Auto It- clicking on a minimized window

[Dracconus]

If you think that a simple mistake and slip of words when I'm tired means that I'm ignorant then I suggest it's YOU that needs to do the research. A simple search on Google would tell MORE than what I could of my own personal experience with, and inside the operating system of computers and WAY beyond there.
You may have knowledge in reverse engineering, but that in no means makes you a god, as for my name, my name is made by more than just my knowledge in AutoIT.
It's so cute how many of you kids think that just because you know ONE thing it makes you good at the things necessary to take care of them.
I've done everything from cell phone hacking to server emulation operating system hacking, bypassing, exploitation, and beyond; and you think just because you did something that decrypted the signatures on a file you're better than me?
I'm not saying that I'm better than you, nor did or will I until it's proven, but the underlying factor remains that there ARE people that control click isn't working for, and since i didn't research it (because I really couldn't give a fuck less) I don't know what the reason is, but I'm 'betting that it IS because of the operating system.
And if you think that I don't know anything about reversing then on that note I'll leave your to your petty assumptions.
What you did with HFS is irrelevant, it's patched, I never used it, and I don't see you doing anything now besides running your mouth, and slandering people that you know NOTHING about.
Again, don't bitch about what you THINK I know, because you don't even know who I am. I've been coding probably since before your feeble ass was born, so don't go handing me any of that little "holier than thou" bullshit.
My name was made for me by me, and the fact that i help people, yeah, I'm an ass, but the bottom line is I've probably got more general knowledge in ANYTHING than you and 3/4 of the people on this entire website.

[Fovea]

The fact that you claim that just because HackShield is a dll, defeating it will be harder already discredits you. There is no way you could slip up on words such as that. It doesn't matter what form a PE file is in, it is all assembly and the art of disassembly is all the same.

[Dracconus]

Dude, I think you're talking shit to the wrong person.
I never even said anything LIKE that
I've been reversing and disassembling with IDA Pro, PE Explorer, Olly, and the likes for like the last ten years,so why the hell would I say just because something is a DLL it would be hell to bypass?
I said that hackshield, in itself is a bitch to bypass, as in without cracking or doing anything like that.
For someone that claims to be a genius in their own right, you're not doing too well of a job reading.

The fact that you claim that just because HackShield is a dll, defeating it will be harder already discredits you. There is no way you could slip up on words such as that. It doesn't matter what form a PE file is in, it is all assembly and the art of disassembly is all the same.

What I said I slipped on was when I said process handler instead of message handler...I didn't say a fucking thing about hackshield..At least, not within the last month or two...LOL
You need to stop smoking that shit bro

[Fovea]

Hmm... https://www.mpgh.net/forum/423-vindic...ml#post4728934

All of those statements are false. HS is simple to bypass, and does just as much (if not less) tasks than GameGuard. In fact GameGuard's CS2AUTH scheme is far more complex than HackShields AntiCpXServer scheme (both are "heartbeats").

https://www.mpgh.net/forum/537-dragon...ml#post4790272

This is all false too. Disabling driver signing is incredibly simple, not incredibly difficult. PatchGuard circumvention has long been public.

[Dracconus]

Hmm... https://www.mpgh.net/forum/423-vindic...ml#post4728934

Emulation is easy.

Also, just because HackShield resides inside a dll does not make it harder.
So this is all wrong.

and even if you MANAGE to GET it to stop, you'll have to make vindictus run without HS running, so good luck, and keep dreaming.


You focused on the wrong part, and I didn't say a fucking thing about it being hard just because it's a DLL I said it will be difficult because of the way that Vindictus calls on it numerous times through the game.

You SERIUOSLY need to go back to school and learn how to read!

So what, you're just going to troll me now, and attempt to discredit me because I'm getting under your skin?
HAHA, so laughable, go for it bro, my work speaks for itself, as did yours. Do whatever you have to do to make yourself feel worth living. It's fine, I've got no grudges to hold against a stranger that is just trying to make a name for himself.

[Fovea]

That is false. You can disable all of the parts and still have HackShield running. All you have to do is hook the hs function dispatcher (ordinal 10) and filter out any calls except for ones to the heartbeat ordinal. A few boolean patches to trick the heartbeat function will give you a fully functioning hs bypass.

[Dracconus]

Tell you what, you do your trolling and I'm going to go lay in bed with my wife, who knows, maybe you'll get lucky, and I'll be in a "drac mood" when I wake up, and I'll come on here and argue some more with you. I'm pretty sure you'd like that since it'll give you some company.
Have fun arguing with yourself

[Zaiakunokami]

* starts singing *
Why can't we be friends? Why can't we be fri... * oomph *
* gets punched in the gut by @Fovea and @dracconus *
* lies on ground, twitching *

[Fovea]

and even if you MANAGE to GET it to stop, you'll have to make vindictus run without HS running, so good luck, and keep dreaming.


You focused on the wrong part, and I didn't say a fucking thing about it being hard just because it's a DLL I said it will be difficult because of the way that Vindictus calls on it numerous times through the game.

You claimed just because it was a dll, it was "masked". Something that is obscure is indeed harder (which is why packers use obfuscation and virtualization).

