Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- WARNING! Never give the player with information about protection!
- WARNING! NEVER LET PLAYERS STATISTICS ACCESS PROTECTION!
- WARNING! THINK HUNDRED TIMES BEFORE SWITCHING ON THE SECOND REGIME!
- ----------------
- Setting the protection
- ----------------
- 1. Change hAuthD.ini
- Change the value of guard:
- [Ext]
- guard = 1
- Add the line:
- [Guard]
- ClientCRC =
- GuardCRC =
- Mode = 0
- Cheaters = 5
- AutoBan = 0
- HotToBlack = 0
- MaxWin = 0
- 2. Change databases
- Add a table user_account fields:
- hkey - varchar (16)
- cheat - int (default 0)
- mask - varchar (15)
- Script:
- USE lin2db
- ALTER TABLE user_account ADD hkey varchar (16)
- ALTER TABLE user_account ADD cheat INT NOT NULL DEFAULT (0)
- ALTER TABLE user_account ADD mask varchar (15)
- 3. Changing the client files
- Copy and fire.dll msxml4g.dll in the folder system (replacing the old files)
- msxml4g.dll - a renamed file fire.dll (from the original client).
- The archive is version for Hellbound.
- If you are using another client (C4, Interlude, Gracia, etc.), then take
- original fire.dll (not to be confused with file security) and rename msxml4g.dll.
- Otherwise, the client in some locations will fly with the error:
- Can't bind to native class Fire.FractalTexture
- -------------------
- Description of parameters
- -------------------
- ClientCRC - CRC file L2.exe (if not specified, it is not checked)
- GuardCRC - CRC file fire.dll (if not specified, it is not checked)
- You can enter multiple CRC separated by commas.
- CRC files can be found using the utility crc32.exe or look in the archives WinRAR
- Mode - mode of protection. Possible values ββare 0, 1 and 2.
- Mode 0:
- Input is possible as usual client and secure.
- The rest of the 0 mode is the same as Mode 1.
- Mode 1:
- Allowed only protected by the client.
- If you find illegal software or prohibited activities:
- - A message in the log (the same in the file)
- - Changing the field value tables user_account cheat for this account
- - ENTER THE GAME ALLOWED
- This is the recommended mode!
- Mode 2:
- Differences from Mode 1:
- - ENTER THE GAME IS DENIED
- - HKey added to the temporary list Hot_hKeys
- Hot_hKeys:
- - The list is not saved when closing the program
- - Entering the game with a key from the list of banned
- Cheaters - minimum value of the cheat in which the account
- is locked (either automatically or manually).
- Use the menu 'cheaters' (block all / show list) and function
- Autobahn (parameter autoban under guard).
- A value of 0 associated with the parameter functions are not available.
- Attention! Accounts are locked in a table on the field block_flag2!
- AutoBan - the interval in minutes between calls automatically
- locking accounts (actually there pressing the 'block all').
- A value of 0 is disabled. The minimum value of - 60.
- HotToBlack - add all hKey from the list of file Hot_hKeys Black_hKeys.txt
- Actually only the second protection mode (mode = 2).
- MaxWin - allowed number of simultaneously running clients Lineage.
- -------------
- Section CHEATS
- -------------
- Add to hAuthD.ini:
- [Cheats]
- ; Wicked Patcher
- 1 = 1
- ; L2Walker
- 2 = 1
- ; L2Walker IG
- 3 = 1
- ; WS2_32.dll
- 4 = 0
- ; Dead thread
- 5 = 0
- ; MiniProxer
- 6 = 1
- ; L2Control
- 7 = 1
- ; Blocked explorer
- 8 = 0
- ; L2PacketHack
- 9 = 1
- ; WinAPI Hack
- 10 = 1
- ; Wicked Patcher (ports)
- 11 = 0
- ; L2Walker VerifyServer (ports)
- 12 = 1
- ; Fake Login Server (ports)
- 13 = 1
- ; L2PacketHack (ports)
- 14 = 1
- ; ZRanger
- 15 = 1
- Section allows you to adjust the response guard-server module authorization
- the various cheats. The name parameter - the number of readers. Value - how much
- increase the value of a particular field cheat account at
- detection reader (default - 1). If you specify 0, the field remains a cheat
- unchanged, but the information is displayed in the log. If -1, then all cheat
- ignored.
- Attention! When you work in security mode 2 (mode = 2), enter the game banned
- only if the amount of 'cheat' the current session is greater than zero!
- The example partition configuration ensures that no false
- operations security (details below).
- Description of "cheating":
- Wicked Patcher - running Sauron'a "WP PPC".
- Is a proxy server (full access to the traffic analysis and intercept).
- Link: http://sauron.x33.ru
- L2Walker - on your computer is running a bot (OOG or IG).
- Attention! This does not mean that you are logged into the game by a bot!
- Link: http://towalker.com
- L2Walker IG - in the current process L2.exe embedded module ingeym bot.
- Attention! In contrast to the messages 'L2Walker' which means that
- boat used by this account!
- Link: http://towalker.com
- WS2_32.dll - a folder containing the file is located L2.exe ws2_32.dll.
- This DLL is used for intercepting calls to the standard
- Windows libraries to work with the network.
- Attackers using ws2_32.dll can perform analysis and
- interception game packages. Also, this library is used
- L2Helper bot to redirect the client to the fake-server.
- Dead Thread - dead stream protection.
- Fire.dll at the beginning of his work starts two threads, which
- are an integral part of the defense. This message means
- that at least one thread was not started or was stopped.
- MiniProxer - running proksifikator Sauron'a.
- The program performs redirection of traffic.
- Usually used in conjunction with "WP PPC".
- Link: http://sauron.x33.ru
- L2Control - running L2Control (radar, pilot, etc.).
- Website: http://www.l2control.com/
- Blocked Explorer - the system is running the explorer.exe process to which
- no access, and this suggests that:
- 1. the system operates another user
- 2. do not have access to the processes of this user
- Criminals create a new account with the rights of guest and
- L2.exe runs as this user. As a result, DLL can not
- access to other processes and exercise some control.
- L2PacketHack - running xkor'a L2PacketHack
- Is a proxy server (full access to the traffic analysis and intercept).
- Website: http://coderx.ru/
- WinAPI Hack - found interference in the WinAPI functions.
- Protection has a number of tests to validate the use WinAPI fuktsy.
- This message means that during the inspection it was found
- that some functions will not work properly.
- It may also mean finding the program HideToolz.
- Wicked Patcher (ports) - listening TCP ports Wicked Patcher
- Verification is one port, so it is possible matches.
- L2Walker VerifyServer (ports) - listening TCP ports L2Walker VerifyServer
- Verification is on two ports, the coincidence is unlikely.
- Fake Login Server (ports) - listening TCP ports Fake Login Server
- Verification is on two ports, the coincidence is unlikely.
- L2PacketHack (ports) - listening TCP ports L2PacketHack
- ZRanger - running ZRanger (radar, pilot, etc.).
- Website: http://zranger.net/
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement