Good then, i compared old mains with the new one and the functions are different on how it gets the server list and connects.
Printable View
Good then, i compared old mains with the new one and the functions are different on how it gets the server list and connects.
send me offsets of this functions, and im go work to see the structs inside.
00653DA0 //Success Receive Server List.(Totaly changed)
006585E0 //Send Request Server List.(This one is like in old mains but different bytes in some places)
the packet is like muglobal... with vip system...
Hope you guys can figure out the issue, so we can enjoy the JPN client S6 :)
Keep good work!
Yeah its the same like global, but not the same like other japan mains.Quote:
Originally Posted by willerson
What version is this?season 6 episode 2?
i have made progress, but gameserver doesnt send login screen for now, connectserver is Ok, it have a new Byte Variable...
Link Of ConnectServer, Credits to BoR Team for source, and i to research the new protocol and implant on source.
http://www.megaupload.com/?d=AR8K4I7F
Att. Willerson
I was thinking maybe the xor keys are changed like they did with the korean mains.
hmm, and how to change this, you have an idea to make this?
This are the new xorkeys used by the new kor mains.
In gs.90 you can find them here:Code:
byXorFilter[0] = 0xAB;
byXorFilter[1] = 0x11;
byXorFilter[2] = 0xCD;
byXorFilter[3] = 0xFE;
byXorFilter[4] = 0x18;
byXorFilter[5] = 0x23;
byXorFilter[6] = 0xC5;
byXorFilter[7] = 0xA3;
byXorFilter[8] = 0xCA;
byXorFilter[9] = 0x33;
byXorFilter[10] = 0xC1;
byXorFilter[11] = 0xCC;
byXorFilter[12] = 0x66;
byXorFilter[13] = 0x67;
byXorFilter[14] = 0x21;
byXorFilter[15] = 0xF3;
byXorFilter[16] = 0x32;
byXorFilter[17] = 0x12;
byXorFilter[18] = 0x15;
byXorFilter[19] = 0x35;
byXorFilter[20] = 0x29;
byXorFilter[21] = 0xFF;
byXorFilter[22] = 0xFE;
byXorFilter[23] = 0x1D;
byXorFilter[24] = 0x44;
byXorFilter[25] = 0xEF;
byXorFilter[26] = 0xCD;
byXorFilter[27] = 0x41;
byXorFilter[28] = 0x26;
byXorFilter[29] = 0x3C;
byXorFilter[30] = 0x4E;
byXorFilter[31] = 0x4D;
004B3032 |> C645 D8 AB MOV BYTE PTR SS:[EBP-28],0AB
and
004B3201 |> C645 DC AB MOV BYTE PTR SS:[EBP-24],0AB
Don't know how to find these in the japan main...
see this ^^
00684C0D |. C64424 20 E7 ||MOV BYTE PTR SS:[ESP+20],0E7
00684C12 |. C64424 21 6D ||MOV BYTE PTR SS:[ESP+21],6D
00684C17 |. C64424 22 3A ||MOV BYTE PTR SS:[ESP+22],3A
00684C1C |. 8808 ||MOV BYTE PTR DS:[EAX],CL
00684C1E |. 8B8424 B80100>||MOV EAX,DWORD PTR SS:[ESP+1B8]
00684C25 |. 25 FFFF0000 ||AND EAX,0FFFF
00684C2A |. C64424 23 89 ||MOV BYTE PTR SS:[ESP+23],89
