Hello.
I'm an old GunBound cheater. In the past few years, I've been coding many many things for my private server (known as GITZWC) and protection (GunProtect). Many of those codes are used in almost every Brazillian GunBound WC since 2010, because many years ago I used to sell them to developers.
I dont know much about GunBound developing but I'm very experienced with reverse-engeneering. Those are some useful functions to use from the client. You can make tons of creative interfaces with this.
If you don't understand what I am saying you probably need to study some about assembly before trying this. This code can be easily translated to any language since that's mostly an assembly code.
ShowGameMessage - fake GunBound Message:
Packet Sender - Allows you to send any regular type of paket to gunbound server, this can be used to do powerful cheats, integration with a custom gunbound server and many other useful things.
This code forces the gunbound to generate the sequence bytes and send the packet for you to the current server.
Example of use:
Those codes can be easily converted to any language, also the addresses can be updated to all gunbound versions up to season 2, and you won't need to change much in the assembly code to update it. If you have problems to update them, you can contact me ^^
Maybe I will keep posting more functions here if this can help anyone.
You can also contact me in my server GitzWC, or by email.
C4sTr0.
I'm an old GunBound cheater. In the past few years, I've been coding many many things for my private server (known as GITZWC) and protection (GunProtect). Many of those codes are used in almost every Brazillian GunBound WC since 2010, because many years ago I used to sell them to developers.
I dont know much about GunBound developing but I'm very experienced with reverse-engeneering. Those are some useful functions to use from the client. You can make tons of creative interfaces with this.
If you don't understand what I am saying you probably need to study some about assembly before trying this. This code can be easily translated to any language since that's mostly an assembly code.
ShowGameMessage - fake GunBound Message:
Code:
{Function SGM
by C4sTr0 ( [EMAIL="C4sTr0@live.com"]C4sTr0@live.com[/EMAIL] )
Parameters: lpMessage is a pointer for the message you wanna show
dwIcon is the icon value you wanna show (0 = no icon)
dwColor is the color value you wanna show}
procedure ShowGameMessage_Fixed(lpMessage: PChar; dwIcon: byte; dwColor: byte);
var
dwMessage: cardinal;
procedure ShowGameMessage_Real(lpMessage: PChar); assembler;
asm
pushad
mov ecx, [dwMessage]
add ecx, $44
mov bh, [dwIcon]
mov [ecx], bh
add ecx, $47
mov [ecx], bh
add ecx, $47
mov [ecx], bh
mov bh, [dwColor]
mov ecx, [dwMessage]
add ecx, $5C
mov [ecx], bh
add ecx, $31
mov [ecx], bh
add ecx, $E
mov [ecx], bh
add ecx, $39
mov [ecx], bh
add ecx, $10
mov [ecx], bh
popad
jmp @call
@call:
lea edi, [lpMessage]
call [dwMessage]
jmp @[I][B][URL="http://forum.ragezone.com/members/2000287950.html"]reb[/URL][/B][/I]uild
@[I][B][URL="http://forum.ragezone.com/members/2000287950.html"]reb[/URL][/B][/I]uild:
mov [dwIcon], 6
mov [dwColor], 2
mov ecx, [dwMessage]
add ecx, $44
mov bh, [dwIcon]
mov [ecx], bh
add ecx, $47
mov [ecx], bh
add ecx, $47
mov [ecx], bh
mov bh, [dwColor]
mov ecx, [dwMessage]
add ecx, $5C
mov [ecx], bh
add ecx, $31
mov [ecx], bh
add ecx, $E
mov [ecx], bh
add ecx, $39
mov [ecx], bh
add ecx, $10
mov [ecx], bh
end;
begin
dwMessage := $00414B80;
ShowGameMessage_Real(lpMessage);
end;
Packet Sender - Allows you to send any regular type of paket to gunbound server, this can be used to do powerful cheats, integration with a custom gunbound server and many other useful things.
This code forces the gunbound to generate the sequence bytes and send the packet for you to the current server.
Code:
{Function sendPacket
by C4sTr0 (c4str0@live.com)
Allows you to send a normal-type of packet regardless of the sequence/authentication bytes.
lpAddress - Pointer to buffer with packet data, starts with the packet protocol.
len - size of the packet to send (packet data + 4)
}
procedure sendPacket(lpaddress: pointer; len: word);
const
baseaddrpacket: cardinal= $00870558;
packetfunc: cardinal = $00445CD0;
xpcomp: cardinal = $0052A420;
begin
copymemory(pointer(pdword(baseaddrpacket)^+$9C), lpaddress, len);
pword(pdword(baseaddrpacket)^+$4098)^ := len;
asm
pushad
mov esi, [baseaddrpacket]
mov esi, [esi]
lea ecx, [esi+$80BC]
mov eax, [xpcomp]
call eax
popad
mov ecx, [baseaddrpacket]
mov ecx, [ecx]
mov [ebp-4], ecx
mov ecx, [packetfunc]
mov [ebp-8], ecx
push [ebp-4]
call dword ptr [ebp-8]
end;
end;
Example of use:
Code:
var
ExitRoom: array [0..3] of byte = ( $00, $20, $FF, $FF); //the gunbound exit packet, with protocol+data
begin
sendPacket(@ExitRoom[0],8); //you must add 4 bytes to the size since 2 bytes are from packetSize and 2 bytes are the sequence (the gunbound will generate those)
end;
Those codes can be easily converted to any language, also the addresses can be updated to all gunbound versions up to season 2, and you won't need to change much in the assembly code to update it. If you have problems to update them, you can contact me ^^
Maybe I will keep posting more functions here if this can help anyone.
You can also contact me in my server GitzWC, or by email.
C4sTr0.
Last edited: