Running List of Sources S2-S3

Hi, I had some free time to gather up some sources for Season 3, tho most wont compile right unless you have VC++6.0, which I dont so I couldnt make some of the stuff, and theres no point in making a dll, if it aint complete.

Contains:
S3 wing Mix
S3 Quest
Add Command
New Item Hooking Procedure (ASM)
1.00.16 Offsets, and variables from 2 diff gameservers, CHS + VTM)
and a simple readme explaining the S3 Wing Mix

Credits for Gathering and some of Wing Mix goes to Me aka NoobCode
Credits for the rest of the surces go to respectable owners, to long to list :P

Good job man !

101\100 very nice!

Hi, As I put these fixes in muserver of luciano aibar?

Very Good ;) 10/10
But Wrong Function offset for My GS (CzF 1.00.16 MultiProt).
In CzF 1.00.16 offsets are:

gObjDel DD 004036ACH
LogAddC DD 0632E810h
gObjAddMonster DD 00404426h
gObjSetMonster DD 00405993h
gObjIsConnected DD 00403512h
ServerMsgStringSend DD 00405D8Fh

GSMoneySend 00403FCBh

good stuff
downloaded
went over it
saw 1 interesting thing

the roosterupdates.txt talks about some updates for luci's files. where can i find this release? or the topic with this release?
cause that txt only describes the addons themselves. no download links etc

Wow... Nice. THX MAN!

Please help! How do I install this update? What do I have to do?

Please !

Quote:

---

Originally Posted by Lord Auronn

Please help! How do I install this update? What do I have to do?

Please !

---

This is only Resaarch and Sources pack, not update ;)

Wanna now too where get Roosterman Recode :P

some guide ? because i`m not a coder :(

Nice Thanks!

ill help you with vc 6.0 if some1 helps me with php...

can i use here OllyDBG ?

How i know what is the offset of my dll?? Answer me pls

Useful tools to find gameserver.exe offsets, IDA Pro, and to hook dll you must use ollydbg, the one with shadow olly inside. Find offsets first with IDA, then use fenix hooking guide to hook dll. This is very simple release, next release includes a tutorial on how to get offsets from GameServer.exe using IDA Pro and how to locate offsets, KNOW THE NAME OF WHAT YOU WANT TO SEARCH FOR, and how to call offsets for new events and such. I'll try to make a guide in the next 3 days and link it here, answering some basic questions, but you must take into account I can only code in masm 32, i dunno much about VC++.

Offset of dll? For what?
You must use LoadLibraryA for load Dll and get offsets of exported procedures by GetProcAdress.

Not for dll, for gameserver.exe offsets. you misunderstand my response. when i was mentioning hook i forgot to metion it was for gameserver.exe offsets, you cant randomly call offsets from .dll and expect them to work, you must find and then define offsets. I listed 1 Way to find GS offsets, many ppl can do it faster to find. Fell free to add to my release if you want, more information is easier for non coders to read.

Note: Dll offsets are different, you declare your own offsets.

Link to making a dll in VC++, learning from it atm. Visual C Basics C++ DLLs for beginners Tutorial

1. write in hex dump name of dll like (addmap.dll)
push <offset of name of dlll>
call LoadLibraryA
2. write in hex dump NameTerrain
push <offset of name of NameTerrain>
push eax
Call GetProcAddress
Call Eax
enjoy

what is that?

Dev-Star He speak not about hooking i think and my post for him ;)
G4L3ON this is offset of your dll Name That You Create.
For Example:


PUSH 005CC00Fh
CALL LoadLibraryA
...
005CC00F . 61 6E 31 32 33>ASCII "an12345.dll",0

ok, my mistake. I dun want to offend anyone, so I will only post information about what I understand, if ppl wish to add more information here then by all means do so, this is running thread of sources, asm or vc++ knowledge greatly appreciated.

Some GS[1.00.16 CzF] offsets if anyone need:

Quote:

---

//Blood Castle Reward!
0041ACB7 |. 6A 0C PUSH 0C
0041ACB9 |. 6A 0E PUSH 0E


//Start MSB Data...
09F8DB06 F0:0003 LOCK ADD BYTE PTR DS:[EBX],AL ; LOCK prefix

//gObj Start.... MB
065E3F58 0000 ADD BYTE PTR DS:[EAX],AL

//gObj Start !NEW!
065E3F58
004D0EAB |. 81C2 583F5E06 ADD EDX,GameServ.065E3F58

//gObj X And Y to Stack! (EDX Contains Mob ID... From Gold Regen Procedure...)
00469BED |. 69D2 5C190000 |IMUL EDX,EDX,195C
00469BF3 |. 0FBF82 62405E06 |MOVSX EAX,WORD PTR DS:[EDX+65E4062]
00469BFA |. 50 |PUSH EAX
00469BFB |. 8B4D F8 |MOV ECX,DWORD PTR SS:[EBP-8]
00469BFE |. 69C9 5C190000 |IMUL ECX,ECX,195C
00469C04 |. 0FBF91 60405E06 |MOVSX EDX,WORD PTR DS:[ECX+65E4060]
00469C0B |. 52 |PUSH EDX


