Welcome!

Join our community of MMO enthusiasts and game developers! By registering, you'll gain access to discussions on the latest developments in MMO server files and collaborate with like-minded individuals. Join us today and unlock the potential of MMO server development!

Join Today!

kms 1.2.65 Max character slot extend (6 to 12)

Newbie Spellweaver
Joined
Dec 12, 2019
Messages
5
Reaction score
0
Use: Ollydbg

0055B7E2 . 83F8 06 CMP EAX,0x6 -> 0xC
0055B846 . 83F8 06 CMP EAX,0x6 -> 0xC
0055CF1F |. 83F8 06 CMP EAX,0x6 -> 0xC

005661B7 (SelectChar) 0x6 -> 0xC

-Refresh
00566182 /$ 53 PUSH EBX
00566183 |. 57 PUSH EDI
00566184 |. 8BF9 MOV EDI,ECX
00566186 |. 33F6 XOR ESI,ESI
00566188 |> E8 73A53800 CALL Maplesto.008F0700
0056618D |. 53 PUSH EBX
0056618E |. 56 PUSH ESI
0056618F |. E8 22120000 CALL Maplesto.005673B6
00566194 |. 46 INC ESI
00566195 |. 83FE 03 CMP ESI,0x3
00566198 |.^7C EE JL SHORT Maplesto.00566188
0056619A |. 8BF7 MOV ESI,EDI
0056619C |. 5F POP EDI
0056619D |. 5B POP EBX
0056619E \. C3 RETN

008F0700 /$ 8B87 F8000000 MOV EAX,DWORD PTR DS:[EDI+0xF8] ; //temp func
008F0706 |. 8D0C46 LEA ECX,DWORD PTR DS:[ESI+EAX*2]
008F0709 |. 03C1 ADD EAX,ECX
008F070B |. 8BCF MOV ECX,EDI
008F070D 8B5F 68 MOV EBX,DWORD PTR DS:[EDI+0x68]
008F0710 50 PUSH EAX
008F0711 83F8 00 CMP EAX,0x0
008F0714 74 09 JE SHORT Maplesto.008F071F
008F0716 48 DEC EAX
008F0717 81C3 88010000 ADD EBX,0x188
008F071D ^EB F2 JMP SHORT Maplesto.008F0711
008F071F 58 POP EAX
008F0720 C3 RETN

-> When Delete char, push ESI before enter refresh function..


0056619F 69C9 88010000 IMUL ECX,ECX,0x188
005661A5 EB 1C JMP SHORT Maplesto.005661C3
005661A7 90 NOP

005661A8 55 PUSH EBP ; CUIAvatar::SelectCharacter(long)
005661A9 |. 8BEC MOV EBP,ESP
005661AB |. 53 PUSH EBX
005661AC |. 56 PUSH ESI
005661AD |. 57 PUSH EDI
005661AE |. 8B7D 08 MOV EDI,DWORD PTR SS:[EBP+0x8]
005661B1 |. 85FF TEST EDI,EDI
005661B3 |. 8BF1 MOV ESI,ECX
005661B5 7C 12 JL SHORT Maplesto.005661C9
005661B7 |. 83FF 0C CMP EDI,0xC
005661BA 7D 0D JGE SHORT Maplesto.005661C9
005661BC 8B46 68 MOV EAX,DWORD PTR DS:[ESI+0x68]
005661BF 8BCF MOV ECX,EDI
005661C1 ^EB DC JMP SHORT Maplesto.0056619F
005661C3 833C08 00 CMP DWORD PTR DS:[EAX+ECX],0x0
005661C7 75 08 JNZ SHORT Maplesto.005661D1
005661C9 BF FFFFFFFF MOV EDI,-0x1
005661CE 90 NOP
005661CF 90 NOP
005661D0 90 NOP
005661D1 8B46 64 MOV EAX,DWORD PTR DS:[ESI+0x64]
005661D4 89B8 20010000 MOV DWORD PTR DS:[EAX+0x120],EDI
005661DA 57 PUSH EDI
005661DB 8B7D 08 MOV EDI,DWORD PTR SS:[EBP+0x8]
005661DE 8BC8 MOV ECX,EAX


------------------------------------------------------------------ Left Button error fix
005659D8 8BC8 MOV ECX,EAX
005659DA 8B86 F4000000 MOV EAX,DWORD PTR DS:[ESI+0xF4]
005659E0 03C1 ADD EAX,ECX
005659E2 99 CDQ
005659E3 41 INC ECX
005659E4 F7F9 IDIV ECX
005659E6 E8 37AD3800 CALL Maplesto.008F0722
005659EB 90 NOP
005659EC 90 NOP
005659ED 8BF8 MOV EDI,EAX
005659EF 833F 00 CMP DWORD PTR DS:[EDI],0x0
005659F2 75 0B JNZ SHORT Maplesto.005659FF
005659F4 49 DEC ECX
005659F5 2D 88010000 SUB EAX,0x188
005659FA 90 NOP
005659FB |. 85C9 |TEST ECX,ECX
005659FD ^7D EE JGE SHORT Maplesto.005659ED

