MuOnline Japan S6 Client.
For those that want the Japan S6 Client here is the link:
MEGAUPLOAD - The leading online storage and file delivery service
Lite Client(No Music and Sound)
ConnectServer by Willerson
Code:
Main Version: 2267: (1.03.35 1.03I+)
Serial: zXpHKodjcaejst6h
IP: cs.muonline.jp
From what i saw, it uses the same method of starting the main like MU Global, by using the website.
Code:
Main Offsets:
DWORD * MainIP = (DWORD*)(0x00954AEC);
memset(&MainIP[0],0x00,100);
memcpy(&MainIP[0],"192.168.254.250",30);
//mu.exe
*(BYTE*)0x004A418F = 0xEB; // /EB 55 JMP SHORT main.004A41E6
*(BYTE*)0x004A4190 = 0x55;
//config.ini read error
*(BYTE*)0x004A4626 = 0x75;// /75 19 JNZ SHORT main.004A4641
*(BYTE*)0x004A4627 = 0x19;
//gg init error
*(BYTE*)0x004A466F = 0xE9;// /E9 96000000 JMP main.004A470A
*(BYTE*)0x004A4670 = 0x96;
*(BYTE*)0x004A4671 = 0x00;
*(BYTE*)0x004A4672 = 0x00;
*(BYTE*)0x004A4673 = 0x00;
*(BYTE*)0x004A4674 = 0x90;// |90 NOP
//ResourceGuard error
*(BYTE*)0x00656F95 =0xEB;// /EB 3F JMP SHORT main.00656FD6
*(BYTE*)0x00656F96 =0x3F;
*(DWORD*)0x004A45F8 = 0x90909090;
*(BYTE*)0x004A45FC =0x90;
BYTE DecryptLog[5] = {0x90, 0x90, 0x90, 0x90, 0x90};//Decrypt Log
memcpy((int*)0x0089FB9D,DecryptLog,sizeof(DecryptLog));//Decrypt Log
memcpy((int*)0x0089FDB0,DecryptLog,sizeof(DecryptLog));//Decrypt Log
SetByte(0x004A4109,0xEB); // MultiClient
//CMStarter bypass
*(BYTE*)0x0049AE9B = 0x90;
*(BYTE*)0x0049AE9C = 0x90;
//Login bypass
*(BYTE*)0x0040A5C5 = 0xE9;// /E9 C4000000 JMP main_hoo.0040A68E
*(BYTE*)0x0040A5C6 = 0xC4;
*(BYTE*)0x0040A5C7 = 0x00;
*(BYTE*)0x0040A5C8 = 0x00;
*(BYTE*)0x0040A5C9 = 0x00;
*(BYTE*)0x0040A5CA = 0x90;// |90 NOP
Special thanks to Willerson and Gembrid
Re: MuOnline Japan S6 Client.
Re: MuOnline Japan S6 Client.
isn't the new clients of S6 packed with shiet packers ?
Re: MuOnline Japan S6 Client.
No, the mains aren't packed..the are changed so that they can be launched only through the website like MUGlobal.
Re: MuOnline Japan S6 Client.
What version is this?season 6 episode 2?
Posted via Mobile Device
Re: MuOnline Japan S6 Client.
Don't really know..cause i couldn't start it, main.exe version is 1.3.35 and if my calculations are correct this should be 1.3I+ cause 1.3D+ is 1.3.30.
Re: MuOnline Japan S6 Client.
i have cracked the main, but does not show serverlist after login, check offsets.
DWORD * MainIP = (DWORD*)(0x00954AEC);
memset(&MainIP[0],0x00,100);
memcpy(&MainIP[0],"192.168.254.250",30);
//mu.exe
*(BYTE*)0x004A418F = 0xEB; // /EB 55 JMP SHORT main.004A41E6
*(BYTE*)0x004A4190 = 0x55;
//config.ini read error
*(BYTE*)0x004A4626 = 0x75;// /75 19 JNZ SHORT main.004A4641
*(BYTE*)0x004A4627 = 0x19;
//gg init error
*(BYTE*)0x004A466F = 0xE9;// /E9 96000000 JMP main.004A470A
*(BYTE*)0x004A4670 = 0x96;
*(BYTE*)0x004A4671 = 0x00;
*(BYTE*)0x004A4672 = 0x00;
*(BYTE*)0x004A4673 = 0x00;
*(BYTE*)0x004A4674 = 0x90;// |90 NOP
//ResourceGuard error
*(BYTE*)0x00656F95 =0xEB;// /EB 3F JMP SHORT main.00656FD6
*(BYTE*)0x00656F96 =0x3F;
*(DWORD*)0x004A45F8 = 0x90909090;
*(BYTE*)0x004A45FC =0x90;
it have new checks, i have cracked cmstartercore, but not show serverlist too
Re: MuOnline Japan S6 Client.
Maybe it needs the protocol fix like for the ENG client.
Code:
case 0xC1:
switch(BYTE(protoNum))
{
case 0xDB: // this is client send to server packet
protoNum = 0xD7; //Server Sends back to Client for that Protocol
aRecv[2] = 0xD7; //Server Sends Back to Client for that protocol
break;
case 0xF1: //Login protocol (Season 4) // The magic :) (thx to zemattana)
aRecv[1] -= 0x0A;
aLen = aRecv[1];
for(int i = 24; i<50; i++)
aRecv[i] = aRecv[i+10];
break;
}
And from what i saw its a bit different the CMstartercore function from the one that is in the Global main.
Re: MuOnline Japan S6 Client.
no, its not login protocol, is ConnectServer Protocol, it receive all serverlist ( see MuError.log ) but not show the list, it does a new check, and Webzen compiled this main in debug mode... i have checking all checks, but no progress Atm.
Re: MuOnline Japan S6 Client.
Updated 1st post, thanks willerson and btw for cmstartercore crack you did those things like in MuGlobal main?
Re: MuOnline Japan S6 Client.
yes, its a quite diferent, if you dont change one function, its show this message, if click cancel, message again, if you click ok, close main.
http://img847.imageshack.us/img847/1...1915550001.jpg
Re: MuOnline Japan S6 Client.
Yeah..i saw that and after i played a bit with the cmstartercore i get this like you sayd
http://img19.imageshack.us/img19/976...2330000.th.jpg
Uploaded with ImageShack.us
and in MuError.log it says:
[Connect to Server] ip address = 192.168.2.100, port = 44405
> Login Scene init success.
Send Request Server List.
Success Receive Server List.
---------- Post added at 08:42 PM ---------- Previous post was at 07:34 PM ----------
Also i used P4F ConnectServer and put the protocol of the CS to 0.97 and got this
http://img204.imageshack.us/img204/5...3210000.th.jpg
Uploaded with ImageShack.us
Client closes after i press any of those..so it means that it has something to do with the CS protocol..
Re: MuOnline Japan S6 Client.
need to code new connectserver ??? is it??
Re: MuOnline Japan S6 Client.
Yes,i think so. After that it should work.
Re: MuOnline Japan S6 Client.
haha, im go work on this ^^. not so hard...