Getting it to stop is easy. The numerous calls is bullshit. There are two calls in the beginning, AhnHS_Init and AhnHS_StartService (Both of which are virtualized, so you probably didn't even notice). The rest are periodic calls to AhnHS_MakeResponse. All of these functions enter ehsvc.dll through the export ordinal 10. With one entry point it is easy to filter out the init and start service functions and only let the response function calls through. Using some small patches to the response function, HackShield is still "running", albeit only the heartbeat portion.

Or you could just emulate the response function completely and create a dummy dll. The function is quite simple.

So much for extremely difficult.

[Dracconus]

ya'know, I was going to type out this really long elaborate message telling you off, but you're honestly not worth it.
I'm tired of typing a bunch of shit you won't read properly because hooked on phonics failed you, so I'm going to keep this simple.
Either prove it or shut up.
There, that was easy.
-----------------
Oh, and @Zaiakunokami We could get along if people recognized potential outside of their own ego's, and didn't base assumptions off a simple statement that was typed before I even looked into hackshield, or the way vindictus handled it.
-----------------
Oh, and before you go posting more random insignificant bullshit @Fovea, I meant what I said at the beginning of this post.. Since you've got such extreme knowledge with hackshield, and seem to be SO willing to just randomly insert your comments over everyone else, prove your knowledge, and do what you say you can, or shut up, and prove me right.
Now, Seriously this time, type all you want, you're jus going to be ignored by me because you're starting to get repetitive, and that holds no grounds.
It's not any fun to pick on the simple people.

[Fovea]

I already proved my knowledge on HackShield, you have shown nothing like all the charlatans, big vague words and no details. My reading comprehension is immaculate. It is you who has no control over what you say.

I'm not saying that I'm better than you, nor did or will I until it's proven,

but the bottom line is I've probably got more general knowledge in ANYTHING than you and 3/4 of the people on this entire website.

Seems like you don't even know how to formulate a proper argument. Contradictory much?

Excuses one after another, now you say it was before you even looked at HackShield? The language you used was intended to impress and get others to think you know shit, when you don't. HackShield and rootkits... you never know when to stop now do you?

A charlatan through and through.

[Checkbox]

This is a particularly interesting thread. The only thing I would disagree on is your assessment that bypassing Hackshield is easy. I found that disabling the bulk of Hackshield functionality and still send correct data during heartbeat to be a pain in the ass. I'm not sure what modifications you made to get it to work, but I've never been able to skip over the initialization, only gimp it.

Also, on the matter of an emulator, unless they're able to recognize encryption/decryption algorithms from disassembly and spot the differences from standard implementation, I'd hardly call it simple. Even if they get past that hurdle, they still have to reverse the challenge/response packet format and reverse/implement the different response types. Although there is public information on this stuff, a lot of it is fairly outdated/inaccurate so they are still left with having to reverse those details themselves.

Like everything else, it requires effort and a serious time commitment.

I wrote a bypass for Mabinogi's Hackshield and when it became too much of a hassle to maintain, I used it to get the details necessary to write an emulator. It wasn't easy but it was worth the effort since I'm able to use this with other games that use Hackshield (including Vindictus).

While there never have been any conversations between us, I'd like to think you see me as someone who knows what he is talking about. I have the utmost respect for you and your work, so if you read my post and assume I'm just talking out of my ass, you're welcome to send me a PM requesting further details.

[Dracconus]

This is a particularly interesting thread. The only thing I would disagree on is your assessment that bypassing Hackshield is easy. I found that disabling the bulk of Hackshield functionality and still send correct data during heartbeat to be a pain in the ass. I'm not sure what modifications you made to get it to work, but I've never been able to skip over the initialization, only gimp it.

Also, on the matter of an emulator, unless they're able to recognize encryption/decryption algorithms from disassembly and spot the differences from standard implementation, I'd hardly call it simple. Even if they get past that hurdle, they still have to reverse the challenge/response packet format and reverse/implement the different response types. Although there is public information on this stuff, a lot of it is fairly outdated/inaccurate so they are still left with having to reverse those details themselves.

Like everything else, it requires effort and a serious time commitment.

I wrote a bypass for Mabinogi's Hackshield and when it became too much of a hassle to maintain, I used it to get the details necessary to write an emulator. It wasn't easy but it was worth the effort since I'm able to use this with other games that use Hackshield (including Vindictus).

While there never have been any conversations between us, I'd like to think you see me as someone who knows what he is talking about. I have the utmost respect for you and your work, so if you read my post and assume I'm just talking out of my ass, you're welcome to send me a PM requesting further details.

That's the thing though, is yeah, anything is possible, but the methods in which you're going to have to go about it are WAY too time consuming, and too much work to get hacks working when we...already do.
LOL

[Checkbox]

Not really, it's undoubtedly worth the effort for both developers and end-users alike.

[DanK]

I'm sorry @dracconus, you are a good friend, but here you are wrong.


@Fovea is a well respected person in not only this section but the entire forum. He has already proven his name and capabilities countless times (check out the programming section you will see him help many people with his extensive knowledge).


I find when Fovea talks about a subject like this it's better to just listen, because you undoubtedly will learn something.


Finally, I really fail to see even what you guys are actually arguing about.. :/


@Checkbox, you may have some knowledge but you are nothing like Fovea and not near to his level. You are a holier-then-thou douche, who think he's better then anyone not possesing the same skillset.