Warden Wiki Page menu

User Tag List

Page 4 of 4 FirstFirst 1234
Results 46 to 60 of 60
  1. #46
    amadmonk's Avatar Active Member
    Reputation
    124
    Join Date
    Apr 2008
    Posts
    772
    Thanks G/R
    0/0
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Originally Posted by Cypher View Post
    YOU can't. But others can. It's called reverse engineering...
    ++ that. Right now, I'm too lazy/ignorant to find and steal and use the code that examines the Warden modules on the fly (wasn't that Shynd's work?). But once I get that working it's just a simple bit of disassembly to understand exactly what it's doing, and the fear level will go way, way down.

    Don't ascribe magic powers to Warden; it's still running in user mode on YOUR box, which means that given enough time and patience and knowledge, it WILL ultimately obey your will. Hell, if you want, you can just yank your net cable (although that might seriously detract from your gaming experience). This isn't the Matrix, folks.

    Hmm, wonder if I could use shimeng to... hmm.
    Don't believe everything you think.

    Warden Wiki Page
  2. #47
    luthien23's Avatar Member
    Reputation
    29
    Join Date
    Apr 2009
    Posts
    30
    Thanks G/R
    0/0
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Originally Posted by Cypher View Post
    Originally Posted by DaemonOnFire View Post
    Right.

    We can not proof what blizz is putting into warden and wow, maybe they just have fun seeing us trying to cloak our hacks.....
    I do not think that a company which earns millions over millions makes a game that can be hacked that easily without any notice of the owners.

    YOU can't. But others can. It's called reverse engineering...
    False. Reverse engineering can only tell you what has been put into released warden and wow. It can't tell you what blizz is putting into warden and wow.

  3. #48
    ramey's Avatar Member
    Reputation
    45
    Join Date
    Jan 2008
    Posts
    320
    Thanks G/R
    0/0
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Originally Posted by luthien23 View Post
    False. Reverse engineering can only tell you what has been put into released warden and wow. It can't tell you what blizz is putting into warden and wow.
    Oh boy Can't wait for this

  4. #49
    Nesox's Avatar ★ Elder ★
    Reputation
    1280
    Join Date
    Mar 2007
    Posts
    1,238
    Thanks G/R
    0/3
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Originally Posted by ramey View Post
    Oh boy Can't wait for this
    *grab's some popcorns and wait's for the action to start*

  5. #50
    Cypher's Avatar Kynox's Sister's Pimp
    Reputation
    1358
    Join Date
    Apr 2006
    Posts
    5,368
    Thanks G/R
    0/6
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Originally Posted by luthien23 View Post
    False. Reverse engineering can only tell you what has been put into released warden and wow. It can't tell you what blizz is putting into warden and wow.

    Are you retarded? If it's never pushed to the public why does it even matter what they put in it?

    Also, you're referring to an impossibility. If noone ever has a copy of the software to inspect, then NOONE can see what it does through ANY MEANS.

    Sigh, I'm much too tired to deal with this shit right now. Suffice to say, you're a ****ing moron.

  6. #51
    kynox's Avatar Member
    Reputation
    830
    Join Date
    Dec 2006
    Posts
    888
    Thanks G/R
    0/0
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Originally Posted by luthien23 View Post
    False. Reverse engineering can only tell you what has been put into released warden and wow. It can't tell you what blizz is putting into warden and wow.
    Your poor English is obscuring his point. You haven't worded your posts correctly and it's leading to confusion.

    What he said was, we can see what is currently in the module. Obviously we can't see what doesn't exist. For that would require the ability to bent the space time continuum.

    I'm not going to expose my methods for time bending, as i don't want to do get nerfed!

  7. #52
    luthien23's Avatar Member
    Reputation
    29
    Join Date
    Apr 2009
    Posts
    30
    Thanks G/R
    0/0
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Originally Posted by Cypher View Post

    Are you retarded? If it's never pushed to the public why does it even matter what they put in it?
    Who said anything about never being pushed to the public?
    I just pointed out that your statement was wrong because DaemonOnFire said "We can not proof what blizz is putting into warden and wow".
    Is putting is present continuous which expresses something that is happening now, at this very moment. Whatever blizz is putting into warden at this very moment you can't know so his phrase, orthography aside, is true.

    Originally Posted by Cypher View Post

    Also, you're referring to an impossibility. If noone ever has a copy of the software to inspect, then NOONE can see what it does through ANY MEANS.
    Yes, exactly, it's impossible, no one can see what it does.
    That is why DaemonOnFire is right when he says "We can not proof what blizz is putting into warden and wow" and why you were wrong when you said others can.

  8. #53
    Cypher's Avatar Kynox's Sister's Pimp
    Reputation
    1358
    Join Date
    Apr 2006
    Posts
    5,368
    Thanks G/R
    0/6
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Originally Posted by luthien23 View Post
    Who said anything about never being pushed to the public?
    I just pointed out that your statement was wrong because DaemonOnFire said "We can not proof what blizz is putting into warden and wow".
    Is putting is present continuous which expresses something that is happening now, at this very moment. Whatever blizz is putting into warden at this very moment you can't know so his phrase, orthography aside, is true.


    Yes, exactly, it's impossible, no one can see what it does.
    That is why DaemonOnFire is right when he says "We can not proof what blizz is putting into warden and wow" and why you were wrong when you said others can.
    Sigh. You do realize that with a little bit of work you can detect when new versions of Warden are pushed. Right?

    Tripwire and WardenNET are two examples of such projects.

