Jump to content

oguzhankrcby

Inactive Member
 View Profile  See their activity

  • Posts

    14

  • Joined

  • Last visited

  • Feedback

    0%

 Content Type 

Forums

Store

Third Party - Providers Directory

Feature Plan

Release Notes

Docs

Events

Posts posted by oguzhankrcby

    Lua error handling ?

    in Community Support - Questions & Answers

    Posted

     

    You can try this:

    quest adw begin
	state start begin   
		function wtfbaby()
			cmdchat("get_input_start")
			local donen = input(cmdchat("get_input_value"))
			cmdchat("get_input_end")
			
			if string.len(donen) > 0 then
				if donen ~= "blablalbla" then
					chat("not match!")
					command("quit")
				else
					chat("Correct!")
				end
			else
				syschat("error")
			end
		end	
		when login begin          
			cmdchat("quest_name_index "..q.getcurrentquestindex())
			adw.wtfbaby()
		end
	end
end

     

    I have used your quest but when i login into game there was one empty inputbox and nothing in syserr.txt.

    Lua error handling ?

    in Community Support - Questions & Answers

    Posted

    Hello to all!

     

    i made a simple quest for client - quest communication i want to check out of my client side with this method.

    quest adw begin -- QUEST NAME MUST BE communication_test.quest !!!  
    state start begin      
        when login begin           
			cmdchat("quest_name_index "..q.getcurrentquestindex())
			adw.wtfbaby()
        end
	
	function wtfbaby()
	    cmdchat("get_input_start")
	    local donen = input(cmdchat("get_input_value"))
	    cmdchat("get_input_end")
	    if donen != "blablalbla" then
	    chat("not match!")
	    command("quit")
	    else
            chat("Correct!")
	    end
		end
    end
end

    But when i use a root which hasn't got a command like "get_input_start , get_input_value, get_input_end" quest is not working, i could login to game correctly there wasn't any message like "blablabla" and game didn't close. What must i do to catch if there isn't any command in root like "get_input_start" ?

    Simple Anti Cheat with Python

    in Hack Protection & Security

    Posted

     

    Hello my own use simple anti cheat protection like enigma;

     

    What u need?

    1. Simple php file for logging
    2. Win32modules for 2.2 or 2.7
    3. and badlist.php(
      This is the hidden content, please
      )
    4. and secur.dll(
      This is the hidden content, please
      )
    What this Functions:
    1. Base protection > Name + Byte
    2. Folder Secuirty > BGM + Miles + Lib + Main Folder
    3. Folder Check > ".py" + ".mix" + ".m3d" + ".bat" + ".flt" + ".asi"
    4. Hash Check > Miles folder, python core, security base dll, os.pyc(for baseinit methode)
    5. TaskList Check
    6. Windows Check
    Script;
    import sys
import os
import app
import time
import thread
import dbg
import ui
import md5
import urllib
import uiCommon
from os.path import basename

try:
	import win32api	
except:
	syslog('Cant import win32api module')
	dbg.LogBox("Cant import win32api module")
	app.Exit()

DATA_URL = "http://koray.zz.mu/imtn2/client/"

launchername = sys.executable
taskname = basename(launchername)
launchers = os.path.getsize(taskname)
launchersize = int(launchers)

check=' '.join(os.listdir(os.getcwd()))
check_miles=' '.join(os.listdir(os.getcwd()+"miles"))
check_bgm=' '.join(os.listdir(os.getcwd()+"bgm"))
check_lib=' '.join(os.listdir(os.getcwd()+"lib"))
check_folder=' '.join(os.listdir(os.getcwd()))

######preparation#################################

##HashFonk
def getMd5(file):
	m = md5.new()
	fp = open(file,"rb")
	while 1:
		data = fp.read(1024)
		if not data:break
		m.update(data)
	fp.close()
	return m.hexdigest()
def getMD5ByFileName(file):
	try:
		file = file.strip()
		md5hash = md5.new()
		dllFile = open(file, 'rb')
		tmpFileBlock = dllFile.read()
		dllFile.close()
		md5hash.update(tmpFileBlock)
		md5hash = md5hash.hexdigest()
		return md5hash
	except:
		return ''
def ReturnMd5(file,hash):
	if(getMd5(file) != hash ):return TRUE
	else:return FALSE
def syslog(s):
	file = open('syserr.txt', 'a')
	file.write('n' + s + 'n')
	file.close()
def ingameNotifyPopupAndExit(text = ''):
	popup = uiCommon.PopupDialog()
	popup.SetWidth(700)
	popup.SetText(text)
	popup.Show()
	time.sleep(7)
###/////////######################################

