Here's what happened, I play MTA-SA(Multiplayer San Andreas Game) and got banned of an online server. I still want to play on the same server however, so I tried changing my IP - didn't work, I tried re-installing MTA - didn't work, I tried re-installing with my hardware serials spoofed using an app called PB Downforce 0.2 - didn't work yet. Since all that MTA when banning is to store the hardware serial/IP/username - I tried changing all but so far it hasn't work. And I suspect that the hardware-spoof tool that I'm using maybe it fault for if it is indeed working as it should(and properly), then I should be able to bypass the ban on the server, no? Or is it that MTA stores some other info too to identify the banned person?
VMs sollten von MTA erkannt werden. Es gibt mehrere Wege, auch ohne seine Hardware auszutauschen. Ich werde da aber nicht drauf eingehen. Jeder Bann hat seinen Grund und sollte nicht umgangen werden. Die Chance, dass eine Serial doppelt generiert wird ist praktisch 1:unendlich.
Is there any other way or tool that you guys know that does hardware-spoofing or can get me around solving this problem? Here's the tool that I used for hardware-spoofing - PB Downforce 0.2 Please help and thanks in advance to anyone who does. Haha, you made up a lot of things actually. I got banned just once(because I killed the admin of that server on DM, how silly, no?). I tried spoofing my IP, Hardware serials and username to get in and give that admin a piece of his mind.
What I have to know here is what exactly is it MTA remembers about a banned person, now I no it's not just IP, Hardware serial or username or maybe the tool I used didn't work properly? Also there must be a way to change my MAC address, I guess.
– May 29 '12 at 12:41.
Since few days I'm trying to generate/spoof new MTA serial. What I've already tried: - Hooking WMI(it uses it for retrieving bios serial etc., but hooking doesn't change serial) - Hooking DeviceIoControl (it uses it as well, for retrieving hard drive serial, seems to be called on each connect with the server) didn't work - Hooking GetAdaptersInfo for MAC spoof - didn't work - Hooking internal API function GetSerial (netc.dll) worked, the serial looked changed but when joining the server original serial was used(probably there's one more ) - Reinstalling GTA+MTA and hooking again in the hope it will change. Additional info: the serial is also stored in the registry but it doesn't mean anything as the serial used in hand shakes is in memory. Other possibilities: - SID (generated uniquely on each new windows installation), there's a changer available but I'm afraid to use it and prefer to do it without modifying my system.
Some people tell their serial changed after upgrading/reinstalling their windows. The serial is stored somewhere on the hard-drive, or just a binary with hardware data. Did you manage to reverse what is used to generate the serial/or where the serial is stored? Netc.dll is injected in both Multi theft auto.exe and gtasa.exe but 90% it's generated in gtasa.exe I'm doing it for purely educational purpose and not intend to hack on servers, as I'm just curious of the method but it's kept as a 'secret' and knowledge only available to MTA staff.
They also have the driver FairplayKD.sys but I doubt it's generated there. It is a 'sandbox'. The serial is an MD5 hash most probably (or not 128bits = 16 bytes) but I doubt advapi32.dll functions are used for that. Quote: Address Size Label - - -.text:100192DB 0010 RIPEMD-128 InitState 32.le.16&.text:100 TEA1DS 32.le.4.text:1003581D 0014 SHA1 / SHA0 / RIPEMD-160 initialization 32.le.20&.text:101 anti-debug: anti-VMWare.21.text:1013B6BA 000C function where is handled the ZipCrypto password 32.le.12&.text:101 classical random incrementer 0x343FD 0x269EC3 32.le.8&.rdata:102 padding used in hashing algorithms (0x80 0.
Update: the serial is generated from 'checksum' stored in the registry, it's not even md5(HKEYLOCALMACHINE SOFTWARE WOW6432Node Multi Theft Auto: San Andreas All 1.5 Settings general) value is named 'cachechecksum'. Update: the serial is generated from 'checksum' stored in the registry, it's not even md5(HKEYLOCALMACHINE SOFTWARE WOW6432Node Multi Theft Auto: San Andreas All 1.5 Settings general) value is named 'cachechecksum'. First of all, sorry for my English (google). Allow me to congratulate you for your knowledge and the desire to learn that you have. Yes, apparently it is not an easy task, I spent only a few hours to see what it was about. And yes, most likely it takes binary data from hardware and there the serial is generated, I think the easiest thing would be to try to change all the serial or 'ids' of the hardware, system and then reinstall everything. If you find the solution please share it privately, so MTA does not look for another solution haha.
Mrpijerman is offline.