  9. #54
    luthien23's Avatar Member
    Reputation
    29
    Join Date
    Apr 2009
    Posts
    30
    Thanks G/R
    0/0
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I do realize such a thing is true.
    DaemonOnFire's statement keeps being true though.

  10. #55
    Cypher's Avatar Kynox's Sister's Pimp
    Reputation
    1358
    Join Date
    Apr 2006
    Posts
    5,368
    Thanks G/R
    0/6
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Originally Posted by luthien23 View Post
    I do realize such a thing is true.
    DaemonOnFire's statement keeps being true though.

    Only because you're adhering to it in such a strict sense. And in that sense, it's a retarded ****ing statement to make in the first place.

    Its impossible to see into the future given our current knowledge and technology. <-- HURRRR. LUK GUIZE! IM RITE!

  11. #56
    lanman92's Avatar Active Member
    Reputation
    50
    Join Date
    Mar 2007
    Posts
    1,033
    Thanks G/R
    0/1
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    In the topic of warden..., will SEH through the DR0-7 registers work to hook warden's checksums? I was thinking about trying it out, but I don't want to risk my account since I don't think that trials are treated like real accounts. My main thoughts would be setting a read BP on the LuaProtection check and on QueryPerformanceCounter(). WoW/warden doesn't use GetThreadContext to check these BPs does it? If so, i would hate to waste a BP on hooking that =/

  12. #57
    Cypher's Avatar Kynox's Sister's Pimp
    Reputation
    1358
    Join Date
    Apr 2006
    Posts
    5,368
    Thanks G/R
    0/6
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Originally Posted by lanman92 View Post
    In the topic of warden..., will SEH through the DR0-7 registers work to hook warden's checksums? I was thinking about trying it out, but I don't want to risk my account since I don't think that trials are treated like real accounts. My main thoughts would be setting a read BP on the LuaProtection check and on QueryPerformanceCounter(). WoW/warden doesn't use GetThreadContext to check these BPs does it? If so, i would hate to waste a BP on hooking that =/
    1. You typically don't catch HW BPs with SEH, you catch them with VEH.
    2. You typically only use DR0->DR3 (which hold the actual addresses) and DR7 (which holds the mask of which out of DR0->DR3 are enabled).
    3. HW BP hooking is nothing new, and is very easy to detect. Warden only need to do a GetThreadContext and you're gone. There are also several other methods they can use. If you want to protect yourself you're going to need to hook NtGetContextThread, NtContinue, NtRaiseException, RtlAddVectoredExceptionHandler, etc. The number of APIs you need to hook to protect HW BPs is greater than the number of available HW BPs themselves. And that's ignoring the fact they could attempt to use HW BPs as part of Warden's logic and if the registers are unavailable then obviously someone is using them so at that point you could get kicked from the server.
    4. A HW BP on QueryPerformanceCounter isn't going to help you in terms of the speedhack check. It's not based on looking for a hook on that API, so you're wasting your time.
    5. Sure it would get around a "checksum" based check that looks purely for modified bytes, but its not gonna save you if they actually start looking for HW BPs (which is a trivial task).

  13. #58
    lanman92's Avatar Active Member
    Reputation
    50
    Join Date
    Mar 2007
    Posts
    1,033
    Thanks G/R
    0/1
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Well then. Screw that plan. How does warden actually detect speedhacks now? I figured they just checked for API hooks. Do they send data to do movement prediction to the client and have it send back a result?

  14. #59
    Cypher's Avatar Kynox's Sister's Pimp
    Reputation
    1358
    Join Date
    Apr 2006
    Posts
    5,368
    Thanks G/R
    0/6
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Originally Posted by lanman92 View Post
    Well then. Screw that plan. How does warden actually detect speedhacks now? I figured they just checked for API hooks. Do they send data to do movement prediction to the client and have it send back a result?

    They harness the power of sunspots to produce cognitive radiation. Warden is actually skynet. Don't hook it or it will become self-aware and take over the world.

  15. #60
    lanman92's Avatar Active Member
    Reputation
    50
    Join Date
    Mar 2007
    Posts
    1,033
    Thanks G/R
    0/1
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    .............................Okay?

    I know where the load function is for warden, but it's going to suck hooking it. Gonna say good-bye to return value hi-jacking...
    Last edited by lanman92; 06-03-2009 at 11:24 PM.

Page 4 of 4 FirstFirst 1234

Similar Threads

  1. anti-warden Release #1
    By zhPaul in forum World of Warcraft Bots and Programs
    Replies: 40
    Last Post: 10-21-2006, 01:40 AM
  2. Unpacked The Warden <
    By zhPaul in forum World of Warcraft Bots and Programs
    Replies: 45
    Last Post: 10-13-2006, 05:52 AM
  3. About Warden
    By Sebbe123 in forum World of Warcraft General
    Replies: 1
    Last Post: 09-21-2006, 12:18 PM
  4. Make FireFox Load Pages Faster
    By LightWave in forum Community Chat
    Replies: 4
    Last Post: 08-31-2006, 09:30 PM
  5. Warden
    By Chsz in forum World of Warcraft General
    Replies: 5
    Last Post: 06-19-2006, 10:16 PM
All times are GMT -5. The time now is 06:35 PM. Powered by vBulletin® Version 4.2.3
Copyright © 2025 vBulletin Solutions, Inc. All rights reserved. User Alert System provided by Advanced User Tagging (Pro) - vBulletin Mods & Addons Copyright © 2025 DragonByte Technologies Ltd.
Google Authenticator verification provided by Two-Factor Authentication (Free) - vBulletin Mods & Addons Copyright © 2025 DragonByte Technologies Ltd.
Digital Point modules: Sphinx-based search