Последние сообщения

#11

Общение / Re: нашли причину как леста вы...

Последний ответ от oukabasigi - 18.11.2025 02:59:18

old Lesta detect in WoWs game client loaded and executed from server command (in the middle of battle or in port). and this detect search warpack code signatures (not changable signatures). now this detect not worked but game developers may be modified this detect

So, does "old Lesta" refer to many years ago or the recent past? If their detection method has recently become ineffective, does this mean Warpack will not be banned for a period of time?

#12

Поддержка / Re: Cпроси-Ответь!

Последний ответ от Shaitan - 17.11.2025 23:52:47

ах да. я забыл про это. это не баг. просто уже давно (больше года назад по моему) платежная система ввели минимальную стоимость оплаты равную 300р за любую покупку. поэтому для тех кто хочет пользоваться 7-ми дневными ключами мы сделали возможность за эту минимальную сумму (которую диктует платежная система) - покупать 3 ключа (как будто вы 3 раза купили ключ по 7 дней). в итоге вы можете пользоваться вторым и третьим ключом когда захотите

Понял, просто с моими командировками по работе (и опасностью бана) достаточно редко играю

#13

Общение / Re: нашли причину как леста вы...

Последний ответ от smokescreen - 17.11.2025 23:51:55

old Lesta detect in WoWs game client loaded and executed from server command (in the middle of battle or in port). and this detect search warpack code signatures (not changable signatures). now this detect not worked but game developers may be modified this detect

#14

Поддержка / Re: Cпроси-Ответь!

Последний ответ от smokescreen - 17.11.2025 23:46:07

ах да. я забыл про это. это не баг. просто уже давно (больше года назад по моему) платежная система ввели минимальную стоимость оплаты равную 300р за любую покупку. поэтому для тех кто хочет пользоваться 7-ми дневными ключами мы сделали возможность за эту минимальную сумму (которую диктует платежная система) - покупать 3 ключа (как будто вы 3 раза купили ключ по 7 дней). в итоге вы можете пользоваться вторым и третьим ключом когда захотите

#15

Поддержка / Re: Cпроси-Ответь!

Последний ответ от artyro - 17.11.2025 20:41:37

Сегодня варпак не прогружает клиент, доходит до половины прогрузки и клиент вылетает. В чем может быть проблема, буквально вчера все работало и ничего не менял?

#16

Поддержка / Re: Cпроси-Ответь!

Последний ответ от Shaitan - 17.11.2025 15:46:32

покажите скриншот. видимо баг

[Autofire does not press the mouse button for you. It bypasses the normal input layer and triggers the firing function directly inside the game code.To achieve this, the module hooks (injects into / replaces pointers of) the internal function that handles firing. Same at the autoaim. The risk might be lower if you only use the predicted point and try to hit it like a human would, firing your own weapon.]

#17

Общение / Re: Диалог про бан (в кораблях...

Последний ответ от time2die - 17.11.2025 14:12:39

Even the simplest mod for displaying player statistics above a ship requires a call to the game server, but even when playing with Warpack, the game sees your client dialing a third-party server. The only thing left to do is look at the addresses of the servers that are connected to your client.

No, bro – from what I can see, it seems to work the other way around.

I'm not a developer, just a user analyzing my logs, so I can only describe what I actually observed.

Based on the logs I checked, the WoWS client itself does not appear to connect to any WarPack server. The WarPack connection seems to be handled by the loader as a completely separate process, outside the WoWS network stack.

There's no download into the mod folder; the loader retrieves the modules, packages them and injects them before the game even starts. That's why no WarPack URL shows up anywhere – the download happens before injection and outside the client.

In all logs I reviewed, WorldOfWarships64.exe only communicates with the official WG/Lesta endpoints. I didn't see any additional outbound connections or foreign servers in crash logs or telemetry.

Of course, I can't see what WG does on deeper internal layers; I can only speak about what the logs show on the user side.

But from everything visible to me as a player, detection seems to rely on memory changes, injected code, and CAT monitor failures, not on simple network traffic.

or may be - second account not chosen by ban randomizer

I'm not criticizing the system. I'm only sharing what the logs show on a technical level. Nothing more, nothing less.
All logs I'm referring to here including python.log, preferences, crash dumps and monitor reports — do not prove WarPack usage in any way.
These files contain generic diagnostic information that appears on completely clean installations as well.
Crashes, warnings, and Python errors happen on unmodded clients every day, and the log format is identical whether you use mods or not.

I want to share exact technical findings directly from my client logs (python.log, monitor_*.log, crash dumps).
The account these logs came from will be banned sooner or later, so this is posted purely for transparency.

This is not theory, this is what the game client actually recorded and uploaded.

