EasyMap for Diablo II v1.1 - Release

Status
Not open for further replies.

Ntrik_

Premium Member
Joined
Jan 19, 2004
Messages
9,687
Reaction score
4
You go Heather... Im not trusting Netter for the shits that happened year ago? Or was it like months ago?

Yea.
 

Jerk_Head

Member!
Joined
Aug 1, 2005
Messages
31
Reaction score
0
Ok, I'm extremely confused. I downloaded this maphack right as it came out, installed it, and have been running it for 2 days. Then I come back here and see all this shizit about backdoors and trojans and "Jan was never trusted, blah blah blah!" I'm pretty new here and I never heard anything about Jan. If some people are saying they went through the hex and it is safe, how the hell can it not be??

Please, someone WITHOUT SAYING ANYTHING ABOUT JAN'S HISTORY, tell me whether this file is safe or not!
 

Shodokan123

Member!
Joined
Mar 10, 2004
Messages
22
Reaction score
0
Website
Visit site
well

if you all didn't know... there is encripted coding inside the .dll

so netter, explain what that coding does please.
 

Status

Member!
Joined
Jul 18, 2005
Messages
37
Reaction score
0
I think that the mh is a bd, because I startded my D2, and I got into a game blah blah blah, I exited the last game, and it froze, after experiencing EXTREME LAG. Then, I closed my D2 and restarted, now, 2 hours later, my key is in use. The bd steals your cdkey.mqp file I think. So it shows your own name or ID for the game, because there is no reason why I shouldn't be able to get on. If you value your cdkey, items, and accounts, You're probly not going to want to use this program. If anyone has any idea how to troubleshoot my situation, or has a logical explaination, other than the maphack is backdoored app, please tell me. I think I might talk to battle.net about my key. I have a reciept for it. =D
 

CORRODED

Member!
Joined
Aug 3, 2005
Messages
48
Reaction score
0
Location
On a plantation
in that case imma download it. imma gonna use it on a shitty mule char i have to see if nething pops. i keep a mule account seperate for things like this. in 2002 i lost alot of good shit downloading a bogus m/h so now i take things little more carfully. lol.
 

_Ace

BattleForums Senior Member
Joined
May 17, 2003
Messages
1,474
Reaction score
0
Location
Under my bed (Spain)
Website
Visit site
t.A.T.u97 said:
It works, yes, but it is Jan. Although I am a europe user (last netterhaufen things he would not release europe accounts) I'm still gonna wait another day or 2 for maphack. Friend talked to the guy and sure enough its backdoored. Heres what he said to moi:

Artwork © says:
it opend connection on port 1010
Artwork © says:
no mh does that unless it's scripted to send out packets
Artwork © says:
i read his source
Artwork © says:
and i found a nice backdoor in it

(Thanks ert you sexy hoe)

Really, impatience will pwn any of you. Its maphack for christ sakes....

Tell your friend he's more stupid than a turd.
I debugged the whole .exe and .dll, found nothing but the logging stuff (the debug mode that tells you what address it loads the dll to and that kind of stuff).
Opening a port to send out packets? Let's see... supposing that Jan wants to steal our stuff by opening a port (PLEASE LEARN SOME NETWORKING BEFORE STATING YOUR OPINIONS) he would have to know everyone's IP, then connect to that open port and then send a packet so the mh returns the thing's he want. I didn't see neither the opening of the port nor the packet sending stuff so yeah, tatu, either your friend is dumb or you suck at inventing shit.


EDIT:

Status said:
I think that the mh is a bd, because I startded my D2, and I got into a game blah blah blah, I exited the last game, and it froze, after experiencing EXTREME LAG. Then, I closed my D2 and restarted, now, 2 hours later, my key is in use. The bd steals your cdkey.mqp file I think. So it shows your own name or ID for the game, because there is no reason why I shouldn't be able to get on. If you value your cdkey, items, and accounts, You're probly not going to want to use this program. If anyone has any idea how to troubleshoot my situation, or has a logical explaination, other than the maphack is backdoored app, please tell me. I think I might talk to battle.net about my key. I have a reciept for it. =D
L M F A O
The fact that bnet tells you that the key is still in use by you is just that bnet thinks you are still using it because you lagged/dropped/closed d2 without letting it "close" the connection. So yeah, stop posting stuff like "OMFG MY DOG BARKS WHEN I RUN IT SO IT'S BACKDOORED FOR SURE"


EDIT 2:
Jan said:
I have released the final version of EasyMap. It now reveals shrines aswell.