008F0722 8B46 6C MOV EAX,DWORD PTR DS:[ESI+0x6C] ; //temp func2
008F0725 69CA 98040000 IMUL ECX,EDX,0x498
008F072B 03C1 ADD EAX,ECX
008F072D 6A 02 PUSH 0x2
008F072F 59 POP ECX
008F0730 C3 RETN

-------------------Delete Char-----------------------
0055E5E3 83FA 0C CMP EDX,0xC

0055E601 83FF 0B CMP EDI,0xB

0055E63F 3D D8100000 CMP EAX,0x10D8 -> Error caused because of memory allocation, fix by below


0055E651 |. 8998 D8100000 MOV DWORD PTR DS:[EAX+0x10D8],EBX
0055E657 |. 8B8E 28010000 MOV ECX,DWORD PTR DS:[ESI+0x128]
0055E65D |. 51 PUSH ECX
0055E65E |. 6A 0C PUSH 0xC
0055E660 |. 5A POP EDX
0055E661 |. 2BD7 SUB EDX,EDI
0055E663 |. C1E2 04 SHL EDX,0x4
0055E666 |. 52 PUSH EDX
0055E667 |. 8D57 01 LEA EDX,DWORD PTR DS:[EDI+0x1]
0055E66A |. C1E2 04 SHL EDX,0x4
0055E66D |. 03CA ADD ECX,EDX
0055E66F |. 51 PUSH ECX
0055E670 |. 83E9 10 SUB ECX,0x10
0055E673 |. 51 PUSH ECX
0055E674 |. E8 D7483200 CALL Maplesto.00882F50
0055E679 |. 58 POP EAX
0055E67A |. 05 B0000000 ADD EAX,0xB0
0055E67F |. 6A 10 PUSH 0x10
0055E681 |. 53 PUSH EBX
0055E682 |. 50 PUSH EAX
0055E683 |. E8 F8453200 CALL Maplesto.00882C80
0055E688 |. 8B0D 84FB9900 MOV ECX,DWORD PTR DS:[0x99FB84]
0055E68E |. 83C4 18 ADD ESP,0x18
0055E691 |. 3BCB CMP ECX,EBX
0055E693 |. 74 30 JE SHORT Maplesto.0055E6C5
0055E695 |. 56 PUSH ESI
0055E696 |. E8 E77A0000 CALL Maplesto.00566182
0055E69B |. 5E POP ESI
0055E69C |. 90 NOP
0055E69D |. 8B8E 24010000 MOV ECX,DWORD PTR DS:[ESI+0x124]


----------------------Create Char--------------------------
0055D126 3998 D8100000 CMP DWORD PTR DS:[EAX+0x10D8],EBX

0055BB2B 6A 0C PUSH 0xC
0055BB3C 6A 0C PUSH 0xC


0055E99F 83FA 0C CMP EDX,0xC
-------------------DrawNameTag-------------------------------
00566413 E8 1AA33800 CALL Maplesto.008F0732 ; //char name...
00566418 51 PUSH ECX
00566419 90 NOP
0056641A 90 NOP

0056668F E8 9EA03800 CALL Maplesto.008F0732
00566694 51 PUSH ECX
00566695 90 NOP
00566696 90 NOP

008F0732 69C0 88010000 IMUL EAX,EAX,0x188
008F0738 0343 68 ADD EAX,DWORD PTR DS:[EBX+0x68]
008F073B 83C0 04 ADD EAX,0x4
008F073E C3 RETN

------sendselctcharPacket -----------

0055CCA1 6A 0C PUSH 0xC

------keyboard right button fix------
005657DA 40 INC EAX

005657DB 3B86 F0000000 CMP EAX,DWORD PTR DS:[ESI+0xF0]
005657E1 0F8D 8B010000 JGE Maplesto.00565972
005657E7 8B4E 64 MOV ECX,DWORD PTR DS:[ESI+0x64]
005657EA 50 PUSH EAX
005657EB 69C0 88010000 IMUL EAX,EAX,0x188
005657F1 03C8 ADD ECX,EAX
005657F3 58 POP EAX
------------------------cash shop (char slot coupon)------------------------------
00457614 83BE 80040000 >CMP DWORD PTR DS:[ESI+0x480],0xC
00462F26 83F8 0C CMP EAX,0xC



 
Back
Top