- Joined
- Apr 16, 2014
- Messages
- 107
- Reaction score
- 0
How to Disable Mount Bug.
Most visitors online was 8830 , on 6 Feb 2024
Mount Bug
- Thread starter rogers1973
- Start date
- Joined
- Oct 16, 2004
- Messages
- 895
- Reaction score
- 96
YOu have 2 options which I believe you cant do it by yourself.1. Disable the function directly from client.
2. attach a DLL that prevents the said function.
Upvote
0
- Joined
- Apr 16, 2014
- Messages
- 107
- Reaction score
- 0
hmm. what surya did is they put cooldown when using the mount. and i try it, i put cooldown in my param but no success effect failed ??????
hmm. what surya did is they put cooldown when using the mount. and i try it, i put cooldown in my param but no success effect failed
hmm. what surya did is they put cooldown when using the mount. and i try it, i put cooldown in my param but no success effect failed
Upvote
0
What surya did was monitor the request to mount and to equip server side, they extracted the information and stored each occurrence with a timestamp. That way every time the request was made they could see if it was 5 sec before or after the last request of the same nature. If it was less, the user would be notified of a cool down and the request was discarded. They also kept track of how many requests and disconnected the user if they exceeded 10.
Info about the mount request can be extracted from 0x48BE87, information about the mount equip / unequip can be extracted from 0x43DBA0.
Upvote
0
- Joined
- Jan 4, 2011
- Messages
- 83
- Reaction score
- 25
LOL you have confirmed what I always knew: Pablo and Cynthia don't know anything about coding.
First of all the bug occurs because both request are done at same time, not with sec diff. I suppouse they think is secs diff because they just based on the logs registered by the server.
and the way to solve it don't need to register anything, just to fix the error in the server code, that for sure they didn't figure out, where the error is.
By fixing the error, you don't need to disconnect the user (because there is no bug xD). Of course you can keep a track of who tried to do the bug, and send a msg, as I do, on the history chat, so the user knows you catch him trying to do the bug.
Here is a video of the mount bug fixed on my Test Server:
I made the video with the char LaNeNa most hate xD.
Dupe on mail and dupe on drops are fixed too
Oh and btw, the equip always occurs at server side,so don't know what you mean with "and to equip server side". client req to equip -> server equips and send response back -> client process response.
Last edited:
Upvote
0
- Joined
- Apr 16, 2014
- Messages
- 107
- Reaction score
- 0
can you share the offset ma'am? if its okay, thank you.
Upvote
0
I am not sure what the point was of anything you said, a problem existed and a solution was created that resolved the problem. What does either of those things have to do with attacking someone personally?
@Panyawan: Again, what is the problem with a solution that works?
@rogers1973: The offsets I provided will allow you to do precisely what I said, they are for the zoneserver.
Upvote
0
- Joined
- Jan 4, 2011
- Messages
- 83
- Reaction score
- 25
Attacking because I said they don't know anything about coding? or because I said their names? there is no secret on who manage that Surya server (including their son).
You came here saying the solution they did to "manage the bug", yes manage, because what you said they did is not a fix, neither an answer to the guy who started this thread. As I understand you, they just went to the offsets where server handles the register of the LOGs, and took that info to make records of the mount, unmount, then check the time interval and blablabla. Why the hell will you do all that? (w/o fixing the bug) when the solution to fix it resides in 4 BYTES which have wrong data, and on the CMP.
Now.. do you understand why I said they don't know anything about coding?
Have a nice day!!
As I showed in other thread, my zone offsets are not the same, so you will do nothing with my offset.
If you want to fix the bug, find the offset where the server receive the mount request (I have posted time before how to find that with a video here in RZ), then read the code, understand it, and make the corrections, either by HEX editing or by hooking the offset with a custom dll, that depend on your preference.
Regards
Upvote
0
Attacking for any and all reasons, the information you provided is irrelevant to the subject at all.
As to the way you think the fix worked, that is incorrect. The offsets I provided have nothing to do with the log files at all.
Address 0x48BE87 gets called every single time someone tries to use a mount, before it is processed. When it is called the EDI register contains the player id number. You can create an array of structures for each possible player and use the player id to reference the player actions.
struct PlayerMounts{ int ID; int MsgCount; clock_t LastUse;};
When the action is used, check the structure to see if the player id has a LastUse time set, if it does not, set it to the current time and process normally. If the LastUse is under your desired time limit, call SendClientMessage and give them some sort of notice, and set the EDI register to 0x3E9, this will prevent the call from processing. If the LastUse is over your desired time limit, set the LastUse to the current time and process the request as normal.
Additionally you can use MsgCount to keep track of how many times they have attempted to mount / unmount in a specific duration and disconnect them if you see fit since after all they are attempting to abuse a bug for gains.
Upvote
0
- Joined
- Jan 4, 2011
- Messages
- 83
- Reaction score
- 25
LOL so now you will teach me How server works?
Seems that you are codecaving using ASM, because what you said about reading and modifying EDI register and that your dll works with trigger events. I don't code that way, I code in C# and Marshaling native functions, which I think simplifies things a lot, someone can say is the same thing, because both (actions and marshaling) use delegates, but as my understanding they are not the same thing, because with marshaling you are running unmanaged code inside managed code and viceversa, while with actions you can't do that.
