Reply Subscribe

shadowslayer9 · 15 Hours Ago

-snip-

Jullian duna · 14 Hours Ago

what did it do to you like what did the site do?

shadowslayer9 · 14 Hours Ago

Jullian duna posted:

what did it do to you like what did the site do?

Its a new hack for garrysmod. I want to stop the infection before it stops.

Jullian duna · 14 Hours Ago

tell it to garry he might help

shadowslayer9 · 14 Hours Ago

Jullian duna posted:

tell it to garry he might help

Why did yuo think I posted this?

**gk99** · 14 Hours Ago

shadowslayer9 posted:

Why did yuo think I posted this?

To advertise.

**darth-veger** · 14 Hours Ago

People paying 20 euro for hacks in a game like Gmod.. I really can't see why you need this.

wh1t3rabbit · 14 Hours Ago

It's just a shock site? I didn't enable the flash on the main page but there is links to meatspin.com and 1guy1needle whatever that is (a shock video I haven't seen? I must inspect this when I'm not at work).

shadowslayer9 · 14 Hours Ago

gk99 posted:

To advertise.

Yes because in my post "Stop it before it starts" is advertise. Great job you are hear by rewarded the person that cannot read.

Other Things and leaked information:
- Doesn't use concommands
- Written in lua
- Detected by one anti cheat as far as I know
- Old version was leaked on pastebin

mfsinc · 14 Hours Ago

I'm well prepared for this. I'll come up with a 1-line Simple OH Detector sometime when it becomes a problem.

**Adzter** · 14 Hours Ago

-snip don't want to be involved with this shit-

shadowslayer9 · 14 Hours Ago

-snip-

**Adzter** · 14 Hours Ago

shadowslayer9 posted:

Send me the files and I would be glad to test them

I'm not distributing those files, sorry

**gk99** · 14 Hours Ago

shadowslayer9 posted:

Yes because in my post "Stop it before it starts" is advertise. Great job you are hear by rewarded the person that cannot read.

Other Things and leaked information:
- Doesn't use concommands
- Written in lua
- Detected by one anti cheat as far as I know
- Old version was leaked on pastebin

Actually, no. If you actually read your own post you'd know that you said "Why did yuo think" instead of "Why do you think." The title of this thread+that tense=my comment being perfectly reasonable and logical and yours just being outright stupid.

So in actuality, I can read; enough to know that you should maybe work on your spelling and grammatical skills. Also, I haven't got a clue what you tried to say in the second sentence other than "you can't read."

shadowslayer9 · 14 Hours Ago

-snip-

_Kyoto_ · 13 Hours Ago

That's an old version of his injector that got leaked awhile ago. It's probably not infected, but according to oubliette it has nothing to do with how his hack currently functions. You won't be able to reverse anything about his cheat out of that because it does not reside in the injector. I would still not execute that file if I was you in case whoever leaked it infected it with something.

Also, I'm not oubliette. My old account got banned for making a joke and I am currently waiting for a reply from the admin who banned me because I think he thought I was selling a hack (oddly relevant to this thread...)

mfsinc · 13 Hours Ago

Saved-as copy of the main page (he redirected oubhack.com to a shock site and closed down the server at the IP)

http://puu.sh/3Jn8M.rar

**gk99** · 13 Hours Ago

_Kyoto_ posted:

That's an old version of his injector that got leaked awhile ago. It's probably not infected, but according to oubliette it has nothing to do with how his hack currently functions. You won't be able to reverse anything about his cheat out of that because it does not reside in the injector. I would still not execute that file if I was you in case whoever leaked it infected it with something.

Also, I'm not oubliette. My old account got banned for making a joke and I am currently waiting for a reply from the admin who banned me because I think he thought I was selling a hack (oddly relevant to this thread...)

You do know that making a separate account to get around a ban is permabannable in itself, right?

_Kyoto_ · 13 Hours Ago

gk99 posted:

You do know that making a separate account to get around a ban is permabannable in itself, right?

Hopefully the mod who banned me understands why I broke that rule to PM him and doesn't mind.

**gk99** · 11 Hours Ago

_Kyoto_ posted:

Hopefully the mod who banned me understands why I broke that rule to PM him and doesn't mind.

You really should've just used the Refugee Camp.

zerothefallen · 10 Hours Ago

This cheat is hilarious

"Clientside no-clip" in it's features

good job, as if you can force a serverside thing with a lua cheat.

