Q3 Model hax

get your superiourity here ! be an offline or online GOD of the game. infinite ammo, unlimited nitro, turbo boost, god mode, you name it !
Post Reply
baalpeteor
Newbie..
Newbie..
Posts: 5
Joined: Sat Aug 09, 2008 8:42 pm

Q3 Model hax

Post by baalpeteor »

maybe someone can shed some light as i've never seen this before.. it works on 1.11 / 1.16n:

this guy named whoflungpoo and also goes by shitbagshackleford (quake 1.16) is the hacker. It's freeze (red and blue team) and he comes in with a default color sarge. He isn't red or blue but on my team. When he does he like dies twice.. his body is frozen (as its freeze) and then he's in front of his body running or doing something or moving in circles like he is out his body and you can run through him.. then he does this thing where he crashes the server by changing his model... oh also he changes his model at will .. like he changed to a blue crash by pressing a button.. here's what the code looked like after he crashed it (well most of it i have a snapshot of the whole thing if someone wants it):com_sprintf: overflow of 88 in 64
Failed to load model file

models/players/''''''''''''''''''''''''''''''''''''''

'''''''''' (48 of em)
Sound name exceeds MAX_QPATH
Sound name exceeds MAX_QPATHSound name exceeds

MAX_QPATHSound name exceeds MAX_QPATHSound name

exceeds MAX_QPATHSound name exceeds MAX_QPATHSound

name exceeds MAX_QPATHSound name exceeds

MAX_QPATHSound name exceeds MAX_QPATHSound name

exceeds MAX_QPATHSound name exceeds MAX_QPATHSound

name exceeds MAX_QPATHSound name exceeds

MAX_QPATHCom_sprintf: overflow of 87 in 64
failed to load model file
models/players/sarge@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@

@@@@@@@@ (approx 41?)
Failed to load skin file: sarge :
*****************
ERROR: DEFAULT_MODEL / skin (sarge/) failed to

register
*****************
User avatar
Sethioz
Admin
Admin
Posts: 4762
Joined: Fri Jul 27, 2007 5:11 pm
Custom: Gaming YT > https://youtube.com/SethiozEntertainment
Game Hacking YT > https://youtube.com/sethioz
Game Hacks Store > https://sethioz.com/shopz
Location: unknown
Contact:

Re: Q3 Model hax

Post by Sethioz »

MOVED to - Games - hacks
reason - its not computer hacking, its game hacking.

ah yes the model topic from Luigi's forum that turned into q3 hacking hehe.
well as i pretty much suggested you in pm and kind a refered on it in there too.
prolly he is using some memory editor to change models.
here's what i would like to know first.

does he change the model on the fly (like he is one model and without dieing he just changes into other) or he dies and then have other model ?!
in avp2 we found the model address, address that controls which model server should give you.
here's the avp2 hacking topic, maybe it will help you understand how those things work:
-Click here-
look at hack 21 there. this is the way we changed models in avp2. some models had no heads or hands. some models had no animation at all, like floating only..etc.
the reason q3 crashes is prolly because he is not suppouse to have this model and server cant handle it.
in avp2 similiar things occured when you changed your ammy type. headbite ammo couldnt be used in other weapons so it crashes server when you tried to change it.
damn maybe i should get Q3..so many ppl play it. do i need cd-key to join servers ? cant member anymore (i mean valid).
if you want to be 100% sure if its this method i suggested. get ArtMoney and use search type ALL. then filter for values that only change with model.

if you smart enought it should take under 30 mins.
1. unknown
2. dont change anything - not changed
3. chagne model several times, die, run around, shoot..etc, then chagne back to what you was - not changed
4. only change model - has changed
something like that. to eliminate as many wrong values as possible.
also one way is to play for like 5 mins by changing models and teams, but finally still go back wht you was on last search and then search for not changed. this should take out A LOT of wrong values and after that dont move at all and only change model and search for changed. so far its the best way to find unknown things.
ArtMoney on ALL should find all values that chagne with model. i think theres around 200. then simply keep an eye on them (run game in window). change model and look how values change. try freezing them and then change model.
for example freeze first 50 values and then try to change model and see wht happens. last filtering on case of unknown have to be done manually (usually, if its more than one value).
when and IF i get q3, ill make sure i update this topic.

