Bypass???

Discussion in 'Dungeon Fighter Online' started by Neop1e, Mar 24, 2015.

Discuss Bypass??? in the Dungeon Fighter Online area at GameKiller.net

  1. Neop1e

    Neop1e Lurker

    Post Count:
    3
    Likes Received:
    0
    Stats
    Truty looking for a bypass, I found one but it for A.V.A :behindsofa:
     

    Mr. Ad Advertisement

     
  2. Blaze

    Blaze China Homeless Admin

    Post Count:
    5,561
    Likes Received:
    6,743
    Stats
    The game literally went live today, you should give people some time before asking for bypass / hacks.
     
  3. Airwaves

    Airwaves Canada Veteran Hacker

    Post Count:
    198
    Likes Received:
    5
    Stats


    Do with that what you will.
     
  4. Zage

    Zage Lurker

    Post Count:
    2
    Likes Received:
    0
    Stats
    I had to login just to like this post, thank you!
     
  5. Airwaves

    Airwaves Canada Veteran Hacker

    Post Count:
    198
    Likes Received:
    5
    Stats
    :)
    No problem!
     
  6. Sauke2020

    Sauke2020 Informed Hacker

    Post Count:
    82
    Likes Received:
    0
    Stats
    Wasnt this just the source code from that reddit post?

    Yeah it is
     
  7. ROPist

    ROPist Lurker

    Post Count:
    8
    Likes Received:
    0
    Stats
    the linked code is not a bypass or anything... it simply presses a button sequence. it is not useful nor helpful...maybe you can make your own "press x a lot" program, which is ok i guess...
     
  8. Sauke2020

    Sauke2020 Informed Hacker

    Post Count:
    82
    Likes Received:
    0
    Stats
    Correct but it is also insight as to how Xigncode processes information
     
  9. Airwaves

    Airwaves Canada Veteran Hacker

    Post Count:
    198
    Likes Received:
    5
    Stats
    Exactly
     
  10. rayhai

    rayhai Veteran Hacker

    Post Count:
    106
    Likes Received:
    0
    Stats

    I'm not asking to be spoon fed, rather, could you link me to something that can help me understand this?
     
    Last edited: Mar 29, 2015
  11. ROPist

    ROPist Lurker

    Post Count:
    8
    Likes Received:
    0
    Stats
    that code is literally worthless and gives you no insight into xigncode.

    for above poster: code is very simple and basic C++.

    some concepts used...

    see the ALLCAPS_THINGS with a | between them? | is "binary or" operator. it is often used to combine flags. the things being combined are all numerical values defined in windows headers.

    there's an INPUT structure used, you can see the structure's properties accessed by "."

    yeah so basically just go learn any amount of C/C++ and the link should not be hard to understand. win32 functions like sendinput are all explained on the msdn
     
  12. xiphias

    xiphias Informed Hacker

    Post Count:
    86
    Likes Received:
    0
    Stats
    [MENTION=884772]ROPist[/MENTION] you have a point but shit-posting isn't going help anyone. Nice name though.For anyone else look into d3v1l401's research on xign code 3. I found that it is pretty useful for figuring out xign is doing. IT'S NOT A BYPASS. Don't ask him or get me involved with it.
     
    Last edited: May 9, 2015
  13. die2murderu

    die2murderu Lurker

    Post Count:
    1
    Likes Received:
    0
    Stats
    cant figure out a bypass but i can defeintly figure out how to inject hacks into ccproxy useing wpe program from a Virtual machine to hack this game problem is all old packets are outdated and not working and when u send a packet it just disconnects u from server.. problem being that either xigncode is running or / detecting the use of BS.. or problem is that gamekiller has deleted all of its tutorials on WPE editing!
     
  14. xiphias

    xiphias Informed Hacker

    Post Count:
    86
    Likes Received:
    0
    Stats
    Just a fyi: If you don't know what the fuck you are doing don't touch xigncode. My reasons are simple: It logs everything about you; ip, folders, programs, recently used, and more. You might end up on a list that you don't want to be on.
    Things we know (could be wrong on a few. Just tell me) :

    • Uses CRC.
    • Suspending won't always be the go to answer for it to work.
    • Don't do anything stupid in DLLMain. Loader lock.
    • Detects thread creations.
    • Likes to be at the kernel level.
    • Avoid Window APIs
    • Removing the PE Header used to make dll's to become undetected.
    • Removing the xhunter1 service used to prevent future detections and dll injection detections.
    • Hook to NtQueryInformationProcess, NtQueryVirtualMemory, NtReadVirtualMemory, NtQueryInformationThread, NtOpenFile, NtWow64QueryInformationProcess64, NtWow64QueryVirtualMemory64, NtWow64ReadVirtualMemory64 to view anything involving to your dll and xign.
    • More tricks are being used than with HShield.
    • Detects LoadLibrary injection, CreateThread, GetAsyncKeyState, CreateFont, LdrLoadDll, LoadLibraryA, LoadLibraryW, LoadLibraryExA, LoadLibraryExW, GetModuleFileName.
    • Always obfuscate / encrypt your dll.
    • XHunter1 does a SSDT hook on NtOpenProcess() or they register an callback on the object manager by using ObRegisterCallback(). That means that after the rootkit is enabled xign is able to trace all access you make to the games process.
    • Checks each module's crc / md5 with a internal list.
    • CreateRemoteThread can be used.
    • Xign checks the stack frame from NtUserGetAsyncKeyState
    • Spoof return addresses after looking into SetWindowsHookEx and GetWindowLongPtr
    • Use low level keyboard / mouse hooks
    • for d3d9 use a vtable

    Things I would suggest doing instead of peeing on the fire:

    • Run in a secure vm environment with/without the game.
    • Unpack, look into tuts4you if you need help.
    • Fix oep.
    • Try some ROP to get around.
    • Look for other vulnerabilities. *Mostly kernel.
    • See if it is doing anything related to other anti-hack software because most have the same logic idea.
    • Read through key parts in IDA. Rename / rewrite. Use plugins.
    • Examine SSDT hooks if any.
    • I've heard that using vtables and or the cheatengine lib @ might help.

    If you really want to be cheap and lazy take a look at previous xign3 bypasses and rce them to figure out what is going on.
     
    Last edited: Jun 14, 2015
  15. smok3y

    smok3y Lurker

    Post Count:
    7
    Likes Received:
    0
    Stats
  16. MOMOHO

    MOMOHO The New Guy

    Post Count:
    10
    Likes Received:
    0
    Stats
  17. Ryuretsu

    Ryuretsu United States The New Guy

    Post Count:
    10
    Likes Received:
    2
    Stats
    where to downalod bot?
     
  18. muffinmei

    muffinmei The New Guy

    Post Count:
    15
    Likes Received:
    0
    Stats
    It should be here:


    I believe you need a specific number of posts before you can download it. Not so sure.
     

Share This Page

  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies.
    Dismiss Notice
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies.
    Dismiss Notice