[Development] Season XII Source Chinesse Team - based on X-TEAM

Page 1 of 15 12345678911 ... LastLast
Results 1 to 15 of 217
  1. #1
    Hardcore Member Pyke is offline
    MemberRank
    Sep 2007 Join Date
    PolandLocation
    102Posts

    [Development] Season XII Source Chinesse Team - based on X-TEAM

    [Development] Season XII Source Chinesse Team - based on X-TEAM
    Hi RageZone!

    I would like to announce that I will undertake work, using source codes, which I will provide below.

    Source Code is by Chinesse Team called L.S.T.

    Link Source: mega.nz
    Util: mega.nz
    MuServer: mega.nz
    Client ENG: mega.nz
    Update 1
    -DataServer fixed (DataServer must be compile Release_EX401 mode)
    -Clean Projects, no errors
    -Hunting Log fixed
    https://mega.nz/#!b2oGFIrJ!tEHHlR-2y...XM5iLNwx-nnIi4


    Update 1.1
    Full MUServer Compiled Clean
    https://mega.nz/#!qmoA3QZR!Wuhr0yq4S...Jrm3g0d12hzuxg

    Client ENG modded by me, 100% working with compiled files
    https://mega.nz/#!nqpVHCRL!e1_pBFv4s...wJmkqOIpjBVho4

    Main DLL Source, no errors clean
    https://mega.nz/#!WvwywQ6D!nY8bBYYai...eLlOtyAk3kFN_s
    Last edited by Pyke; 30-01-19 at 07:04 PM. Reason: Update 1.1


  2. #2
    Registered bolliks is offline
    MemberRank
    Apr 2005 Join Date
    16Posts

    re: [Development] Season XII Source Chinesse Team - based on X-TEAM

    I can join on development im mainly web developer but have some C#/C++ knowlages have fixed some things on IGCN source S12 n shit so if i can be usefull i can spent some time

  3. #3
    Registered xuanthanhyt is offline
    MemberRank
    May 2016 Join Date
    11Posts

    Re: [Development] Season XII Source Chinesse Team - based on X-TEAM

    scoure Client pls

  4. #4
    Newbie lst is offline
    MemberRank
    Sep 2018 Join Date
    3Posts

    Re: [Development] Season XII Source Chinesse Team - based on X-TEAM

    I don't know where your source code comes from.
    The client part of the source code for you
    Client:1.18.70

    Code:
    // lst.cpp : 定义 DLL 应用程序的导出函数。//
    
    
    #include "stdafx.h"
    #include "HookManager.h"
    #include "PacketManager.h"
    #include "Protocol.h"
    Crack g_Crack;
    
    
    LPBYTE g_CrackAttachHookAddr = (LPBYTE)GetProcAddress(GetModuleHandle("kernel32.dll"), "GetStartupInfoA");
    LPBYTE g_MultiByteToWideChar = (LPBYTE)GetProcAddress(GetModuleHandle("kernel32.dll"), "MultiByteToWideChar");
    LPBYTE g_WideCharToMultiByte = (LPBYTE)GetProcAddress(GetModuleHandle("kernel32.dll"), "WideCharToMultiByte");
    
    
    //LPBYTE g_CrackReturnAddr = (LPBYTE)0x00CD1960;
    
    
    
    
    void Crack::Load()
    {
    
    
    
    
    	GetBuffer((LPVOID)g_CrackAttachHookAddr, this->m_AttachRestoreBuff, 5);
    
    
    	SetOp((LPVOID)g_CrackAttachHookAddr, (LPVOID)Crack::ProcAttach, JMP);
    	GetBuffer((LPVOID)g_MultiByteToWideChar, this->m_MultiByteToWideChar, 5);
    	GetBuffer((LPVOID)g_WideCharToMultiByte, this->m_WideCharToMultiByte, 5);
    }
    __declspec(naked) void Crack::ProcAttach()
    {
    	__asm
    	{
    		pushad
    		pushfd
    		call dword ptr ds : [Crack::ProcLoading]
    		popfd
    		popad
    		jmp dword ptr ds : [g_CrackAttachHookAddr]
    	}
    
    
    }
    void Crack::ProcLoading()
    {
    	
    	g_Crack.ProcCrack();
    	
    	SetBuffer((LPVOID)g_CrackAttachHookAddr, g_Crack.m_AttachRestoreBuff, 5);
    
    
    
    
    }
    void Crack::ProcCrack()
    {
    
    
    
    
    
    
    	HookThis_JMP((DWORD)&ParsePacket, 0x00C19CF5); // 1.18.70
    	HookThis_JMP((DWORD)&SendPacket, 0x00BAEBDD); // 1.18.70
    
