andros0789 (05-18-2016),dugboy (08-13-2014),japie2522 (10-08-2014),mamad_mh11 (03-12-2015),shryder (03-13-2016),THE MOB (02-14-2015)
I dumped their aCI module. Attached to this post as well.
Anyways, SSDD, they use the same stolen 4D1's idea of doing "troll %d" to send a ban.
However they changed it a bit. Here's the "new" format:
Code:sprintf(buffer, "troll %d %s", violation_code, 0x7EFB50);
0x7EFB50 points to a 96 bit HWID which they stupidly used wmic to make.
So basically, if you wanted to destroy their project:
Bypassing is as simple as preventing the module from being mapped.Code:static char charSet[] = "QWERTYUIOPASDFGHJKLZXCVBNM0123456789"; // Uses charSet to make a list of all possible HWID combinations. char* makeHWID(); // Set when all possible combinations have been created bool done = false; void BanAllHWIDs() { char buffer[128]; DWORD msgCall = GetProcAddress( GetModuleHandleA("libpm.dll"), "SendRandomString" ); while(!done) { sprintf(buffer, "troll 1337 %s", makeHWID() ); ( ( int ( * )( char* ) ) msgCall )( buffer ); } }
As they download it from their site and manual map it from memory.
Enjoy.
#Rekt
Last edited by Hitokiri~; 08-11-2014 at 03:16 PM.
andros0789 (05-18-2016),dugboy (08-13-2014),japie2522 (10-08-2014),mamad_mh11 (03-12-2015),shryder (03-13-2016),THE MOB (02-14-2015)
Sorry
//Approved.
Hitokiri~ (08-11-2014)