Welcome!

Join our community of MMO enthusiasts and game developers! By registering, you'll gain access to discussions on the latest developments in MMO server files and collaborate with like-minded individuals. Join us today and unlock the potential of MMO server development!

Join Today!

" CTRL " Attacking freezes my pointer?

Skilled Illusionist
Joined
May 1, 2006
Messages
381
Reaction score
167
Open Ollydbg
Load Main.exe

Press Ctrl + N

Search SetWindowsHookExA
follow the second call (NOT JMP, JUST CALL)

Code:
References in main_104:.text to USER32.SetWindowsHookExA
Address    Disassembly                               Comment
CALL DWORD PTR DS:[<&USER32.SetWindowsHo  USER32.SetWindowsHookExA
[B][SIZE=3][I]CALL DWORD PTR DS:[<&USER32.SetWindowsHo  USER32.SetWindowsHookExA[/I][/SIZE][/B]
JMP DWORD PTR DS:[<&USER32.SetWindowsHoo  USER32.SetWindowsHookExA

when u see some like this
Code:
PUSH 0D
CALL DWORD PTR DS:[<&USER32.SetWindowsHo>; USER32.SetWindowsHookExA
MOV EDX,DWORD PTR SS:[EBP-4]
MOV DWORD PTR DS:[EDX],EAX

Changue 0x0D to 0x02

0x0D = 13 [WH_KEYBOARD_LL (13)]
0x02 = 2 [WH_KEYBOARD (2)]

More info

1.03K JPN:
004BD479

1.03Y JPN:
004C7F49

1.04 JPN S6EP3:
0052D49B

1.04D GMO S6EP3:
0052101B
 
Last edited:
Junior Spellweaver
Joined
Sep 12, 2004
Messages
134
Reaction score
14
Open Ollydbg
Load Main.exe

Press Ctrl + N

Search SetWindowsHookExA
follow the second call (NOT JMP, JUST CALL)

Code:
References in main_104:.text to USER32.SetWindowsHookExA
Address    Disassembly                               Comment
CALL DWORD PTR DS:[<&USER32.SetWindowsHo  USER32.SetWindowsHookExA
[B][SIZE=3][I]CALL DWORD PTR DS:[<&USER32.SetWindowsHo  USER32.SetWindowsHookExA[/I][/SIZE][/B]
JMP DWORD PTR DS:[<&USER32.SetWindowsHoo  USER32.SetWindowsHookExA

when u see some like this
Code:
PUSH 0D
CALL DWORD PTR DS:[<&USER32.SetWindowsHo>; USER32.SetWindowsHookExA
MOV EDX,DWORD PTR SS:[EBP-4]
MOV DWORD PTR DS:[EDX],EAX

Changue 0x0D to 0x02

0x0D = 13 [WH_KEYBOARD_LL (13)]
0x02 = 2 [WH_KEYBOARD (2)]

More info

1.03K JPN:
004BD479

1.03Y JPN:
004C7F49

1.04 JPN S6EP3:
0052D49B

1.04D GMO S6EP3:
0052101B

Bad idea... I wouldn't if I was you.

Both functions has the same signature, but the lParam has different meaning.

lParam is a pointer to a structure on LowLevelKeyboardProc (type = 13)
lParam is just a map of bit flags on KeyboardProc (type = 2).

So, depending on how the the callback process this information you can crash your main.

GG.
 
Junior Spellweaver
Joined
Sep 12, 2004
Messages
134
Reaction score
14
ok, ok ok ok ok ok

Test it and told me about your crash


GG

Ok, you win, you are a genius.

Code:
0046D29D  |.  6A 00                      push 0                                                  ; /ThreadID = 0
0046D29F  |.  8B4D 08                    mov ecx,dword ptr ss:[ebp+8]                            ; |
0046D2A2  |.  51                         push ecx                                                ; |hModule
0046D2A3  |.  68 85D34600                push 0046D385                                           ; |Hookproc = main.0046D385
0046D2A8  |.  6A 0D                      push 0D                                                 ; |HookType = 13.
0046D2AA  |.  FF15 60347000              call dword ptr ds:[<&user32.SetWindowsHookExA>]         ; \SetWindowsHookExA

Code:
0046D385  /.  55                         push ebp
...
0046D3AB  |>  8B4D 10                    mov ecx,dword ptr ss:[ebp+10]; lParam (if you didn't know)
0046D3AE  |.  894D FC                    mov dword ptr ss:[ebp-4],ecx
0046D3B1  |.  8B55 FC                    mov edx,dword ptr ss:[ebp-4]
0046D3B4  |.  8B02                       mov eax,dword ptr ds:[edx] ; ops, look here, a pointer!
...