    
    	//char MUName[] = "<LST>奇迹S12";
    	//char *NameAddress = (char*)(0x14C5948);
    	//memset(NameAddress, 0, strlen(MUName)+1);
    	//memcpy(NameAddress, MUName, strlen(MUName));
    
    
    
    
    	HookThis_JMP(0x00A3A86EF, 0x00BAEEC5);//1.18.70
    
    
    
    
    	//0A31625F - 0F84 F6348CF6   je main.00BD975B
    	//JE>>jmp
    	HookThis_JMP(0x00BEAA7F, 0x0A327E33);//1.18.70
    	SetRange((LPVOID)0x0A327E38, 1, 0x90);//1.18.70
    
    
    	//00510FD3    E8 AEE1FFFF     call main.0050F186
    	//0A2D539E    55              push ebp
    
    
    	HookThis(0x0A317ED0, 0x0051087E);
    	HookThis(0x0A317ED0, 0x00511238);
    	HookThis(0x0A317ED0, 0x0051196A);
    	HookThis(0x0A317ED0, 0x00511DB6);
    
    
    	////ERROR
    	//setNumeric<BYTE>(0x00C36002, SJMP);
    
    
    	//跳MU
    	BYTE MU_JMP[] = { 0xEB,0x4B };
    	SetBuffer((LPVOID)0x005069DC, MU_JMP, sizeof(MU_JMP));//1.18.70
    	BYTE MU_JMP1[] = { 0xE9,0xBA,0x00,0x00,0x00,0x90 };
    	SetBuffer((LPVOID)0x00506E1E, MU_JMP1, sizeof(MU_JMP1));//1.18.70
    	//MuError Disable Enc Text	
    	SetRange((LPVOID)0x00D42114, 32, 0x90);//1.18.70
    	//跳GG Disable redirect gg start
    	BYTE GG_JMP[] = { 0xE9,0x88,0x00,0x00,0x00,0x90 };
    	SetBuffer((LPVOID)0x00507524, GG_JMP, sizeof(GG_JMP));//1.18.70
    	BYTE GG_JMP1[] = { 0xEB,0x19 };
    	SetBuffer((LPVOID)0x005074E1, GG_JMP1, sizeof(GG_JMP1));//1.18.70
    	//Remove GameGuard
    	setNumeric<BYTE>(0x0050CFD2, SJMP);//1.18.70
    	setNumeric<BYTE>(0x00CC296F, SJMP);//1.18.70
    
    
    	setNumeric<BYTE>(0x00CC2AA8, SJMP);//1.18.70
    	//中文
    	setNumeric<BYTE>(0x015964E0, 0x86);//1.18.70
    	//创建中文角色
    	SetRange((LPVOID)0x00460DE2, 13,0x90);
    	SetByte(0x004BC12C, 0xEB);
    	SetByte(0x00AD5F93, 0xEB);
    	SetByte(0x00AD5F94, 0x43);
    	SetByte(0x00B100D2, 0xEB);
    	////二次加密跳过
    	SetRange((LPVOID)0x00C7B11C, 2, 0x90);//1.18.70
    	//加速
    	//setNumeric<BYTE>(0x00512F62 + 1, 1);//1.18.70
    	//setNumeric<BYTE>(0x00512F8A + 3, 1);//1.18.70
    	//NPC
    	//setNumeric<BYTE>(0x00BFAB9B+1, 0x35);//1.18.70
    	//跳ItemtooltipBmd
    	setNumeric<BYTE>(0x0085216E, 0xEB);//1.18.70
    	//跳itemsetoptiontext
    	setNumeric<BYTE>(0x00529b6c, 0xEB);//1.18.70
    	//masterskillTooltip
    	setNumeric<BYTE>(0x00b02eb5, 0xEB);//1.18.70
    	//SkillToolTipText
    	BYTE SKILL_JMP[] = { 0xE9,0xAD,0x00,0x00,0x00,0x90 };
    	SetBuffer((LPVOID)0x00CCA2F8, SKILL_JMP, sizeof(SKILL_JMP));//1.18.70
    	char ip[256] = { '\0' };
    	int Prot;
    	char path[256] = { '\0' };
    	GetModuleFileName(NULL, ip, MAX_PATH);
    	int nSize = strlen(ip);
    	do
    	{
    		if (ip[nSize] == '\\')
    		{
    			ip[nSize + 1] = '\0';
    			break;
    		}
    
    
    		nSize--;
    	} while (nSize != 0);
    
    
    	wsprintfA(path, "%s\\%s", ip, "config.ini");
    
    
    	GetPrivateProfileStringA("LOGIN", "IpAddress", "127.0.0.1", ip, 256, ".\\config.ini");
    	//sscanf("qiji.mpc.cn","%s", ip);
    	CopyMemory((LPVOID)0x01596520, ip, strlen(ip) + 1);//1.18.70
    