//PChatProc
00401177 $ E9 F4F20200 JMP GameServ.00430470


//gObjIsConnected
00403512 $ E9 190A0D00 JMP GameServ.004D3F30

//gObjAddMonster
00404426 $ E9 95E00C00 JMP GameServ.004D24C0

//gObjSetMonster
00405993 $ E9 B8B40C00 JMP GameServ.004D0E50

//GCServerMsgStringSend
00405D8F $ E9 6CB30200 JMP GameServ.00431100

//17.11.2007
//GSMoneySend
00403FCB $ E9 60F90200 JMP GameServ.00433930

//LogAdd
00403873 . E9 F8A20900 JMP GameServ.0049DB70

//gObjInventoryDeleteItem
00401F55 $ E9 86D90D00 JMP GameServ.004DF8E0

//CGInventoryDeleteItemSend
004036B6 $ E9 F5AF0400 JMP GameServ.0044E6B0

//gObjMoveGate
0040563C $ E9 0FEC0E00 JMP GameServ.004F4250

//BowWeaponDurabilityDown
00404E58 $ E9 536F1000 JMP GameServ.0050BDB0

---

An12345(c)

Sorry, i don

tried so many to do this and simply didnt succeed someone can uplode
ready dlls wite quest season 3 and mix season 3 wite lociuno filles
plis do favor
only from yours country i now that will be good
we living only one life
use that for good things
i almost killed on the army i didnt use that life befor
good bye..

how can we use thiese?^^ im totaly newb at this stuff

Why anybody here put the dlls, or what need here to download, cause there are many people here that don

10x verry nice :)

noobish...

pls somone who know how to add this features and fixes - pls create guide about or show on example.

You don't need all there if you don't know how to do all that ;)
This is only for people, who can use it.
I think ;)
Wait their releases :p

i want know it basic, wann't learn asm in full..

You must know not only basic ...
Because you must:
1) Find offsets.
2) Make Dll Corretly with Your Offsets.
3) Find offsets again.
4) Hook Dll.
If you know how to do it, you don't need manual.
Else it is very hard to make it working as you need ;)

can someone make a gs with this options guys?

i'm not a coder :(

Big thanks man! Olways the best! Werry good thing! :)

offtopic
black ierubi skype vai msn :D

uhuhuhu =) nice

How Can I use this?

--->

cl-c212
Meet playerserver -> game client Num. of players
len msg ID num
c2 xxxx 12
1 2 1 1
+ this block repeated number of players times:cl-c212-2
PC ID Item levels(color)? player name, padded with 0x00
ID X1 Y1 class pose LHand RHand helm armor pants gloves boots pet? wind? ?? name X2 Y2 ??

2 1 1 4bit 4bit 1 1 4bit 4bit 4bit 4bit 4bit 4bit 4bit 6.5 10 1 1 6
Field description:

* X1,Y1 -> X2,Y2 - player moved. If x1y1 == x2y2 - player stand
* class
o 0 - Dark Wizard
o 1 - MEGA Dark Wizard ?
o 2 - Dark Knight
o 3 - Night Blade
o 4 - Elf
o 5 - Muse Elf
o 6 - Magic Gladiator
* pose - stand style
o 0 - stand
o 1 - UNKNOWN
o 2 - sit
o 3 - at wall
o 4 - "hanged" (in Noria)
* LHand, RHand - itemID held in left and right hands
* helm..boots - item type (lether, silk...)
* pet - satan, angel, horn, maybe wings
* wing - wings ?

cl-c213
Meet monsterserver -> game client Num. of NPCs
len msg ID num
c2 xxxx 13
1 2 1 1
+ this block repeated number of NPCs times:cl-c213-2
NPC ID
ID (?) NPC description separator
00
2 8 1

Sorry, but i don't understand, i need use this in C++ or Hexa? How can i do?
Sorry for my bad inglesh! Brazilian man!!^^

These are only olds Theorys of packets that in today are unusefull...