#Base Security > Name+Byte
def BaseCheck():
	global launchername, taskname, launchersize
	
	if not taskname == "metin2cliento.exe" or launchersize == "3171985":
		dbg.LogBox("Wrong launcher")
		os.system("taskkill /im %s /f" % taskname)
		
#Folder Secuirty > BGM + Miles + Lib + Main Folder
def FileCheck():
	global check, check_bgm, check_folder, check_miles, check_lib

	banned_ext=[".mix", ".m3d", ".flt", ".asi", ".bat"]
	miles_clean=["mssa3d.m3d", "mssds3d.m3d", "mssdsp.flt", "mssdx7.m3d", "msseax.m3d", "mssmp3.asi", "mssrsx.m3d", "msssoft.m3d", "mssvoice.asi"]
	lib_clean=['__future__.pyc','copy_reg.pyc','linecache.pyc','ntpath.pyc','os.pyc','site.pyc','stat.pyc','string.pyc','traceback.pyc','types.pyc','UserDict.pyc','urllib.pyc','win32con.pyc','threading.pyc']
	folder_clean=['BGM', 'artpclnt.dll', 'pn.dll', 'channel.inf', 'config.exe', 'devil.dll', 'DSETUP.dll', 'errorlog.exe', 'errorlog.txt', 'granny2.dll', 'ijl15.dll', 'ilu.dll', 'locale.cfg', 'metin2cliento.exe', 'metin2.cfg', 'mouse.cfg', 'mscoree.dll', 'MSS32.DLL', 'msvcp60.dll', 'MSVCRTD.DLL', 'patchw32.dll', 'python22.dll', 'SpeedTreeRT.dll', 'syserr.txt', 'unicows.dll', 'hshield', 'lib', 'mark', 'miles', 'pack', 'temp', 'upload', 'patchskin', 'skins', 'screenshot']
	bgm_clean=['a_rhapsody_of_war.mp3','another_way.mp3','back_to_back.mp3','blacksea.mp3','catacomb_of_devil.mp3','characterselect.mp3','death_of_landmark.mp3','desert.mp3','enter_the_east.mp3','follow_war_god.mp3','last-war2.mp3','login_window.mp3','lost_my_name.mp3','m2bg.mp3','misty_forest.mp3','monkey_temple.mp3','mountain_of_death.mp3','mt.mp3','only_my_battle.mp3','open_the_gate.mp3','save_me.mp3','wedding.mp3','wonderland.mp3','xmas.mp3']

	for i in miles_clean:
		check_miles=check_miles.replace(i, '')
	for i in lib_clean:
		check_lib=check_lib.replace(i, '')
	for i in bgm_clean:
		check_bgm=check_bgm.replace(i, '')
	for i in folder_clean:
		check_folder=check_folder.replace(i, '')
	for i in banned_ext:
		if check.find(i) != -1:
			f=open("syserr.txt", "w")
			nome="%s%s" % (i[0].upper(), i[1:])
			f.write("[HACKSHIELD]Invaild File!n" + nome)
			f.close()
			app.Exit()
		if check_bgm.find(i) != -1:
			f=open("syserr.txt", "w")
			nome="%s%s" % (i[0].upper(), i[1:])
			f.write("[HACKSHIELD]Invaild File!n" + nome)
			f.close()
			app.Exit()
		if check_miles.find(i) != -1:
			f=open("syserr.txt", "w")
			nome="%s%s" % (i[0].upper(), i[1:])
			f.write("[HACKSHIELD]Invaild File!n" + nome)
			f.close()
			app.Exit()
		if check_lib.find(i) != -1:
			f=open("syserr.txt", "w")
			nome="%s%s" % (i[0].upper(), i[1:])
			f.write("[HACKSHIELD]Invaild File!n" + nome)
			f.close()
			app.Exit()
		if check_folder.find(i) != -1:
			f=open("syserr.txt", "w")
			nome="%s%s" % (i[0].upper(), i[1:])
			f.write("[HACKSHIELD]Invaild File!n" + nome)
			f.close()
			app.Exit()
#Folder check > ".py"			
def PyDelete():
	while 1 == 1:
		files = [f for f in os.listdir('.') if os.path.isfile(f)]
		for f in files:
			if f.endswith(".py"):
				f1 = f
				try:
					os.remove(f)
				except:
					pass

				if f1 == "logininfo.py":
					syslog("[HACKSHIELD]Detected Hack File")
					app.Exit("")
		time.sleep(1)
		
