[Sychotix]

Quote:

Originally Posted by kynox

The function thats reading from it is inside of Warden.

It reads offsets (yes, you could hook this , but it also reads other data)..
Though Warden is dynamically allocated, so that address is quite useless once its unloaded .

yeah i know. BUT the game has to know where Warden is located, thus there has to be a pointer somewhere. The only problem that I see is i think it is multi-level and i HATE multi-level pointers -.- I traced back the function and got to a place where there was a long (if not continual) loop. That must be the loop in which it keeps scanning. What if we simply changed that loop to where it just kept scanning and never leave that section of code? =P

EDIT: by the way kynox, it would be MUCH easier to talk over MSN instead of hijacking a thread such as we have done =P mind PMing me your MSN or AIM? (only two i use)

EDIT2: I think i may have it bypassed as well. I traced the function all the way back to where it was originally called. The address is static as well. Anyone let me know a way to get banned by warden instantly and I will tell them =P

EDIT3: I now have 2 different addresses in which the complete warden function is called.

[Cypher]

Quote:

Originally Posted by Sychotix

yeah i know. BUT the game has to know where Warden is located, thus there has to be a pointer somewhere. The only problem that I see is i think it is multi-level and i HATE multi-level pointers -.- I traced back the function and got to a place where there was a long (if not continual) loop. That must be the loop in which it keeps scanning. What if we simply changed that loop to where it just kept scanning and never leave that section of code? =P

EDIT: by the way kynox, it would be MUCH easier to talk over MSN instead of hijacking a thread such as we have done =P mind PMing me your MSN or AIM? (only two i use)

EDIT2: I think i may have it bypassed as well. I traced the function all the way back to where it was originally called. The address is static as well. Anyone let me know a way to get banned by warden instantly and I will tell them =P

.text:00818D10 WardenAllocDealloc proc near ; CODE XREF: sub_4EA270+21Fp
.text:00818D10

Thats the function that handles allocating warden etc. If you hook that you can grab where it's being loaded in memory and even dump the entire module if you like.

[Sychotix]

nope that isn't where i found =P so far, I think jumping over my two addresses bypass the ban feature. Kinda like Maplestories Autoban thing... if you would normally have gotten banned, you just get disconnected. I changed both jumps and then changed my jump value. I jumped around for a little bit and then got randomly disconnected.

I will poke around that location though to see if i can find anything else out. maybe WoW will run without it?

EDIT: lol WoW ran fine for a while without warden "allocated" but it eventually disconnected. There is probably either a serversided or clientsided check. It could be like GG where the server sends a command or "hey are you there" and when it gets no response, it cuts the connection.

[Cypher]

Quote:

Originally Posted by Sychotix

nope that isn't where i found =P so far, I think jumping over my two addresses bypass the ban feature. Kinda like Maplestories Autoban thing... if you would normally have gotten banned, you just get disconnected. I changed both jumps and then changed my jump value. I jumped around for a little bit and then got randomly disconnected.

I will poke around that location though to see if i can find anything else out. maybe WoW will run without it?

EDIT: lol WoW ran fine for a while without warden "allocated" but it eventually disconnected. There is probably either a serversided or clientsided check. It could be like GG where the server sends a command or "hey are you there" and when it gets no response, it cuts the connection.

Err, WoW won't run without Warden there. If WoW sends a scan request and doesn't get a reply you get kicked from the server (and maybe the banstick, unsure). Sorry, I think you changed something else.

Also, bans are serverside, there's no address you can 'jump' to stop getting banned. The servers request a scan, warden copies the memory in the requested location and sends it back to the server, the server checks if it's valid, if not, banstick. The only way to bypass the bans is to spoof the correct values to the server when it requests them by hooking wardens scanning functions.

[Sychotix]

hm.... guess i just put a jump on if it sends the data back or not so it disconnected me due to no data =P

Also. If it works like that, it can be bypassed sorta like GameGuard. How about creating a CEM for WoW and having Warden read from that instead of the actual WoW? OR if its not possible for Warden to read things outside of the program, allocate memory and have it scan that =P

[-Lex]

Quote:

Originally Posted by kynox

Just so you guys are aware, warden is scanning this memory offset, and the wallclimbing offset. Any editing of these on live will result in a ban.

Quote:

i got banned >:X

Quote:

This will get you banned

Do you guys pay any attention at all when those few around here, who ACTUALLY know what they're talking about says something?

[Cypher]

Quote:

Originally Posted by -Lex

Do you guys pay any attention at all when those few around here, who ACTUALLY know what they're talking about says something?

Protip: Noone around here listens, we just like talking to ourselves.