Let's look at the MSDN again, shall we?


lParam
The repeat count, scan code, extended-key flag, context code, previous key-state flag, and transition-state flag. For more information about the lParam parameter, see . The following table describes the bits of this value.
So it's just a number! That will be a treated as a memory address and if you are lucky, maybe, you can read that address, otherwise, a lovely exception will be thrown and your main will crash.

Simple as that.
 
Junior Spellweaver
Joined
Aug 3, 2010
Messages
189
Reaction score
20
I did what you said there i changed 0x0D for 0x02 but its still freezing, this is the result (s2 main)
 

Attachments

You must be registered for see attachments list
Skilled Illusionist
Joined
May 1, 2006
Messages
381
Reaction score
167
In this hook, just call LL Hook, but works as a simple hook...

Do you understand ? You need read (main code), before open your mouth
i never told it is not a pointer

Code:
LRESULT __userpurge sub_521120<eax>(int a1<ebx>, int a2<edi>, int nCode, WPARAM wParam, LPARAM lParam)
{
  void *v6; // eax@13
  int v7; // eax@13
  unsigned int v8; // [sp+0h] [bp-Ch]@4

  if ( !nCode && wParam >= 0x100 && wParam <= 0x101 )
  {
    v8 = *(_DWORD *)lParam;
    if ( *(_DWORD *)lParam == 27 )
    {
      if ( sub_790F40(a1, a2, 17) == 1 )
        return 1;
    }
    else
    {
      if ( v8 > 0x5A && v8 <= 0x5C && !*(_DWORD *)&dword_E60974 )
        return 1;
    }
  }
  v6 = sub_5210B0(a1, a2);
  v7 = sub_5210A0(v6);
  return CallNextHookEx((HHOOK)v7, nCode, wParam, lParam);
}
 
Last edited:
Junior Spellweaver
Joined
Nov 16, 2007
Messages
160
Reaction score
11
In this hook, just call LL Hook, but works as a simple hook...

Do you understand ? You need read (main code), before open your mouth
i never told it is not a pointer

Code:
LRESULT __userpurge sub_521120<eax>(int a1<ebx>, int a2<edi>, int nCode, WPARAM wParam, LPARAM lParam)
{
  void *v6; // eax@13
  int v7; // eax@13
  unsigned int v8; // [sp+0h] [bp-Ch]@4

  if ( !nCode && wParam >= 0x100 && wParam <= 0x101 )
  {
    v8 = *(_DWORD *)lParam;
    if ( *(_DWORD *)lParam == 27 )
    {
      if ( sub_790F40(a1, a2, 17) == 1 )
        return 1;
    }
    else
    {
      if ( v8 > 0x5A && v8 <= 0x5C && !*(_DWORD *)&dword_E60974 )
        return 1;
    }
  }
  v6 = sub_5210B0(a1, a2);
  v7 = sub_5210A0(v6);
  return CallNextHookEx((HHOOK)v7, nCode, wParam, lParam);
}

So, this means that i need to make an external hook and do the thing you posted? or just do the thing that you posted?
 
Experienced Elementalist
Joined
Nov 26, 2013
Messages
270
Reaction score
90
Open Ollydbg
Load Main.exe

Press Ctrl + N

Search SetWindowsHookExA
follow the second call (NOT JMP, JUST CALL)

Code:
References in main_104:.text to USER32.SetWindowsHookExA
Address    Disassembly                               Comment
CALL DWORD PTR DS:[<&USER32.SetWindowsHo  USER32.SetWindowsHookExA
[B][SIZE=3][I]CALL DWORD PTR DS:[<&USER32.SetWindowsHo  USER32.SetWindowsHookExA[/I][/SIZE][/B]
JMP DWORD PTR DS:[<&USER32.SetWindowsHoo  USER32.SetWindowsHookExA

when u see some like this
Code:
PUSH 0D
CALL DWORD PTR DS:[<&USER32.SetWindowsHo>; USER32.SetWindowsHookExA
MOV EDX,DWORD PTR SS:[EBP-4]
MOV DWORD PTR DS:[EDX],EAX

Changue 0x0D to 0x02

0x0D = 13 [WH_KEYBOARD_LL (13)]
0x02 = 2 [WH_KEYBOARD (2)]

