Elecom shield

[lacunacoil]

I dissambled it but there's no text string about the shield or related words .. I don't know what to search for after dissaembling it..

[Motivus]

I dissambled it but there's no text string about the shield or related words .. I don't know what to search for after dissaembling it..

The version I looked at is probably really old. It is used on ZNRO which hasn't been updated in ages.

If you aren't familiar with revere engineering you are going to need to read a lot of tutorials/e-book type stuff, maybe write some programs of your own to reverse, and more until you'll really know what to do.

I am not sure how new versions work. The old version just did this:

Loader -> Runs serverexe.bin -> Injects elecom.dll
elecom.dll -> patches calls to send/recv/connect/another function I forgot

To figure out this stuff I'd

1) Figure out what the new loader does
2) Run the real ragnarok exe with a debugger, find send/recv/connect locations and bookmark their locations
3) Do what the loader does on the debugged ragnarok exe
4) Look at how it over writes the call and what information is being pushed / where they go / register values / etc
5) Use something like IDA to look at those locations, or just check them out in the debugger

Note that it doesn't have to replace calls to those. It could very well hook internal game functions, or place the hooks inside of dll-specific calls.

[lacunacoil]

when you say loader you mean the patch isnt it?
assuming Im right ,well the loader does the following:
In crtl+alt+del process list a file called nykod.dll appears then it disappears and directx10.dll shows up..
is this the same that happend with your elecon.dll?
Well I learned a little about dissaemblers in 2 tutorials I found in google...
ermm when you tell me to bookmark the send/recv/connect/ do you mean to Breakpoint them at olly?





Edit:
Ok I think I understand what you mean now..
I have found send / revc and connect and I wrote down their locations..
But I don't understand what you mean in step 3)

[Mushroom]

when you say loader you mean the patch isnt it?
assuming Im right ,well the loader does the following:
In crtl+alt+del process list a file called nykod.dll appears then it disappears and directx10.dll shows up..
is this the same that happend with your elecon.dll?
Well I learned a little about dissaemblers in 2 tutorials I found in google...
ermm when you tell me to bookmark the send/recv/connect/ do you mean to Breakpoint them at olly?





Edit:
Ok I think I understand what you mean now..
I have found send / revc and connect and I wrote down their locations..
But I don't understand what you mean in step 3)

I think you need to make the debugged ragnarok (not the original on) do the things that the loader do. If the loarder do X, make the debugged ragnarok do X too.

[marcspc]

i wish all you discover the way to baypass the elecom shield, GL

[misterx]

Lol... servers has been pwned xKores.............

PLEASE DEVOLPERS, GO GO GO GOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOO

[Uchiha007]

Hello guys, Im from openkore.com.br (brasilian kore) just a user.
a man did a elecom shield bypass, a way to conect openkore in a server with elecom, but unfortunatly he just did to this server and he is the owner of a new anti-bot that he made too and says its better than elecom shield, its called Game Fort.
BTW
the steps :

1) config.txt search for "pauseMapServer" change 0 to 11;

2) Server config :
(that he made the crack)

[RagnaBR - Odin]
ip 127.0.0.1
port 6904
master_version 22
version 178
private 1
serverType 8_4
charBlockSize 108

3) Go to ragnarok directory, copy nkyod.dll (one new copy) nkyod(2).dll
4) re-name nkyod(2).dll to open .exe and create a shortcut to your openkore directory
5) Crack Download:
http://w17.easy-share.com/1701796479.html

6) Extract in openkore directory (archives)
7) Open in Sequence:

a) ProxyRagnaBR.exe
b) RagnaBRSB.exe
c) Open the client by the shortcut "open" ( wait for the client open)
d) Open RagnaBRCrack.exe

8) Now you have to be fast, open openkore, wait for the yellow mensage talking about the "pausing" e max the client quickly

log in with any id and pass
select char
Until map server disconect from server

now just wait openkore conect ( If you did all this at time)

Note: you had 13 seconds to log in client...

9) close RagnaBRSB and Crack, just let the proxy open.


Just remember it was done in delpho and i used 3 extras : RxLib and ProjectBMS(Api Hook Component)

http://w17.easy-share.com/1701796625.html

Good Luck

@Edit

Version Used: OpenKore SVN 2.0.7

If you dont down by easy share, extra mirrors :

Elecom Crack - http://rapidshare.com/files/14999208...Crack.rar.html

Elecom Crack (Source) - http://rapidshare.com/files/14999266...hield.rar.html


@me
I just translated to english, sorry by the mistakes and i hope you can discover a way to pass elecom shield =)
This topic is in openkore.com.br
Thank You =)
Good luck you all

[Mushroom]

This crack will only work in RagnaBR, Odin server and it only connects to the server. It doesn't walk, attack, use skill etc etc...

[Uchiha007]

But from this crack, developers, could modify something or make something like that to work in all private servers, i posted this, because looks like no one is trying to pass it and i dont know nothing about c++/pearl....
my idea was someone get this, make an upgrade in crack to work in all servers or have some idea from this.

=)

[kali]

You do realize that when OpenKore releases a crack, the anti-bot camp will easily see how the crack works and thus update their software accordingly. In these cases, the open source camp is at the losing end.