid of "disableUserInput" required. Just check what are the words (listed in init.sqf) that trigger nc.sqf. Then go to your hack .pbo and change all these words (Gerk, Ribalion and Water) to something that is the same length, but make sure any words that are .sqf file names are changed to something that occupies the same alphabetical order (ie, changing "Gerk" to "Merk" will fuck it up because then Merk.sqf should be somewhere else in the compiled pbo... but changing it to "Germ" will be fine since Germ.sqf should be in the same place Gerk.sqf was).
I concur, but just to be safe i disabled the script in mine as well.
Hooking the engine's execVM function is fairly simple. I know i said it was a bad idea in my last post, but, isClass hooking is harder than it should be :icon_razz2