Tracing Hex Strings through Disassembly

Do you have a question or problem? Read this forum first! Someone has probably already asked the same thing in the past. Do not ASK questions here!

Moderators: Moderators, Documentation Writers

Message
Author
sli
Perl Monk
Perl Monk
Posts: 810
Joined: 04 Apr 2008, 17:26
Noob?: No

Re: Tracing Hex Strings through Disassembly

#21 Post by sli »

Newer clients don't JMP the same as older ones (well, it's contained in another location, anyway). This guide is way out of date. Hacking an RO client is getting more and more difficult, it seems. I removed two CALLs from mine and it caused crashes even though there was nothing important removed and the stack remained pristine (didn't remove the ADD esp, 8).
cs : ee : realist

Retu
Noob
Noob
Posts: 8
Joined: 10 Aug 2008, 13:04
Noob?: No

Re: Tracing Hex Strings through Disassembly

#22 Post by Retu »

Please add an "[Outdated]" in the title of the topic

krone
Noob
Noob
Posts: 6
Joined: 15 Aug 2008, 23:26
Noob?: Yes
Location: 15°19'40.61"N / 120°35'18.08"E

Re: Tracing Hex Strings through Disassembly

#23 Post by krone »

For pRO players looking for working hex codes, here's the link: http://darkmoon.ath.cx/viewtopic.php?f=7&t=380

cupid062985
Noob
Noob
Posts: 5
Joined: 17 Aug 2008, 07:00
Noob?: No

Re: Tracing Hex Strings through Disassembly

#24 Post by cupid062985 »

krone wrote:For pRO players looking for working hex codes, here's the link: http://darkmoon.ath.cx/viewtopic.php?f=7&t=380
i don't think it is updated as well since I can't find the hex codes mentioned and the updated links does not exist. If only somebody could give us the updated steps on how to do it. :geek:

krone
Noob
Noob
Posts: 6
Joined: 15 Aug 2008, 23:26
Noob?: Yes
Location: 15°19'40.61"N / 120°35'18.08"E

Re: Tracing Hex Strings through Disassembly

#25 Post by krone »

cupid062985 wrote:
krone wrote:For pRO players looking for working hex codes, here's the link: http://darkmoon.ath.cx/viewtopic.php?f=7&t=380
i don't think it is updated as well since I can't find the hex codes mentioned and the updated links does not exist. If only somebody could give us the updated steps on how to do it. :geek:
I just used them this friday and they are all working. They are as follows:

For commercial servers:
updated: June 26, 2008 posted by Belladonna

To disable gameguard:updated: July 2, 2008 posted by makki08
Search: E8 D1 A8 E9 FF
Replace: 90 90 90 90 90

Unlimited zoom:
search : 00 00 66 43 00 00 C8 43
replace: 00 00 00 43 00 00 86 44

Multiple Window Strings:updated: July 2, 2008 posted by makki08
Search: 85 C0 74 07 C6 05 A0 F1 7A 00
Replace: 85 C0 EB 07 C6 05 A0 F1 7A 00

Search: 85 C0 74 0E 5F 5E B8 01 00 00
Replace: 85 C0 EB 0E 5F 5E B8 01 00 00

Search: 85 C0 74 09 5F 5E 32 C0 5B 8B
Replace: 85 C0 EB 09 5F 5E 32 C0 5B 8B

Source: DARKMOON pRO Support Forum

cupid062985
Noob
Noob
Posts: 5
Joined: 17 Aug 2008, 07:00
Noob?: No

Re: Tracing Hex Strings through Disassembly

#26 Post by cupid062985 »

krone wrote:
I just used them this friday and they are all working. They are as follows:

For commercial servers:
updated: June 26, 2008 posted by Belladonna

To disable gameguard:updated: July 2, 2008 posted by makki08
Search: E8 D1 A8 E9 FF
Replace: 90 90 90 90 90

Unlimited zoom:
search : 00 00 66 43 00 00 C8 43
replace: 00 00 00 43 00 00 86 44

Multiple Window Strings:updated: July 2, 2008 posted by makki08
Search: 85 C0 74 07 C6 05 A0 F1 7A 00
Replace: 85 C0 EB 07 C6 05 A0 F1 7A 00

Search: 85 C0 74 0E 5F 5E B8 01 00 00
Replace: 85 C0 EB 0E 5F 5E B8 01 00 00

Search: 85 C0 74 09 5F 5E 32 C0 5B 8B
Replace: 85 C0 EB 09 5F 5E 32 C0 5B 8B

Source: DARKMOON pRO Support Forum
Yeah it did work... sorry i think i skipped something when i did it... it works for pRO commercial server and Valkyrie Server. I don't know with the other server... Thanks krone! :D

sli
Perl Monk
Perl Monk
Posts: 810
Joined: 04 Apr 2008, 17:26
Noob?: No

Re: Tracing Hex Strings through Disassembly

#27 Post by sli »

If anyone's interested in a more generalized hacking process, check my post here about my Kore-RO anti-bitch patch.
cs : ee : realist

cupid062985
Noob
Noob
Posts: 5
Joined: 17 Aug 2008, 07:00
Noob?: No

Re: Tracing Hex Strings through Disassembly

#28 Post by cupid062985 »

Hi Guys,

My friend got this step that's easy to understand (well at least for me) on how to hex your ragexe.exe. Just click http://docs.google.com/View?docid=ddz3r ... gd=1&hl=en

Take note of the reference to last word "0rd:..." that should give you the hint that you're in the right location. =)

Enjoy! :D

eric10
Noob
Noob
Posts: 2
Joined: 27 May 2009, 06:42
Noob?: Yes

Re: Tracing Hex Strings through Disassembly

#29 Post by eric10 »

elo..

can you update the hex codes..

i've tried the
multiple client windows (for older clients)


if you're using an older version of ragexe.exe, you only need to replace 2 hex values.

first, search for USER32.FindWindowA. look for the jump & take note of the value & address.

lastly, search for KERNEL32.CreateMutexA. again, look for the jump & take note of the value & address.

now open your ragexe.exe on your hex editor & go to the offsets. then change the first hex of each value to EB.

congratulations. your ragexe.exe now allows multiple client.
but it doesn't work anymore in philippine valhalla ragnarok.. after it was patch on may 27, 2009..

i've tried to decode it again. everything i use the dual log in client, the other client

disconnects my first login.

i would like to ask for an update for this..

maraiming maraming salama po sa tulong cozzie.. sana maasahan ko ung bagong hex code for phillippine valhalla..

ty so much .. ;)

wishingwell
Noob
Noob
Posts: 1
Joined: 15 Feb 2009, 06:16
Noob?: No

Re: Tracing Hex Strings through Disassembly

#30 Post by wishingwell »

i hope there's an updated version of this thread

coz some of us are willing to hex the client immediately after a server maintenance due to the fact that it's hard to wait for someone or some people to hex it

specially in the case of other servers where no one seems to hex them anymore.

Post Reply