    
    	Prot = GetPrivateProfileInt("LOGIN", "Port", 44405, ".\\config.ini");
    	setNumeric<int>(0x01595A54, Prot);//1.18.70
    
    
    	char MainVersion[6] = "23446";
    	char *Version = (char*)(0x0159F3C8);//1.18.70
    	memset(Version, 0, 6);
    	memcpy(Version, MainVersion, strlen(MainVersion));
    
    
    	char MainSerial[17] = "fughy683dfu7teqg";
    	char *SERIAL = (char*)(0x0159F3C8 + 8);//1.18.70
    	memset(SERIAL, 0, 17);
    	memcpy(SERIAL, MainSerial, strlen(MainSerial));
    
    
    	//HookThis_JMP((DWORD)&MyMultiByte, 0x0051e968); // S13
    	//HookThis_JMP((DWORD)&MyMultiByte1, 0x0051E9A8); // S13
    	//HookThis_JMP((DWORD)&MyWideChar, 0x00A34ADD); // S12
    	//HookThis_JMP((DWORD)&MyWideChar1, 0x00A34B0E); // S12
    	//SetRange((LPVOID)0x0A2DA30A, 9, 0x90);
    
    
    	//HookThis_JMP((DWORD)&MySendp, 0x0A2DA30A);
    
    
    }
    void __declspec(naked)  MySendp()
    {
    	//0A2DA30A    8B45 08         mov eax, dword ptr ss : [ebp + 0x8]
    	//	0A2DA30D    8985 F8FAFFFF   mov dword ptr ss : [ebp - 0x508], eax
    	//	0A2DA313    81BD F8FAFFFF F>cmp dword ptr ss : [ebp - 0x508], 0xFD
    	static DWORD MyJmp = 0x0A2DA313;
    	__asm
    	{
    		mov eax, dword ptr ss : [ebp + 0x0C]; 
    		push eax;
    		call gLog;
    		mov eax, dword ptr ss : [ebp + 0x8];
    		mov dword ptr ss : [ebp - 0x508], eax;
    		jmp[MyJmp];
    	}
    }
    
    
    void gLog(BYTE * pMsg)
    {
    	BYTE iLen;
    	switch (pMsg[0])
    	{
    	case 0xC1:
    		iLen = pMsg[1];
    		break;
    	case 0xC2:
    		iLen = pMsg[2];
    	default:
    		break;
    	}
    	char buff[_MAX_PATH] = { 0 };
    	_getcwd(buff, sizeof(buff));
    	strcat(buff, "\\Send.txt");
    	std::ofstream ofs(buff, std::ios::app);//建立ofstream对像。
    	ofs << std::hex;
    	for (int i = 0; i<iLen; i++)
    	{
    
    
    		ofs << "0x" << (static_cast<short>(pMsg[i]) & 0xff) << " ";
    	}
    	ofs << "\r\n";
    
    
    	ofs.close();
    	return;
    }
    void __declspec(naked)MyWideChar()
    {
    	static DWORD MyAddr = 0x3A8;
    	static DWORD MyJmp = 0x00A34AE5;
    	__asm
    	{
    		push MyAddr;
    		call WideCharToMultiByte;
    		jmp[MyJmp];
    	}
    
    
    }
    void __declspec(naked)MyWideChar1()
    {
    	static DWORD MyAddr = 0x3A8;
    	static DWORD MyJmp = 0x00A34B16;
    	__asm
    	{
    		push MyAddr;
    		call WideCharToMultiByte;
    		jmp[MyJmp];
    	}
    }
    
    
    void __declspec(naked)MyMultiByte()
    {
    	static DWORD MyAddr = 0x3A8;
    	static DWORD MyJmp = 0x0051e973;
    	
    	__asm
    	{
    	push eax;
    	push 0;
    	push MyAddr
    	call dword ptr ds : [0x137E210];
    	jmp[MyJmp];
    	}
    }
    
    
    
    
    void __declspec(naked)MyMultiByte1()
    {
    	static DWORD MyAddr = 0x3A8;
    	static DWORD MyJmp = 0x0051E9B3;
    	__asm
    	{
    		push eax;
    		push 0;
    		push MyAddr;
    		call dword ptr ds : [0x137E210];
    		jmp[MyJmp];
    	}
    }
    
    
    
    
    // -------------------------------------------------------------------------------
    void __declspec(naked) muSendPacket(BYTE* buff, int len)
    {
    	__asm
    	{
    		PUSH EBP;
    		MOV EBP, ESP;
    		MOV EAX, len;
    		PUSH EAX;
    		PUSH buff;
    		MOV ECX, DWORD PTR DS : [MU_SENDER_CLASS];
    		MOV EDX, MU_SEND_PACKET;
    		CALL EDX;
    		MOV ESP, EBP;
    		POP EBP;
    		RETN;
    	}
    }
    void SendPacket(BYTE* lpMsg, DWORD size, int enc, int unk1)
    {
    	
