Monthly Archives: January 2012

Shiptroduction-The Bestscorp


I logged in to Eve Online today to find this strange concoctions in my client.

A Bestscorp seen from the top

Finally something I can use to transport my valuable cargo.  Not only does it have tons of cargo space but also can sport 6 ECM mods to keep those pesky tacklers at bay!  And at 300 m/s, its got to be one of the speediest industrials around.

A Bestcorp seen from the side

Staying Safe With Civian’s RedGuard

The other day after I was finally able to look at Crucible and the state of Eryan, I quickly found myself fingerprint banned by the folks at CCP.  Apparently Eryan had a dormant memory corruption issue that, for one reason or another as is usually the case with this things, got triggered by the new patch.  I had just installed this new vm too and had just finished setting all the shiny development tools as well.  So after spending some 5 hours on setup, giving up and re-installing everything again was not going to be an option.

Enter Civian’s RedGuard, a nifty little utility that allows you to masquerade your Eve fingerprint so that you may safely blend among the citizens of New Eden.

The Four Canons of Relatively Safe Bot Design

So you’ve decided to write a bot for your favorite MMO.  You figured out what technologies you will be using and how you will interface with the game and all that’s left is to get to hacking.  So you grab yourself a couple of bottles of your favorite beer and go at it!

Not so fast big boy.  Do you have a game-plan?  Without a game plan you’ll likely spend a lot of time and effort to develop something that will get detected and banned, leaving you to pick up the pieces.  Don’t worry, it doesn’t take much to pick up a strategy to minimize your risks.  In this post I will share with you what I’d like to call the Four Canons of Relatively Safe Bot Design(tm).

Playing Hide and Seek, New Eden Style

[Note] This article first appeared on evenews24 on early November 2011.  It has then been removed from that site. [/Note]

Playing Hide and Seek, New Eden Style

Almost two decades ago Phrack Magazine published an article titled “Playing Hide And Seek, Unix Style.” The purpose of the article being not to encourage hacking into systems, but rather to share information and enlighten the masses. Just as it was incumbent upon Phrack to enlighten those who might run afoul of the system, it is incumbent upon me as a responsible member of New Eden to inform those of you who might have run afoul of the Eve power structure on how to stay reasonably safe.

Yahoo Answers – Best Answers

Sometimes you come across a yahoo answer that is so incredibly epic that it deserves its own blog post…this is one of those times:

Compiler Protection


Clearly Mr. Neil knows exactly what he is talking about.



Eve Online Bot – A Botting Primer

[Note] This article regarding the topic of an eve online bot first appeared on evenews24 in late October, 2011.  It has since been removed from there. [/Note]

eve online bot

0. Preamble

Eve botting has been all the rage lately on evenews24. From articles about anti-botting crusades, to articles showing you “the human face” of botting, you’ve seen it all by now.

Or have you?

Ever wondered what an eve online bot is at the technical level? Ever wonder why people would code an eve online bot, how they bot, or why they bot? And most importantly, ever wonder why people code bots? I’m about to lay it all out for you in this series.

Botting, The Legality Of MMO Automation [Blizzard-Glider]

Typical sunday afternoon in an mmo
Typical Sunday afternoon in any MMO

If you’ve been around MMORPGs long enough you have run into them, they make every game seem like zombieland and there’s nothing anyone can do to stop them. I’m talking about “bots” or programs whose sole function is to automate gameplay so that players can advance without having to sit by the computer for hours on end doing menial, repetitive tasks. Bots come in all shapes and sizes, you have the color-matching, clicking macros, you have the man-in-the-middle type bots, you have the injected ones that run directly inside the game client’s address-space and many variations of these. If you’ve been in any boting community you probably have run into discussions of the legality of using and making these bots and you’ve probably heard that certain types of bots will not set you up for liability. I’m here to tell you that regardless of how the bot is implemented you could be liable to the game company as the developer and almost certainly will be liable to them as the user of these programs.

