Hardline Dreams - A Python Matrix Online Server Project

Full Version: MxO Client - Preventing Debugging (updated)
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
Note: this info is preliminar and not a 100% fact (yet)

Its possible to use a debugger to see how matrix works. It doesnt work in the end when ya need to see a full login example, because it stops randomly and doesnt go-on or make a jump to innaccesible memory addresses.

Just why and how?

Answer to the first part is obvious: self protect code
To the second part: looks like it got some antidebugger code just as follows:

Object "CLTEvilBlockingLoginObserver"
--> Method "WaitForEvent()"

Apart from the "evil" tag, if we search info about "WaitForEvent()" on c++ in google, we can see that method waits for an event (internal or not) to stop waiting and go-on. this could be done infinitely and just f... stops your debugger.

UPDATE:

As it was in some ways guessed, MxO client got anti-debugging meassures to assure itself that there is no one trying to reach its internal code.

This meassures can be bypassed using standard and public available plugins that make a masquerade to the debuggers on the market.

Using this method provides a full login sequence till world server, even debugging when playing.
updated (see above)

rajkosto

hah, nothing evil about CLTEvilBlockingLoginObserver
its just a login observer class that "blocks", which is considered "evil" in todays multithreaded applications
i have actually found the dll/exe to have very MINIMAL anti debug, its even compiled with some debugging info left in and some optimizations disabled (because its quite old, and they didnt care, and the class design is complex enough)
if you dont know what a "observer" is, then what are you doing reverse engineering this ?
http://en.wikipedia.org/wiki/Observer_pattern
(06-29-2009, 05:09 AM)rajkosto Wrote: [ -> ]if you dont know what a "observer" is, then what are you doing reverse engineering this ?
Maybe we were waiting for you to bring us light.

Myself ever did any reversing, just doing this as playground / starting sandbox :S.

So any help/guide/tutor appreciated xD.

To me was like a boolean:

Hidden debugger -> works
No hidden debugger -> fail

So.... that