I haven't tried with anything serious yet or even gone in game, but i did manage to discover HOW they are checking the rez files and it may be VERY easy to bypass and it's something that should remain unpatched
commando: You're probably the best non-coder coder I know LOL
i'll give everyone a hint...
md5 spoofing is very easy...
md5clone
commando: You're probably the best non-coder coder I know LOL
Skaterforeva1 (12-17-2013)
Wow Nice o:
Thanks for the hint.
i you know how to use google, you'll figure it out from there
commando: You're probably the best non-coder coder I know LOL
it's just a checksum correct? Seems easy enough, but the easiest bypass would be to hook the function that performs the checksum and force it to return the valid number. Or i suppose the checksum must be stored locally somewhere so find that hash and change it to yours?
commando: You're probably the best non-coder coder I know LOL
hacking and hooking (with proper knowledge) is probably always easier. Frankly i think if they would have played their cards right, this could have been much funnier XD
imagine if they took the MD5's of the modded rez files for a month and any rez file that was different, insta ban
commando: You're probably the best non-coder coder I know LOL
commando: You're probably the best non-coder coder I know LOL
Not seeing a weak spot here without hooking or SQLi (very frowned upon).
----
I see you got the idea from this post:
https://www.mpgh.net/forum/211-combat...ml#post9108349
----
nvm just saw your post afterwards
Last edited by lilghost8631; 12-20-2013 at 09:07 PM.
it's easier to spoof it than it is to hook a function. If you were going to go that route though, no point in hooking sqli and doing all that crap. The game works on Send to Server commands. almost everything has an ID and parameters. Just figure out the ID and block the ID or manipulate the params. It's not that hard, that's how unlimited ammo works
commando: You're probably the best non-coder coder I know LOL
claypole2 (12-28-2013)