How can i correct this BUG?The funcion of my GS 1.0.0.16, not running correct if i use de 3 rd claas wings, whem I move, the wing changed for another wing!

Sorry may Horrible Inglesh!!! Brazilian MAN!
"Os americanos s

What build of GameServer are you using?

ollydbg and hexa editor!

[quote=persektor;2832456]How can i correct this BUG?The funcion of my GS 1.0.0.16, not running correct if i use de 3 rd claas wings, whem I move, the wing changed for another wing!

Sorry may Horrible Inglesh!!! Brazilian MAN!
"Os americanos s

pls who can explain me this shits :

Code:

---

This is the source code for Season 3 Mixes.

Well...

This is Protocol in DLL

Code:
bool ProtocolCore(DWORD aIndex, LPBYTE pBuffer, DWORD pSize) {
    BYTE Packet[100] = {0};
    switch(pBuffer[2])
    {
        //----------------------------------------------
        // ChaosBox Machine combination packets
        case PROTO_CHAOSCOMBINATION:
            if(pBuffer[1] == 0x04 && pBuffer[3] == 0x26)
            {
                ChaosBoxCombineNewFeather(aIndex);
                return true;
            }

            if(pBuffer[1] == 0x04 && pBuffer[3] == 0x27)
            {
                ChaosBoxCombineNewWings(aIndex);
                return true;
            }
        break;
    }
    return false;
}
This function return TRUE if know packet. When this function return TRUE, hook in GameServer ProtocolCore jump to end (STACK Footer/POP's). pBuffer[3] is mixID.

This is an example of ProtocolCore hook in GameServer 1.00.16.
Code:
PUSH DWORD PTR SS:[EBP+10] ; Push Packet size
PUSH DWORD PTR SS:[EBP+C] ; Push pointer to first byte of packet
PUSH DWORD PTR SS:[EBP+14] ; Push aIndex/Player Id/gObjId
CALL DWORD PTR DS:[0xB5F0010] ; Call ProtocolCore from DLL
CMP EAX, 1 ; check what return our function and compare it
JE GameServ.0042EEC8 ; jump to function Epilog if return TRUE(1)
JMP GameServ.0042DF13 ; or jump to previous code if FALSE(0)
Now you must add new items to ChaosBox allowed items list. When you do this, you can put items needs to new mixes (Bless package, soul package, etc). 1.03H++ Mains have implemented season 3 Chaos Combinations.

To add new items to ChaosBox we use ASM and our DLL. We make function with naked parameter (more about it on http://msdn2.microsoft.com/en-us/lib...xs(VS.80).aspx).

Code:
void __declspec(naked) ChaosBoxCheckNewItems() {
    __asm {
        // Original
        cmp eax, 0x180F;
        je ItemAllowed;

        // Flame Of Condor
        cmp eax, 0x1A34;
        je ItemAllowed;

        // Feather of Condor
        cmp eax, 0x1A35;
        je ItemAllowed;

        // Package of 10 Blesses
        cmp eax, 0x181E;
        je ItemAllowed;

        // Package of 10 Souls
        cmp eax, 0x181F;
        je ItemAllowed;

        mov edi, 0x004E3DD4;
        jmp edi;

        ItemAllowed:
            mov edi, 0x004E3E0F;
            jmp edi;
    }
}
Code is very simply. ItemId = ItemSection * 512 + ItemIdInSection.

Now we must make hook in GameServer 1.00.16.

At 0x004E3DCD offset you have smth like this:

Code:
MOV EDX, DWORD PTR SS:[EBP-78] ; copy item pointer to EDX
MOVSX EAX, WORD PTR DS:[EDX+6] ; copy 6th byte (itemId) from item pointer to EAX
CMP EAX, 180F ; compare itemId with 0x180F const
JE SHORT GameServ.004E3E0F ; if itemId is equal jump to Send PutPacket
Change that code to :

Code:
MOV EDX, DWORD PTR SS:[EBP-78]
MOVSX EAX, WORD PTR DS:[EDX+6]
JMP DWORD PTR DS:[0xB5F0030] ; jump (because is naked) to our function from DLL
NOP
And Mixes Code :

