Author Topic: Bypass or Antikick still possible?  (Read 1824 times)

0 Members and 1 Guest are viewing this topic.

MonkeyAll3n

  • Guest
Bypass or Antikick still possible?
« on: September 20, 2006, 10:19:11 am »
hey ,

I have been getting kicked for using my trainers lately and really want to somehow disable HB, without needing to know programing. I know it has been done before, but is it still possible? Is antikick possible?

Subsky

  • Insane Joker
  • ****
  • Posts: 504
  • Subskii
    • View Profile
Re: Bypass or Antikick still possible?
« Reply #1 on: September 20, 2006, 04:14:52 pm »
There are a few ways to bypass HRADBA's memory scanning (eg. kicks for #138); directly patch the memory scanning detection algorithm it uses to aways say 'Status: OK'... or implement some kind of memory hiding element in your own custom built trainer (it's called 'rootkit' technology- read about it briefly here).

HRADBA.dll is loaded into vietcong.exe's address space; and can (try) to read any of the processes memory directly; making it hard to beat using most well known API hooking techniques.  This is because HRADBA doesn't use Windows API functions like ReadProcessMemory() to scan memory, like PB (last time I checked) etc.

I'm currently implementing a user-mode version of a very new memory hiding method called Shadow Walking- which can be read about here.  When done correctly- all trainers, new and old will not be detected.

I hate to say it- but you really won't get anywhere unless you know some programming.

Subsky
« Last Edit: September 20, 2006, 04:22:10 pm by Subsky »

Subsky

  • Insane Joker
  • ****
  • Posts: 504
  • Subskii
    • View Profile
Re: Bypass or Antikick still possible?
« Reply #2 on: September 20, 2006, 04:21:10 pm »
And anti-kick does not work (AFAIK)... I tried it a few months ago.

Here, I joined a server- set VC up to ignore certain 'kick me' SRV_MSG's being received- and then had a remote admin kick me.

Although the messages are ignored by the client; and despite you being able to move around for about 30 seconds more... Wwhen the server see's the client does not respond after a certain time period; it closes the connection automatically.

Unless you join with fake/changing info- you're going down- because the server sabotages the connection eventually...

Subsky
« Last Edit: September 20, 2006, 04:29:07 pm by Subsky »

MonkeyAll3n

  • Guest
Re: Bypass or Antikick still possible?
« Reply #3 on: September 21, 2006, 09:40:40 am »
thanks sub...learning programming is on my to do list  :D :D

ZOldDude

  • The Unknown Rank!
  • Administrator
  • MasstKer
  • *
  • Posts: 20874
  • Old School TKC
    • View Profile
    • Admin
Re: Bypass or Antikick still possible?
« Reply #4 on: September 21, 2006, 10:38:51 pm »
And anti-kick does not work (AFAIK)... I tried it a few months ago.

Here, I joined a server- set VC up to ignore certain 'kick me' SRV_MSG's being received- and then had a remote admin kick me.

Although the messages are ignored by the client; and despite you being able to move around for about 30 seconds more... Wwhen the server see's the client does not respond after a certain time period; it closes the connection automatically.

Unless you join with fake/changing info- you're going down- because the server sabotages the connection eventually...

Subsky

I have (as an admin) seen people who's NIC and USER # show in the "LIST" but when you goto kick/ban them "User not found".  :shock:

*While we crash and burn, small, low tech, agrarian societies such as the Hmong in the mountains of Laos will continue on without so much as blinking an eye.*

g-spot

  • Klass Klown
  • ***
  • Posts: 457
  • g-sPot
    • View Profile
Re: Bypass or Antikick still possible?
« Reply #5 on: September 22, 2006, 11:29:00 am »
Yes!

My friend claims to have seen the exact same thing!

Subsky

  • Insane Joker
  • ****
  • Posts: 504
  • Subskii
    • View Profile
Re: Bypass or Antikick still possible?
« Reply #6 on: September 22, 2006, 11:34:08 am »
Yeap- they probably would have joined the server with fake info to begin with.

Bozo_the_clown15

  • Poptart
  • *
  • Posts: 3
    • View Profile
Re: Bypass or Antikick still possible?
« Reply #7 on: September 22, 2006, 12:28:57 pm »
Gah SPAM!!!!

Slow down guys.. All i want is a nice VCHook preferable 4.1 or 5.0 (5.0 seems impossible 4.1 would be nice).

Would that be ok then you guys can teach me how to make it lol..

$3R!N63

  • Online Villain
  • ***
  • Posts: 145
    • View Profile
Re: Bypass or Antikick still possible?
« Reply #8 on: September 22, 2006, 02:03:25 pm »
you can't make a vchook and release it.
Ask RainerStoff

MonkeyAll3n

  • Guest
Re: Bypass or Antikick still possible?
« Reply #9 on: September 22, 2006, 02:50:53 pm »
i wudnt bother to ask rainer why wud he give it to u

$3R!N63

  • Online Villain
  • ***
  • Posts: 145
    • View Profile
Re: Bypass or Antikick still possible?
« Reply #10 on: September 22, 2006, 02:53:14 pm »
lol i was just sending him on an adventure everyone needs in life..

MonkeyAll3n

  • Guest
Re: Bypass or Antikick still possible?
« Reply #11 on: September 22, 2006, 03:13:38 pm »
lol :D

[TKC]Solid Snake

  • Klass Klown
  • ***
  • Posts: 395
    • View Profile
Re: Bypass or Antikick still possible?
« Reply #12 on: September 26, 2006, 05:17:08 am »

I have (as an admin) seen people who's NIC and USER # show in the "LIST" but when you goto kick/ban them "User not found".  :shock:

there is a way of doing that zoldude. in your name, type instead of zoldude, type ~zoldude~, the ~~ will not show in list, name, anywere, so if they try to kick you via name, it will show as player not found. although...the id kicks still work.

MonkeyAll3n

  • Guest
Re: Bypass or Antikick still possible?
« Reply #13 on: September 26, 2006, 05:59:23 am »
yep...bt most admins use player id

[TKC]Solid Snake

  • Klass Klown
  • ***
  • Posts: 395
    • View Profile
Re: Bypass or Antikick still possible?
« Reply #14 on: September 26, 2006, 06:25:14 am »
 :roll: 342? or V easyer?

~V~