Bots through PcIP and hop1 hop2 hop3

Support for the latest build of L2J Server, get help here with installations, upgrades, problems.
Do not post bugs reports here, use viewforum.php?f=77 instead.
There is no support for other server builds than the official provided by l2jserver.com
Forum rules
READ NOW: L2j Forums Rules of Conduct
Locked
User avatar
momo61
Posts: 1648
Joined: Fri Jun 06, 2008 2:05 pm
Location: Europe

Bots through PcIP and hop1 hop2 hop3

Post by momo61 »

delete
Last edited by momo61 on Wed Aug 31, 2011 1:20 pm, edited 1 time in total.
Top
User avatar
momo61
Posts: 1648
Joined: Fri Jun 06, 2008 2:05 pm
Location: Europe

Re: Bots through PcIP and hop1 hop2 hop3

Post by momo61 »

delete
Last edited by momo61 on Wed Aug 31, 2011 1:22 pm, edited 1 time in total.
Top
User avatar
osiride
Posts: 87
Joined: Tue Feb 19, 2008 6:30 pm

Re: Bots through PcIP and hop1 hop2 hop3

Post by osiride »

Known method used by some bot softwares.

Basically, 116.68.136.61 (wich is auth of Philippines retail servers) —or whatever— is used trough a loopback interface, that's why you see it in pcIp.

That's a very quick and ugly explanation, anyway; google 116.68.136.61 for more infos :)
Image
Top
Starter
Posts: 484
Joined: Sat Jan 23, 2010 4:42 pm

Re: Bots through PcIP and hop1 hop2 hop3

Post by Starter »

Very nice new tool which some of the guys of my server showed me as well and asked if I could blocking logging it with it like I dit with l2net. Heard it can even block backstabs and much more. Annoying. -.-
I have promises to keep and miles to go before I sleep.
Top
User avatar
Stake
Posts: 383
Joined: Sun Mar 23, 2008 9:33 pm
Location: Hungary
Contact:
Contact Stake

Re: Bots through PcIP and hop1 hop2 hop3

Post by Stake »

momo61 wrote:Update:

I asked the botting player, what tool he is using to bot. He said ZRANGER. it's a famous bot tool
I found a short description about that program in google, says:
Ranger uses a unique technology of traffic capturing and analyzing that allows to be absolutely transparent for such shield programs as GameGuard and so on. It provides almost unlimited possibilities. Note: the program DOES NOT use any kind of injections or another un-legit ways to handle GameGuard. The program does not contain any trojans and will not ever use your traffic for improper purposes.
However in this case, it's not just a "traffic capturing" tool, it doesn't capture the link layer packets. This is a local proxy that osiride said ("through a loopback interface"). Too bad, some people share these things on the net thus giving other people the "hacker power" with such simple user friendly programs. If this is what it says, then the "unlimited possibilities" contains the possibility of sending any pcip in EnterWorld packet.

We should find a way, like sending pcip in the packet header using a local proxy for every player and that the server communicates with, but I don't think we can modify the header escpecially in Java. However this can be done in C with raw sockets.

Edit: Found a RockSaw JNI lib for Java that can run raw sockets. :)
http://www.savarese.com/software/rocksaw/

Anyone with other solutions?
Image
Image
Top
User avatar
momo61
Posts: 1648
Joined: Fri Jun 06, 2008 2:05 pm
Location: Europe

Re: Bots through PcIP and hop1 hop2 hop3

Post by momo61 »

okay. got it. this topic can be closed. they are all bots =p
Top
Locked

Return to “High Five Support”