Help with Coding

[Boneshay]

HellO, Im bOnE

I would like to ask that someone assist me with coding some hack for WarThunder. Im looking to try and get a Lead Indicator and Aimbot going on, though I have no clue where I should start with this, any help would be fine. So uh, just respond with any bit of help and Ill be sure to credit you. I dont plan on distributing it, just for personal use and making it better and better.

EDIT:: Id like to state, Im sorta skilled with coding. I do some small stuff in my free time and have coded a hack for CSS, but warthunder is a odd ball and Im not sure how to tackle it. So thats why Im asking for help on this thread

[mihai2mn]

Man can you have a look to see if you can crack WarOverlay? I have no idea what I'm doing but from looking at the memory viewer it seemed like there might be a way to bypass account verification, or freezing the trial time or something like that, as there area a lot of annotations on the adresses. Another guy on the tophope.ru forum managed to extract the .dll file from the laucher and inject it directly. You can have a look there and I can give you outdated the .dll if you want to have a look.

EDIT: Just looked at the loader with IDA Pro and it easlily breaks down the code, and where and what each value is and links to, now if only I knew what each value actually meant.

[ScrubLord6669]

i would love to help but i am just learning c++ i hope all goes well and you are able to make a hack also if you are up for it try to make a 1shot 1 kill option

[Boneshay]

Actually, yes I CAN help with this. In IDA Pro I found out the Timers Memory Code, it stays frequent but Ive forgotten the Code Already , But with a bit of reworking in IDE I can freeze the Timer completely (I like WarOverLay, as its the only Warthunder hack I like and used because Im a cheap cunt). Ill keep you updated on it.

Edit: Also, Id like the DLL file as well, I dont care if its outdated. I can probably get it to work, well thats a definate because the Owner of WarOverLay has to Update it with every patch so yes Id like it to take a look at it and see if I can update it. If So Ill post about it and give a Download link on the Forum and if not Ill just Work on the WarOverLay in IDA and other programs to freeze the timer or something like that! So yes, please give me some links to the mentioned posts and the DLL please and Ill keep y'all updated!

[mihai2mn]

Well I've spent the last couple of days just smashing my head against this and even though I still haven't been able to do shit, I feel like I did gather a lot of info. I captured the packets that war overlay uses to communicate with the server and how they look, and have seen how the codes work.

I tried to do some packet injection to make it think like the server confirmed activation but I couldn't get any packet editor to actually work and inject into the loader, tried WPE pro and Redox Packet editor and they just wouldn't inject, and I don't know how to do inject packets with CE or something and couldn't get python scapy to work either. I have the packets that reject it, and the packets that accept it as a trial, and it literally says in the packet "x days, x hours left" and then I what I believe to be a standard 4 part key that might just be the same for my account and doesn't have any time information. Also, seraching the contents of the packets with CE string searcher finds the packets in memory, so you could find what writes and reads that part of the memory.

Here's the post

Ive attached the packets that have my HWid and email and password but they're all made up so they're safe to use and the .dll and .bin.

[vievx]

i cant download can u send me via skype the file ?

[vievx]

i have 0 skills but i inject the .dll file and works BUT appears only purple line to every tank so esp kind a works on 20% but i saw something in the russian site about .bin i dont know what is about but if we can inject it we can use full cheat i think....like i said i have almost 0 skills about this so ill need more help

[mihai2mn]

I didn't risk injecting the outdated .dll to my almost 5000 hours account. But good to know it kinda works. The .bin file appears when you load the external version of the hack. It's in there in the archive I uploaded also but I couldn't find any injector that accepts .bin files.

[vievx]

the menu appear and there is only purple line for the vehicles .....maybe if that is outdated if we can find updated dll i can try to inject it...i thought this is current dll file but we have to mix it with .bin thats why didnt work

[Boneshay]

Okay so, I spent about 6 hours last night browsing through the names and functions of every Memory line. I found the Memory line that asks for your Account info and Memory line that makes your Account allow the Injector to inject the .DLL into Warthunder, and I found the Termination Process Memory Lines that tells the Hack/EXE to terminate itself once your trial period is up, also I found the Timer as well. I can either remove the Termination Process, Get rid of the Acc. stuff (Most likely wont work), or freeze the timer completely and make it stuck at 0:01. Thanks for the link btw, I can probably use that to help a lot, but we'll see. Ill credit you in the Post if I can get this hack cracked!

[mihai2mn]

I've been trying a different approach and kept messing around with packet injection to fool the loader outright, I managed to get WPE PRO to find the loader.exe, and to look up the packets it's sending out, I already have all the in packets that I need, but actually inserting the custom packets into WPE is a total fucking pain, and even after manually typing one in hex as I couldn't find a better way it still gave me an error. And WPE doesn't want to in intercept the packets coming in to change them that way either.

Looks like this has been a bust as well. ((((

- - - Updated - - -

Also to keep in mind is that after the loader gets login confirmation from the server it keeps pinging the server constantly afterwards and waits to get a reply, otherwise it times out and kills the program. Keep that in mind for your crack, and try to stop the pinging altogether.

[Boneshay]

Id say to use Radare 2 or Medusa to manipulate the files codes. IDE doesnt allow much. With Radare or Medusa (not sure about Medusa tho) you can delete certain actions the Exe file will carry out so Id say try another Dissasembly Tool

[Boneshay]

I didn't risk injecting the outdated .dll to my almost 5000 hours account. But good to know it kinda works. The .bin file appears when you load the external version of the hack. It's in there in the archive I uploaded also but I couldn't find any injector that accepts .bin files.

I just thought of something. What if we replace the .Bin file with the outdated DLL with a more recent .Bin file?

[mihai2mn]

The .bin file is the updated one. It's the current fully fledged one. It pops up whenever you start the loader in external mode. The .dll file is the one i got from the tophope forum. If you could extract the updated .dll file from the .bin file then that would work as well. No idea how to go about it though.

- - - Updated - - -

The outdated .dll file actually works as a rudimentary ESP. It shows every body on your team, and about 70% of the enemy team, but any other function like autoaim and aim reticle doesn't work at all.

[Boneshay]

The .bin file is the updated one. It's the current fully fledged one. It pops up whenever you start the loader in external mode. The .dll file is the one i got from the tophope forum. If you could extract the updated .dll file from the .bin file then that would work as well. No idea how to go about it though.

- - - Updated - - -

The outdated .dll file actually works as a rudimentary ESP. It shows every body on your team, and about 70% of the enemy team, but any other function like autoaim and aim reticle doesn't work at all.

Yeah I found that out. I can attempt to extract the .DLL from the .Bin. I also saw something about "WarOverLay.Dll" in IDA pro. So maybe i can extract it from there. Im working hard on this. I'll check on that forum and see if I can find anything useful.
EDIT: Also, we could make a packet that would intercept the other packets and cancel out the Trial Period timer, it seems thats what he did in that file with the DLL
EDIT2: Bad news. Apparently the Creator of the hack has Encrypted the .DLL file in the .Bin according to the guy who posted it on that forum Though, I can always attempt to copy the code or something. OR I could make a hack on my own, it shouldnt be too hard if I can get a bit of learning with Memory Coding. So hey! Ill try that.