I. speed hack: http://www.zerowaitingtime.com/26001-download-Conquer.exe -------------------------------------------------- II. còn đây là cotobo: http://www.zerowaitingtime.com/25772-download-COtobo.rar -------------------------------------------------- III. speed hack (có trên máy rồi mà tìm lại không thấy đâu) ko upload được đau thật ------------------------------------------------------------------- I. bot nè nghiên cứu đi, cũng dễ thôi, - down file SV.exe o đây: http://www.zerowaitingtime.com/25526-download-SV-V070803-P4353V1.17.rar - down cái này: http://www.cheatengine.org/download.php cài ra máy và đọc của nợ sau: Revised May 17,2007 1) Normally SV do it's self like read/write process memory. They hook up conquer process and check value then determine bot action like click,pick,move or jump. When you activate bot it's will check your current window is conquer that match with bot version or not. If yes they will activate bot. During bot activate they have timer that synchronize between SV.exe and bot client on each conquer window. So our solution is finding what they talk each other and prevent criteria check that make bot slow or not respond. The most way to trace is using IDA pro for reference and using Cheat Engine for debug software. This program encrypt with UPX 3.0 try download from http://upx.sourceforge.net/ to unpack them before analyze with IDA pro. After expand countrymakeinus.dll and analyze with IDA pro. We must analyze 2 things on this DLL. 2) One thing is SV bot process. Normally it's start with some kind of command like this" QUOTE PUSH EBP MOV EBP,ESP MOV EAX,FS:[00000000] PUSH FF Just searching from "Search>Find assembly code" to find address of above command. 3) Second, Push your hook tiny code to execute file. I push this code in main loop program QUOTE 004049FB: PUSH EBP PUSH EBX PUSH ECX PUSH EAX PUSH EDX PUSHFD PUSH EAX PUSH ESI PUSH EDI PUSH 00000000 Using Search>Find assembly code to find it again then you must using hook command in next step. 4) Hook command, Using function call to trap key stroke is SetWindowsHookExA it's locate in User32.dll. Here is command to hook up process. QUOTE push 00000000 push 10000000 push 100039d0 // address first command from step 2 push 02 call SetWindowsHookExA 5) Now it's time to inject code with current SV bot. It's same as SV inject conquer.exe, we using cheat engine to make enable/disable and inject together. Press CTRL,A at memory view window in cheat engine then click Template>Cheat Table framework code at address you will inject in step3. You will got some kind like below. For example, I using return process at address 004049FB and inject to new memory address to run hook process. QUOTE [ENABLE] //code from here to [DISABLE] will be used to enable the cheat alloc(newmem,2048) //2kb should be enough label(Loop) label(exit) 004049FB: jmp newmem newmem: //this is allocated memory, you have read,write,execute access //place your code here cmp [10044004],ff je exit mov [10044000],00 pushad pushfd push 00000000 push 10000000 push 100039d0 push 02 call SetWindowsHookExA mov [10044004],ff popfd popad exit: push ebp push ebx push ecx push eax push edx pushfd push eax push esi push edi jmp 00404A04 [DISABLE] //code from here till the end of the code will be used to disable the cheat 004049FB: push ebp push ebx push ecx push eax push edx pushfd push eax push esi push edi 6) Last part is finding protection and place to push obcode, SV will disable all hook event by call UnhookWindowsHookEx, So just disable unhook process by set this in enable process, QUOTE UnhookWindowsHookEx: ret 0004 Insert protection check that you will not activate hook process again and again by checking memory address like below, QUOTE [ENABLE] cmp [10044004],ff // is bot is already activate or not? je exit // Yes jump exit mov [10044000],00 // No set variable wait state to Loop pushad // Save all register pushfd // Save flag register // ** Put Hooking process here mov [10044004],ff // Set bot already activate Loop: // Loop until uncheck to disable by checking variable mov eax,000000ff push eax call SleepEx push eax cmp [10044000],90 // Check variable is Loop or not Loop jne Loop popfd // return all register popad // return flag exit: // ** Code from original code [DISABLE] 10044000: // Set variable to not Loop nop UnhookWindowsHookEx: ret 0004 // Prevent unhook process There is routine to call internet open socket. So i find place that open internet connection and replace with code from newmem. QUOTE 004275C1: .. .. Call InternetOpenA .. ret 7) Here is instruction to make standalone version, QUOTE 1) Start 1.10 and Cheat Engine. here is infomation link for SV 1.10 http://www.elitepvpers.de/forum/index.php?...90&#entry567171 2) Load CheatEngine with cheatengine script then select ScriptVessel process and check box on SV 1.08-1.10 3) Start Conquer program and login normally and press F11 to activate bot.
http://www.zerowaitingtime.com/26001...ad-Conquer.exe dơ ve roi ma chang thay gi, search cung chang thay down cái này: http://www.cheatengine.org/download.php dow o dc English o biet doc sai qua roi sao ko ghi lai cho anh em tim hieu
nick yahoo ban la gi? cho minh add de hoi them 1 vai dieu dc ko, minh dơn ve roi ma crack ko dc Yahoo: [email protected]
