Unmaskign admins/dev's

[StefanCandan]

Ok, I've got far on the unmasking, currently devs/adminsa re unmasked in :
Ingame Chat
Ingame Score Screen(TAB)
Clan screen
Gameroom, player list only
lobby, player list only

So Now I need to find out how to unmask the chats in gameroom and lobby,

Any help? If you could get me the adresses to change, or 1 adress that is close to it (Xiao's Runnable)
I'd be gratefull

Not asking you guys to get the whole block, and edit it etc.

Just need an adress, so I can do it myself. Thats how I learn asm atm o.o

[MentaL]

[Donald Duck]

Search for ^4, you'll find %s : %s, that's the admin chat output.

[StefanCandan]

How to search for ^4? I'm fairly new to asm.. xD

[Trilest]

004A929E

For the admins chat. I forgot wether it is for the lobby or game room or both ^_^.

[StefanCandan]

004A929E

For the admins chat. I forgot wether it is for the lobby or game room or both ^_^.

Thanks, I'll be able to work from there.

[Trilest]

Thanks, I'll be able to work from there.

Just simple nop the adress ;)

[StefanCandan]

Woudl that work?

I want it to show the name in the color, but not the Administrator/Dev text over it. so I'm doing some stuff around it, changing je's to jmps, nopping a few adresses, adding eax's, etc. Done soon, will check if my way worked xD

[Trilest]

Woudl that work?

I want it to show the name in the color, but not the Administrator/Dev text over it. so I'm doing some stuff around it, changing je's to jmps, nopping a few adresses, adding eax's, etc. Done soon, will check if my way worked xD

Rofl to unmask in the chat just nop that adress ?

[StefanCandan]

o.o I did it my way, and it didnt show my chats anymore, lol xD

[Trilest]

o.o I did it my way, and it didnt show my chats anymore, lol xD

lolled pro. Happened to me aswel when I found it out, I worked 1 week at that adress and I just needed to simply nop it oO

[StefanCandan]

Now to restore the original code, and nop that adress xD

[StefanCandan]

Can't find edit button, soz for dp

That adress, when I nopped it, my ingame name when I chat went all weird. like alt codes. But there are no alt codes in ym name.

[Trilest]

Can't find edit button, soz for dp

That adress, when I nopped it, my ingame name when I chat went all weird. like alt codes. But there are no alt codes in ym name.

oO Weird, It worked fine for me.

[StefanCandan]

I changed the adress above it, it was including the nop in there, so maybe it works now. And It didn't do anything in lobby/gameroom.. just ingame.

[own_prox]

nop the adderess then put this there
004A9298 . 8D97 48030000 LEA EDX,DWORD PTR DS:[EDI+348]
004A929E . 90 NOP

[StefanCandan]

I've got that, but it doesn 't do anything.

[Wucas]

Ingame Score Screen(TAB)
Clan screen

Help me on those?

[StefanCandan]

Anyone can help me?

[StefanCandan]

Ok I've redone my client.
Now I need to unmask the following things:

- Lobby chat
- Ingame team chat
- Gameroom chat
- Deaths & Kills
- Duel screen, the who vs who.

Anyone could find me the adresses? o.o

Goes for both Admin & Dev.

And Don't tell me to get that unmasked client, because I want to do it myself, and I can't get any wiser from comparing them. So please, if you could post addies, that would be great.

[sayuta]

Ok I've redone my client.
Now I need to unmask the following things:

- Lobby chat
- Ingame team chat
- Gameroom chat
- Deaths & Kills
- Duel screen, the who vs who.

Anyone could find me the adresses? o.o

Goes for both Admin & Dev.

And Don't tell me to get that unmasked client, because I want to do it myself, and I can't get any wiser from comparing them. So please, if you could post addies, that would be great.

Lobby chat : Search for %s : %s 's
the last %s : %s. take the one where '#_error' is above the %s : %s, i forgot the #
Ingame chat : %s : %s. Search it, first u get 2 after each other, then look for another 2 that are under each other, take the first one.
Gameroom : %s : %s. Mansion' in text references is above, is the Gameroom Chat.

Lobbychat : NOP the text string, PUSH EDI.
Gameroomchat : Edit the binary (somthing with 38) to 20.
Ingamechat : NOP text strings, and kinda copy from the function under it, (Normal one)
Thought i was somthing with ADD EDI,348 or somthing.

