Defeating the MQ2 auth system

[Fry]

HOWTO: Building MQ2 that will run on ANY system. (Defeating the MQ2 auth system)

To defeat the MQ2 auth system, we had to figure out how it worked. So using FileMon (from SysInternals) we monitor what files are touched or modified by MQ2auth.exe. We cant help but notice that several Windows registry values are read. Doing the same with MacroQuest2.exe we see similar behavior. We can assume that MQ2auth.exe is creating auth hash for MQ2auth0.h based on the values of these registry entries. MacroQuest2.exe must therefore compare those registry entries to those compiled into MQ2main.dll and inject MQ2main.dll only if it finds a match.

Lets defeat it:


So we open the binary file MQ2auth.exe with a hex editor and search on a string found in one of the registry values that is being looked at by both MQ2auth.exe and MacroQuest2.exe. The string I looked for is “Microsoft\” as this is common with all the registry values that where touched by both MQ2auth.exe and MacroQuest2.exe. Using that hex editor, change Microsoft\ to Microsoap\ for every match in MQ2auth.exe. Why? Because no system registry entry will match this. Now, run the modified MQ2auth.exe. Build MQ2 normally. So we now have MQ2 built with auth hash entries that are NULL. Next, we need to make MacroQuest2.exe look for these NULL values so they match. Open MacroQuest2.exe and search for the same string, “Microsoft\”. Edit each string found to read “Microsoap\”. Save your changes. You now have a version of MQ2 that will run in ANY system.

 

[blahblah]

I've been doing my own compiles for awhile now, and have been doing this also. But now when i do this and give my compile to someone it tells them that its not authorized to work on their computer (or something like that). Anyone know what im doing wrong?

 

[meister]

Yep, I was away from EQ for about 8 months, just came back a couple of weeks ago, and realized that using this technique no longer works. I use 3 comps to box, and I have to use the MQAuth now. Changing the bit's isn't working.

 

[Psycotic]

This is how I'm handling the auth system for the main MMOBugs Compile. 568 downloads as of today, and so far, nobody has complained about the auth system.

However, I did make a copy of Macroquest2.exe and MQ2Auth.exe a few releases ago and edited them.. They're the copies I'm still using, instead of editing them every time..

 

[Fry]

This method still works. Make sure your using this MQ2Auth0.h.

MQ2AUTH(nipNQdVDTqnJEak_pnJCwgKlrhG);
MQ2AUTH(EPfqUKQuctzkcHhPxjeGXdBpxhk);
MQ2AUTH(OZGCqJQZPCNcnkK_umiWgMFHwCW);
MQ2AUTH(zFwfuULQtjDErRcPsiZvbewLCCf);

Okay one of those numbers is correct. I'm not sure why we have two numbers in our compile.

Fry.

 

[Aibohphobia]

This method still works. Make sure your using this MQ2Auth0.h.

MQ2AUTH(nipNQdVDTqnJEak_pnJCwgKlrhG);
MQ2AUTH(EPfqUKQuctzkcHhPxjeGXdBpxhk);
MQ2AUTH(OZGCqJQZPCNcnkK_umiWgMFHwCW);
MQ2AUTH(zFwfuULQtjDErRcPsiZvbewLCCf);

Okay one of those numbers is correct. I'm not sure why we have two numbers in our compile.

Fry.

They don't look like numbers to me... I guess that's why I don't program.

 

[meister]

So ya, i'm an idiot. I was changing only the first instance of Microsoft in the MQ2Auth.exe, not both. SOrry for the fire alarm, and Thank you for the fast responses. They helped me to go back and take a look at my process and discover what I was doing wrong.