Please relate to this thread for info:

http://www.gamemunchers.net/index.php?showtopic=577

I would like to ask the staff to delete *ANY* post saying this version of the file is infected, without showing proof (in other words: uploading the infected file and prooving the MD5 checksum matches the ones released with the original files).

-Jan
 

Strongest_Claw

BattleForums Junior Member
Joined
Dec 18, 2002
Messages
189
Reaction score
0
Website
Visit site
TheAce said:
Tell your friend he's more stupid than a turd.
I debugged the whole .exe and .dll, found nothing but the logging stuff (the debug mode that tells you what address it loads the dll to and that kind of stuff).
Opening a port to send out packets? Let's see... supposing that Jan wants to steal our stuff by opening a port (PLEASE LEARN SOME NETWORKING BEFORE STATING YOUR OPINIONS) he would have to know everyone's IP, then connect to that open port and then send a packet so the mh returns the thing's he want. I didn't see neither the opening of the port nor the packet sending stuff so yeah, tatu, either your friend is dumb or you suck at inventing shit.


EDIT:



L M F A O
The fact that bnet tells you that the key is still in use by you is just that bnet thinks you are still using it because you lagged/dropped/closed d2 without letting it "close" the connection. So yeah, stop posting stuff like "OMFG MY DOG BARKS WHEN I RUN IT SO IT'S BACKDOORED FOR SURE"


EDIT 2:
Wow, guys Ace is right. Just because everyone is so biased, you guys think that someone stole your key when you get CI... No but really, lemme get this straight, port 1010 is NOT OPENED by the maphack. Jesus,,,
 

FirebirdGM

Member!
Joined
Oct 2, 2002
Messages
35
Reaction score
0
Website
Visit site
I debugged the whole .exe and .dll, found nothing but the logging stuff (the debug mode that tells you what address it loads the dll to and that kind of stuff).
I took a quick look around with an x86 ASM decompiler, found some pretty strange stuff for a maphack. Certain DLL calls which should have nothing to do with a Maphack, along with things like accessing the registry.

Opening a port to send out packets? Let's see... supposing that Jan wants to steal our stuff by opening a port (PLEASE LEARN SOME NETWORKING BEFORE STATING YOUR OPINIONS) he would have to know everyone's IP, then connect to that open port and then send a packet so the mh returns the thing's he want. I didn't see neither the opening of the port nor the packet sending stuff so yeah, tatu, either your friend is dumb or you suck at inventing shit.
No, not really.

Assuming he coded the backdoor (And I'd guess that he did), he could make it do anything he wanted. There could be a few viable options:

A) It opens port 1010, then sends a notification through Winsock (Or some other protocol wrapper...) to his IP with their IP. Then he can just connect to it whenever he wants.

B) There is a custom daemon set up somewhere that is in a 'conversation' set-up. Infected computer sends packet saying it's vulnerable, daemon sends request for CD-Keys or whatever he wants, daemon recieves and stores in a database.

I don't know which (if either) is used for this program, or even if it's 100% infected, I just wanted to correct your faulty logic.
 

chocofilez

Member!
Joined
Jun 5, 2005
Messages
760
Reaction score
0
Location
USA NY
So this works (no strings atatched) or it doesnt? Thats all i want to know. Also, does it just show the map or does it have helpfull advanced options like C3PO. ie, Arrows to the next place or wp or whatever.
 

Jerk_Head

Member!
Joined
Aug 1, 2005
Messages
31
Reaction score
0
chocofilez said:
So this works (no strings atatched) or it doesnt? Thats all i want to know. Also, does it just show the map or does it have helpfull advanced options like C3PO. ie, Arrows to the next place or wp or whatever.
It worked fine for me for 2 days, but now I hear all this about bd, so I deleted the files and changed my passwords. All it does is show the map after pressing "-" on your numpad. No vector or anything like that....
 

fritfrat

Member!
Joined
May 30, 2003
Messages
456
Reaction score
0
Website
Visit site
This is my idea. Assuming it WAS infected, if I am behind a router and need to set up port forwarding to allow people to connect to me just for starcraft, would I in theory be safe if he could not connect to me, or can it just send out the information without him connecting to me?
 

fattyxp

Member!
Joined
Feb 13, 2004
Messages
221
Reaction score
0
Website
shawnjcox.sh.funpic.org
1.FirebirdGm, exactly where do you see registery editing APIs? I disassembled it using OlyDbg and w32dasm and there are no calls to it.

2.Also niether of the files has any encrypted coding, they both disassemble fine in both dasm's and display all the coding properly.

3. I think you guys just have it out for netter and aren't even looking at stuff and just inventing stories. I for one will use this because I'm not a ****ing retard and I've done this kind of checking with exes and shit for years. I've also programmed for years and I know what it takes for make a backdoor and other various stuff.

4. If he were to try and steal our keys, he would need access to our mpqs, which there are no file opening apis being called. second, he would need to make a shim that sits between diablo and b.net to capture and decrypt it as it's sent. But he isn't doing that here.

5. The people that are doing the scanning and claiming it opens ports... make sure your computers aren't infected PRIOR to making accusations. I left PortExplorer open all night last night to monitor my traffic. Nothing outgoing and nothing incoming from ANYTHING. No port 1010 opened, no ports other than what was suppose to be open (AIM)

So I'm going to use this, and whoever else wants to can use it as well. If you don't trust me or the forum staff who said it was clean, then don't. The decision is completely up to you.
 

t0astedmuffins

Member!
Joined
Oct 15, 2003
Messages
108
Reaction score
0
Location
michigan
Website
concept420.com
fattyxp said:
1.FirebirdGm, exactly where do you see registery editing APIs? I disassembled it using OlyDbg and w32dasm and there are no calls to it.

2.Also niether of the files has any encrypted coding, they both disassemble fine in both dasm's and display all the coding properly.

3. I think you guys just have it out for netter and aren't even looking at stuff and just inventing stories. I for one will use this because I'm not a ****ing retard and I've done this kind of checking with exes and shit for years. I've also programmed for years and I know what it takes for make a backdoor and other various stuff.

4. If he were to try and steal our keys, he would need access to our mpqs, which there are no file opening apis being called. second, he would need to make a shim that sits between diablo and b.net to capture and decrypt it as it's sent. But he isn't doing that here.

5. The people that are doing the scanning and claiming it opens ports... make sure your computers aren't infected PRIOR to making accusations. I left PortExplorer open all night last night to monitor my traffic. Nothing outgoing and nothing incoming from ANYTHING. No port 1010 opened, no ports other than what was suppose to be open (AIM)

So I'm going to use this, and whoever else wants to can use it as well. If you don't trust me or the forum staff who said it was clean, then don't. The decision is completely up to you.

Right on the money

btw NO PORTS ARE OPENED WHEN USING THIS MH!!!! jebus.. use netstat -n and look before you turn it on, then after you start using it...
 

Ntrik_

Premium Member
Joined
Jan 19, 2004
Messages
9,687
Reaction score
4
Ace until you give me hawt secks, Im not using it ;)

and opening port... that should be good for you, if you dont get the port opened, I dont think people can join your game.. well at least thats how it is in sC and WC.
 

chocofilez

Member!
Joined
Jun 5, 2005
Messages
760
Reaction score
0
Location
USA NY
Hopw does this load with the game. I didnt see any instructions. And also which is the right link to download this?
 
Status
Not open for further replies.
Top