OssyriaMS

Discussion in 'Other Games' started by Rayaku, May 10, 2018.

Discuss OssyriaMS in the Other Games area at GameKiller.net

  1. Rayaku

    Rayaku Prominent Hacker

    Post Count:
    470
    Likes Received:
    11
    Stats
    Hey, I am looking for OssyriaMS hacks .
    Anybody got any hacks or ideas how can I hack Ossyria ? v.162
     

    Mr. Ad Advertisement

     
  2. ezee

    ezee The New Guy

    Post Count:
    18
    Likes Received:
    160
    Stats
    @Rayaku the obfuscation they use in their redirector.exe is cute. The goodies are packed in the resources of the main Ossyria.exe. I've included a brief summary of what they do to hide almost all of the "strings". You don't need to waste time on decrypting everything and stepping through. The easiest way is to just breakpoint and dump.
    View attachment 34618
    To summarize, the first thing you should do is get rid of their skid "packer" by dumping at breakpoint or dumping by memory. Loads of examples out there.

    From there, things should become much simpler.
     
    Last edited: May 10, 2018
    Srshinomoo and hackbotmaple like this.
  3. MiikeDukez

    MiikeDukez United States Veteran Hacker

    Post Count:
    187
    Likes Received:
    1
    Stats
    interesting
     
    Last edited: May 12, 2018
  4. shavit

    shavit Israel Informed Hacker

    Post Count:
    85
    Likes Received:
    737
    Stats
    To OP: Don't bother cheating there. They have active GMs patrolling all the time and you get auto-flagged even more than you do in GMS.
    Methods used to detect nearby GM activity in GMS won't work in Ossyria due to their hide feature.

    Not quite exactly.
    The redirector is written in C# and is obfuscated with .NET Reactor.

    It's just a waste of time to reverse it this way.
    I'll link a deobfuscated version of their old redirector (before they renamed to Ossyria, it was called Khaini).


    I reversed it last time as I remember people accusing the owner of using it to mine crypto-currencies on clients due to people reporting high CPU usage. But unless I'm blind, it wasn't the case.
     
    WhyYouHeck likes this.
  5. MiikeDukez

    MiikeDukez United States Veteran Hacker

    Post Count:
    187
    Likes Received:
    1
    Stats
    All of this is BS. I had a trainer a friend made for me for ElliniaMS, I was NEVER flagged, caught, or any of that. You just have to know where to hack and bot.
     
  6. Saihko4

    Saihko4 Canada Premium Premium

    Post Count:
    745
    Likes Received:
    117
    Stats
    They update you know.... but there is probably a way around it.
     
  7. MiikeDukez

    MiikeDukez United States Veteran Hacker

    Post Count:
    187
    Likes Received:
    1
    Stats
    Nah trust me, If you have the right bypass and know how to hack in this server, you'll be good. Theres a ton of places you can bot at.
     
  8. shavit

    shavit Israel Informed Hacker

    Post Count:
    85
    Likes Received:
    737
    Stats
    Ellinia v1 is a much older iteration though. And OP is asking for cheats the same day the server launches, you get monitored if you're ahead of others.
     
  9. MiikeDukez

    MiikeDukez United States Veteran Hacker

    Post Count:
    187
    Likes Received:
    1
    Stats
    Yeah that's a given. Obviously they'll be looking at you, but there are over 800 players in this server right now. I doubt you'll get noticed.
     
  10. shavit

    shavit Israel Informed Hacker

    Post Count:
    85
    Likes Received:
    737
    Stats
    "bypass"? It just looks for window titles (easy to change), checks your WZ files aren't modified and confirms you don't have fishy DLL files in your MapleStory directory (for example dinput8.dll, which is used by public GMS bypasses).
    If you bothered to read the decompiled client I linked, you'd see that they kill BlackCipher instantly. There's nothing to bypass.
     
  11. MiikeDukez

    MiikeDukez United States Veteran Hacker

    Post Count:
    187
    Likes Received:
    1
    Stats
    Lol I know all this. I was one of the first people in ElliniaMS to discover the process changing. Also, theres a few other methods and precautions that most people dont know about that I have up my sleeve, Only damn problems is that I can't make trainers and I dont have v162.4 scripts. Fuk me :(
     
  12. ezee

    ezee The New Guy

    Post Count:
    18
    Likes Received:
    160
    Stats
    @ "Not quite exactly"
    It decodes the strings, the "keys" mov and junk mov buffers are all using the same "obfuscation" template style.

