Author Topic: Undedected Configs  (Read 5985 times)

0 Members and 1 Guest are viewing this topic.

M. O.

  • Administrator
  • MasstKer
  • *
  • Posts: 9184
    • View Profile
    • http://www.tkc-community.net
Re: Undedected Configs
« Reply #15 on: August 01, 2008, 06:52:15 pm »
You have to start with the basics. This is a little bit more advanced level, but not much. See if you can make an unlimited ammo trainer (or some other freeze-trainer) for some other game than arma (arma has a hard-coded "protection" for it - a bit more advanced).

You need to get accustomed to memory searchers like CheatEngine, and then some trainer maker kit (if you don't program).

1.) Basic Hacking Program Knowledge / Cheat Engine, Trainer Maker Kit
2.) Auto Hack Knowledge / NOP-Freeze hacks.
3.) Basic ASM Knowledge / Code Caves
4.) You're ready for what we talk about here.

The general gamehacking section is a good place to start.
Heckling is an art, and game hacking a science.

h0nt3r

  • Cheater Apprentice
  • *
  • Posts: 18
    • View Profile
Re: Undedected Configs
« Reply #16 on: August 02, 2008, 08:46:50 am »
I have some basic knowledge, I even found those strings in the debugger, but I am not sure on what to do logically then.

I assume I have to break where the game uses them, but what I do from there? MrMedic?

Kruniac

  • Cheater Apprentice
  • *
  • Posts: 14
    • View Profile
Re: Undedected Configs
« Reply #17 on: August 02, 2008, 10:48:13 pm »
I have some basic knowledge, I even found those strings in the debugger, but I am not sure on what to do logically then.

I assume I have to break where the game uses them, but what I do from there? MrMedic?


Thats exactly where I've gotten. I've found the strings for AcceptedKey (Among others which sound suspicious), and Medic just told me to get a better hex editor. So now I have the full version of hiew, but thats all. I really just need to know which byte to change in the AcceptedKey string. If its more complicated then that, at least let me know so I dont stare at the value thinking "...It could be any of these bytes. Any.. single... one."


Quote
edited out  i posted the solution but then i thought about it ..lets see if they can come up with it themselves..

Maybe instead of stick-and-carroting us newbies around and always reminding us you have the answers we need, you could provide a step-by-step guide to the solution, complete with explainations of every step not so much to prevent mistakes, but to provide learning.

Rather like a teacher does in the classroom. For instance.

The byte 74 needs to be change to <this>. Why? Well, previously, byte 74 conducted <this action/mechanism>, and by changing it to <this>, we see that the executable instead activates <this>. This is called <insert term here>. You can find other examples of this at <insert link to information on the method used, maybe even a wikipedia entry on hexidecimal values>.

It's one thing to sit around and ask for a release without doing any work yourself, however, I'm more than willing to "do-it-myself", if I had the slightest idea of what I was doing. Reading up on executable/hex hacking isnt going to help me hack this particular executable. Maybe compile a key or index of the various values in arma.exe and put it in a .txt file for us newbies to use? That way we know exactly what we are looking for, and can experiment with the values to get varying results.


M. O.

  • Administrator
  • MasstKer
  • *
  • Posts: 9184
    • View Profile
    • http://www.tkc-community.net
Re: Undedected Configs
« Reply #18 on: August 02, 2008, 11:15:31 pm »
Your questions make me think this is a little bit too advanced for you. At this stage. You don't change bytes on the fly like that, you need to disassemble the program and see what asm-instructions that have to be changed. In the end it will show up as changed bytes. But in order to change those "bytes" you need basic asm-knowledge. So that's where you have to start.

A fix for the acceptedkey routine probably includes a new jump or similar. The best scenario is when it only needs a modified jump. That might involve a one byte change.

Basically it could work like this:

1. Check the key. Some comparison. Result R.
2. If R Good, then jump to OK-code (no further actions).
3. Else Jump Bad-Code (show messagebox, commence anti-player actions etc).

So you need to make the Jump Bad-Code (some kind of jmp) jump to the OK-code. That way the OK-code will run always.

(Edit. OR: make the comparison always return a good R).