Eve Online Python Bot Development And The Python Embedding API

Eve Online Python Bot Prologue

For a programmer beginning a project usually the first thing is figuring out how he is going to go about doing what needs to be done.  What technology is out there, what approaches can I take to get this or that needed functionality implemented, is this even possible?  These questions are pretty common and their importance can’t be overlooked-many projects die before they even begin at this stage. Here I’ll teach you everything you need to know to code an eve online python bot.

When designing an injected bot for Eve Online, the hardest issue to tackle is how to get the information you need into and out of the client.  Enter the injected DLL and the Python Embedding API.  If you ever wondered whats inside those DLLs, you’re about to find out.eve online python

Capeze.exe – That Was Easy

Scouring the Internet for reverse engineering tutorials for beginners that are both high quality, and use available targets can be a daunting task.  Its for this reason that when I found a tutorial that used CaptureEze97 I jumped at the opportunity to learn some new tricks in my reverse engineering journey.

For whatever reason, after spending a good thirty minutes to locate the target capeze.exe, I lost the tutorial’s link and found myself with a target and no guidance.  As I wasn’t about to let 30 minutes of my life go to waste, I opened up CaptureEze and attempted to register it.  Unfortunately for me, the makers of the software don’t have the best sense of humor and my request was denied. LOLCODE

Who doesn’t appreciate a good LOLCODE?  I asked myself, as it became clear that it was time to bring out the big guns.  I opened up SoftIce and set a breakpoint on GetWindowTextA, because I expected that api call was going to be called right before my information was going to be compared to the valid registration code.

After stepping back and forth between softice and the caller a few times, I finally reached the entrance to the promised land My input

If you remember from not too long ago, “world” is what I inputed for my company name, and it(or the address to it, I’m not quite sure on that yet) is being pushed in the stack at 00573FAD.  Only a few instructions further down, we find our LOLCODE LOLCODE in Memory

LEA(Load Effective Address) is an instruction that loads the address given on the right into the register given on the left.  In this case it seems the address to LOLCODE is being put into EAX, perhaps in preparation for the comparison to the valid registration code.  Just one instruction down we can see that our suspicions are correct, as we find that a long string of digits is being placed into ECX .

Continuing execution leads us to the expected place, and we can see the string telling us that we have entered an incorrect key loaded in memory. Capeze Incorrect Code

It all seemed to be going well, but you just never know until you test it, so I inputed the key I found before and the expected “thank you” screen poped upThank you for purchasing

All in all it seems reverse engineering unprotected binaries isn’t all that hard.  I will be focusing now on more complicated protection schemes as I attempt to expand my skills and level up.

Thats it for now!

Eryan User Scripting-Understanding The Scriptable Interface


The Eryan2 scripting interface was designed to be very straightforward and easy to use.  The goal was to allow people with minimal programming experience to be able to put together scripts and interact with the Eve Online environment.

In order to create scripts for E2, you must understand the Scriptable interface, located in the Eryan.Script namespace.  Scriptable has only three methods for the script writer to worry about.  They are Boolean onStart(), Boolean onFinish() and int run().  onStart() is called only once in the life-cycle of an E2 script.  It is here that you perform any GUI initialization or anything else you only need to do once.  onFinish() is also only called once and it is a place to do cleanup if any is needed.

The run method is where the magic happens, E2 calls this method once every x interval of time in milliseconds.  Here is where your script’s logic goes.  Coincidentally the integer value returned by run is the value that E2 is going to delay calling run again for that script.

Available Objects

There are quite a few objects available to the script writer in order to interact with the Eve Online client through E2.  The full list can be found in this forum post, but if you need to do something in E2 you can probably find the method to do it inside of MyShip or EMenuHandler.  As the name suggests MyShip handles your ship inside Eve Online.  By calling its methods you can have your ship stop, warp, speed up, target, and take many other actions.  EMenuHandler handles the menu actions, with it you can jump through gates, dock, bookmark, etc.  Every input/output handler exported to the script will have an “E” at the beginning of its name so keep that in mind. Finally, the other handler that you might need to use is EOverViewHandler.  As the name suggests it allows you to interact with the ship’s overview and access the valuable information it possesses 😉

Thats it for now, happy scripting!