|
|
|||||||
 |
|
|
Thread Tools | Display Modes |
|
#111
10-20-2015, 05:00 PM
|
||||
|
Quote:
| |||
|
|
||||
|
#112
10-20-2015, 05:02 PM
|
||||
|
Quote:
I am concerned about process scanning. The P99 community at large is mostly concerned about process scanning. I wonder what made up fictional concerns and strawmen distraction you are going to create next? | |||
|
|
||||
|
#113
10-20-2015, 05:09 PM
|
||||||||
|
Quote:
Quote:
Quote:
Oh, wait, here we go: Quote:
Quote:
__________________
Dinobots
| |||||||
|
|
||||||||
|
#114
10-20-2015, 05:22 PM
|
||||
|
Quote:
In 2015, I think referring to it as a programming language is not precisely accurate. I guess machine code should be referred to as a programming language according to you guys as well. To each his own, I personally won't be hearing anyone in my life or myself refer to ASM as a "programming language." If you bring some guys in to work with ASM on a project, 9 times out of 10 they aren't doing the real programming of the project. They are there for a very narrow scope of work to help the actual programmer, but can it be said that the ASM temps are programming? I guess...I just happen to call it tech support. I won't give ASM any acknowledgement as a programming language. Its a language, and that's it. | |||
|
|
||||
|
#116
10-20-2015, 05:25 PM
|
||||
|
Quote:
__________________
Dinobots
| |||
|
|
||||
|
#117
10-20-2015, 05:28 PM
|
|||
|
i just wanted you all to know im filing a lawsuit for damages to my car and my gpu which was irrepairably damaged by this dll
also this stalking and constant phone calls have to stop. for the last time, i dont believe in credit card debt so please stop asking enjoy ur sue | ||
|
|
|||
|
#118
10-20-2015, 05:29 PM
|
||||
|
Quote:
Rather than run covertly, Blizzard has the executable "Warden.exe" run on your computer alongside Starcraft, Diablo, and WoW as well I believe (can't confirm WoW). Google warden.exe and get educated on the vast history of snooping and detection. AV has never detected warden.exe as malicious despite the fact it is exactly similar to what SOE was trying to do in 2001-2002. So not sure what this AV argument is about, looks like another derail. | |||
|
|
||||
|
#119
10-20-2015, 05:38 PM
|
|||||
|
Quote:
Quote:
See Oleg's answer for one method. Would there be a warning for that? Not sure, probably depends on the AV. | ||||
|
|
|||||
|
#120
10-20-2015, 05:40 PM
|
||||
|
Quote:
Blizzard wrote the entire program. When you install one of their games, you also grant it access privileges using the host's administrative account. This means that Blizzard was capable of programming the installation procedure to request the privileges needed to bypass the protection measures afforded by the process control block in order to scan the RAM. This also means that the antivirus did not detect the scanning because that was what the program was supposed to be doing, considering that the host administrator approved the installation of the program and by extension, the capability for Warden to access the information it could. Rogean and his crew, on the other hand, are not capable of doing this with the EverQuest Titanium client. They are only able to swap in a dll file. When the Everquest Titanium client installs, it is granted access privileges in order to run, which typically involve access to stuff like the current working directory and maybe a "my games" folder in the User's My Documents folder. If Rogean were to program some kind of malicious scanning capability into his code, it would require the eqgame process to obtain privileges outside of those granted to it at installation, which would require it to somehow access the administrative account. This is what would be detected by an antivirus program.
__________________
Dinobots
| |||
|
|
||||
|
|
|
Linear Mode