also if you havent used memory editor to hack games before. you should know that 90% of values that actually do something like .. change ammo, model, ..etc are in very close range in memory. this helps you to find other hacks and bugs.
baalpeteor
Newbie..
Newbie..
Posts: 5
Joined: Sat Aug 09, 2008 8:42 pm

Re: Q3 Model hax

Post by baalpeteor »

well here's a picture:
Image


as you can see he actually changes models not memory edits it. So the files in the model are whats doing it.. but thing is on these servers downloading is disabled... so its not like he is using a model thats just plain default sarge... either all the files are hacked or the only other thing I can think of is he took sarge default and renamed it red, blue, and default. I'm about to try but I think its more than that due to the errors it produces (I only got those errors when I made names like sarge@@@@@@@@@@@@@@@@@@@@@@@@ as a model).


it may still be possible with a memory editor. I ran my own team deathmatch game (made it visible to the internet) and tried artmoney, and I did twice get my model to stay blue while on the red team... but on the kilelr freeze server its no good.
User avatar
Sethioz
Admin
Admin
Posts: 4762
Joined: Fri Jul 27, 2007 5:11 pm
Custom: Gaming YT > https://youtube.com/SethiozEntertainment
Game Hacking YT > https://youtube.com/sethioz
Game Hacks Store > https://sethioz.com/shopz
Location: unknown
Contact:

Re: Q3 Model hax

Post by Sethioz »

im still pretty sure that it has nothing to do with the actual model files. if you change model file then its only client side.
if you replace your model with something else then only you see it. and if u change it to something invalid then your game will crash and has no effect on server.

also other tought is packet editor. Luigi has one nice video in youtube about packet editing in LFS (live for speed). its quite nice how you can make lots of smoke coming out of wheels or turn wheels on opposing direction from where you going or driving in air or make car jump ..etc. old games are very vulnerable for such things.
here's something that happend when i tried to memory edit CSS. im pretty sure that everybody saw this.
i really think that its not possible to do something like this by changing game files. if you change your model name with memory editor then yeah. OR actually i didnt think of that...does q3 check for files when you join game ? you need to use memory editor because then server do not detect changes, but if you would change those things directly in files then server wont allow you to join or if it allows downloads it would replace that file. or something like that.

so what im saying is .. if q3 does not check for game files with server then you can pretty much change anything you want and still join server. for example change run speed to twice as fast and you can join server and run faster. if thats the case, then prolly its possible to change something, but still not models. because models are client side (ALWAYS). for example if you get yourself wallhacked models ..then only you can see them, not others (not sure if there are such things in q3).
Attachments
de_dust0003.jpg
de_dust0003.jpg (146.64 KiB) Viewed 5216 times
baalpeteor
Newbie..
Newbie..
Posts: 5
Joined: Sat Aug 09, 2008 8:42 pm

Re: Q3 Model hax

Post by baalpeteor »

what's a good packet editor for this? Commview?
User avatar
Sethioz
Admin
Admin
Posts: 4762
Joined: Fri Jul 27, 2007 5:11 pm
Custom: Gaming YT > https://youtube.com/SethiozEntertainment
Game Hacking YT > https://youtube.com/sethioz
Game Hacks Store > https://sethioz.com/shopz
Location: unknown
Contact:

Re: Q3 Model hax

Post by Sethioz »

commview and wpe pro.
wpe pro is not good, but it locks to application so it uses application to send data not your network adapter directly. so good side is that stuff like checksums, client source port..etc will be automatic.
works great on msn for example, but commview doesnt work on msn because you need to manually edit packet to be able to actually send it.
commview can also capture process, but it does not lock to application, it can simply caputre data by .exe name you enter.
so try both.
Post Reply