This is just a crap cheat that will get detected so easy, it probably even uses hook.add

SashaWolf · 9 Hours Ago

zerothefallen posted:

This cheat is hilarious

"Clientside no-clip" in it's features

good job, as if you can force a serverside thing with a lua cheat.

He means an effect similar to RabidToaster's "spiritwalk" script.

zerothefallen posted:

This is just a crap cheat that will get detected so easy, it probably even uses hook.add

I'll let oubliette defend himself in detail here, but in short it will be very hard to detect with lua.

He is using a method I posted in the old anticheat thread to get load priority, and he apparently detours pretty much every lua function there is to detour. This makes lua anticheats pretty much useless against it. I don't know what defenses he has in place to protect his DLL, but I know his injector manual maps. I don't know what garry is capable of in terms of making anticheats, but if it's anything like what he has shown up till now, I think he's kinda outmatched here.

**nick_9_8** · 9 Hours Ago

Jullian duna posted:

tell it to garry he might help

Get a new avatar.

zerothefallen · 9 Hours Ago

SashaWolf posted:

He means an effect similar to RabidToaster's "spiritwalk" script.

I'll let oubliette defend himself in detail here, but in short it will be very hard to detect with lua.

He is using a method I posted in the old anticheat thread to get load priority, and he apparently detours pretty much every lua function there is to detour. This makes lua anticheats pretty much useless against it. I don't know what defenses he has in place to protect his DLL, but I know his injector manual maps. I suppose garry could try some shenanigans with detecting window titles, but other than that I think garry's kinda outmatched here.

I'm very sure I'd have no problem detecting it.

SashaWolf · 7 Hours Ago

zerothefallen posted:

I'm very sure I'd have no problem detecting it.

The only problem is that he has load priority. Even if you somehow manage to find something, he can still easily steal your script and defend against it.

zerothefallen · 7 Hours Ago

SashaWolf posted:

The only problem is that he has load priority. Even if you somehow manage to find something, he can still easily steal your script and defend against it.

assuming he hooks runstring via an injection, there is nothing an AC can do, i guess.

Though if somehow my/an AC gets load priority, it'll get detected very quickly.

idunno, i'll watch how it plays out

SashaWolf · 6 Hours Ago

zerothefallen posted:

assuming he hooks runstring via an injection, there is nothing an AC can do, i guess.

Though if somehow my/an AC gets load priority, it'll get detected very quickly.

idunno, i'll watch how it plays out

I know oubliette pretty well and helped him with a few things. He knows what he is doing and I doubt there is much anyone can do to stop his hack. As of now the only thing you can do is screenshot. There is one other exploit I know of to detect his hack, but I will keep that to myself.

Edited:

shadowslayer9 posted:

Its a new hack for garrysmod. I want to stop the infection before it stops.

You won't be able to. (also, "stop the infection before it stops"... What?)

npypntz · 6 Hours Ago

Oh boy, another GMod paycheat, we're all doomed garrymode is dead hackers win again blah blah i am gay
Just "leak" the thing yourself and save me and others the trouble of RCEing, it's not fun or challenging anymore.

**Pantho** · 5 Hours Ago

It wasn't SethHack most people gave a flying fuck about, it was his close relations to a network attacking tool.

There will always be hacks, there will always be anticheats, people will always get banned for hacking, the hackers will bypass the new anticheats, the new anticheats will adapt, the circle of jerking shall continue for eternity.

vortex725 · 4 Hours Ago

-snip-

>>oubliette<< · 4 Hours Ago

vortex725 posted:

Code:

hook.Add("InitPostEntity", tostring(math.random(1, 9999)), function() timer.Create(tostring(math.random(1, 9999)), 5, 0, function() local path = debug.getinfo(func) and debug.getinfo(func)["short_src"] or "unknown"; if path != "[C]" then cam.End3D(); end end) end)

untested, would work for sethhack so will probably work for this one.

edit: would work for hacks that return debug.getinfo as an empty table (sethhack) or hacks that don't bother to detour debug.getinfo while detouring RCC

I don't know what func is, but C function paths are "=[C]".

Pantho posted:

It wasn't SethHack most people gave a flying fuck about, it was his close relations to a network attacking tool.

