antiblock
diamwall
  • Chatbox

    Did you check out our Discord? https://discord.gg/FFdvMjk9xA
    You don't have permission to chat.
    Load More
Sign in to follow this  
Prometeus1988

Shiva.international | Finest Oldschool | Official Start 16.09.2022

36 posts in this topic

Posted (edited)

Olá jogadores de Metin2! Já faz um tempo desde que postei pela última vez aqui.

Mas não se preocupem, Shiva continua prosperando e muito está planejado para os próximos meses - muitas mudanças emocionantes estão no horizonte. A tão esperada atualização de conteúdo também está quase concluída.

Por que você deveria começar a jogar em Shiva agora?

- Uma equipe ativa há mais de um ano.
- Eventos regulares que proporcionam entretenimento contínuo.
- Um sistema de jogo justo, sem Pay2Win.
- Uma grande e vibrante comunidade de jogadores.
- Investimentos contínuos em publicidade e marketing para melhorar a experiência de jogo.
- Um ambiente de jogo livre de bots.

Comece sua aventura em Shiva e torne-se parte de nossa comunidade: [Registro Shiva] 

https://shiva.international/r/Registration

 

Quer ter uma primeira impressão de Shiva? Aqui está um vídeo de PvP de Shiva, dando uma amostra da ação: [Vídeo PvP Shiva] 

 

 

Edited by Prometeus1988 (see edit history)

Share this post


Link to post
Share on other sites
antiblock
https://arwen2.global/

Boas pessoal, o server chamou-me à atenção mas estou com algumas preocupações relativamente à segurança dos jogadores e como não percebo nada disto, decidi vir questionar aqui a ver se alguém me esclarece:

 

Inicialmente após sacar corri o Malwarebytes que acusou um trojan ( Trojan.MalPack, C:\GAMES\SHIVA_CLIENT_29.03.24\CSHIELD.DLL)

Após isto fui ao VirusTotal e está aqui o report ( https://www.virustotal.com/gui/file/a9569d1bbc4dcd7ceb60d8399ff24efb7f1fe0b887778a880cb24c36d6d955ee/detection )

Como acusou tanto num lado como noutro fui ao discord do sv questionar e o que me responderam foi o seguinte:

Quote

 


So, from what I observe, those critical flags are due to the fact that the library accesses an API. The library runs in the background and can:

  • Write files (example: the .vbs file for Windows that displays the information box)
  • Read files
  • Read the registry
  • Write to the registry
  • Read the keyboard
  • Etc.

All this information, because certain data are sent remotely, such as that keylogger, represents a security risk on the internet. The thing is, if you don't know what it sends, then it's a problem. But this library is used for cheat detection. The library is not validated because it is not accredited by someone like Microsoft. Again, detection methods along with the lack of validation raise red flags for some antiviruses. Let me explain a detection process:

  • Someone login on server, it moves but doesn't press any key; this is a cheat.

This would be the most common example for that keylogger. Also, reading the registry can help detect if game registry data has changed or if another dll instance is executed through the game (dll injector). Another flagging of the library as a virus is due to the "drop files" method, meaning the library accesses another library for file writing, e.g., exec >> "C:\Windows\System32\rundll32.exe" "C:\Users\<USER>\AppData\Local\Temp\<FILE-NAME>" which writes and executes wscript.exe "C:\Users\<USER>\AppData\Local\Temp\CShield.vbs". This is another method that, in principle, wouldn't be okay if it happened and we didn't know what it does. At the end of the analysis, we can conclude that it is safe. It is safe because it does not send personal data or other sensitive data that could be harmful to the user. The library accesses the API and sends data for analysis with the purpose of detecting cheats. The methods are not too orthodox, but they greatly help developers in the absence of accreditations.

 



Ou seja, do pouco que eu percebo, de momento o keylogger do servidor não serve nenhum propósito nefário, mas isso pode mudar com uma simples atualização do patcher certo?

Desde já muito obrigado pela atenção,

TheAlmeida

Share this post


Link to post
Share on other sites
On 4/1/2024 at 7:12 PM, thealmeida said:

Boas pessoal, o server chamou-me à atenção mas estou com algumas preocupações relativamente à segurança dos jogadores e como não percebo nada disto, decidi vir questionar aqui a ver se alguém me esclarece:

 

Inicialmente após sacar corri o Malwarebytes que acusou um trojan ( Trojan.MalPack, C:\GAMES\SHIVA_CLIENT_29.03.24\CSHIELD.DLL)

Após isto fui ao VirusTotal e está aqui o report ( https://www.virustotal.com/gui/file/a9569d1bbc4dcd7ceb60d8399ff24efb7f1fe0b887778a880cb24c36d6d955ee/detection )

Como acusou tanto num lado como noutro fui ao discord do sv questionar e o que me responderam foi o seguinte:



Ou seja, do pouco que eu percebo, de momento o keylogger do servidor não serve nenhum propósito nefário, mas isso pode mudar com uma simples atualização do patcher certo?

Desde já muito obrigado pela atenção,

TheAlmeida

Hi.

1. Our DLL and shiva.Exe were manually checked by Windows Defender Team and rated as safe.

 

2. With major Cshield updates, we may have to request a new check from Windows Defender. Which usually takes 1-2 days. During this time, Windows Defender detects it as a keylogger or other viruses. Large anti cheat systems log significantly more and intervene much deeper in the system, but because they have an official certificate they will be recognized as clean by all anti-viruses.

 

3. We are not an official company and therefore we cannot apply for a certificate which would ensure that every antivirus would whitelist us.

 

4. Every official anti cheat system uses things that are even worse than keyloggers. But the certificate shows them in all antivirus system clean.

 

5. What should we use a keylogger? Hack accounts? Guys, we have a whole database where your accounts are stored. The accounts are stored completely encrypted but we could change this option. Accordingly, keylogger is total nonsense.

 

6. We have been online for over a year. We have over 5k active players and there have never been any complaints about account hacking or anything like that.

 

7. Apart from that, our goal is to be a long-term server so we can't afford such strange fun.

 

Accordingly, don’t worry, it’s not a keylogger. Even if few antivirus recognize it as a keylogger. Yes, we log things like client crashes, client manipulation, debuggers, and even if cheats are started, that is also logged.

Otherwise no personal information will be logged.

Edited by Prometeus1988 (see edit history)

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this