Page 5 of 6

Re: [HEX STRINGS] < GameGuard / Multi Client > < New Chaos >

Posted: 29 Jan 2011, 15:35
by microvirus
midnytblu wrote:
gmslave wrote:good afternoon guys! is there any updated hex strings for new chaos (renewal) to disable GG?
many thanks..

i tried to hex my rag.exe (fresh installed pRO) and search E8 2E 35 E3 FF but no strings found..

thanks.

Code: Select all

search: E8 2E 09 E3 FF
replace: 90 90 90 90 90
As I have said E8 2E 35 E3 FF is for only the Original New Chaos ragexe (not the one you've edited/renamed from sakray client)


Well seems like your using the sakray client :D
So the hex string there is the one midnytblu had posted

Re: [HEX STRINGS] < GameGuard / Multi Client > < New Chaos >

Posted: 04 Feb 2011, 19:39
by RojBesH
Hey guys I just figured out a new way to multi client in Valkyrie

To start with - download this files

hex editor:http://www.handshake.de/user/chmaas/del ... /xvi32.zip

Sakexe.exe from belladona:http://www.4shared.com/get/GuRsEN4W/Sakexe.html

Backup your valexe.exe in your Ragnarok folder.
Tip: Just zip it with winzip or winrar

Rename the Sakexe.exe you downloaded to valexe.exe then copy it to your ragnarok folder.

Extract your hex editor you downloaded then open the xvi32.exe

Click File then Open the Valexe.exe

Press Ctrl+R then put this to the hex strings

Search: E8 E4 19 E3 FF

replace: 90 90 90 90 90

click replace all.

close then save. Thats for the gameguard.

Open again your xvi32.exe file>open valexe.exe

Ctrl+ R then put this to the hex strings


Search: 85 C0 74 0E 5F 5E B8 01 00 00 00
Replace: 85 C0 EB 0E 5F 5E B8 01 00 00 00

click replace all

close then save then open again xvi32.exe

file>open valexe.exe

Ctrl+ R then put this to the hex strings

Search: 85 C0 74 07 C6 05 A8 9A 86 00 01
Replace: 85 C0 EB 07 C6 05 A8 9A 86 00 01

The 2 last hex will make your ragnarok valkyrie to open multiple windows

Credits to Belladona + a little to valkylie and chenchut20 for the code on gameguard =))

Though i just experimented on it.. It really works )

try to change or rename the exe maybe it will work on new chaos.

Re: [HEX STRINGS] < GameGuard / Multi Client > < New Chaos >

Posted: 06 Feb 2011, 10:17
by heero
Updated 10/28/2011
Unpacked ragexe.exe http://www.mediafire.com/?wdt7uwcfmobqhxo
This is for people who don't know how to unpack ragexe.exe

figured I should post this since people have been having problems with multiple window hexing
Belladonna - credit for the original posts

OPENING MULTIPLE CLIENT WINDOWS
For the first string, search for USER32.FindWindowA until you find the block that looks something like this:

Code: Select all

* Reference To: user32.FindWindowA, Ord:0000h
                                  |
:00706E18 FF15B0F37400            Call dword ptr [0074F3B0]
:00706E1E 85C0                    test eax, eax
:00706E20 7407                    je 00706E29    <----------------- This is what we need to look for
:00706E22 C60530F0850001          mov byte ptr [0085F030], 01

* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:00706E20(C)
|
:00706E29 53                      push ebx
:00706E2A 33FF                    xor edi, edi
:00706E2C 6A77                    push 00000077
Search:
85 C0 74 07 C6 05 30 F0 85 00 01 53 33 FF 6A 77
Replace:
85 C0 EB 07 C6 05 30 F0 85 00 01 53 33 FF 6A 77

For the second string, search for KERNEL32.CreateMutexA
The values needed are actually under KERNEL32.WaitForSingleObject as seen below

Code: Select all

* Reference To: kernel32.CreateMutexA, Ord:0000h
                                  |
:007080E5 FF1534F17400            Call dword ptr [0074F134]
:007080EB 50                      push eax

* Reference To: kernel32.WaitForSingleObject, Ord:0000h
                                  |
:007080EC FF1528F27400            Call dword ptr [0074F228]
:007080F2 85C0                    test eax, eax
:007080F4 0F85CC010000            jne 007082C6    <----------------- This is what we need to look for
:007080FA 0FBE0542217B00          movsx eax, byte ptr [007B2142]
Search:
85 C0 0F 85 CC 01 00 00 0F BE 05 42 21 7B 00
Replace:
85 C0 90 90 90 90 90 90 0F BE 05 42 21 7B 00

The reason for using 90 90 90 90 90 90 is because the old code had je <address> this new code had jne <address> which means it will only need to jump if its not equal so we can just use NOP (90) to ignore the condition and let the code run.