00684C2F |. C64424 24 BC ||MOV BYTE PTR SS:[ESP+24],0BC
00684C34 |. C64424 25 B2 ||MOV BYTE PTR SS:[ESP+25],0B2
00684C39 |. 8D48 01 ||LEA ECX,DWORD PTR DS:[EAX+1]
00684C3C |. C64424 26 9F ||MOV BYTE PTR SS:[ESP+26],9F
00684C41 |. 3BC1 ||CMP EAX,ECX
00684C43 |. C64424 27 73 ||MOV BYTE PTR SS:[ESP+27],73
00684C48 |. C64424 28 23 ||MOV BYTE PTR SS:[ESP+28],23
00684C4D |. C64424 29 A8 ||MOV BYTE PTR SS:[ESP+29],0A8
00684C52 |. C64424 2A FE ||MOV BYTE PTR SS:[ESP+2A],0FE
00684C57 |. C64424 2B B6 ||MOV BYTE PTR SS:[ESP+2B],0B6
00684C5C |. C64424 2C 49 ||MOV BYTE PTR SS:[ESP+2C],49
00684C61 |. C64424 2D 5D ||MOV BYTE PTR SS:[ESP+2D],5D
00684C66 |. C64424 2E 39 ||MOV BYTE PTR SS:[ESP+2E],39
00684C6B |. C64424 2F 5D ||MOV BYTE PTR SS:[ESP+2F],5D
00684C70 |. C64424 30 8A ||MOV BYTE PTR SS:[ESP+30],8A
00684C75 |. C64424 31 CB ||MOV BYTE PTR SS:[ESP+31],0CB
00684C7A |. C64424 32 63 ||MOV BYTE PTR SS:[ESP+32],63
00684C7F |. C64424 33 8D ||MOV BYTE PTR SS:[ESP+33],8D
00684C84 |. C64424 34 EA ||MOV BYTE PTR SS:[ESP+34],0EA
00684C89 |. C64424 35 7D ||MOV BYTE PTR SS:[ESP+35],7D
00684C8E |. C64424 36 2B ||MOV BYTE PTR SS:[ESP+36],2B
00684C93 |. C64424 37 5F ||MOV BYTE PTR SS:[ESP+37],5F
00684C98 |. C64424 38 C3 ||MOV BYTE PTR SS:[ESP+38],0C3
00684C9D |. C64424 39 B1 ||MOV BYTE PTR SS:[ESP+39],0B1
00684CA2 |. C64424 3A E9 ||MOV BYTE PTR SS:[ESP+3A],0E9
00684CA7 |. C64424 3B 83 ||MOV BYTE PTR SS:[ESP+3B],83
00684CAC |. C64424 3C 29 ||MOV BYTE PTR SS:[ESP+3C],29
00684CB1 |. C64424 3D 51 ||MOV BYTE PTR SS:[ESP+3D],51
00684CB6 |. C64424 3E E8 ||MOV BYTE PTR SS:[ESP+3E],0E8
00684CBB |. C64424 3F 56 ||MOV BYTE PTR SS:[ESP+3F],56
its in main, i think this is the key...
Yeah those are, then the xor key is not changed.
In muerror.log from main i get a new one from the gs this time
And also have this semi login window that is saying :"Please wait."Code:[Connect to Server] ip address = 192.168.2.100, port = 55911
>WIC_[Require]Cash - 3シュケヘタヌ チ「シモチセキ・
http://img855.imageshack.us/img855/2...2310000.th.jpg
Uploaded with ImageShack.us
i bypassed this screen, show the screen of login, i put my login and password and but nothing happens... if you thest this, the offsets are
//Crack CmStarterCore
*(BYTE*)0x00476382 = 0x90;
*(BYTE*)0x00476383 = 0x90;
*(BYTE*)0x0040A5C5 = 0xE9;// /E9 C4000000 JMP main_hoo.0040A68E
*(BYTE*)0x0040A5C6 = 0xC4;
*(BYTE*)0x0040A5C7 = 0x00;
*(BYTE*)0x0040A5C8 = 0x00;
*(BYTE*)0x0040A5C9 = 0x00;
*(BYTE*)0x0040A5CA = 0x90;// |90 NOP
Att. Willerson
change this
Quote:
Originally Posted by willerson
to this
Code:0049AE9B 90 NOP
0049AE9C 90 NOP