Hope this helps.

[StefanCandan]

004A910E |. 84C0 TEST AL,AL
004A9110 |. 74 4D JE SHORT a.004A915F
004A9112 |. 8D4424 70 LEA EAX,DWORD PTR SS:[ESP+70]
004A9116 |. 50 PUSH EAX
004A9117 |. 8D8C24 B404000>LEA ECX,DWORD PTR SS:[ESP+4B4]
004A911E |. 51 PUSH ECX
004A911F |. 8D9424 7802000>LEA EDX,DWORD PTR SS:[ESP+278]
004A9126 |. 68 FC325F00 PUSH a.005F32FC ; ASCII "(Team)%s : %s"
004A912B |. 52 PUSH EDX
004A912C |. E8 DC850C00 CALL a.0057170D
004A9131 |. 8B4C24 44 MOV ECX,DWORD PTR SS:[ESP+44]
004A9135 |. 6A 00 PUSH 0
004A9137 |. 8D8424 8402000>LEA EAX,DWORD PTR SS:[ESP+284]
004A913E |. 50 PUSH EAX
004A913F |. 51 PUSH ECX
004A9140 |. E8 8B0CF8FF CALL a.00429DD0
004A9145 |. 83C4 1C ADD ESP,1C
004A9148 |. 32C0 XOR AL,AL
004A914A |. 8B8C24 B405000>MOV ECX,DWORD PTR SS:[ESP+5B4]
004A9151 |. E8 D87F0C00 CALL a.0057112E
004A9156 |. 5F POP EDI
004A9157 |. 5E POP ESI
004A9158 |. 5B POP EBX
004A9159 |. 8BE5 MOV ESP,EBP
004A915B |. 5D POP EBP
004A915C |. C2 0400 RETN 4
004A915F |> 8B4424 2C MOV EAX,DWORD PTR SS:[ESP+2C]
004A9163 |. 8D5424 70 LEA EDX,DWORD PTR SS:[ESP+70]
004A9167 |. 52 PUSH EDX
004A9168 |. 05 48030000 ADD EAX,348
004A916D |. 50 PUSH EAX
004A916E |. 8D8C24 7802000>LEA ECX,DWORD PTR SS:[ESP+278]
004A9175 |. 68 FC325F00 PUSH a.005F32FC ; ASCII "(Team)%s : %s"
004A917A |. 51 PUSH ECX
004A917B |. E8 8D850C00 CALL a.0057170D
004A9180 |. 8B4424 34 MOV EAX,DWORD PTR SS:[ESP+34]
004A9184 |. 6A 00 PUSH 0
004A9186 |. 8D9424 8402000>LEA EDX,DWORD PTR SS:[ESP+284]
004A918D |. 52 PUSH EDX
004A918E |. 50 PUSH EAX
004A918F |. E8 3C0CF8FF CALL a.00429DD0
004A9194 |. 83C4 1C ADD ESP,1C
004A9197 |. 32C0 XOR AL,AL
004A9199 |. 8B8C24 B405000>MOV ECX,DWORD PTR SS:[ESP+5B4]
004A91A0 |. E8 897F0C00 CALL a.0057112E
004A91A5 |. 5F POP EDI
004A91A6 |. 5E POP ESI
004A91A7 |. 5B POP EBX
004A91A8 |. 8BE5 MOV ESP,EBP
004A91AA |. 5D POP EBP
004A91AB |. C2 0400 RETN 4
004A91AE |> E8 0D2B0000 CALL a.004ABCC0
004A91B3 |. 8A88 C10C0000 MOV CL,BYTE PTR DS:[EAX+CC1]

what do I do there? o.o

[sayuta]

Make jump to the codecave, and copy the normal string etc,

another ADD,###. etc,

OR if u dont want the color, just NOP the admin string & jump to the normal string

[StefanCandan]

Yerr, I need some beginner asm tuts.. I don't even know what the code cave is o.o

[Nobody666]

Yerr, I need some beginner asm tuts.. I don't even know what the code cave is o.o

look at sayutas admin/dev coloring tut. I know you looked at it as you posted in it.

Follow the JMPS you made below the dev line, down to the bottom with the DB 00 lines or w/e. Thats the code cave.

PS. sent you the runnable on TG so you could see what I did to that one line you wanted.