| View previous topic :: View next topic |
| Author |
Message |
argarg
Cheater
 Reputation: 0
Joined: 19 Jul 2005
Posts: 45
|
 Posted: Sun Apr 15, 2007 7:12 pm Post subject: ESO banning AoE3 MapHackers (help bypassing) |
 |
|
| Hi, recently, all aoe3 players using a maphack have been banned. Eventough they disn't record their game or played only 2 or 3. The guy wh made the maphack is just changig the values of fog of war and blackmap to 0 (1= no maphack , 0= maphack). I'm trying to make one which will bypass that. I'd like any idea on how the server does the check and how to bypass it. Or maybe someone to try it with me! thanks
|
|
| Back to top |
|
 |
Labyrnth
Moderator
![]() Reputation: 10
Joined: 28 Nov 2006
Posts: 6301
|
| Posted: Mon Apr 16, 2007 1:51 pm Post subject: |
|
|
So this is working client sided.
You can look for what is being changed from 0 to 1.
If it is a key word in the game itself such as.
lights 1
lights 0
Then take a hex editor and go digging in the game files and find it.
Change the word to something else of equal bytes and it might work.
But the trainer will not work any more.
fights 1
fights 0
I do not play the game but, this is how some bypassing can work.
Also has the game patched? Then people tried to use this maphack?
Then thats the reason they are getting busted as well.
Also can you link the maphack for me to look at it.
|
|
| Back to top |
|
|
argarg
Cheater
Reputation: 0
Joined: 19 Jul 2005
Posts: 45
|
| Posted: Mon Apr 16, 2007 2:13 pm Post subject: |
|
|
http://www.agerage.net/forums/showthread.php?t=4442
This is the one people get banned with. I just posted a new version which make the changes BEFORE the game start. the other guy just changed the values from 1 to 0.
here's my code:
| Code: | [ENABLE]
//code from here to '[DISABLE]' will be used to enable the cheat
alloc(nigga,128)
alloc(yeah,128)
0091449f:
mov byte ptr [esi+0000690d],00
mov byte ptr [esi+0000690e],00
009147E0:
jmp nigga
nop
009147CC:
jmp yeah
nop
yeah:
mov dl,00
mov [esi+0000690d],dl
jmp 9147d2
nigga:
mov cl,00
mov [esi+0000690e],cl
jmp 9147e6
[DISABLE]
//code from here till the end of the code will be used to disable the cheat
0091449f:
mov byte ptr [esi+0000690d],01
mov byte ptr [esi+0000690e],01
009147E0:
mov [esi+0000690e],cl
009147CC:
mov [esi+0000690f],cl
dealloc(nigga)
dealloc(yeah)
|
it changes the opcode of the adress which changes the value to 1 at every game start. I don't know if the game patched before ppl were getting banned. I'll have to ask people.
Thanks for the help.
|
|
| Back to top |
|
|
Labyrnth
Moderator
![]() Reputation: 10
Joined: 28 Nov 2006
Posts: 6301
|
| Posted: Mon Apr 16, 2007 2:17 pm Post subject: |
|
|
Ok look for the address in CE, and then look where it is in a file. This should point to it.
Then you can disassemble it at this location and see whats there.
|
|
| Back to top |
|
|
argarg
Cheater
Reputation: 0
Joined: 19 Jul 2005
Posts: 45
|
| Posted: Mon Apr 16, 2007 2:20 pm Post subject: |
|
|
| Labyrnth wrote: | Ok look for the address in CE, and then look where it is in a file. This should point to it.
Then you can disassemble it at this location and see whats there. |
I don't really get what you mean :S
|
|
| Back to top |
|
|
Labyrnth
Moderator
![]() Reputation: 10
Joined: 28 Nov 2006
Posts: 6301
|
| Posted: Mon Apr 16, 2007 3:15 pm Post subject: |
|
|
When you find this address in CE, you can select to patch in a file.
Do this and it will show you the hard coded address in a file for it, such as the exe.
Then you can investigate farther to see if you can alter the code a bit.
|
|
| Back to top |
|
|
argarg
Cheater
Reputation: 0
Joined: 19 Jul 2005
Posts: 45
|
| Posted: Tue Apr 17, 2007 7:54 am Post subject: |
|
|
| Labyrnth wrote: | When you find this address in CE, you can select to patch in a file.
Do this and it will show you the hard coded address in a file for it, such as the exe.
Then you can investigate farther to see if you can alter the code a bit. |
How do you do that? 
Edit: Ok got wht you mean, but which address you want me to search? the ones which contains the values of fog of war and blackmap, or those that writes to them?
Edit2: I found something in the game folder, a file named stringtable.xml and looking through it I found this:
<String _locID="19006" symbol="cStringFogOfWar">Fog of War</String>
<String _locID="22542">Reveal Map</String>
<String _locID="25363" symbol="cStringStatMapExplored">Map Explored</String>
and others... could this be something?
|
|
| Back to top |
|
|
Labyrnth
Moderator
![]() Reputation: 10
Joined: 28 Nov 2006
Posts: 6301
|
| Posted: Tue Apr 17, 2007 1:36 pm Post subject: |
|
|
Yeah, thats what the cheat controls.
<String _locID="19006" symbol="cStringFogOfWar">Fog of War</String>
<String _locID="22542">Reveal Map</String>
<String _locID="25363" symbol="cStringStatMapExplored">Map Explored</String>
Now see if you can find any of those strings in a file such as exe, or a dll.
and changing it could work.
cStringFogOfWar
cLetmecheatdamn
|
|
| Back to top |
|
|
argarg
Cheater
Reputation: 0
Joined: 19 Jul 2005
Posts: 45
|
| Posted: Tue Apr 17, 2007 4:09 pm Post subject: |
|
|
Do I have to unpack or anything? because I can't really find nothing interesting by hexing and scanning as text ...
ok i find it searching for it as text in ce, then i add it to the codelist but can't find it in ANY file =/
edit: ok found it in a file named data.bar Do I have to replace in the XML also?
|
|
| Back to top |
|
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