There will always be hacks, there will always be anticheats, people will always get banned for hacking, the hackers will bypass the new anticheats, the new anticheats will adapt, the circle of jerking shall continue for eternity.

I don't support network attacks. My FAQ :

-

Every piece of information ( besides that provided by mfsinc and Sasha ) is outdated, you can, by all means try and "crack" it with dotPeek or something; but it will be a waste of your time.

Ice05 · 4 Hours Ago

Pantho posted:

It wasn't SethHack most people gave a flying fuck about, it was his close relations to a network attacking tool.

There will always be hacks, there will always be anticheats, people will always get banned for hacking, the hackers will bypass the new anticheats, the new anticheats will adapt, the circle of jerking shall continue for eternity.

Unfortunately yes, the "circle jerk" will go on, I just wish Garry cared more for his game currently, I'm thankful that his game is still semi-actively updated, and that a great majority of script kiddies have been put out from play; but considering how much time SethHack went on for, I don't really think anyone cared about how much money Seth made from kids by getting people to promote his cheat, or the fact that how many users he had collected throughout the years without any disruption from Garry's end.

The idea of selling cheats is stupid, even if you're desperate for money to maintain yourself, and if programming is your one and only knowledge and profession, you should be making legitimate tools rather than trying to make a cheat to enable some kids who are desperate to cheat.
I have never understood people who started a project for themselves to keep private then came up with an idea to distribute and sell their cheats. That's just my opinion.

npypntz · 4 Hours Ago

>>oubliette<< posted:

- unfunny faq -

I will never understand this type of humor, probably because it targets 13-year old children with access to their parents' credit cards instead of 24-year old software engineers.
Oh well, have fun running a business full of clients with an IQ equivalent to the one of a plant.

**Lerpaderp** · 4 Hours Ago

Protip: Don't go to oubhack.com.

**roxi** · 4 Hours Ago

Simple just grab there LUA files.

If it does run VIA runstring just hook it on your game and save there LUA. *Simple*

>>oubliette<< · 3 Hours Ago

npypntz posted:

I will never understand this type of humor, probably because it targets 13-year old children with access to their parents' credit cards instead of 24-year old software engineers.
Oh well, have fun running a business full of clients with an IQ equivalent to the one of a plant.

It's obvious who will actually buy it, targeting my site at people that will obviously not buy it is stupid.

roxi posted:

Simple just grab there LUA files.

If it does run VIA runstring just hook it on your game and save there LUA. *Simple*

One file is run using RunString the rest aren't. The function that I use to run the rest isn't run if the bytes mismatch ones that I have stored. Detouring this function with something will replace opcode(s) with JMP (0xE9) and will probably NOP the rest.

npypntz · 3 Hours Ago

roxi posted:

How do you think SethHack was leaked?

Packet sniffing.

**roxi** · 3 Hours Ago

npypntz posted:

Packet sniffing.

nope

npypntz · 3 Hours Ago

roxi posted:

nope

Whatever you say sport:

Code:

SH.aimmodels["models/antlion.mdl"] = "Antlion.Body_Bone"
SH.aimmodels["models/E     109.123.66.192:80   192.168.1.100:58060   1440   Recv   antlion_guard.mdl"] = "Antlion_Guard.Body" 			
SH.aimmodels["models/antlion_worker.mdl"] = "Antlion.Head_Bone" 			
SH.aimmodels["models/zombie/fast_torso.mdl"] = "ValveBiped.HC_BodyCube"	

-- snippety snip --

	{ "sh_antisnap", 0 },
	{ "sh_antisnapspeed", 2 },
	{ "sh_targetE     109.123.66.192:80   192.168.1.100:58060   1440   Recva  players", 1 },
	{ "sh_targetnpcs", 1 },
	{ "sh_ignorefriends", 0 },
	{ "sh_dclos", 0 },

Samples taken from an ages old WPE dump Ice05 sent to ColdFusion (who then posted it on FP).

Ice05 · 3 Hours Ago

roxi posted:

nope

ColdFusion asked me if I could get WPE and make a string dump for him that's how it got leaked pre-release, because Seth has given me access when it was in development, however he revoked that later on. If I can find the old thread from 2010 I may be able to link it to you.

In short, Seth didn't encrypt the strings.

Reply Subscribe

Reply Subscribe

Message

Errors

The following errors occurred with your submission

Quick Reply