taultunleashed logoAion Hacks - Aion Anti-Anti-Debugger : Aion - Submissions
newtopic  postreply

Home » Forums » Aion » Aion - Submissions
 Page 1 of 1  [ 1 post ] 
 
blue large dot

Aion Hacks - Aion Anti-Anti-Debugger : Aion - Submissions
Posted: September 24th, 2009, 10:32 pm
 
Perfectworlder

Total Posts: 272
Joined: June 6th, 2009, 7:27 am Perfectworlder's Reps: 27
User avatar
premium
Credit Goes To mmoviper

Hey all,

Even though Gameguard has been removed from Aion's launch, some parts of its protection remain. For instance, when you try to run OllyDbg, Aion immediately exits. This guide will demonstrate one simple way to prevent that from happening. Ultimately, I aim to also remove Aion's anti-breakpoint code and all other anti-debugging code.

This guide assumes that you have the following software:

* OllyDbg
* AionPauser (written by myself in C# download binary+source)

http://ioj.com/v/gtvi0


Without further ado...

Step 1 -
Run Aion and (preferably) wait until you get to the login screen.

Step 2 -
Run AionPauser.exe and press space or otherwise suspend all of Aion's threads. This works because Aion's anti-cheat code runs entirely within its own process. Suspending all threads ensures that Aion can do _not shit_ against us. Leave AionPauser running - you will need it later to resume.

Step 3 -
Run OllyDbg, attach to Aion's process (default is AION.bin.) You will get messages informing you that AION.bin, CrySyste.dll, and Game.dll are packed. Just hit OK for all of them. Now, feel mildly satisfied that Aion hasn't shut down while OllyDbg is running and attached. Of course, Aion is still paused and we can't learn much from debugging a paused process! If we were to unpause now, Aion would almost immediately notice OllyDbg and shut down as before.

Interjection -
Now, thinking time. How was Aion detecting OllyDbg? It turns out that it uses several really, really commonplace and well-documented methods. One of which is the dumb-shit Win32 API, IsDebuggerPresent. So let's set a breakpoint on that API.

Step 4 -
Pressing CTRL+G in OllyDbg will open up the "Enter expression to follow" window. Type "IsDebuggerPresent" and hit enter. Press F2 to set a breakpoint on the function address that you jump to.

Step 5 -
Resume all threads by hitting space in AionPauser. Press F9 in OllyDbg to allow Aion to run. Smile as OllyDbg catches the IsDebuggerPresent breakpoint shortly after resuming.

Step 6 -
In the title bar of OllyDbg's CPU/debugging window (i.e. NOT OllyDbg's main window), you will see what thread IsDebuggerPresent was called on. Select View>Threads and _KILL_ the thread that was calling IsDebuggerPresent. By doing so, we've terminated the thread that was running anti-debugger code.

Conclusion -
Now Aion is running while OllyDbg is attached! Sadly, if you set a breakpoint, and the breakpoint is caught, Aion will crash.

TODO:

* Reverse the anti-breakpoint code
* Automate everything
Reply with quote
Want Advertisements After The Last Post Removed? Create A Free Account!

blue large dot Who is online
Users browsing this forum: No registered users and 17 guests

Home » Forums » Aion » Aion - Submissions

Popular Sections
SWTOR Cheats
Guild Wars 2 Cheats
Guild Wars 2 Hacks
Guild Wars 2 Bots
Diablo 3 Cheats
Guild Wars 2 Mods

 Popular Sections
WoW Cataclysm Cheats & Exploits
WoW Cataclysm Hacks & Bots
Star Wars The Old Republic Cheats
SWTOR Mods
Torchlight 2 Cheats
SWTOR Space Mission Bots
 Site Nav and RSS
RSS Feed of Aion - Submissions RSS Feed 
Sitemap of Aion - Submissions Sitemap 
SitemapIndex SitemapIndex
RSS Feed RSS Feed
Channel list Channel list
left bottom corner Site and Contents Copyright 2001-2012 All Rights Reserved TaultUnleashed.com bottom corner
top left
top right
createaccount
Username:   Password:   Remember Me?