Metin2 Cheat Python Dumper - PyRun_SimpleStringFlags

[KoMaR1911 490]

M2 Download Center

This is the hidden content, please

• Sign In
• or
• Sign Up

( Internal )

Author : KoMaR1911

Github + source code :

This is the hidden content, please

• Sign In
• or
• Sign Up

 

How to use?:

1. Inject PyRunSimpleStringFlagsDumperMetin2.dll to metin2 game process using Xenos Injector / Extreme Injector

2. Inject cheat to game

3. go to C:/dump.txt

here is dumped python loaded by PyRun_SimpleStringFlags

 

Download :

This is the hidden content, please

• Sign In
• or
• Sign Up

[Jira 445]

https://metin2.download/picture/f2yKL37A1Z7N0D9UqyZDNOPWl7xbf7YY/.png https://metin2.download/picture/1t3J39sbF3fPW41UQMkGX6tmzZr4jo7t/.png mm 

Spoiler

import app
if app.RunPythonFile('a.py'):
	print ("Hello there, I'm Hacker !")

 

 

Edited September 4, 2022 by Metin2 Dev
Core X - External 2 Internal

[Jira 445]

37 minutes ago, KoMaR1911 said:

This is hook to PyRun_SimpleStringFlags not RunPythonFile

Right, but most of private servers has linked python static and removed that function ofc there is another method. But thx for tool.

[KoMaR1911 490]

2 hours ago, Kyo said:

Right, but most of private servers has linked python static and removed that function ofc there is another method. But thx for tool.

so you need to find method what cheat are using then hook it in my source you have example

[KoMaR1911 490]

here is m2bob dump :

 

This is the hidden content, please

• Sign In
• or
• Sign Up

 

as i see they load python everytime they want to use feature like expbot etc thats why dump is 4mb and looks like this :

 

probably thats why m2bob crashs after 20-40 minutes XD

Edited August 25, 2022 by Metin2 Dev
Core X - External 2 Internal

[tierrilopes 448]

15 hours ago, Kyo said:

Right, but most of private servers has linked python static and removed that function ofc there is another method. But thx for tool.

There are other functions that can load scripts, not just that.

You can get rid of the problem by playing a bit with python and client source.

[KoMaR1911 490]

8 hours ago, tierrilopes said:

There are other functions that can load scripts, not just that.

You can get rid of the problem by playing a bit with python and client source.

pyrun_simplestringflags is never used by game

[bowbow 0]

Hello!  ''PyRunSimpleStringFlagsDumperMetin2.dll'' this file is dowlanding as snl. I do not know how to inject. I only know to inject dll files. Could you help me please? Thanks.

[KoMaR1911 490]

16.09.2021

Changelog:

- Added Pattern Scanner
- Adder support for Static linked python27.lib in .exe!

This is the hidden content, please

• Sign In
• or
• Sign Up

[KoMaR1911 490]

Sometimes pattern is different (when someone use for example optimalization or different compiler than visual studio)

1. Start IDA Pro then install Sig Maker to IDA Pro
 

2. check how PyRun_SimpleStringFlags looks for example on github

This is the hidden content, please

• Sign In
• or
• Sign Up

as you can see function PyRun_SimpleStringFlags have string "__main__" and 1 function upper (PyRun_SimpleFileExFlags) "python: Can't reopen .pyc file\n"

3. find "python: Can't reopen .pyc file\n"
4. skip this function and go to next function

new functions in 90% starts with

PUSH ebp

MOV ebp, esp

  (i know sometimes its different but im trying to explain it for newbies only!!!)

5. if next functions have string "__main__" probably its your PyRun_SimpleStringFlags
6. Make new pattern and paste it to source

i dont know how to explain it better for people who don't have any experience with Reverse Engineering so if you have any questions how to do it just ask

Edited August 17, 2022 by Metin2 Dev
Core X - External 2 Internal

[Neyprz 0]

Thanks, now I know how to use