RuneAgent 1.3 includes support for runetek 5
- Modified methodwrapper to allow overriding of methods – Due to the way Runetek5 works When I originally output the OutStream methods the log was quickly filled with hundreds of calls to different methods. I quickly realized that these write methods are shared with the cache writing and other Stream calls. The solution to this was to override the stream methods in the substream class and have the logging happen from there.
- RT5StreamObjectHook -responsible for hooking the outstream object and passing it to runeagent.
- DeFinalizerTransformer – Used to definalize final methods in the stream class so we can override them
as always you can grab it from github or download the distribution on my RuneAgent Downloads page.
With the release of RuneAgent 1.2 you should now be able to use RuneAgent on Runescape Classic Private servers. Also a few minors changes included in this version and the introduction of scripting for further modification of classtransformers. You can download it In our RuneAgent Downloads section or compile the source found on github
RuneAgent 1.1 focused on some cosmetic changes that have been requested.
- Added easy ability to rename quickadd methods
- added border around script panel for identification
- changed output of outstream log for easy copy and paste support
- added update check on load to check for any major updates I push to RuneAgent
or get the source on github
After weeks of going around various servers showing server administrators the holes in the code I’ve seen little to no improvement. So its time to weed out the strong from the weak! I am releasing a more user friendly tool that i use for server exploit exploration! The Rune Agent download page will contain presetup configs for various servers and the forums will contains scripts and tutorials!
Goodluck to the server owners feel free to message me if you need help fixing the various gamelogic holes!
Currently Runeageent only supports the Runetek4 clients (317) I will be updating it to allow usage on other various revision at a later date.
Today lets take a look at Hades 5, A pretty popular Runescape private server I found recently, They have many of the same exploits I’ve posted before but in this particular server performing some of them is a little more damaging. For example in the server according to the wiki Runite ore rocks can only be mined near a bank on the donor island players who do not donate have to go out into the wild to mine the rocks. As a business strategy this seems pretty legitimate if I was indeed someone playing the game for fun I may be inclined to purchase it just to have that edge over others. Even if it does make for terrible game play. However I am not one to play these servers legitimately so here is how I created my OWN donor advantage. Firstly I will explain that this exploits the servers handling of object clicking generally a server should check if the object is in the location of the click and that the player is standing next to it, but hades5 only checks if you are standing next to an object. So I picked a legitimate mining spot and told the server that instead of addy I was mining Runite and problem solved. I know some are going to ask why not just do this in the bank as I have on other servers and the reason being is that if I did it in the bank I would just get banned by some admin or mod as players are generally pretty good at reporting rulebreakers
After receiving some emails about wanting to see more rsps exploits I’ve decided I will make some posts here, As a reminder I will not be giving out my tool for these exploits but I will say its a java agent that uses bytecode to give me direct access to the outstream object. (basically a packet injector). I use this method over something like wireshark due to the fact that the frames are encrypted with the isaac cipher. This particular post is going to be for CodeMagic found at: http://www.code-magic.org/ but many can be used on other servers as well.
Mine Anywhere, Spawn mining rock
This is a pretty simple one, basically I am telling the server that I wish to mine some iron ore in a particular location, It does not have any checking if the rock really exists in that location so it allows me to do it, as an added bonus the rock stays available in the region and starts functioning for everyone in the region as soon as I mine it.
Sometimes you just don’t feel like walking to an anvil, that’s ok just tell the server you clicked on the smelt iron interface button found when using a furnace and the server just allows you to do it, Regardless of the location. To do this we will abuse Frame 185 as show in the screenshot below
and yes it works for other fun things like crafting:
So lately I’ve been on a kick of digging for exploits in servers And have decided it would be a good way to put some activity here on my blog. First let me make it clear that I will not be releasing any of the tools I have used to do these exploits so please do not email me about them. I will say that its a simply javaagent that hooks into the ByteStream class of the client via bytecode. If you desire to do the same thing you can find plenty of resources in the various cheating communities.
To begin I picked the username Packet208 because this is one of the easiest packet I have found on various servers to exploit.
Sadly in this particular server I could not actually perform the negative value 208 packet exploit However that didn’t stop me from finding others.
The above screenshot shows me mining in the bank, some would say that was done via reflection but in fact I just sent the packet data over.
This last image is the best exploit i’ve seen to date. The server reacted to me mining coal and created the empty rocks in the area that I mined, I was able to remove 3 squares of the bank before I was banned
I haven’t made a post in awhile but recently I purchased a few items off newegg.com and ran into the Newegg Iron egg guarantee. For those of you that know nothing about it, its basically newegg’s version of Walmart price match guarantee. The official rundown is that they have the lowest prices available and if they don’t they will credit you the difference. I’ve never bothered with price matches previously partly because I’ve always considered them as advertising ploys but I gave it a shot this time.
One of the items I purchased was a Seagate HDD Neweggs price on it seemed pretty fair however after checking http://pcpartpicker.com/ I found the same part at bestbuy for 57.99 plus free shipping and handling. So after filling out the Newegg iron egg form to claim the reimbursement I received a response several hours later. Newegg did honor the sales price, but they do not offer the shipping difference (I think this is kind of lame considering they ask what the shipping difference is in the form). Another downside is that they do not offer the refund directly to the order they just give you an e-giftcard which has to be used within 90 days. Overall I was satisfied with the results and will remember to take advantage of it again in the future.
I have been plauged for a few weeks now with server instability and decided to use a new hosting company for the website. Since I was buying a new host I figured I would also snag a more generic domain that would allow me to add other faucets if I desired. Which brings me to this post. If you have Faucets you would like to see please suggest the coin in the comments. Please advise I already know about bitcoin, litecoin,peercoin ect but they are simply not the easiest to mine so at this time I will not be offering faucets for these coins.