    	//if (lpMsg[2] == 0x0E || lpMsg[2] == 0x03 || lpMsg[2] == 0x19 || lpMsg[2] == 0x32)
    	//{
    	//	lpMsg[0] = 0xC3;
    	//}
    	static BYTE send[8192];
    
    
    	memcpy(send, lpMsg, size);
    	if (enc)
    	{
    		if (lpMsg[0] == 0xC1)
    		{
    			BYTE save = lpMsg[1];
    
    
    			lpMsg[1] = (*(BYTE*)(MAIN_PACKET_SERIAL))++;
    
    
    			size = gPacketManager.Encrypt(&send[2], &lpMsg[1], (size - 1)) + 2;
    
    
    			lpMsg[1] = save;
    
    
    			send[0] = 0xC3;
    			send[1] = size;
    		}
    		else if (lpMsg[0] == 0xC2)
    		{
    			BYTE save = lpMsg[2];
    
    
    			lpMsg[2] = (*(BYTE*)(MAIN_PACKET_SERIAL))++;
    
    
    			size = gPacketManager.Encrypt(&send[3], &lpMsg[2], (size - 2)) + 3;
    
    
    			lpMsg[2] = save;
    
    
    			send[0] = 0xC4;
    			send[1] = HIBYTE(size);
    			send[2] = LOBYTE(size);
    		}
    	}
    	muSendPacket(send, size);
    }
    void ParsePacket(void* PackStream, int unk1, int unk2)
    {
    	BYTE* buff;
    	while (true)
    	{
    		__asm {
    			MOV ECX, PackStream;
    			MOV EDX, PARSE_PACKET_STREAM;
    			CALL EDX;
    			MOV buff, EAX;
    		}
    		if (!buff)
    			break;
    
    
    		BYTE DecBuff[7024];
    		unsigned int DecSize;
    
    
    		int proto;
    		int size;
    		int enc;
    
    
    
    
    		switch (buff[0])
    		{
    		case 0xC1:
    			proto = buff[2];
    			size = buff[1];
    			enc = 0;
    			break;
    		case 0xC2:
    			proto = buff[3];
    			size = *(WORD*)&buff[1];
    			enc = 0;
    			break;
    		case 0xC3:
    			enc = 1;
    			size = buff[1];
    			DecSize = gPacketManager.Decrypt(&DecBuff[1], &buff[2], size - 2);
    			DecBuff[0] = 0xC1;
    			DecBuff[1] = DecSize + 2;
    			size = DecSize + 2;
    			buff = DecBuff;
    			proto = DecBuff[2];
    			break;
    		case 0xC4:
    			enc = 1;
    			size = MAKEWORD(buff[2], buff[1]);
    			DecSize = gPacketManager.Decrypt(&DecBuff[2], &buff[3], size - 3);
    			DecBuff[0] = 0xC2;
    			DecBuff[2] = LOBYTE(DecSize + 3);
    			DecBuff[1] = HIBYTE(DecSize + 3);
    			size = DecSize + 3;
    			buff = DecBuff;
    			proto = buff[3];
    			break;
    		}
    
    
    		if (unk1 == 1)
    		{
    			typedef int(*tProtocolCore2)(int, int, BYTE*, int, int);
    			tProtocolCore2 ProtocolCore2 = (tProtocolCore2)PROTOCOL_CORE1;
    			ProtocolCore2(unk2, proto, buff, size, enc);
    		}
    		else
    		{
    			typedef int(*tProtocolCore)(int, BYTE*, int, int);
    			tProtocolCore ProtocolCore = (tProtocolCore)PROTOCOL_CORE2;
    			bool bUseClientProtocolCore = CliProtocolCore(buff, proto, size, enc); // DLL protocolcore
    			if (bUseClientProtocolCore)
    			{
    				ProtocolCore(proto, buff, size, enc); // Main.exe protocolcore
    			}
    
    
    		}
    
    
    
    
    	}
    }

  5. #5
    Ultimate Member solarismu is offline
    MemberRank
    May 2017 Join Date
    175Posts

    Re: [Development] Season XII Source Chinesse Team - based on X-TEAM

    Quote Originally Posted by lst View Post
    I don't know where your source code comes from.
    The client part of the source code for you
    Client:1.18.70

    Code:
    // lst.cpp : 定义 DLL 应用程序的导出函数。//
    
    
    #include "stdafx.h"
    #include "HookManager.h"
    #include "PacketManager.h"
    #include "Protocol.h"
    Crack g_Crack;
    
    
    LPBYTE g_CrackAttachHookAddr = (LPBYTE)GetProcAddress(GetModuleHandle("kernel32.dll"), "GetStartupInfoA");
    LPBYTE g_MultiByteToWideChar = (LPBYTE)GetProcAddress(GetModuleHandle("kernel32.dll"), "MultiByteToWideChar");
    LPBYTE g_WideCharToMultiByte = (LPBYTE)GetProcAddress(GetModuleHandle("kernel32.dll"), "WideCharToMultiByte");
    
    
    //LPBYTE g_CrackReturnAddr = (LPBYTE)0x00CD1960;
    
    
    
    
    void Crack::Load()
    {
    
    
    
    
        GetBuffer((LPVOID)g_CrackAttachHookAddr, this->m_AttachRestoreBuff, 5);
    
    
        SetOp((LPVOID)g_CrackAttachHookAddr, (LPVOID)Crack::ProcAttach, JMP);
        GetBuffer((LPVOID)g_MultiByteToWideChar, this->m_MultiByteToWideChar, 5);
        GetBuffer((LPVOID)g_WideCharToMultiByte, this->m_WideCharToMultiByte, 5);
    }
    __declspec(naked) void Crack::ProcAttach()
    {
        __asm
        {
            pushad
            pushfd
            call dword ptr ds : [Crack::ProcLoading]
            popfd
            popad
            jmp dword ptr ds : [g_CrackAttachHookAddr]
        }
    
    
    }
    void Crack::ProcLoading()
    {
        
        g_Crack.ProcCrack();
        
        SetBuffer((LPVOID)g_CrackAttachHookAddr, g_Crack.m_AttachRestoreBuff, 5);
    
    
    
    
    }
    void Crack::ProcCrack()
    {
    
    
    
    
    
    
        HookThis_JMP((DWORD)&ParsePacket, 0x00C19CF5); // 1.18.70
        HookThis_JMP((DWORD)&SendPacket, 0x00BAEBDD); // 1.18.70
    
    
        //char MUName[] = "<LST>奇迹S12";
        //char *NameAddress = (char*)(0x14C5948);
        //memset(NameAddress, 0, strlen(MUName)+1);
        //memcpy(NameAddress, MUName, strlen(MUName));
    
    
    
    
        HookThis_JMP(0x00A3A86EF, 0x00BAEEC5);//1.18.70
    
    
    
    
        //0A31625F - 0F84 F6348CF6   je main.00BD975B
        //JE>>jmp
        HookThis_JMP(0x00BEAA7F, 0x0A327E33);//1.18.70
        SetRange((LPVOID)0x0A327E38, 1, 0x90);//1.18.70
    
    
        //00510FD3    E8 AEE1FFFF     call main.0050F186
        //0A2D539E    55              push ebp
    
    
        HookThis(0x0A317ED0, 0x0051087E);
        HookThis(0x0A317ED0, 0x00511238);
        HookThis(0x0A317ED0, 0x0051196A);
        HookThis(0x0A317ED0, 0x00511DB6);
    
    
        ////ERROR
        //setNumeric<BYTE>(0x00C36002, SJMP);
    
    
        //跳MU
        BYTE MU_JMP[] = { 0xEB,0x4B };
        SetBuffer((LPVOID)0x005069DC, MU_JMP, sizeof(MU_JMP));//1.18.70
        BYTE MU_JMP1[] = { 0xE9,0xBA,0x00,0x00,0x00,0x90 };
        SetBuffer((LPVOID)0x00506E1E, MU_JMP1, sizeof(MU_JMP1));//1.18.70
        //MuError Disable Enc Text    
        SetRange((LPVOID)0x00D42114, 32, 0x90);//1.18.70
        //跳GG Disable redirect gg start
        BYTE GG_JMP[] = { 0xE9,0x88,0x00,0x00,0x00,0x90 };
        SetBuffer((LPVOID)0x00507524, GG_JMP, sizeof(GG_JMP));//1.18.70
        BYTE GG_JMP1[] = { 0xEB,0x19 };
        SetBuffer((LPVOID)0x005074E1, GG_JMP1, sizeof(GG_JMP1));//1.18.70
        //Remove GameGuard
        setNumeric<BYTE>(0x0050CFD2, SJMP);//1.18.70
        setNumeric<BYTE>(0x00CC296F, SJMP);//1.18.70
    
