Help with Coding

[mihai2mn]

Thanks dude, you're awesome, wish I could've been of more help on this. Gave up smashing my head on this problem as I clearly cannot do it with my nonexistent skills, but I am doing some CE tutorials right now and using the outdated .dll for the time being.

EDIT:

You said the .dll file is encrypted, well the confirmation packet that the server sent over had a 4 part encryption key inside. That might be what you need to decrypt the .dll file.

Join me here for easier communtication di scord.gg/5zfKzx

[mihai2mn]

BoneShay. Did you manage to make any progress?

[AudiQuattroV8]

It's actually quite easy to get the overlay.dll itself (you're able to download the dll by simply requesting it in your browser (simply add /overlay.dll to their domain)),
but you can't just inject it and use it.

By the looks if it, they even managed to somehow detect the trial time bypass,
since it's loading and injecting just fine, but "magically" unloading itself after a few minutes (along with showing "timeout" in the top-left corner).

The access itself seems to be done via a set of different php files on their server, along with a certain set of "flags" (or whatever the additions to the URL are called).
Even the Days and hours left are managed via the request / response from the php files.

So, well, there might be a way to get it working, at least if you know what you're doing

[mihai2mn]

I knew all that except how to get the .dll just by watching the packets which is why I focused on spoofing the packets but just couldn't get it to work with any softwere I tried using and don't know how to use python scapy which should actually do the job. Did you check to see if the encryption keys in the packets actually do anything?

This is what the confirmation packet for the trial has in it.

trialtime;&keyp1=0199C518&keyp2=019F0C40&keyp3=019 E6CD9&keyp4=019DB0D4&daysleft=0&hoursleft=0&da&key p10=06833afbef1f2314c536403cc8337cc3&keyp11=06833a fbef1f2314c536403cc8337cc3

Do you think you can do anything with this. Especially if you match it with the email and password this was generated for.

[Boneshay]

I knew all that except how to get the .dll just by watching the packets which is why I focused on spoofing the packets but just couldn't get it to work with any softwere I tried using and don't know how to use python scapy which should actually do the job. Did you check to see if the encryption keys in the packets actually do anything?

This is what the confirmation packet for the trial has in it.

trialtime;&keyp1=0199C518&keyp2=019F0C40&keyp3=019 E6CD9&keyp4=019DB0D4&daysleft=0&hoursleft=0&da&key p10=06833afbef1f2314c536403cc8337cc3&keyp11=06833a fbef1f2314c536403cc8337cc3

Do you think you can do anything with this. Especially if you match it with the email and password this was generated for.

Im sure you can, because in that link with the Waroverlay files there were two packet injections that intercepted the Trial Time when placed in the same folder as the DLL, so if we can replace the DLL in that one with a new DLL (using what Audi said) and PRESTO! We got it! But thats for you to try because the Download link was taken down and I deleted the folder believeing it was useless :P

[mihai2mn]

I still have the files and can upload them again. I tried injecting them myself but none of the softwere I knew how to use would work, everybody recomends using python scapy, but I can't even get it to start on my PC for whatever reason.

- - - Updated - - -

[Boneshay]

I still have the files and can upload them again. I tried injecting them myself but none of the softwere I knew how to use would work, everybody recomends using python scapy, but I can't even get it to start on my PC for whatever reason.

- - - Updated - - -

Or if the attachment does not get approved then go to ********/#!5Z0EAbTB!udW80PVuG4cPIOpEXPSBTWNsUqTo3xje2zqQ0gj xDcQ, hopefully this post won't get taken down.

Ive been having the same problem, I just use Radare2 but I dont think itll work like Scapy. Thing is that it opens the Windows Command Prompt and crashes immediately. Maybe I can do the same thing in Radare2? I'll see what I can do.
EDIT: By the way, I tried the DLL replacement and it doesnt work. It just opens a window saying "Time out" and closes the injection so I think we need to do what youre trying if we really want to crack this hack. Manually inject the Packets.

[Bashe 5abil]

Ive been having the same problem, I just use Radare2 but I dont think itll work like Scapy. Thing is that it opens the Windows Command Prompt and crashes immediately. Maybe I can do the same thing in Radare2? I'll see what I can do.
EDIT: By the way, I tried the DLL replacement and it doesnt work. It just opens a window saying "Time out" and closes the injection so I think we need to do what youre trying if we really want to crack this hack. Manually inject the Packets.

hello do you have *******? can you please giveme you discrod contact i think i give you somthing but i also need your help

[mihai2mn]

AfterGlow#1738 or join the server I made for this at d iscord.gg/8CeMr. Or give us your d scord username boneshay so we get in touch like that. We have a few people on here already.

[[MPGH]Ahl]

I still have the files and can upload them again. I tried injecting them myself but none of the softwere I knew how to use would work, everybody recomends using python scapy, but I can't even get it to start on my PC for whatever reason.

- - - Updated - - -

2 screenshots and 2 virus scans required

[Crom32]

Any updates mates ?

[ernos]

I'm working on a crack for WarOverlay right now. It would be alot easier for me if I got this to work: /showthread.php?t=1311106
It's about getting more free trails by changing IP address and HWID + mail address. I can't get that to work though. Anyone got any suggestions there or is it patched already?

mihai2mn:
I'm very interested in checking that thread out on tophope.ru but I don't speak Russian... Could you find the thread for me so I can run it through google translate at least?

Boneshay: I'm very interested in your approach too, freezing the timer. If you could give me any hints as to how to find the function. What microsoft functions does WarOverlay use for the timer?

I work mostly in Immunity Debugger or Olly Debugger. And after that C++ to program the crack, but in this case I will just patch/edit the Loader.exe file.

Maybe us three could get together on some chat somewhere and beat this? Lets do it. Or if you guys use skype etc for faster correspondence.

I'm interested in working with you mihai2mn and/or Boneshay. I've made some progress in trying to get the DLL injected without a valid subscription but I'm not there yet..


EDIT UPDATE:
First of all, turns out I didn't read the whole thread before posting hehe. Sorry about that. Anyways. I got the DLL file decrypted now, so I'm going to try to find the functions where that messagebox "time out" gets thrown from and work my way backwards from there.. Can we guys talk privately somewhere? Tell me if you have any suggestions.

[mihai2mn]

Hit me up on D scord at AfterGlow#1738. Myself and another guy did get something working, but i'm pretty sure it's too obvious to not get banned for. Would've replied yesterday but the forum didn't work.

Welcome to the struggle.

[Kardan69]

Any news ?

[DDR2403]

Hit me up on D scord at AfterGlow#1738. Myself and another guy did get something working, but i'm pretty sure it's too obvious to not get banned for. Would've replied yesterday but the forum didn't work.

Welcome to the struggle.

Is there any progress? We're still waiting