More info

1.03K JPN:
004BD479

1.03Y JPN:
004C7F49

1.04 JPN S6EP3:
0052D49B

1.04D GMO S6EP3:
0052101B


I've changet 0x0D to 0x02, but pointer still freezing=\ Main 1.03.25
 
Experienced Elementalist
Joined
Jul 29, 2012
Messages
286
Reaction score
265
"The hook procedure should process a message in less time than the data entry specified in the LowLevelHooksTimeout value in the following registry key:
HKEY_CURRENT_USER\Control Panel\Desktop
The value is in milliseconds. If the hook procedure times out, the system passes the message to the next hook. However, on Windows 7 and later, the hook is silently removed without being called. There is no way for the application to know whether the hook is removed."

you could try also reducing the value
 
Skilled Illusionist
Joined
Jan 17, 2013
Messages
326
Reaction score
19
Open Ollydbg
Load Main.exe

Press Ctrl + N

Search SetWindowsHookExA
follow the second call (NOT JMP, JUST CALL)

Code:
References in main_104:.text to USER32.SetWindowsHookExA
Address    Disassembly                               Comment
CALL DWORD PTR DS:[<&USER32.SetWindowsHo  USER32.SetWindowsHookExA
[B][SIZE=3][I]CALL DWORD PTR DS:[<&USER32.SetWindowsHo  USER32.SetWindowsHookExA[/I][/SIZE][/B]
JMP DWORD PTR DS:[<&USER32.SetWindowsHoo  USER32.SetWindowsHookExA

when u see some like this
Code:
PUSH 0D
CALL DWORD PTR DS:[<&USER32.SetWindowsHo>; USER32.SetWindowsHookExA
MOV EDX,DWORD PTR SS:[EBP-4]
MOV DWORD PTR DS:[EDX],EAX

Changue 0x0D to 0x02

0x0D = 13 [WH_KEYBOARD_LL (13)]
0x02 = 2 [WH_KEYBOARD (2)]

More info

1.03K JPN:
004BD479

1.03Y JPN:
004C7F49

1.04 JPN S6EP3:
0052D49B

1.04D GMO S6EP3:
0052101B


Fix for 99b main? i'am not found SetWindowsHookExA function in this main
 
Newbie Spellweaver
Joined
Oct 12, 2004
Messages
56
Reaction score
8
Simply fix by adjusting repeat rate=0 :) in Control panel :)
 
Newbie Spellweaver
Joined
Mar 19, 2015
Messages
79
Reaction score
4
the only solution for this i think .. is having a perfect PC ultra game edition u know what i mean so u can have 2 accounts online and play

cus client opened 2 times causes that freeze lag XD
its kind of FPS thing i think.
5YS3XXM - " CTRL " Attacking freezes my pointer? - RaGEZONE Forums


Sir, if this is not enough then i dont know what it is, it happens to me too and the only fix is to reduce the amount of times that CTRL repeats in keyboard options, its just a crappy mu "bug"
 

Attachments

You must be registered for see attachments list
Joined
May 26, 2009
Messages
17,279
Reaction score
3,204
5YS3XXM - " CTRL " Attacking freezes my pointer? - RaGEZONE Forums


Sir, if this is not enough then i dont know what it is, it happens to me too and the only fix is to reduce the amount of times that CTRL repeats in keyboard options, its just a crappy mu "bug"

its still not enuff,.. just open task manager, see how it looks like when u open 2 muonline, it might be bug ofcourse.. so dont waste time on it.
 

Attachments

You must be registered for see attachments list
Banned
Banned
Joined
Mar 5, 2015
Messages
104
Reaction score
8
Re: &quot; CTRL &quot; Attacking freezes my pointer?

5YS3XXM - " CTRL " Attacking freezes my pointer? - RaGEZONE Forums


Sir, if this is not enough then i dont know what it is, it happens to me too and the only fix is to reduce the amount of times that CTRL repeats in keyboard options, its just a crappy mu "bug"

Igcn files somehow have fixed this...



its still not enuff,.. just open task manager, see how it looks like when u open 2 muonline, it might be bug ofcourse.. so dont waste time on it.

True but its not a bug on 2 muonline..
 

Attachments

You must be registered for see attachments list
Newbie Spellweaver
Joined
Mar 19, 2015
Messages
79
Reaction score
4
just saying, if you have a powerfull enough computer you can run a virtual machine with mu in there :p i can run like 5 of them without lag :D, there wont be any issues with CTRL .
 
Newbie Spellweaver
Joined
Jan 22, 2013
Messages
60
Reaction score
1
Main 1.04d use Vietguard antihack.
Season 6 no bug Crlt or "keyboard bug"

example : mus6.net
 
Back
Top