    
        setNumeric<BYTE>(0x00CC2AA8, SJMP);//1.18.70
        //中文
        setNumeric<BYTE>(0x015964E0, 0x86);//1.18.70
        //创建中文角色
        SetRange((LPVOID)0x00460DE2, 13,0x90);
        SetByte(0x004BC12C, 0xEB);
        SetByte(0x00AD5F93, 0xEB);
        SetByte(0x00AD5F94, 0x43);
        SetByte(0x00B100D2, 0xEB);
        ////二次加密跳过
        SetRange((LPVOID)0x00C7B11C, 2, 0x90);//1.18.70
        //加速
        //setNumeric<BYTE>(0x00512F62 + 1, 1);//1.18.70
        //setNumeric<BYTE>(0x00512F8A + 3, 1);//1.18.70
        //NPC
        //setNumeric<BYTE>(0x00BFAB9B+1, 0x35);//1.18.70
        //跳ItemtooltipBmd
        setNumeric<BYTE>(0x0085216E, 0xEB);//1.18.70
        //跳itemsetoptiontext
        setNumeric<BYTE>(0x00529b6c, 0xEB);//1.18.70
        //masterskillTooltip
        setNumeric<BYTE>(0x00b02eb5, 0xEB);//1.18.70
        //SkillToolTipText
        BYTE SKILL_JMP[] = { 0xE9,0xAD,0x00,0x00,0x00,0x90 };
        SetBuffer((LPVOID)0x00CCA2F8, SKILL_JMP, sizeof(SKILL_JMP));//1.18.70
        char ip[256] = { '\0' };
        int Prot;
        char path[256] = { '\0' };
        GetModuleFileName(NULL, ip, MAX_PATH);
        int nSize = strlen(ip);
        do
        {
            if (ip[nSize] == '\\')
            {
                ip[nSize + 1] = '\0';
                break;
            }
    
    
            nSize--;
        } while (nSize != 0);
    
    
        wsprintfA(path, "%s\\%s", ip, "config.ini");
    
    
        GetPrivateProfileStringA("LOGIN", "IpAddress", "127.0.0.1", ip, 256, ".\\config.ini");
        //sscanf("qiji.mpc.cn","%s", ip);
        CopyMemory((LPVOID)0x01596520, ip, strlen(ip) + 1);//1.18.70
    
    
        Prot = GetPrivateProfileInt("LOGIN", "Port", 44405, ".\\config.ini");
        setNumeric<int>(0x01595A54, Prot);//1.18.70
    
    
        char MainVersion[6] = "23446";
        char *Version = (char*)(0x0159F3C8);//1.18.70
        memset(Version, 0, 6);
        memcpy(Version, MainVersion, strlen(MainVersion));
    
    
        char MainSerial[17] = "fughy683dfu7teqg";
        char *SERIAL = (char*)(0x0159F3C8 + 8);//1.18.70
        memset(SERIAL, 0, 17);
        memcpy(SERIAL, MainSerial, strlen(MainSerial));
    
    
        //HookThis_JMP((DWORD)&MyMultiByte, 0x0051e968); // S13
        //HookThis_JMP((DWORD)&MyMultiByte1, 0x0051E9A8); // S13
        //HookThis_JMP((DWORD)&MyWideChar, 0x00A34ADD); // S12
        //HookThis_JMP((DWORD)&MyWideChar1, 0x00A34B0E); // S12
        //SetRange((LPVOID)0x0A2DA30A, 9, 0x90);
    
    
        //HookThis_JMP((DWORD)&MySendp, 0x0A2DA30A);
    
    
    }
    void __declspec(naked)  MySendp()
    {
        //0A2DA30A    8B45 08         mov eax, dword ptr ss : [ebp + 0x8]
        //    0A2DA30D    8985 F8FAFFFF   mov dword ptr ss : [ebp - 0x508], eax
        //    0A2DA313    81BD F8FAFFFF F>cmp dword ptr ss : [ebp - 0x508], 0xFD
        static DWORD MyJmp = 0x0A2DA313;
        __asm
        {
            mov eax, dword ptr ss : [ebp + 0x0C]; 
            push eax;
            call gLog;
            mov eax, dword ptr ss : [ebp + 0x8];
            mov dword ptr ss : [ebp - 0x508], eax;
            jmp[MyJmp];
        }
    }
    
    
    void gLog(BYTE * pMsg)
    {
        BYTE iLen;
        switch (pMsg[0])
        {
        case 0xC1:
            iLen = pMsg[1];
            break;
        case 0xC2:
            iLen = pMsg[2];
        default:
            break;
        }
        char buff[_MAX_PATH] = { 0 };
        _getcwd(buff, sizeof(buff));
        strcat(buff, "\\Send.txt");
        std::ofstream ofs(buff, std::ios::app);//建立ofstream对像。
        ofs << std::hex;
        for (int i = 0; i<iLen; i++)
        {
    
    
            ofs << "0x" << (static_cast<short>(pMsg[i]) & 0xff) << " ";
        }
        ofs << "\r\n";
    
    
        ofs.close();
        return;
    }
    void __declspec(naked)MyWideChar()
    {
        static DWORD MyAddr = 0x3A8;
        static DWORD MyJmp = 0x00A34AE5;
        __asm
        {
            push MyAddr;
            call WideCharToMultiByte;
            jmp[MyJmp];
        }
    
