[Tutorial] Patch your GunzLauncher v2

P

purpleCRAYON

Experienced Elementalist
10 Happy Years
Joined
Mar 23, 2009
Messages
239
Reaction score
17
Here is a few ways you can patch your GunzLauncher. (:

1) Download GunZLauncher from
To view the content, you need to sign in or register
.
2) Open it in a hex editor, and edit:
@SKIP_UPDATE to something like @00000000000 (Make sure it is 11 characters)
3) Edit:
@TEST_LAUNCH to the same thing as above, 11 characters.
Note: The above can be ANYTHING as long as it is 11 characters!
4) Now, save it and make sure it still works properly.
5) Open it in OllyDbg which can be found
To view the content, you need to sign in or register
.
6) Click this button:
purpleCRAYON - [Tutorial] Patch your GunzLauncher v2 - RaGEZONE Forums

And type in:
Code: 
00406601
Now, double click it and you will get this code:
Code: 
PUSH 43C648
Change "PUSH" to "JMP". So it looks like this:
Code: 
00406601   . 68 48C64300    JMP GunzLaun.0043C648                   ;  ASCII "@00000000000"

Now, find a good obfuscater like Themida, or something similiar, pack your executable and find a way to MD5 check your launcher, to make sure people don't make a new one, and you are on your way to making a very secure server.
 
Themida isn't an obfuscation tool, it's a packer/protector.

The only "secure" way of having a check on the launcher would to have another tool running, or to have the client send in a salted hash of the launcher, salting it against an identifiable piece of information from the user, such as the account they login with. Even at that, anyone could modify the hash being sent to be a static one, matching their specific account.

Also, a tool such as Themida can be unpacked - ideally, you should just remove the @SKIP_PATCH routine entirely a la disassembly then reassemble the binary, and lastly, use a protection technique such as virtualization, or even polymorphism, for protecting the launcher.
 
gWX0 said:
Themida isn't an obfuscation tool, it's a packer/protector.

The only "secure" way of having a check on the launcher would to have another tool running, or to have the client send in a salted hash of the launcher, salting it against an identifiable piece of information from the user, such as the account they login with. Even at that, anyone could modify the hash being sent to be a static one, matching their specific account.

Also, a tool such as Themida can be unpacked - ideally, you should just remove the @SKIP_PATCH routine entirely a la disassembly then reassemble the binary, and lastly, use a protection technique such as virtualization, or even polymorphism, for protecting the launcher.
Click to expand...

They need a +1 button on this forum.
 
You must log in or register to reply here.

RaGEZONE Sponsor

    HyperFilter

About RaGEZONE

RaGEZONE® is the top forum for MMO, MMORPG, and mobile game development. We provide binaries, source codes, and tutorials for your favorite games, making it the go-to resource for developers and fans. You can also find and share private servers, fostering a vibrant gamer community.

Forum Statistics

Members online
836
Guests online
2,867
Total visitors
3,703
Totals may include hidden visitors.

RaGEZONE Partners

    nongamstopbets.com UK sites not on GamStop Casino Deps NZ
Back