thank u so much @jacubb love this server so much XD
thank u so much @jacubb love this server so much XD
Can you tell me what cpp file is modified or. H? I have begun to translate documents, I dont want to re-translate agian ^^
very malicious: https://www.virustotal.com/file/a23b...is/1358178466/Originally Posted by jacubb
This is not the virus, i can sure that is false positives
Deleted post...
no viruses? version?
jacubb, do you think that you can alter the protocol?
matreex posted once the source of eng protocol...
As I say, I am beginner in C++ and MU developing, so I think I will can't do it.
But maybe if you can send me those sources, I will look on it and ask my friend for help (he is professional coder).
Needs to transfer at least three protocol !
like Serverprotocol
Walk(kor) = D3
Damage(Kor)=DF
Attack(Kor) = D7
00419D6F |. C645 EC C1 MOV BYTE PTR SS:[EBP-14],0C1
00419D73 |. C645 EE D7 MOV BYTE PTR SS:[EBP-12],0D7
00419D77 |. C645 ED 00 MOV BYTE PTR SS:[EBP-13],0
0041B072 |> \\C685 70FFFFFF C1 MOV BYTE PTR SS:[EBP-90],0C1
0041B079 |. C685 72FFFFFF 1D MOV BYTE PTR SS:[EBP-8E],1D
0041B080 |. C685 71FFFFFF 0D MOV BYTE PTR SS:[EBP-8F],0D
0050CA4F |> \\C645 E0 C1 MOV BYTE PTR SS:[EBP-20],0C1
0050CA53 |. C645 E2 D6 MOV BYTE PTR SS:[EBP-1E],0D6
0050CA57 |. C645 E1 05 MOV BYTE PTR SS:[EBP-1F],5
0050CFA8 |> \\C645 E0 C1 MOV BYTE PTR SS:[EBP-20],0C1
0050CFAC |. C645 E2 D6 MOV BYTE PTR SS:[EBP-1E],0D6
0050CFB0 |. C645 E1 05 MOV BYTE PTR SS:[EBP-1F],5
0053A8FD |. C645 F4 C1 MOV BYTE PTR SS:[EBP-C],0C1
0053A901 |. C645 F6 D6 MOV BYTE PTR SS:[EBP-A],0D6
0053A905 |. C645 F5 05 MOV BYTE PTR SS:[EBP-B],5
00594F00 |> \\C645 EC C1 MOV BYTE PTR SS:[EBP-14],0C1
00594F04 |. C645 EE D6 MOV BYTE PTR SS:[EBP-12],0D6
00594F08 |. C645 ED 05 MOV BYTE PTR SS:[EBP-13],5
00454DBE |> \\6A 08 PUSH 8
00454DC0 |. 6A 1D PUSH 1D
00454DC2 |. 8D4D F8 LEA ECX,DWORD PTR SS:[EBP-8]
00454DC5 |. 51 PUSH ECX
00454DC6 |. E8 D1DFFAFF CALL Gameserv.00402D9C
005B832C |. 6A 08 PUSH 8
005B832E |. 6A 1D PUSH 1D
005B8330 |. 8D45 F4 LEA EAX,DWORD PTR SS:[EBP-C]
005B8333 |. 50 PUSH EAX
005B8334 |. E8 63AAE4FF CALL Gameserv.00402D9C
00455556 |> \\6A 07 PUSH 7
00455558 |. 68 D6000000 PUSH 0D6
0045555D |. 8D45 F0 LEA EAX,DWORD PTR SS:[EBP-10]
00455560 |. 50 PUSH EAX
00455561 |. E8 36D8FAFF CALL Gameserv.00402D9C
00594FB4 |. 6A 07 PUSH 7
00594FB6 |. 68 D6000000 PUSH 0D6
00594FBB |. 8D4D E4 LEA ECX,DWORD PTR SS:[EBP-1C]
00594FBE |. 51 PUSH ECX
00594FBF |. E8 D8DDE6FF CALL Gameserv.00402D9C
00455CB9 |. 6A 0A PUSH 0A
00455CBB |. 68 DC000000 PUSH 0DC
00455CC0 |. 8D45 F4 LEA EAX,DWORD PTR SS:[EBP-C]
00455CC3 |. 50 PUSH EAX
00455CC4 |. E8 D3D0FAFF CALL Gameserv.00402D9C
00593589 |> \\6A 0A PUSH 0A
0059358B |. 68 DC000000 PUSH 0DC
00593590 |. 8D45 F0 LEA EAX,DWORD PTR SS:[EBP-10]
00593593 |. 50 PUSH EAX
00593594 |. E8 03F8E6FF CALL Gameserv.00402D9C