    
    }
    void __declspec(naked)MyWideChar1()
    {
        static DWORD MyAddr = 0x3A8;
        static DWORD MyJmp = 0x00A34B16;
        __asm
        {
            push MyAddr;
            call WideCharToMultiByte;
            jmp[MyJmp];
        }
    }
    
    
    void __declspec(naked)MyMultiByte()
    {
        static DWORD MyAddr = 0x3A8;
        static DWORD MyJmp = 0x0051e973;
        
        __asm
        {
        push eax;
        push 0;
        push MyAddr
        call dword ptr ds : [0x137E210];
        jmp[MyJmp];
        }
    }
    
    
    
    
    void __declspec(naked)MyMultiByte1()
    {
        static DWORD MyAddr = 0x3A8;
        static DWORD MyJmp = 0x0051E9B3;
        __asm
        {
            push eax;
            push 0;
            push MyAddr;
            call dword ptr ds : [0x137E210];
            jmp[MyJmp];
        }
    }
    
    
    
    
    // -------------------------------------------------------------------------------
    void __declspec(naked) muSendPacket(BYTE* buff, int len)
    {
        __asm
        {
            PUSH EBP;
            MOV EBP, ESP;
            MOV EAX, len;
            PUSH EAX;
            PUSH buff;
            MOV ECX, DWORD PTR DS : [MU_SENDER_CLASS];
            MOV EDX, MU_SEND_PACKET;
            CALL EDX;
            MOV ESP, EBP;
            POP EBP;
            RETN;
        }
    }
    void SendPacket(BYTE* lpMsg, DWORD size, int enc, int unk1)
    {
        
        //if (lpMsg[2] == 0x0E || lpMsg[2] == 0x03 || lpMsg[2] == 0x19 || lpMsg[2] == 0x32)
        //{
        //    lpMsg[0] = 0xC3;
        //}
        static BYTE send[8192];
    
    
        memcpy(send, lpMsg, size);
        if (enc)
        {
            if (lpMsg[0] == 0xC1)
            {
                BYTE save = lpMsg[1];
    
    
                lpMsg[1] = (*(BYTE*)(MAIN_PACKET_SERIAL))++;
    
    
                size = gPacketManager.Encrypt(&send[2], &lpMsg[1], (size - 1)) + 2;
    
    
                lpMsg[1] = save;
    
    
                send[0] = 0xC3;
                send[1] = size;
            }
            else if (lpMsg[0] == 0xC2)
            {
                BYTE save = lpMsg[2];
    
    
                lpMsg[2] = (*(BYTE*)(MAIN_PACKET_SERIAL))++;
    
    
                size = gPacketManager.Encrypt(&send[3], &lpMsg[2], (size - 2)) + 3;
    
    
                lpMsg[2] = save;
    
    
                send[0] = 0xC4;
                send[1] = HIBYTE(size);
                send[2] = LOBYTE(size);
            }
        }
        muSendPacket(send, size);
    }
    void ParsePacket(void* PackStream, int unk1, int unk2)
    {
        BYTE* buff;
        while (true)
        {
            __asm {
                MOV ECX, PackStream;
                MOV EDX, PARSE_PACKET_STREAM;
                CALL EDX;
                MOV buff, EAX;
            }
            if (!buff)
                break;
    
    
            BYTE DecBuff[7024];
            unsigned int DecSize;
    
    
            int proto;
            int size;
            int enc;
    
    
    
    
            switch (buff[0])
            {
            case 0xC1:
                proto = buff[2];
                size = buff[1];
                enc = 0;
                break;
            case 0xC2:
                proto = buff[3];
                size = *(WORD*)&buff[1];
                enc = 0;
                break;
            case 0xC3:
                enc = 1;
                size = buff[1];
                DecSize = gPacketManager.Decrypt(&DecBuff[1], &buff[2], size - 2);
                DecBuff[0] = 0xC1;
                DecBuff[1] = DecSize + 2;
                size = DecSize + 2;
                buff = DecBuff;
                proto = DecBuff[2];
                break;
            case 0xC4:
                enc = 1;
                size = MAKEWORD(buff[2], buff[1]);
                DecSize = gPacketManager.Decrypt(&DecBuff[2], &buff[3], size - 3);
                DecBuff[0] = 0xC2;
                DecBuff[2] = LOBYTE(DecSize + 3);
                DecBuff[1] = HIBYTE(DecSize + 3);
                size = DecSize + 3;
                buff = DecBuff;
                proto = buff[3];
                break;
            }
    