#######Hash Control
def HashCheck():
	##Miles
	if len(os.listdir('miles')) != 10 :
		return 'Wrong file detected'
	d = {
		'miles/mss32.dll': '6400e224b8b44ece59a992e6d8233719',
		'miles/mssa3d.m3d':'e089ce52b0617a6530069f22e0bdba2a', 
		'miles/mssds3d.m3d':'85267776d45dbf5475c7d9882f08117c',
		'miles/mssdsp.flt':'cb71b1791009eca618e9b1ad4baa4fa9',
		'miles/mssdx7.m3d':'2727e2671482a55b2f1f16aa88d2780f',
		'miles/msseax.m3d':'788bd950efe89fa5166292bd6729fa62',
		'miles/mssmp3.asi':'189576dfe55af3b70db7e3e2312cd0fd',
		'miles/mssrsx.m3d':'7fae15b559eb91f491a5f75cfa103cd4',
		'miles/msssoft.m3d':'bdc9ad58ade17dbd939522eee447416f',
		'miles/mssvoice.asi':'3d5342edebe722748ace78c930f4d8a5'
		}
	for x in d:
		if ReturnMd5(x, d[x]): return TRUE
		else: return FALSE
				
	if getMd5("python22.dll") != "97FB91610702B63F071282E9CF86B8C0" :
		dbg.LogBox("Invaild file:" + "python22.dll")
		app.Exit()
	if getMd5("secur.dll") != "F01C8F12DD4662F566433B6DA1B2735E" :
		dbg.LogBox("Invaild file:" + "secur.dll")
		app.Exit()
	if getMd5("lib/os.pyc") != "d0d09c7daa9d57373cd7586a74ec4099" :
		dbg.LogBox("Invaild file:" + "os.pyc")
		app.Exit()

##CheckProcess
def ProcCheck():
	whitelist = ["putty.exe","filezilla.exe"]
	hack = []
	result = []
	
	while 1==1:
		for l in os.popen("secur.dll "+ str(os.getpid())).readlines():
			line = l.lower()
			if (line.find("switch") != -1 or line.find("hack") != -1 or line.find("inject") != -1  or line.find("bot") != -1 or 
				line.find("loader") != -1 or line.find("lalaker") != -1 or line.find("hile") != -1):
					urllib.urlopen(DATA_URL + "hack.php?oyuncu=" + player.GetName() + "&server=" + str(net.GetServerInfo().split(',')[0]) + "&hack=" + l[0])
					time.sleep(5)
					break
		for line in os.popen('secur.dll ' + str(os.getpid())).readlines():
			try:
				if line.strip() != '' and line.strip().startswith('EXE'):
					line = line.split(' ')
					line.pop(0)
					line.pop(0)
					line = ' '.join(line)
					f = open(line.strip(), 'r')
					if f:
						result.append(line.strip())
			except:
				continue
		return []
		for p in os.popen("tasklist v"):
			processi = p.read().lower()
			if (processi.find("hack") != -1 or processi.find("inject") != -1 or processi.find("inject") != -1  or 
				processi.find("bot") != -1 or processi.find("cheat") != -1 or processi.find("ollydbg") != -1 or 
				processi.find("actool") != -1 or processi.find("allydbg") != -1 or processi.find("ollyice") != -1 or 
				processi.find("windbg") != -1 or processi.find("softice") != -1 or processi.find("m2bob") != -1):
				p = processi.split()
				if p[0] in whitelist: 
					continue
					time.sleep(4)
				if p[0] not in hack:
					urllib.urlopen(DATA_URL + "hack.php?oyuncu=" + player.GetName() + "&server=" + str(net.GetServerInfo().split(',')[0]) + "&hack=" + l[0])
					time.sleep(5)
		time.sleep(20)
	return
FileCheck()
BaseCheck()
HashCheck()

thread.start_new_thread(PyDelete, ())
thread.start_new_thread(ProcCheck, ())

    regards

    Thank you, nice work :-)

     

     

    nice but bypassable :)

     

    • Metin2 Dev 1

    Game - Client / Client - Game communication with Packets

    in Guides & HowTo

    Posted

     

    is there any difs for communicate client and game in 34k files ?

     

    well its not impossible to make but this will just stupid why work on 34k with shity and limited difs while you can do (almost anything) with src as long as you are a pro in c++

     

     

    You are really right but i don't interesting about source of metin2 i just need communicate client and game of file for securing my hackshield, i am only developing security softwares for metin2.