Code:
void ChaosBoxCombineNewFeather(DWORD aIndex) {
    DWORD lpObj = (aIndex * gObj_SIZE + gObj_OFFSET);
    srand(static_cast<int>(time(NULL)));

    if((rand() % 100) <= 60)
        {
        ItemSerialCreateSend(aIndex, 0xFF, gObj_GetInt(aIndex, gObj_POSX), gObj_GetInt(aIndex, gObj_POSY), 0x1A35, 0, 255, 0, 0, 0, -1, 0, 0);
        gObj_Write(aIndex, gObj_MONEY, (gObj_GetInt(aIndex, gObj_MONEY) - 20000));
        GCMoneySend(aIndex, gObj_GetInt(aIndex, gObj_MONEY));
        Log(mInfo, "[%s][%s] ChaosBoxCombineNewFeather() - Combination success.", gObj_GetChar(aIndex, gObj_LOGIN), gObj_GetChar(aIndex, gObj_NICK));
    }

        else
    {
                ChaosBoxInit(lpObj);
                GCUserChaosBoxSend(lpObj, 0);
        BYTE Packet[10] = {0xC1, 0x0A, 0x86, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00};
        DataSend(aIndex, Packet, 10);
        Log(mInfo, "[%s][%s] ChaosBoxCombineNewFeather() - Combination fail.", gObj_GetChar(aIndex, gObj_LOGIN), gObj_GetChar(aIndex, gObj_NICK));
    }
}

void ChaosBoxCombineNewWings(DWORD aIndex) {
    DWORD lpObj = (aIndex * gObj_SIZE + gObj_OFFSET);
    srand(static_cast<int>(time(NULL)));

    if((rand() % 100) <= 60)
        {
        srand(static_cast<int>(time(NULL)));
        WORD WingsId = 0x1824 + (rand() % 5);
        ItemSerialCreateSend(aIndex, 0xFF, gObj_GetInt(aIndex, gObj_POSX), gObj_GetInt(aIndex, gObj_POSY), WingsId, 0, 255, 0, 0, 0, -1, 0, 0);
        gObj_Write(aIndex, gObj_MONEY, (gObj_GetInt(aIndex, gObj_MONEY) - 20000));
        GCMoneySend(aIndex, gObj_GetInt(aIndex, gObj_MONEY));
        Log(mInfo, "[%s][%s] ChaosBoxCombineNewWings() - Combination success with ItemId [0x%02X].", gObj_GetChar(aIndex, gObj_LOGIN), gObj_GetChar(aIndex, gObj_NICK), WingsId);
    }

        else
    {
                ChaosBoxInit(lpObj);
                GCUserChaosBoxSend(lpObj, 0);
        BYTE Packet[10] = {0xC1, 0x0A, 0x86, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00};
        DataSend(aIndex, Packet, 10);
        Log(mInfo, "[%s][%s] ChaosBoxCombineNewWings() - Combination fail.", gObj_GetChar(aIndex, gObj_LOGIN), gObj_GetChar(aIndex, gObj_NICK));
    }
}
If needed use that code too :

Code:
/* ProtocolCore.h - Created 2007-07-14 at 11:12
 * File is part of MUDLL Project.
 *
 * Coded by f1x
 */

#ifndef MUDLL_PROTOCOLCORE_H
    #define MUDLL_PROTOCOLCORE_H

#define PROTO_NPCCLICK 0x30
#define PROTO_ENTERGAME 0x03
#define PROTO_CHAOSCOMBINATION 0x86
#define PROTO_PRIESTDEVIN 0xA2

bool ProtocolCore(DWORD aIndex, LPBYTE pBuffer, DWORD pSize);

#endif //~MUDLL_PROTOCOLCORE_H

---

who can make it simple in a .dll or the code to compile it in a .dll file?and a dll hooking guide pls :34::34::34:

That is season 3 wing mix, It is coded in C++ with hooks and code for ASm. It gives mini guide on how to hook into GameServer. If you want .dll with it already in it, wait for my updates please.

1.- Thank you
2.- For those noobies: it's easy everything it's easy but you need to learn step by step then some day you gonna can make ur own operative system ;)

Quote:

---

Originally Posted by Dev-Star

That is season 3 wing mix, It is coded in C++ with hooks and code for ASm. It gives mini guide on how to hook into GameServer. If you want .dll with it already in it, wait for my updates please.

---

i already try to compile it with visual basic c++ and he said incorrect syntax bad { and some stupids,i wait to make you mini guid with .dll files and how to hook it,hurry up and good luck,your a good coder :wavetowel

Where I Put This Codes????

Hi All Who Want Help Me ... I Nedd It Fast Please Dude!!!
I Want Put This Code In My Main.exe & In My GameServer Please Much ... !!!
This Is My GameServer
GameServer [Here]
This Is My Main
Main [Here]
This Is The Resource Code
Resource Code [Here]