    
            if (unk1 == 1)
            {
                typedef int(*tProtocolCore2)(int, int, BYTE*, int, int);
                tProtocolCore2 ProtocolCore2 = (tProtocolCore2)PROTOCOL_CORE1;
                ProtocolCore2(unk2, proto, buff, size, enc);
            }
            else
            {
                typedef int(*tProtocolCore)(int, BYTE*, int, int);
                tProtocolCore ProtocolCore = (tProtocolCore)PROTOCOL_CORE2;
                bool bUseClientProtocolCore = CliProtocolCore(buff, proto, size, enc); // DLL protocolcore
                if (bUseClientProtocolCore)
                {
                    ProtocolCore(proto, buff, size, enc); // Main.exe protocolcore
                }
    
    
            }
    
    
    
    
        }
    }
    The Client DLL look like a decompiled source from IGC.DLL ?
    I don't know where your source code comes from.
    They got your PC. RIP ! :P

  6. #6
    Registered florus is offline
    MemberRank
    Jan 2017 Join Date
    18Posts

    Re: [Development] Season XII Source Chinesse Team - based on X-TEAM

    Anyone have link for
    1.18.70 client?

  7. #7
    Hardcore Member Pyke is offline
    MemberRank
    Sep 2007 Join Date
    PolandLocation
    102Posts

    Re: [Development] Season XII Source Chinesse Team - based on X-TEAM

    Uplouding the Client Files, i will edit this post :) @lst thank you

    Client link: mega.nz
    Last edited by Pyke; 24-09-18 at 12:24 PM.

  8. #8
    Newbie lst is offline
    MemberRank
    Sep 2018 Join Date
    3Posts

    Re: [Development] Season XII Source Chinesse Team - based on X-TEAM

    I only have this link


    链接: https://pan.baidu.com/s/1DIL33J2g_8DHomssmajgpw 提取码: 8nwb

    - - - Updated - - -

    Encryption and decryption use XTeam, Protrcol uses IGC

  9. #9
    Registered florus is offline
    MemberRank
    Jan 2017 Join Date
    18Posts

    Re: [Development] Season XII Source Chinesse Team - based on X-TEAM

    Quote Originally Posted by lst View Post
    I only have this link
    Quote Originally Posted by lst View Post





    链接:
    Quote Originally Posted by lst View Post
    https://pan.baidu.com/s/1DIL33J2g_8DHomssmajgpw
    提取码: 8nwb



    - - - Updated - - -




    Encryption and decryption use XTeam, Protrcol uses IGC




    Can you share your HookManager? need methods like GetBuffer,
    setNumeric,HookThis_JMP and other

  10. #10
    Registered bolliks is offline
    MemberRank
    Apr 2005 Join Date
    16Posts

    Re: [Development] Season XII Source Chinesse Team - based on X-TEAM

    Can you please post libery for compiling source ?

  11. #11
    ^_^ ashlay is offline
    True MemberRank
    Jun 2010 Join Date
    BrazilLocation
    656Posts

    Re: [Development] Season XII Source Chinesse Team - based on X-TEAM

    Well i have made some progress.

  12. #12
    Newbie lst is offline
    MemberRank
    Sep 2018 Join Date
    3Posts

    Re: [Development] Season XII Source Chinesse Team - based on X-TEAM

    Quote Originally Posted by florus View Post




    Can you share your HookManager? need methods like GetBuffer,
    setNumeric,HookThis_JMP and other
    Xteam Client source Copy

  13. #13
    Registered xuanthanhyt is offline
    MemberRank
    May 2016 Join Date
    11Posts

    Re: [Development] Season XII Source Chinesse Team - based on X-TEAM

    Quote Originally Posted by ashlay View Post
    Well i have made some progress.
    Plz, share full server and client, thanks

  14. #14
    LTP-Team.com LTPTeam is online now
    True MemberRank
    Feb 2013 Join Date
    UkraineLocation
    541Posts

    Re: [Development] Season XII Source Chinesse Team - based on X-TEAM

    Quote Originally Posted by lst View Post
    Xteam Client source Copy
    x-team client dont have it. I found it in IGCN sources.

  15. #15
    Registered shadfly is offline
    MemberRank
    Aug 2018 Join Date
    8Posts

    Re: [Development] Season XII Source Chinesse Team - based on X-TEAM

    Quote Originally Posted by ashlay View Post

    Well i have made some progress.
    Quote Originally Posted by ashlay View Post

    You can share main 1.18.70 cracked
    Last edited by shadfly; 25-09-18 at 07:23 AM. Reason: null



Page 1 of 15 12345678911 ... LastLast

Advertisement