I looked at source code.It does not HOOK to these addresses, all original PROTOCOL for jpn
Japan Protocol (I'm find it with GS 1.00.18)
Walk = 1D
Damage = D6
Attack = DC
Skill = D7
English Protocol (I'm find it with packets Client Global MU)
Walk = D4
Damage = 11
Attack = 15
Skill = DB
Vietnam Protocol(I'm find it with GS 1.00.16 VTM)
Walk = D9
Damage = DC
Attack = 15
Skill = 1D
Philippine Protocol(SCFMT find it)
Walk = DD
Damage = DF
Attack = D6
Skill = 11
China Protocol(I'm find it with client 1.03+ CHS)
Walk = D9
Damage = D0
Attack = D7
Skill = 1D
Korean Protocol (;))... is old protocol , find it with client Korea)
Walk = D3
Damage = DF
Attack = D7
Skill = 10
Test_Protocol ( Can is Taiwan Protocol - find it with GameServer 1.00.66 original)
Walk = D7
Damage = D2
Attack = D9
Skill = 1D
Crash packet C1 05 30 FF A5, :/
well done ! Have you deleted AntiSyncFlood GS Opt and fix teleport skill for DW in Duel ?
Not now, I am busy this days. Maybe I will look on it next week.
what about these lines from News.cpp:
so, there is another full version, other than this ?char fkaskd_1[] = { 0x50, 0x6F, 0x77, 0x65, 0x72, 0x65, 0x64, 0x20, 0x62, 0x79, 0x20, 0x49, 0x6D, 0x61, 0x67, 0x69, 0x6E, 0x61, 0x74, 0x69, 0x6F, 0x6E, 0x20, 0x41, 0x72
, 0x74, 0x73, 0x00 }; //Powered by Imagination Arts
char skaskd_2[] = { 0x46, 0x72, 0x65, 0x65, 0x20, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6F, 0x6E, 0x20, 0x6F, 0x66, 0x20, 0x4A, 0x75, 0x6C, 0x69, 0x61, 0x20, 0x50
, 0x72, 0x6F, 0x6A, 0x65, 0x63, 0x74, 0x00 }; //Free version of Julia Project
char akaskd_3[] = { 0x42, 0x75, 0x79, 0x20, 0x66, 0x75, 0x6C, 0x6C, 0x20, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6F, 0x6E, 0x20, 0x68, 0x74, 0x74, 0x70, 0x3A, 0x2F, 0x2F
, 0x69, 0x6D, 0x61, 0x67, 0x69, 0x6E, 0x61, 0x74, 0x69, 0x6F, 0x6E, 0x61, 0x72, 0x74, 0x73, 0x2E, 0x6E, 0x65, 0x74, 0x2F, 0x00 }; //Buy full version http://imaginationarts.net/
PS: trying to compile, but get errors... where are Protection.cpp and Protection.h ?
are these files private?
Last edited by aecrimch; 15-01-13 at 05:55 PM.
/*if(!Protection.CheckFeature(Protection.Private))
{
hThread = CreateThread(NULL, 0, (LPTHREAD_START_ROUTINE)FreeVersionAdv, NULL, 0, &ThreadID);//False 2 1175 V513 Use _beginthreadex/_endthreadex functions instead of CreateThread/ExitThread functions. IA Julia 1.x.x lite.cpp 159 False
if ( hThread == 0 )
{
Log.ConsoleOutPut(1, c_Red, t_Error, "CreateThread() failed with error %d", GetLastError());
return;
}
CloseHandle(hThread);
}*/
aecrimch these code has been canceled :)) or you can change these codes
about full version, full(aka private) and public version differ only in the publication version. Example: AI make 1.1.0.298 and give to public 1.1.0.256; next AI make 1.1.0.299 and give to public 1.1.0.257; and etc.
about Protection, in 1st post and can download archive with fix.
Reply With Quote