    [checks paths, loads api with decoded strings, crc check, decrypts resource, then it loads redirector.exe from resources]
    In the brief I see it does exactly that. At least that is what I saw in the first minute of static analysis.
    Could always be wrong. I make mistakes. It is good to be human.

    ----

    Yeah, I "dumped the dump" for "Khaini" many months ago and showed someone on discord what they failed to do. Words travel. Popped up on a few forums. Same with Aries in the past.

    They didn't "protect it" fully so there was no reason to use de4dot to rename to generics. There was a lazy mistake in their "dated" confuser result, at least that is all I remember for "Khaini". Just had to breakpoint, dump, repeat, and clean. Words spread around.

    Code:
    // Token: 0x06000074 RID: 116 RVA: 0x00005FAC File Offset: 0x000041AC
    private void method_34()
    
    Exactly how I remember it.
    
    ----

    Yeah, like I said in several other posts @shavit, that is what all maplestory private servers do. It has never been anything new. "try to kill blackcipher, keep and use original themida integ check crc (themida virtual machine uses that crc and a overlapping crc of that for the table (basically)), check window titles, check process names, check maplestory hashes, check wz hashes, and they almost all do silly dinput8.dll is there checks (yet there are other ways.... )". Recently dated ones use a feature in MapleStory's heartbeat instead of "check window titles, check process names" via lists the redirector. Or switched to full C++ both of which are very silly but a interesting way to put it. Additional, memory hacks and misc can be detected by packets. Which is why a "bypass" for private servers is more so focused on packets that the server gets than the game's memory.

    For example:
    you can spoof mob crc movement packets and create client vacs or client kami easily to jump around various server sided detection methods that are "implemented" in private server leaks / releases. Funny how there is hardly anyone "extremely knowledgeable" in the ragezone private server scene. It is all about client-to-server packets. Funny enough a lot of MapleStory's features relies on the client still and the memory hacks you see today are just client side edits for the packets to be produced or to trigger the packets. If you know what you are doing it is quite easy. Plus a stable testing ground for official releases or misc.

    ----


    Also a lot of the servers that don't salt passwords :)
    Good brute-force fun.

    If anyone needs help. I'm always floating about.

    -- ezee
     
    Last edited: May 11, 2018
    shavit likes this.
  13. MiikeDukez

    MiikeDukez United States Veteran Hacker

    Post Count:
    187
    Likes Received:
    1
    Stats
    How do you spoof?
     
    Last edited: May 12, 2018
  14. Smashingtonn

    Smashingtonn New Zealand Lurker

    Post Count:
    5
    Likes Received:
    7
    Stats
    Lol that method_34, just string checks, I didn't realize they were so blah zay about the hacking detection. And smethod_2 is where they kill blackcipher
     
  15. nachik

    nachik Israel Veteran Hacker

    Post Count:
    123
    Likes Received:
    1
    Stats
    i still have some scripts from khainims times^.^ i will try them today a full trainer of that shit with skill no delays and blaze wiz full map att
     
  16. Smashingtonn

    Smashingtonn New Zealand Lurker

    Post Count:
    5
    Likes Received:
    7
    Stats
    Let me know if you want a hand
     
  17. HitmonYou

    HitmonYou United States The New Guy

    Post Count:
    14
    Likes Received:
    0
    Stats
    would love a guide or something with how to use hacks on this server lol.
    I've gotten UA working, and I removed the delay on ayame's skill (only did it once and can't replicate it now though =/) but that's it.

    Everything else you'll eventually get banned due to failed client checks. Is this the protection that's mentioned above or nah? If so is this easily removed somehow or nah.
    Right now I'm pretty happy with my bots I have for it but would love to use other hacks in conjunction to make bot even better.
     
  18. kerahax

    kerahax New Zealand The New Guy

    Post Count:
    11
    Likes Received:
    1
    Stats
    add me skype david.jung0526
     
  19. Rekem

    Rekem Israel Lurker

    Post Count:
    6
    Likes Received:
    0
    Stats
    scammer
     
  20. HitmonYou

    HitmonYou United States The New Guy

    Post Count:
    14
    Likes Received:
    0
    Stats
    please tell me you didn't actually get scammed and you're just saying this cause of his proposition.
     

Share This Page

  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies.
    Dismiss Notice
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies.
    Dismiss Notice