Main 1.05D+ GameGuard

[vcorp]

First of all donwnload the 1.05D+ patch from here: FTP mukorea

then you need ollydbg to continue. download it here

Ok extract the patch, open ollydbg and press F3 and locate the main.exe (and wait)

After finish loading, press dx mouse button, Search for->All referenced text string
after finshed search on new windows press home butto to go to start of the list
then ctrl+l or click dx mouse -> search for text

and write: mu.exe (without the marker on case sensitive) press ok and press three times ctrl+l
then double click on ascii mu.exe to go to thet offset.

here is the situation: change on the offset 005E5200 JNZ with JMP
""""""""" this step is for bypass mu.exe autoupdater. """""""""""

Code:

005E5200   . EB 55          JMP SHORT Main.005E5257
005E5202   . 68 04328500    PUSH Main.00853204                       ; /Arg2 = 00853204
005E5207   . 68 D802FE07    PUSH Main.07FE02D8                       ; |Arg1 = 07FE02D8
005E520C   . E8 600D0C00    CALL Main.006A5F71                       ; \Main.006A5F71
005E5211   . 83C4 08        ADD ESP,8
005E5214   . 68 142C8500    PUSH Main.00852C14                       ;  ASCII "mu.exe"

to do this just select the line and press space bar or double click it
after that press return, then close the little editor window and press ctrl+a for reanalize the code.

Now click with dx mouse button on the new code created and select:
copy to executable->Selection
in new window do the same, click with dx mouse button on selected line and click on save file.
Name it what you want ex: main_c.exe and click on save button.

ok press alt+F2 (this stop the debugging)

Press F3 and open your new saved main...

Next step is to disable resource guard (because if is enabled you can't play in most case)
ok here we go,
Search for->All referenced text string
in the window of the referenced text string press home button
then click dx mouse -> search for text and search for: resource

after locate: ascii resourceguard error double click on it to go to thet offset

here is the situation: change on the offset 0060112F JE with JMP

Code:

0060112F   . EB 47          JMP SHORT Main.00601178
00601131   . B9 C04BFE07    MOV ECX,Main.07FE4BC0
00601136   . E8 F55C0300    CALL Main.00636E30
0060113B   . 8D9424 8C09000>LEA EDX,DWORD PTR SS:[ESP+98C]
00601142   . 52             PUSH EDX                                 ; /Arg3
00601143   . 68 2C418500    PUSH Main.0085412C                       ; |Arg2 = 0085412C ASCII "> ResourceGuard Error!!(%s)
"
00601148   . 68 D802FE07    PUSH Main.07FE02D8                       ; |Arg1 = 07FE02D8
0060114D   . E8 1F4E0A00    CALL Main.006A5F71                       ; \Main.006A5F71
00601152   . 83C4 0C        ADD ESP,0C
00601155   . 8D4C24 54      LEA ECX,DWORD PTR SS:[ESP+54]

then do the same step to save this new mod.
now you have a cracked and working main with gameguard enabled.

here is the link to download the gameguard folder.
here is the link to download the main with gameguard enabled.
remember to use the file provided with every update named: GameGuard.des

if some one want to understand how to bypass gameguard too i can make another little guide.

P.S. sorry for error but i'm italian ;)

edited:
try to download all the dll needed by client: gg_and_client_dll
GameGuard don't work if main is packed

[MentaL]

[Gembrid]

approved

[clamp]

10/10 but i think this is for Guide section :) very uslesss

[vcorp]

this is release because i releasing gameguard working folder ;)

and in the mean time a little explanation on how to make yourself the work.

[Maxim.T]

Woah , the gameguard will work ? I mean , it will protect us from hacks ?

[vcorp]

yes work and work well.

[andsnake]

Nice Release mate:P 10/10

[Booms]

Respect dude !!
10/10 :))
Thanks very usefull and working...

[vcorp]

this is good and is too good if you enable gameserver with checksum on main, because
bypass gameguard it's a kid game ;)

but if you make checksum of main on server side , then player can only login with your main!!!

[Shatter]

i dont see how it works since nProtect uses some kind of IP Protection in the system i guess, cause if you use main with GG enabled and try to enter your server it shows 10-20 different worlds and when u try to enter it DC's

[vcorp]

change ip in main with your, because if you see more server you are connecting on mu korea server.

[Booms]

yep for me work fine, GG shutdown a winmode too :)
realy GG ban acc or just its a warning ?

[vcorp]

it's a warning only..

I forget to say this:

Don't pack main.exe or gg can't work!!!

[TeenSpirit]

I'm have this error ( use your main with enable gg)



Translate:
rundll32.exe - Application Error
Instruction at "0x50662e62" referenced memory at address "0x009529b0". The memory could not be "read"
OK - Completion of an application

[vcorp]

do you have some debugger open ?
for me work well check ss:







try to download all the dll needed by client: gg_and_client_dll

[neo6]

maybe someone have translated text.bmd?

[Shatter]

im gettin' GG error 114

[Booms]

vcorp, how it work with GameServer ?
i mean GS will use more CPU, if it run with GG on the same PC,
maybe this only for players ? in task i cant see main.exe but GS use more and more CPU like a hell.

this pic from site

[vcorp]

yes gg hide main for make it safe from cheater!!!
and gameserver check only if checksum of main.exe is same as you have created..
the rest of the work is on client...

[Shatter]

any idea of the GG Error 114?

[vcorp]

yes in most case you need to reboot your pc ^_^
and use only original main (not packed or unpacked)

[Shatter]

working fine now, but when i enter to my char it disconnects immediately (i cant even see my stuff ^.^)

[vcorp]

have you bypassed the resourceguard ?

[Shatter]

it seems that if i disable resourceguard i get GG error 114 ^.^ but if its enabled i get DC ingame >.<

[auxmu775]

solved ^^