• Unfortunately, we have experienced significant hard drive damage that requires urgent maintenance and rebuilding. The forum will be a state of read only until we install our new drives and rebuild all the configurations needed. Please follow our Facebook page for updates, we will be back up shortly! (The forum could go offline at any given time due to the nature of the failed drives whilst awaiting the upgrades.) When you see an Incapsula error, you know we are in the process of migration.

" CTRL " Attacking freezes my pointer?

LTPTeam

LTPTeam

selling server files is against RZ rules
500 Posts 10 Happy Years
Joined
Feb 26, 2013
Messages
542
Reaction score
131
Mulegend said:
Open Ollydbg
Load Main.exe

Press Ctrl + N

Search SetWindowsHookExA
follow the second call (NOT JMP, JUST CALL)

Code: 
References in main_104:.text to USER32.SetWindowsHookExA
Address    Disassembly                               Comment
CALL DWORD PTR DS:[<&USER32.SetWindowsHo  USER32.SetWindowsHookExA
[B][SIZE=3][I]CALL DWORD PTR DS:[<&USER32.SetWindowsHo  USER32.SetWindowsHookExA[/I][/SIZE][/B]
JMP DWORD PTR DS:[<&USER32.SetWindowsHoo  USER32.SetWindowsHookExA

when u see some like this
Code: 
PUSH 0D
CALL DWORD PTR DS:[<&USER32.SetWindowsHo>; USER32.SetWindowsHookExA
MOV EDX,DWORD PTR SS:[EBP-4]
MOV DWORD PTR DS:[EDX],EAX

Changue 0x0D to 0x02

0x0D = 13 [WH_KEYBOARD_LL (13)]
0x02 = 2 [WH_KEYBOARD (2)]

More info
You must be registered to see links


1.03K JPN:
004BD479

1.03Y JPN:
004C7F49

1.04 JPN S6EP3:
0052D49B

1.04D GMO S6EP3:
0052101B
Click to expand...

This don't working in 1.04D GMO Main. First window don't freezing, but second still freezing
 
The Best DDoS Protected Servers
B

BladeKnight109

Experienced Elementalist
Joined
Jun 17, 2014
Messages
242
Reaction score
107
1.04D GMO S6EP3:
0052101B
Click to expand...
it will bug on windows XP :)
Code: 
CPU Disasm
Address   Hex dump          Command                                  Comments
[COLOR=#ff0000]0052100F  |.  6A 00         PUSH 0                                   ; /ThreadId = 0
00521011  |.  8B4D 08       MOV ECX,DWORD PTR SS:[EBP+8]            ; |[/COLOR]
00521014  |.  51            PUSH ECX                                 ; |hModule => [ARG.1]
00521015  |.  68 20115200   PUSH 00521120                            ; |Hookproc = Main.521120
0052101A  |.  6A 0D         PUSH 0D                                  ; |Hooktype = WH_KEYBOARD_LL
0052101C  |.  FF15 8C26D200 CALL DWORD PTR DS:[<&USER32.SetWindowsHo ; \USER32.SetWindowsHookExA
\
Main 1.04D
why ThreadId = NULL?
Code: 
char sub_521000(HHOOK * hHook, HINSTANCE hInstance, HWND hWnd)
{
    char result; // al@4
    HHOOK * v4; // [sp+0h] [bp-4h]@1

    v4 = This;
    if ( * hHook )
    {
        result = 0;
    }
    else
    {
        *hHook = SetWindowsHookExA([COLOR=#ff0000]WH_KEYBOARD[/COLOR], (HOOKPROC)sub_521120, hInstance, [COLOR=#ff0000]NULL[/COLOR]);//Global hook? bug on windows xp
        if ( RegisterHotKey(hWnd, 0, MOD_ALT, VK_TAB) )
        {
            v4[1] = (HHOOK)hWnd;
        }

        result = 1;
    }

    return result;
}
 
Last edited:
P

Pinkof

Newbie :)
500 Posts Got A Reaction 10 Happy Years
Joined
Mar 13, 2008
Messages
758
Reaction score
1,005
i do it and work fine
main 1.04j

004F8B38 |. 8338 00 CMP DWORD PTR DS:[EAX],0x0
004F8B3B |. 75 39 JNZ SHORT Main.004F8B76 ///change JNZ TO JMP and ctrl freeze is fixed...
004F8B3D |. 6A 00 PUSH 0x0 ; /ThreadID = 0x0
004F8B3F |. 8B4D 08 MOV ECX,DWORD PTR SS:[EBP+0x8] ; |
004F8B42 |. 51 PUSH ECX ; |hModule
004F8B43 |. 68 258C4F00 PUSH Main.004F8C25 ; |Hookproc = Main.004F8C25
004F8B48 |. 6A 0D PUSH 0xD ; |HookType = 13.
004F8B4A |. FF15 CC647500 CALL DWORD PTR DS:[<&USER32.SetWindowsHo>; \SetWindowsHookExA
004F8B50 |. 8B55 FC MOV EDX,DWORD PTR SS:[EBP-0x4]
004F8B53 |. 8902 MOV DWORD PTR DS:[EDX],EAX
004F8B55 |. 6A 09 PUSH 0x9 ; /Key = VK_TAB
004F8B57 |. 6A 01 PUSH 0x1 ; |Modifiers = MOD_ALT
004F8B59 |. 6A 00 PUSH 0x0 ; |HotKeyID = 0x0
004F8B5B |. 8B45 0C MOV EAX,DWORD PTR SS:[EBP+0xC] ; |
004F8B5E |. 50 PUSH EAX ; |hWnd
004F8B5F |. FF15 DC647500 CALL DWORD PTR DS:[<&USER32.RegisterHotK>; \RegisterHotKey
004F8B65 |. 85C0 TEST EAX,EAX
004F8B67 |. 74 09 JE SHORT Main.004F8B72
Click to expand...
 
You must log in or register to reply here.

About Us

RaGEZONE® is a website dedicated to the development of massively multiplayer online role-playing games (MMORPGs).

Online statistics

Members online
188
Guests online
10,338
Total visitors
10,526
Totals may include hidden visitors.

Forum statistics

Threads
429,198
Messages
4,590,913
Members
281,311
Latest member
ismodev
Most visitors online was 12720 , on 2 May 2024

RaGEZONE Sponsor

    HyperFilter
Back
Top