Your goal is to find the code chunk that includes 1-2-3 and that's some creative business. There are loads of ways to find it, but you're interested in the easiest and fastest one. Ie you need to find a good breakpoint that leads your right on spot.
« Last Edit: August 03, 2008, 01:17:01 am by Mullah Omar »
Heckling is an art, and game hacking a science.

h0nt3r

  • Cheater Apprentice
  • *
  • Posts: 18
    • View Profile
Re: Undedected Configs
« Reply #19 on: August 03, 2008, 12:54:53 am »
I am trying that, but I'd still be happy for some real hints from MrMedic other than assumptions.

But thanks anyway.

EDIT: These strings are only used on game launch (all in one place and at once, so it has nothing to do with a certain condition), but I don't know what to do then. Any hints?
« Last Edit: August 03, 2008, 01:27:14 am by h0nt3r »

MrMedic

  • MasstKer
  • ********
  • Posts: 8900
  • programmer/dev/software engineer
    • View Profile
Re: Undedected Configs
« Reply #20 on: August 03, 2008, 09:20:36 pm »
1 : acceptedkey ...

find what calls it , and what compares it

2 : after step 1 , step 1 must be completed

found call .. do soemthing with it to make it think its allways acceptedkey what has been returned

3: after step 1 and 2 have been completed

join any server with any hacked data and play

its relatively simple , i think mullah could be correct in the assumption this could be above your base of knowledge to accomplish.

good luck.
« Last Edit: August 03, 2008, 09:39:10 pm by MrMedic »
EnCoded Message: i3iy9yl8kr2xf3g2Txs3pr6ye3ya7jg5ty2z

https://www.youtube.com/watch?v=62_7-AYfdkQ
you need a paypal account for the private versions.

Website:
http://bit.ly/medic101

Teamspeak 3: 85.236.101.5:10157

h0nt3r

  • Cheater Apprentice
  • *
  • Posts: 18
    • View Profile
Re: Undedected Configs
« Reply #21 on: August 03, 2008, 11:00:24 pm »
Thx MrMedic.

I have debugged it starting at the string reference and found that ArmA copies all these strings to some allocated memory.
Now I set a breakpoint on that memory, but it only breaks at some weird string comparison functions that compare it to strings that have nothing to do with sig checking.

Hm, I have a feeling I started wrong? Did you also start at the reference, or did you just put a breakpoint on the string itself?

I dont think its above my head, I just seem to miss something. Any more concrete pointers?

M. O.

  • Administrator
  • MasstKer
  • *
  • Posts: 9184
    • View Profile
    • http://www.tkc-community.net
Re: Undedected Configs
« Reply #22 on: August 03, 2008, 11:43:26 pm »
We got to be careful with information in public. We have special sections for more detailed instructions/debate.

I don't think the nice people here would like a BE-developer know all the details for instance. I.e. how the cheats work. That would spoil the fun for hundreds of people. Same goes for all other anti-cheaters, like BIS, and some other people who can't think out of the box.
Heckling is an art, and game hacking a science.

ZOldDude

  • The Unknown Rank!
  • Administrator
  • MasstKer
  • *
  • Posts: 20874
  • Old School TKC
    • View Profile
    • Admin
Re: Undedected Configs
« Reply #23 on: August 04, 2008, 12:29:03 am »
Quote
We have special sections for more detailed instructions/debate.

The programmers/developers don't put everything out for the public to read,thus the many and multi levels of Dev sections.
Feel free to apply when you advance your skills.

Z

*While we crash and burn, small, low tech, agrarian societies such as the Hmong in the mountains of Laos will continue on without so much as blinking an eye.*

h0nt3r

  • Cheater Apprentice
  • *
  • Posts: 18
    • View Profile
Re: Undedected Configs
« Reply #24 on: August 04, 2008, 12:46:01 am »
We got to be careful with information in public. We have special sections for more detailed instructions/debate.

I don't think the nice people here would like a BE-developer know all the details for instance. I.e. how the cheats work. That would spoil the fun for hundreds of people. Same goes for all other anti-cheaters, like BIS, and some other people who can't think out of the box.
Who talks about all details?

I feel I am not welcome here because of my questions. I seriously wonder why you guys have a public forum then if you only share information in private and don't want anything to be answered publicly.

