Monday, May 25, 2009

[Old]Gattahack 2.1 DotA Maphack for 1.21b (-ah bypass for 6.50b)

Please check this thread for UPDATES as I will update Gattahack with new features and -ah patches for new versions of DotA.

Gattahack 2.1 Changes
- Added maphack options
- Added HP bar view
- Patched the -ah hack for DotA 6.50b

Ok, first of all, let me start off by saying that this was not originally meant to be a maphack - A few weeks ago, I got word that Icefrog (DotA modder) planned on implementing a built-in anti-maphack system for DotA 6.50. There are several custom map anti-maphack systems out there nowadays; some are more stable than others, but they are all almost identical in their overall methodology - all use corrupt models or effects that will crash users who are not supposed to "see" them (maphack users). More recently, an even more creative method that makes use of a blank minimap icon was developed, and it prevented maphack users from viewing non-visible heroes on the minimap.

"-ah" command (Anti-maphack system for DotA 6.50)
While I applaud these people's creativity, it is absolutely ridiculous that they would honestly think they could prevent any dedicated hacker from bypassing these gimmicky systems in a matter of minutes. These modders need to accept the fact that they are simple-minded scripter’s writing in an extremely simple scripting language (JASS): very few of them have any real-world experience in lower-level programming languages or assembly. Frankly, I consider Icefrog an idiot for wasting his time on this worthless anti-maphack system which supposedly prolonged the release of 6.50 by several weeks.

The anti-maphack system is very simple: The host of the game (blue) types "-ah" in between the 15-60 second mark. He is then given two options: -mode1 or -mode2. Mode1 only generates of the blank Minimap overlay so maphack users cannot see non-visible heroes on the minimap; it will not cause a crash. -Mode2 also generates the overlay, but it also adds a corrupt unit model that will cause wc3 to crash for maphack users who are able to see units they shouldn't.

Maphack
I had already written a program devised to bypass the existing anti-maphack systems before 6.50 was released, but I never bothered releasing because so few people actually bothered playing with the AHMS modded DotA versions. Now that the official 6.50 has the system built-in, I've decided to release it. Coincidentally, 6.50 was released the same day the 1.21b patch was released, and, as everyone has probably noticed, there aren't any maphacks out that work with the new patch. So I added a maphack which simply uses the Shadowfrench offsets that I updated for the new patch. I take NO CREDIT for the maphack functionality - its all Shadowfrenchs work. I just wanted to release something quick, stable and easy and most people will agree that the Shadowfrench maphack was the best and most stable maphack out there for DotA. There have also been several indications that Shadowfrench may never return to release an updated version of his maphack for the new patch.

How to use
Maphack: Click "Activate Hack" at any point when Warcraft is open.
-ah Hack: You must click "Kill -ah" or hit F4 each new DotA game once the game starts. It must be done BEFORE the host types -ah (you have 15 seconds). If it works, Gattahack will play the default windows "tada" sound and you will be immune from the anti-maphack system.

You may also just use the -ah Hack by itself for immunity and then use another hack of your choice.

How the -ah Hack works
The -ah hack works by null-terminating the model and texture file paths used by the anti-maphack system. Warcraft III custom maps are basically just file archives with dozens of files and descriptors. Every file has a path within the archive for the main script to reference when it needs to. By null-terminating a file path, the triggers will not be able to make use of the file. In DotA 6.50's case, the two files it uses are "AH\modelcrash.mdx" (corrupt model) and "war3mapimported\MiniMap-Blank.blp" (texture overlay)

I'd like to encourage more hackers to expand on this hack as I simply don't have the time to put a whole lot of time into it, and having to activate it each new game can be a little annoying. I've only spent total of 2-3 hours on it, and I know for a fact there are more efficient, practical ways to achieve the same result.

Detection
Gattahack is not detected by GGC, and is, of course immune to 6.50's -ah command. It is detected by Warden (ladder) and the popular anti-hack "DotA Client".
Unfortunately, I have spent quite a bit of time trying to figure out how to bypass DotA Client to no avail - it is particularly frustrating because it does not immediately tell you when you are banned and it bans by CD-key. It is also near impossible to decrypt information sent to its central servers, or the program itself. Fortunately, DotA Client is only used in league environments.

Feel free to scan with Virustotal

There are two different attachments: gattahack 2 (gattahack.zip) and gattahack 2.1 (gattahack21.zip). You may use the older gattahack 2 if you are still playing with DotA 6.50. Use gattahack 2.1 for 6.50b.

No comments:

Post a Comment

Popular Posts