Regards
Seems that you are codecaving using ASM, because what you said about reading and modifying EDI register and that your dll works with trigger events. I don't code that way, I code in C# and Marshaling native functions, which I think simplifies things a lot, someone can say is the same thing, because both (actions and marshaling) use delegates, but as my understanding they are not the same thing, because with marshaling you are running unmanaged code inside managed code and viceversa, while with actions you can't do that.
Regards
Last edited:
Upvote
0
Who said anything about teaching anyone how the server works?
Frankly I don't care how you choose to write the code you do in regards to fixing or changing things. Everyone has their own methods, requirements, and preferences in coding, that's what makes it great. You are attempting to turn every comment into an argument for superiority and frankly it should be beneath you.
Here for example is my kickout command.
Code:
void CloseUser(int conn)
{
DWORD baseAddress = (DWORD)GetModuleHandle ("zonesrv.exe");
DWORD Address = baseAddress + 0x66E60;
DWORD temp;
__asm
{
MOV temp, ESP
MOV EAX, conn
PUSH EAX
CALL Address
MOV ESP, temp
}
}As to setting the connection id to 1001, a check exists within the function to verify if the connectionID is valid before it is processed, by setting it to 1001 it is outside the bounds which causes the zonesrv to skip the request.
Upvote
0
- Joined
- Jan 4, 2011
- Messages
- 83
- Reaction score
- 25
As I said.. you are codecaving in ASM
Regards
Regards
Last edited:
Upvote
0
No issue exists with changing the compared ID of the current player in the middle of the function.
What is the point of how you kick users? Are you trying to say yours achieves some different effect just because your function is longer? This is all it takes.
Code:
SendClientMessage(CurrentPlayer, "Connection Closed.");
CloseUser(CurrentPlayer);As to why I have not posted mine, I posted everything that is needed to do it in this thread. The address you can hook, the variable to extract, and the logic needed to make it work. I have not posted my code verbatim because it is built into a plugin framework for dynamic deployment and the functions will obviously not work without the complete code. All code snips are C++ friendly, I cannot attest to them working on C#.
Code:
__asm
{
POP RetAddr
MOV BYTE PTR DS:[EBX + 0x0C], 0
MOVZX EAX, BYTE PTR DS:[EBX + 0x0D]
MOV CurrentPlayer, EDI
PUSHAD
PUSHFD
}
//Call your function to process the current player here, if you want the mount to success, make sure CurrentPlayer is returned with their real player id, otherwise just set it to 1001.
__asm
{
POPFD
POPAD
MOV EDI, CurrentPlayer
PUSH RetAddr
ret
}
Upvote
0
- Joined
- Jan 4, 2011
- Messages
- 83
- Reaction score
- 25
Thats what you want to believe, and if is ok for you, then continue doing that. I just want to let others (those that dont know about coding) know that doing that is a BIG mistake on the code. Those who knows about programming well know that to avoid server process the request, you just need to do a return. Of course you cannot do that return because the way you are codecaving.
Probably you are confuse with my kickout function and for that you think is longer than yours. If you read it again you will see that on the declaration, the flag of kickout is set by default to false, what means that i do not kickout anyone unless i decide to kick. so what it does by default is just to send a message to the client.
Now if we talk about any of the delegates i use in my code, none of then are longer, all them are shorter than yours, because what i do is a call to the original function, I don't have the need as you do, to rewrite the function.
No you didn't, but I think no one cares you didn't. As you said previously, every one have its own way of coding, all i have to add to that, is that those ways depends a lot on how good you are in understanding the code you are fixing.
Last edited:
Upvote
0
If that's what you want to believe, keep believing it, but I just want to let the others know that it does not create a problem at all for that function. Once the function is returned the reference to the id is disregarded, it does not carry over to any other function and is destroyed. Also, I can trigger a return by jmping to the end of the function if needed.
I am not referring to your function in which you process the mount bug trigger, I was referring to how you kept going on and on about your kick function?
I don't have to rewrite the functions ever, as you can see from my posted function, I call the original game function with the required original arguments and let the server process it as it would normally.
Really?
But hey, keep on doing you!
Upvote
0
- Joined
- Jan 4, 2011
- Messages
- 83
- Reaction score
- 25
Got it!!. Hope anyone who reads this thread follow your code. You are the best dTantra!! same as you was (if was you) when disabled mail, ZP and portals to avoid dupes, instead of fixing the real problem that cause the dupe issue.
Hope you feel better since I already deleted how I did for fixing
BTW would you show me the way you manage buff/debuff bug? or you didn't fix that too. Im just curious on what solution you have for that bug, because my server already have it fixed.
Superiority? Yesssssss, because even all things your team (or the team were you belonged => "Damodar's team") do to me, Im still alive since 6 years from now, w/o ever do a roll back or changing name to hide from ppl and so on.
Regards
Hope you feel better since I already deleted how I did for fixing
BTW would you show me the way you manage buff/debuff bug? or you didn't fix that too. Im just curious on what solution you have for that bug, because my server already have it fixed.
Superiority? Yesssssss, because even all things your team (or the team were you belonged => "Damodar's team") do to me, Im still alive since 6 years from now, w/o ever do a roll back or changing name to hide from ppl and so on.
Regards
Last edited:
Upvote
0
- Joined
- Apr 16, 2014
- Messages
- 107
- Reaction score
- 0
chill guys.both of you are a good developer. by the way dtantra what software did you use to read that code.
sorry im newbie ??????
sorry im newbie ??????
Upvote
0
RaGEZONE Sponsor
