Newbie Spellweaver
- Joined
- Apr 15, 2009
- Messages
- 7
- Reaction score
- 0
Gender of items are hardcoded in the client by their item ID iirc
Do you know the ID range?
signed int __cdecl get_gender_from_id(signed int nItemID)
{
signed int result; // eax@2
int nItemGender; // edx@3
if ( nItemID / 1000000 != 1 )
return 2;
nItemGender = nItemID / 1000 % 10;
if ( nItemGender )
{
if ( nItemGender != 1 )
return 2;
result = 1;
}
else
{
result = 0;
}
return result;
}
signed int __cdecl get_gender_from_id(signed int nItemID)
{
return 2;
}
00460ADC mov eax, [esp+4] ; nItemID => eax
00460AE0 cdq
00460AE1 mov ecx, 1000000
00460AE6 idiv ecx ; nItemID / 1000000 => eax
00460AE8 push 1
00460AEA pop ecx ; pop 1 => ecx
00460AEB cmp eax, ecx ; if (eax == ecx)
[b]00460AED jz short 00460AF3[/b] ; if (nItemID / 1000000 == 1) => jump
00460AEF push 2
00460AF1 pop eax ; pop 2 => eax => return 2
00460AF2 retn
I explained how gender was calculated in the client here: http://forum.ragezone.com/f921/v62-v83-wz-edits-hair-1125064/
....OllyDbg, jump to that address, and change that instruction to NOP. This modifies the 74 04 (jz) instruction to 90 90, and just forces the function to return 2 always. Voila, removal of gender lock as requested!
I'm not sure if public sources like HeavenMS are anything like my source when it comes to checks or not, but I make sure the gender matches. If your source has gender checks as well, those will additionally need to be removed.
EDIT: I actually completely forgot about this. The legend himself, shavit had released this for v83 already. However, he uses DLL hooks. You can check out his release here if you're interested: http://forum.ragezone.com/f921/v83-unisex-items-1166058/