Do you know game deception? There hackers share their stuff publicly, so others can learn etc.. I think that is the way to go, but if people are only interested in their own advantages then of course not...

Seems like this place is only for a few elite guys? Maybe Im wrong here then.
PLease dont feel offended!

M. O.

  • Administrator
  • MasstKer
  • *
  • Posts: 9184
    • View Profile
    • http://www.tkc-community.net
Re: Undedected Configs
« Reply #25 on: August 04, 2008, 01:07:03 am »
This is no page for anti-cheat research.

Over the years we've had to adapt to the situation caused by the close relation: anti-cheat <-> cheat developers. One of the measures was to protect our releases, just like the anti-cheaters protect their games. We created private development sections. They are open for all who show that they want and are capable of helping in cheat development.

People never post their pokes in public. They never publish their entire source code be it a trainer, wallhack or anti-anti-cheat routine. Nowhere. Sure some people post code templates for wallhacks or trainers, but never complete working cheats for active games. The tutorials here can be found in the general section. We're very happy to help there.

But we can't tell you to check mem pos A. Or breakpoint X at Y to get to A. That would help the wrong side.
Heckling is an art, and game hacking a science.

ZOldDude

  • The Unknown Rank!
  • Administrator
  • MasstKer
  • *
  • Posts: 20874
  • Old School TKC
    • View Profile
    • Admin
Re: Undedected Configs
« Reply #26 on: August 04, 2008, 03:42:47 am »
Quote
Over the years we've had to adapt to the situation caused by the close relation: anti-cheat <-> cheat developers.
Correct.
We have had to remove people from some Development sections because they gave aid to anticheat makers...and we still have many members who publicly "hate" cheaters on other "official forums" while being "big time community leaders" yet infact those same people come up with some of the best cheats in privet here.

The point is what can/should be in the public view -is- and what should not be in the public view -is not- (for the most part).
Some of what is kept from public view could infact just distroy a game...or basically all on-line games as in the case of the GameSpy exploits.

Over the many years TKC has evolved and one of it's goals is to help teach people how to do things...but teaching does not involve handing out every line of code or every step per game, only aiding in how to use the tools and technique's.

I myself have not done any programing in a bit over 24 years,never learned C/C+/C++ etc,etc...yet I can still manage to understand some things and even find bugs in such programs when asked to help my friends.

Some of the older members from years ago who at first wanted to "take TKC down"...that I busted...have moved on and learned and today are very skilled in game production and animations and we still keep contact.
Sort of makes me feel like a proud grandparent!

Z
« Last Edit: August 04, 2008, 04:23:35 am by ZOldDude »

*While we crash and burn, small, low tech, agrarian societies such as the Hmong in the mountains of Laos will continue on without so much as blinking an eye.*

IllAssembly

  • Klass Klown
  • ***
  • Posts: 354
    • View Profile
Re: Undedected Configs
« Reply #27 on: August 04, 2008, 09:13:01 am »
yo

whats up

any way to edit a BIs config.bin so it works MP..havent had much success

h0nt3r

  • Cheater Apprentice
  • *
  • Posts: 18
    • View Profile
Re: Undedected Configs
« Reply #28 on: August 05, 2008, 01:30:49 am »
People never post their pokes in public.

...

But we can't tell you to check mem pos A. Or breakpoint X at Y to get to A. That would help the wrong side.
Right. I guess I repeat myself, but I don't want that.

I wrote where I am stuck atm and only ask for some more pointers, except that general logic that I understand and which btw could be applied to almost any hack.

Btw, I think it doesnt even help any anti-cheaters, because BE is loaded when already ingame and this hack obviously is only used on game start (and deactivated when addons are loaded), so BE cant do anything...

Whatever, while I would appreciate a bit more help, I guess I can't expect it anymore since I look like a annoying bugger to you. Sorry for asking, in case.

M. O.

  • Administrator
  • MasstKer
  • *
  • Posts: 9184
    • View Profile
    • http://www.tkc-community.net
Re: Undedected Configs
« Reply #29 on: August 05, 2008, 02:44:48 am »
That isn't true and I'm sure you know that. The checks are done upon join.

Heckling is an art, and game hacking a science.