     

    The Code which is not working only in windows xp

    in Community Support - Questions & Answers

    Posted

     

    This should work:

    int GetDLLS()
{
	DWORD dwPID = GetCurrentProcessId;
	HANDLE hModuleSnap = INVALID_HANDLE_VALUE;
	MODULEENTRY32 me32;
	hModuleSnap = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE, dwPID);
	if(hModuleSnap == INVALID_HANDLE_VALUE)
	{
		
	}
	me32.dwSize = sizeof(MODULEENTRY32);
	if(!Module32First(hModuleSnap, &me32))
	{
		CloseHandle(hModuleSnap);
	}
	int tuplemain_index = 0;
	do{tuplemain_index++;}while(Module32Next(hModuleSnap, &me32));
	PyObject *DllTupleMain = PyTuple_New(tuplemain_index);
	PyObject *DllTupleChild;

	Module32First(hModuleSnap, &me32);
	tuplemain_index = 0;
	fstream log;
	log.open("log.txt",ios::out|ios::app);	
	do
	{
		log << "DLL: " << me32.szModule << endl;
		tuplemain_index++;
	}while(Module32Next(hModuleSnap, &me32));
	log << "DLL Count " << tuplemain_index << endl;
	CloseHandle(hModuleSnap);
}

     

    but i need module names which are associated threads not only module name :(

    The Code which is not working only in windows xp

    in Community Support - Questions & Answers

    Posted

    Hi to all !
     
    I have made a code which can enumerate module names associated threads.
    But there is a problem in windows xp. When i enumarate modules dll names return NULL.
     
    IN WINDOWS XP LIKE THAT :
    Karacabay-Scan : Dlls : 
Karacabay-Scan : Dlls : 
Karacabay-Scan : Dlls : 
Karacabay-Scan : Dlls : 
Karacabay-Scan : Dlls : 
Karacabay-Scan : Dlls : 
Karacabay-Scan : Dlls : 
Karacabay-Scan : Dlls : 
Karacabay-Scan : Dlls : 
Karacabay-Scan : Dlls : 
Karacabay-Scan : Dlls : 
    IN WINDOWS 8 , WINDOWS 7 , WIN 8.1
    Karacabay-Scan : Dlls : D:TEMIZ METIN2 - HS CALISMAgiris.exe
Karacabay-Scan : Dlls : D:TEMIZ METIN2 - HS CALISMAgiris.exe
Karacabay-Scan : Dlls : C:WindowsSYSTEM32ntdll.dll
Karacabay-Scan : Dlls : C:WindowsSYSTEM32ntdll.dll
Karacabay-Scan : Dlls : C:WindowsSYSTEM32ntdll.dll
Karacabay-Scan : Dlls : C:WindowsSYSTEM32ntdll.dll
Karacabay-Scan : Dlls : C:WindowsSYSTEM32ntdll.dll
Karacabay-Scan : Dlls : C:WindowsSYSTEM32ntdll.dll
Karacabay-Scan : Dlls : C:Windowssystem32mswsock.dll
     
    And here is my source :
    #define STATUS_SUCCESS ((NTSTATUS)0x00000000L)
#define ThreadQuerySetWin32StartAddress 9
typedef NTSTATUS (WINAPI *NTQUERYINFOMATIONTHREAD)(HANDLE, LONG, PVOID, ULONG, PULONG);
 
BOOL MatchAddressToModule(__in DWORD dwProcId, __out_bcount(MAX_PATH) LPTSTR lpstrModule, __in DWORD dwThreadStartAddr, __out_opt PDWORD pModuleStartAddr) // by Echo
{
    BOOL bRet = FALSE;
HANDLE hSnapshot;
MODULEENTRY32 moduleEntry32;
 
hSnapshot = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE | TH32CS_SNAPALL, dwProcId);
 
moduleEntry32.dwSize = sizeof(MODULEENTRY32);
moduleEntry32.th32ModuleID = 1;
 
if(Module32First(hSnapshot, &moduleEntry32)){
   if(dwThreadStartAddr >= (DWORD)moduleEntry32.modBaseAddr && dwThreadStartAddr <= ((DWORD)moduleEntry32.modBaseAddr + moduleEntry32.modBaseSize)){
           
wcscpy(lpstrModule, moduleEntry32.szExePath);
    //convert from wide char to narrow char array
   
