[Release] Downgrading on easy way your MU Client 6.3

[Natzugen]

Here is the source for a dll

Code:

#include "Windows.h"
DWORD OldProtect;


DWORD WriteMemory(const LPVOID lpAddress, const LPVOID lpBuf, const UINT uSize)
{
    DWORD dwErrorCode = 0;
    DWORD dwOldProtect = 0;


    int iRes = VirtualProtect(lpAddress, uSize, PAGE_EXECUTE_READWRITE, &dwOldProtect);


    if (iRes == 0)
    {
        dwErrorCode = GetLastError();
        return dwErrorCode;
    }


    memcpy(lpAddress, lpBuf, uSize);


    DWORD dwBytes = 0;


    iRes = VirtualProtect(lpAddress, uSize, dwOldProtect, &dwBytes);


    if (iRes == 0)
    {
        dwErrorCode = GetLastError();
        return dwErrorCode;
    }


    return 0x00;
}
DWORD SetByte(const LPVOID dwOffset, const BYTE btValue)
{
    return WriteMemory(dwOffset, (LPVOID)& btValue, sizeof(BYTE));
}


extern "C" __declspec(dllexport)void Init()
{
    if (VirtualProtect(LPVOID(0x401000), 0xD21FFF, PAGE_EXECUTE_READWRITE, &OldProtect))
    {
        SetByte((PVOID)(0x004030D1 + 3), 6);
    }
}

just replace your offset compile and hook it using the api init

[laulinh2]

Small Guide to Find on any main.exe (SS2 to SS6) (maybe not in old school mains)

I know how to find on any main.exe.. the most important is know in really how works this code... well to start.. every time that you create a new character.. exists on button a "TEXTURE" in this case the texture is called: "cha_bt.tga", in new mains exists 2 TEXTURES with this name... but you must search for all referenced string for example on 1.04d GMO main.exe this:



then.. ENTER on this code and you can see something like this:



OK, now you found Load Texture part of code on main... but how to make to found drawing proc ? easy.. only: "Second Click" -> "Find references to" -> "Immediate constant" and you can see something like this:






OK, now double click on the first refence, and BOOM! your offset :D if you make all on good way, then you must can see something like this in this pass:

help me find offset in main MuEMu Season 8

[Kiosani]

help me find offset in main MuEMu Season 8

is the same process that on: Season 6.3 main bro, I don't have main from new Seasons, and I don't like anyways..

[rapha_eu]

Thanks for your tips mate! I was able to do everything on 1.04D easily, but everthing I'm familiar with the 1.04D and lower, are kinda different or doesn't exists on that new S8 mains, in my case the XTEAM S8 main. But I haven't gave up yet, gonna try abit more when come home.
cheers!

[cambio28]

Here is the source for a dll

Code:

#include "Windows.h"
DWORD OldProtect;


DWORD WriteMemory(const LPVOID lpAddress, const LPVOID lpBuf, const UINT uSize)
{
    DWORD dwErrorCode = 0;
    DWORD dwOldProtect = 0;


    int iRes = VirtualProtect(lpAddress, uSize, PAGE_EXECUTE_READWRITE, &dwOldProtect);


    if (iRes == 0)
    {
        dwErrorCode = GetLastError();
        return dwErrorCode;
    }


    memcpy(lpAddress, lpBuf, uSize);


    DWORD dwBytes = 0;


    iRes = VirtualProtect(lpAddress, uSize, dwOldProtect, &dwBytes);


    if (iRes == 0)
    {
        dwErrorCode = GetLastError();
        return dwErrorCode;
    }


    return 0x00;
}
DWORD SetByte(const LPVOID dwOffset, const BYTE btValue)
{
    return WriteMemory(dwOffset, (LPVOID)& btValue, sizeof(BYTE));
}


extern "C" __declspec(dllexport)void Init()
{
    if (VirtualProtect(LPVOID(0x401000), 0xD21FFF, PAGE_EXECUTE_READWRITE, &OldProtect))
    {
        SetByte((PVOID)(0x004030D1 + 3), 6);
    }
}

just replace your offset compile and hook it using the api init

I still don't know where to put it in the source

[Lenstaber]

Well... as Title says, I'm sharing my cool way to: "downgrade" your MU Client (1.04d) Season 6.3 to: Season 5, Season 4 or even: Season 3.2. This is nothing from another world... is only disable: Rage Fighter Character Creation Button from: Select Character Screen. but maybe this is the best choice. I mean.. you can completely emulate a nice: Season 5 or Season 4, without change your Server Files or Client.

Screenshots & Small Explain:

#1





#2





Link: https://mega.nz/#!fVgEwQiK!A-qQy_g1c...aer3CA4ZFJjfGg

PS: Core.dll don't have process name, is normal hook required.

Credits:
Webzen
Nemesis (Me: Kiosani).

Can you make similar for muemu s8 client please? And also add summoner disable function

I can pay if you dont want to make it for free

[cambio28]

SetByte((PVOID)(0x004030D1 + 3), 5); // Create character max chars (default: 7)

where do we have to edit this one?

[LTPTeam]

where do we have to edit this one?

In client sources.

[Lenstaber]

Can you make similar for muemu s8 client please? And also add summoner disable function

I can pay if you dont want to make it for free

[cambio28]

In client sources.

where can I find it?i'm inside my Client_EX401 from MuEmu. thanks in advance mate

[x00000]

Kiosani, help witch zteam S8 main, I make all of you guide but can't see good offset, please teach me how find this offset or find itself and give me, thx.
this i see after this step "now double click on the first refence"

[nemeth]

Hello,

how editing MuEmu Sources ex401 succeed?

[darkjano]

for muemu season 6??

[nemeth]

i need help Summoner Button off with MuEmu Sources ex401

[Thorninaron]

It works with muemu season 6? Good job!