For the third string, search for mss32._AIL_open_3D_provider@4 until you find the block that looks something like this:

Code: Select all

* Reference To: mss32._AIL_open_3D_provider@4, Ord:0000h
                                  |
:0041C80A FF1504F67400            Call dword ptr [0074F604]
:0041C810 85C0                    test eax, eax
:0041C812 7409                    je 0041C81D    <----------------- This is what we need to look for
:0041C814 5F                      pop edi
:0041C815 5E                      pop esi
:0041C816 32C0                    xor al, al
:0041C818 5B                      pop ebx
:0041C819 8BE5                    mov esp, ebp
:0041C81B 5D                      pop ebp
:0041C81C C3                      ret
Search:
85 C0 74 09 5F 5E 32 C0 5B 8B E5 5D C3
Replace:
85 C0 EB 09 5F 5E 32 C0 5B 8B E5 5D C3

That should enable you to run multiple ragnarok clients now.

To disable GameGuard do this
Search for KERNEL32.CreateMutexA then scroll down until you see the code similar to the one below. I have pointed out the code we need to look for.

Code: Select all

* Reference To: kernel32.CreateMutexA, Ord:0000h
                                  |
:007080E5 FF1534F17400            Call dword ptr [0074F134]
:007080EB 50                      push eax

* Reference To: kernel32.WaitForSingleObject, Ord:0000h
                                  |
:007080EC FF1528F27400            Call dword ptr [0074F228]
:007080F2 85C0                    test eax, eax
:007080F4 0F85CC010000            jne 007082C6
:007080FA 0FBE0542217B00          movsx eax, byte ptr [007B2142]
:00708101 0FBE0D41217B00          movsx ecx, byte ptr [007B2141]
:00708108 0FBE1540217B00          movsx edx, byte ptr [007B2140]
:0070810F 03C1                    add eax, ecx
:00708111 0FBE0D3F217B00          movsx ecx, byte ptr [007B213F]
:00708118 03C2                    add eax, edx
:0070811A 0FBE153E217B00          movsx edx, byte ptr [007B213E]
:00708121 03C1                    add eax, ecx
:00708123 0FBE0D3D217B00          movsx ecx, byte ptr [007B213D]
:0070812A 03C2                    add eax, edx
:0070812C 0FBE153C217B00          movsx edx, byte ptr [007B213C]
:00708133 03C1                    add eax, ecx
:00708135 03C2                    add eax, edx
:00708137 3DC9020000              cmp eax, 000002C9
:0070813C 0F8584010000            jne 007082C6
:00708142 B978AB8500              mov ecx, 0085AB78
:00708147 E824B9FBFF              call 006C3A70
:0070814C E8DF47E4FF              call 0054C930    <----------------- This is what we need to look for
:00708151 85C0                    test eax, eax
:00708153 0F846D010000            je 007082C6
Search:
E8 DF 47 E4 FF
Replace:
90 90 90 90 90

That should disable GameGuard for Valkyrie/New Chaos.

Re: [HEX STRINGS] < GameGuard / Multi Client > < New Chaos >

Posted: 11 Feb 2011, 06:28
by kaBOTi
thanks heero for the multi client code and guide.. I can confirm that multi client code is working for New Chaos.

btw, new gameguard update was added so for people interested (New Chaos) here's the new GG hex code :

Search: E8 2E 35 E3 FF
Replace: 90 90 90 90 90

Re: [HEX STRINGS] < GameGuard / Multi Client > < New Chaos >

Posted: 11 Feb 2011, 11:36
by kappozo
Hi, I managed to remove GameGuard, so that I can not login, so giving is disconnected from the server.
Somebody help me?
Sorry my english.

Re: [HEX STRINGS] < GameGuard / Multi Client > < New Chaos >

Posted: 16 Mar 2011, 08:52
by heero
http://forums.openkore.com/viewtopic.php?p=50709#p50709
I have updated my post with a link to the latest unpacked ragexe.exe

Re: [HEX STRINGS] < GameGuard / Multi Client > < New Chaos >

Posted: 16 Mar 2011, 13:31
by julyone
thanks for the update heero, your a real hero :D

Re: [HEX STRINGS] < GameGuard / Multi Client > < New Chaos >

Posted: 16 Mar 2011, 14:07
by minamino
Search:
85 C0 74 07 C6 05 A0 02 85 00 01 53 33 FF 6A 77
Replace:
85 C0 EB 07 C6 05 A0 02 85 00 01 53 33 FF 6A 77

I can't seem to find the string in red.

EDIT: Found it already XD sorry for the stupid post.

Re: [HEX STRINGS] < GameGuard / Multi Client > < New Chaos >

Posted: 16 Mar 2011, 14:09
by julyone
minamino wrote:Search:
85 C0 74 07 C6 05 A0 02 85 00 01 53 33 FF 6A 77
Replace:
85 C0 EB 07 C6 05 A0 02 85 00 01 53 33 FF 6A 77

I can't seem to find the string in red.
up direction...

Re: [HEX STRINGS] < GameGuard / Multi Client > < New Chaos >

Posted: 16 Mar 2011, 14:33
by julyone
what error is this?

Error Writing
valexe.exe
Error 32: File sharing violation






EDIT:
sorry I forgot to close my RO first... :mrgreen: