To people that research the .mrf files

[Cain142]

open the client in ollydbg or IDA pro

first of all change this line into JMP
0062FC5F 75 26 JNZ SHORT 0062FC87

it is to make it so client will start without any parameter from the launcher

next go to this offset
00633F40 /$ 6A FF PUSH -1

Put a breakpoint on it then run the client through the debugger
when it breaks trace forward a while and you will end up at the decryption of the filesystem.

 

[Phant0m]

Seems interesting
Thanks!

 

[Cain142]

The raiderz client is quite easy to follow code in.
If you like to look at the decrypted data in the packets just BP send then try login to server and it will break then follow through the return back to client and browse up in the code and you will see where the packet encryption starts for the SEND() function. Put a breakpoint at the start of it and you can look at the decrypted send info. Quite usefull to see information sent at login and validation of version info if you want to make a custom made client that can only be used on your own server blocking out any usage of other clients.

And ofcourse some modifications in version data needs to be changed on server side aswell to match up with your changes on client. But it shouldnt be any big problem locating that either just follow version string