re: LastChaos EP2 Emulator to be
Hi guys,
How to change The IP of the Client:
You must be registered to see links
Before starting:
If you do not have win32dasm with patch v3.0 final:
Do not look at exported Functions(just skip them), only imported functions.
open engine.dll with win32dasm
refs->string references->
search for "ETRSCannot get local adderss on"
scroll up 4 "References to"
and you will see something like
test eax, eax
jne xxxxxxxx
write down the address of jne xxxxxxxx
close win32dasm
open engine.dll with OllyDbg
rightclick on the CPU main thread window ->Go to->Expression
write the address there ->ok
modify the line
fom JNZ XXXXXXXX into JMP XXXXXXXX
You must be registered to see links
Works with any Version, Tested on version 1500(latest one) from Aeria
About the encryption
A few months ago I did some testing on the Engine.dll, and found this.
CMessageDispatcher::SendToServerNew(class CNetworkMessage const &,int)on client v1500 address 101322f0
And accessed this function at the end of the encryption:
CCommunicationInterface::Client_Send_Unreliable_New(void const *,long,int) on client v1500 address 10129420
This for receiving:
CMessageDispatcher::ReceiveFromServerNew(class CNetworkMessage &) address 101325b0
Who accesses the :
CCommunicationInterface::Client_Receive_Unreliable_New(void *,long &,long &)address 101294b0 data that comes from server.
Other useful stuff:
Calculating the client Version from vtm.brn:
version=((int32)-27)/3
Starting the client without using the launcher.
/Bin/Nksp.exe 4022
Editing The sl.dta, lccnct.dta
PHP:
Byte Header[19]={0xA8,0x45,0xE5,0x4F,0x22,0xA1,0xAD,0x5F,0x00,0x00,0xA0,0xAE,0x5F,0x00,0x00,0xCA,0x5F,0x00,0x00};//for sl.dta
//Byte Header[19]={0x04,0x09,0xEB,0xA4,0xC6,0x2E,0x7F,0x67,0x00,0x00,0x1A,0x80,0x67,0x00,0x00,0x9E,0x67,0x00,0x00}; //for Lccnct.dta
char str[]="test 192.168.137.12 4001";//
//Encrypt :
key=Header[10];
for(i=0;i<str.length;i++){
str[i]=str[i]+key;
key=str[i]-key;
}
Stream=Header+str;
//Decrypt:
key=Header[10];
for(i=0;i<str.length;i++){
str[i]=str[i]-key;
key=str[i]+key;
}
Stream=Header+str;
Hope this helped a little.