The Anti-Tamper System ("CAT Monitor") is active and reporting

In the monitor logs you see entries like:

Код Выделить Развернуть

Monitor started
Config updated from the server
Statistic event="client_connected" sent
Statistic event="monitor_online" sent

This confirms:

Anti-Tamper is running
It connects to WG/Lesta servers
It reports status immediately
Server endpoint:

Код Выделить Развернуть

http://cat.wargaming.net

The logs contain:

Код Выделить Развернуть

Incoming event: Crash has occurred
Event subtype: unhandled_exception
callstack hash: 9531df639286b8679c3c0034bf1b960aff3b2bbf

Meaning:
The exception is fingerprinted
The call stack hash uniquely identifies the code path
This can be compared across thousands of clients
Injection-related crashes stand out immediately

The Artifact Collector gathers a full forensic package

The monitor log explicitly lists:

Код Выделить Развернуть

requested artifacts = ["cef logs", "crash_info", "dump", "python_log", "monitors_logs"]

This includes:
python.log (contains CAT monitor failures and initialization errors)
Crash dumps (.dmp)
Monitor internal logs
DXDiag hardware profile
Preferences and user settings

Everything is attached to your account ID. Nothing is anonymized.

The report was uploaded and accepted by the server

The log shows:

Код Выделить Развернуть

Procedure: upload report(...) status="uploaded"
archive path="...\6560_25-11-07-15_19_33_240.zip"
Report ... successfully registered.

This proves:
The ZIP was created
It was transferred to the WG/Lesta server
The server confirmed successful reception
The server explicitly requested the artifacts

This does not mean a ban is immediate, only that the diagnostics are stored for the next review wave.

Код Выделить Развернуть

1 files (label="python_log") were copied
1 files (label="monitors_logs") were copied
Anti-Tamper repeatedly failed

From python.log:

Код Выделить Развернуть

ERROR: [CAT monitor] Unable to run an out of process handling.
ERROR: [CAT] Monitor process initialization failed!

Common reasons:
Foreign DLL injected before CAT
Hooked functions
Modified memory regions
Corrupted EXE integrity
Blocked monitor initialization
The client constantly sends telemetry

The logs show connections to:

Код Выделить Развернуть

https://phobos-api.worldofwarships.eu
https://ares.worldofwarships.eu
https://stats.worldofwarships.eu
https://ws.worldofwarships.eu/ws

These endpoints handle:

Client errors
Telemetry
Anti-cheat events
Crash metadata
Hardware identifiers

Even without a crash, data is constantly transmitted.

After fully reinstalling the client, deleting all logs and running the game without Wp, the results are very clear

Код Выделить Развернуть

• python.log contains no CAT monitor errors
• no crash is generated
• no "unhandled_exception" event appears
• no report package is created
• no archive (ZIP) is generated
• nothing is uploaded to cat.wargaming.net
• monitor logs only show "client_connected" and "monitor_online"

A clean client session produces no crash dumps, no exception reports and no uploads of any kind.

When running the game normally, the Anti-Tamper monitor works as intended and stays silent.
Only the basic status events ("monitor_online") are sent, which is standard for every player.

A note on log file protection. Setting python.log (or any other WoWS log file) to read-only instantly caused a crash on startup in my case. The client still tries to write to the file, fails, and the monitor detects the access-denied state, logs it, and reports it immediately. A write-protection blocks writing, but it does not prevent the file from being read or copied into crash-reports.

Autofire does not press the mouse button for you. 
It bypasses the normal input layer and triggers the firing function directly inside the game code.
To achieve this, the module hooks (injects into / replaces pointers of) the internal function that handles firing. Same at the autoaim. The risk might be lower if you only use the predicted point and try to hit it like a human would, firing your own weapon.

I hope these observations help with analysis and development.
My subscription expired, so I can't provide further comparisons for now.

#18

Общение / Re: нашли причину как леста вы...

Последний ответ от oukabasigi - 17.11.2025 09:28:40

да. уверены.

Hello, admin. Perhaps Lesta detected Warpack due to features like automatic firing. Is it possible to develop a simplified version that only includes enemy shell landing points, your own aiming pre-indicator, and extended enemy torpedo lines? Similar to what I've heard about a past tool called HAGS, which couldn't be captured in windowed mode and was said to be very safe.

#19

Поддержка / Re: Cпроси-Ответь!

Последний ответ от smokescreen - 17.11.2025 08:46:23

покажите скриншот. видимо баг

#20

Поддержка / Re: Cпроси-Ответь!

Последний ответ от Shaitan - 17.11.2025 01:33:30

А как купить ОДИН ключ для RU сервера WoWS на 7 дней ?? Там есть почему-то только вариант "ТРИ ключа на 7 дней" за 300 рублей. А зачем мне 3, коли нужен только ОДИН ??