Originally Posted by
Sirmabus
Well this those teleporting ones do you see them doing quests?
I think they are doing the exact same teleport thing but it just doesn't matter if they banned.
There is one way to farm gold, more then likely clientless bot, where they create a new char do some of the starting quests for a few hundred gold.
They teleport from the new character spawn point to the quest NPCs do talk to them to complete the quest(s).
Then they transfer the gold to another character, delete the new character and start over again.
Now maybe they do get detected but by the time they are flagged the character doesn't even exist anymore, and, or the account probably doesn't even matter anymore.
I'm thinking with the accounts they are probably using stolen credit cards for them.
Certain lowlife Chinese farmers are known for this.
They use stolen PaPal accounts, etc., what ever they can to get WOW keys for example.
But I could be wrong, they've might have found some way to teleport with out getting flagged.
Well Juju's thing wouldn't be that hard to patch to the latest client if you can reverse stuff.
It looks like his last update was for client version "1.0.0.969973".
So if you open that client version and his last DLL in IDA Pro you should be able to figure it out.
Note his DLL uses relative offsets to account for ASLR.
So if you see in his DLL like ".text:1003342D mov *eax, [edx+0FCFE04h]" the actual address here is 0x400000 + 0xFCFE04 = 0x13CFE04 (where 0x400000 is the standard base with ASLR off).
Which happens to be ".data:013CFE04 g_pClientCore"
Once you located them all in that older client you should be able to match them up to the latest client(s). There is probably less then a dozen there.
Then you use a binary editor on the DLL and update the offsets, one could probably use some patching tool, or a custom one to automate these updates.