[RELEASE] - V95 localhost (PDB leak version), early marry christmas

[s4nta]

I kind of fixed it?

OllyDBG:

Code:

0066D329 -> PUSH 19E4FC

But it only works on the first login try LOL then the stack pointer offset changes and I'm not gud enough to figure it out

More context:
The localhost patches `CNMCOClientObject::GetNexonPassport` (called from 005DBA77) to directly copy login id using strcpy instead of going through Nexon's auth code. However, since the address is fixed, on the following tries, the stack has changed and directly writing to the offset no longer works. If someone actually knows how to RE, I think the fix is to make the strcpy destination the same as whatever address is referenced by the code at 005DBD09. The calculation is [ESP+6C], which just happens to be 0019E4FC (which points to login id on the stack) on the first run but doesn't hold true for later runs.

So basically you'd have to add an argument to push the stack pointer as the second argument to CNMCOClientObject::GetNexonPassport, then find the proper offset, and then change the argument in strcpy.

[SomeoneMs]

reupload please?

[ZerosNL]

anyone have a reupload for this?