 
   }else{
            while(Module32Next(hSnapshot, &moduleEntry32)){
                if(dwThreadStartAddr >= (DWORD)moduleEntry32.modBaseAddr && dwThreadStartAddr <= ((DWORD)moduleEntry32.modBaseAddr + moduleEntry32.modBaseSize)){
                   wcscpy(lpstrModule, moduleEntry32.szExePath);
 
 
                    break;
                }
            }
   }
    }
 
    if(pModuleStartAddr) *pModuleStartAddr = (DWORD)moduleEntry32.modBaseAddr;
CloseHandle(hSnapshot);
 
return bRet;
}
 
DWORD WINAPI GetThreadStartAddress(__in HANDLE hThread) // by Echo
{
    NTSTATUS ntStatus;
    DWORD dwThreadStartAddr = 0;
    HANDLE hPeusdoCurrentProcess, hNewThreadHandle;
    NTQUERYINFOMATIONTHREAD NtQueryInformationThread;
 
    if((NtQueryInformationThread = (NTQUERYINFOMATIONTHREAD)GetProcAddress(GetModuleHandle(_T("ntdll.dll")), ("NtQueryInformationThread")))){
        hPeusdoCurrentProcess = GetCurrentProcess();
        if(DuplicateHandle(hPeusdoCurrentProcess, hThread, hPeusdoCurrentProcess, &hNewThreadHandle, THREAD_QUERY_INFORMATION, FALSE, 0)){
            ntStatus = NtQueryInformationThread(hNewThreadHandle, ThreadQuerySetWin32StartAddress, &dwThreadStartAddr, sizeof(DWORD), NULL);
            CloseHandle(hNewThreadHandle);
            if(ntStatus != STATUS_SUCCESS){
return 0;
}
        }
 
    }
 
    return dwThreadStartAddr;
}
 
int threadmodules()
{
 HANDLE hSnapshot, hThread;
    THREADENTRY32 threadEntry32;
    DWORD dwModuleBaseAddr, dwThreadStartAddr;
    TCHAR lpstrModuleName[MAX_PATH] = {0};
CHAR moduleget[MAX_PATH] = {0};
    if((hSnapshot = CreateToolhelp32Snapshot(TH32CS_SNAPTHREAD, GetCurrentProcessId())) == INVALID_HANDLE_VALUE) return 0;
 
    threadEntry32.dwSize = sizeof(THREADENTRY32);
    threadEntry32.cntUsage = 0;
 
    if(Thread32First(hSnapshot, &threadEntry32)){
        if(threadEntry32.th32OwnerProcessID == GetCurrentProcessId()){
hThread = OpenThread(THREAD_ALL_ACCESS, FALSE, threadEntry32.th32ThreadID);
dwThreadStartAddr = GetThreadStartAddress(hThread);
MatchAddressToModule(GetCurrentProcessId(), lpstrModuleName, dwThreadStartAddr, &dwModuleBaseAddr);
std::wstring aaa  (lpstrModuleName);
std::string mystr (aaa.begin() , aaa.end());
 
fstream textfile;
textfile.open ("mgm.log", ios::out | ios::app);
textfile<< "Karacabay-Scan : " <<"Dlls : "<< mystr.c_str()<< endl;
 
CloseHandle(hThread);
}
while(Thread32Next(hSnapshot, &threadEntry32)){
if(threadEntry32.th32OwnerProcessID == GetCurrentProcessId()){
hThread = OpenThread(THREAD_ALL_ACCESS, FALSE, threadEntry32.th32ThreadID);
dwThreadStartAddr = GetThreadStartAddress(hThread);
MatchAddressToModule(GetCurrentProcessId(), lpstrModuleName, dwThreadStartAddr, &dwModuleBaseAddr);
std::wstring aaa  (lpstrModuleName);
std::string mystr (aaa.begin() , aaa.end());
 
fstream textfile;
textfile.open ("mgm.log", ios::out | ios::app);
textfile<< "Karacabay-Scan : " <<"Dlls : "<< mystr.c_str()<< endl;
 
CloseHandle(hThread);
}
        }
    }
 
CloseHandle(hSnapshot);
return 0;
}
 

    pack/Index problem?

    in Community Support - Questions & Answers

    Posted

    This is a problem with Windows 8 and enigma, the cracked version of Enigma doesn't support Win 8 (it's before the release of Win 8). You need to purchase a license to support Windows 8. 

     

    you understand me wrong , everything is fine with enigma , i need change "pack/Index" location to "lib/blabla" :)

×
×
  • Create New...

Important Information

Terms of Use / Privacy Policy / Guidelines / We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.