| View previous topic :: View next topic |
| Author |
Message |
dnsi0
I post too much
![]() Reputation: 0
Joined: 04 Jan 2007
Posts: 2674
|
 Posted: Fri Feb 13, 2009 6:28 pm Post subject: [Code Problem] Unwritable Code... O.o |
 |
|
| I was messing around with Maplestory and I found a section (The WzFile loaded Section) where data was stored. So I used cheatengine to try and modify it. It turns out to have the PAGE_READONLY... So I try to get cheatengine to make the page writable... But that also fails. GameGuard wasn't on cause it was a private server. So how did maplestory do this and how would you disable the protection?
|
|
| Back to top |
|
 |
slippppppppp
Grandmaster Cheater
 Reputation: 0
Joined: 08 Aug 2006
Posts: 929
|
| Posted: Fri Feb 13, 2009 7:05 pm Post subject: |
|
|
| Just code something to call VirtualProtect yourself?
|
|
| Back to top |
|
|
dnsi0
I post too much
![]() Reputation: 0
Joined: 04 Jan 2007
Posts: 2674
|
| Posted: Fri Feb 13, 2009 7:10 pm Post subject: |
|
|
| slippppppppp wrote: | | Just code something to call VirtualProtect yourself? |
Did that T.T
|
|
| Back to top |
|
|
sponge
I'm a spammer
 Reputation: 1
Joined: 07 Nov 2006
Posts: 6009
|
| Posted: Fri Feb 13, 2009 8:37 pm Post subject: |
|
|
First off, is it code or not? Or is it a file mapped to memory? AKA wz files in memory.
_________________
|
|
| Back to top |
|
|
AlbanainRetard
Master Cheater
 Reputation: 0
Joined: 02 Nov 2008
Posts: 494
Location: Canada eh?
|
| Posted: Fri Feb 13, 2009 11:41 pm Post subject: |
|
|
If its WZ files in mem, you could hotswap data. But page is in kernel mode.
Yea I was an osdev.org - er. Try DB's Virtual Machine, and try to run code from there.
_________________
|
|
| Back to top |
|
|
Flyte
Peanuts!!!!
 Reputation: 6
Joined: 19 Apr 2006
Posts: 1887
Location: Canada
|
| Posted: Sat Feb 14, 2009 2:17 am Post subject: |
|
|
| AlbanainRetard wrote: | If its WZ files in mem, you could hotswap data. But page is in kernel mode.
Yea I was an osdev.org - er. Try DB's Virtual Machine, and try to run code from there. |
Do you even have the slightest clue what you are talking about, or do you just pull words out of thin air? I seriously believe it to be the latter.
|
|
| Back to top |
|
|
dnsi0
I post too much
![]() Reputation: 0
Joined: 04 Jan 2007
Posts: 2674
|
| Posted: Sat Feb 14, 2009 8:16 am Post subject: |
|
|
Nobody answered my question yet... >.<
And yes it is actual memory. But its located really really high like up in the 10000000s It page protected with READ_ONLY.
So let me restate my question:
How would I make this memory writable? Cause VirtualProtect, VirtualProtectEx works on other mem BUT not this one.
|
|
| Back to top |
|
|
sponge
I'm a spammer
Reputation: 1
Joined: 07 Nov 2006
Posts: 6009
|
| Posted: Sat Feb 14, 2009 3:21 pm Post subject: |
|
|
I still doubt it's code. Make sure it is code and then come back. (AKA real assembly.)
_________________
|
|
| Back to top |
|
|
tony2108
Advanced Cheater
 Reputation: 0
Joined: 26 Nov 2008
Posts: 63
Location: Hacking Battlefield
|
| Posted: Sat Feb 14, 2009 3:28 pm Post subject: |
|
|
Lineage 2 uses Gameguard protection. In the older cronicles the used to delete the file which contained the protection and there were no protection i think it's c5-c4-c3-c2-c1. Maybe you could just do that. Delete the file...
Never played Maple Story but it's based on other games making it easier to understand.
_________________
"Dark Angel is watching you" |
|
| Back to top |
|
|
sponge
I'm a spammer
Reputation: 1
Joined: 07 Nov 2006
Posts: 6009
|
| Posted: Sat Feb 14, 2009 4:31 pm Post subject: |
|
|
| tony2108 wrote: | Lineage 2 uses Gameguard protection. In the older cronicles the used to delete the file which contained the protection and there were no protection i think it's c5-c4-c3-c2-c1. Maybe you could just do that. Delete the file...
Never played Maple Story but it's based on other games making it easier to understand. |
You have no idea what you're saying.
_________________
|
|
| Back to top |
|
|
tony2108
Advanced Cheater
Reputation: 0
Joined: 26 Nov 2008
Posts: 63
Location: Hacking Battlefield
|
| Posted: Sat Feb 14, 2009 4:42 pm Post subject: |
|
|
ehh did i make any mistakes in typing or you can't umderstand what i am writing?
I am trying to say that as long as the game isn't a flash game the protection files should be kept into the folder of maple stories...(reminding never played Maple Stories)
_________________
"Dark Angel is watching you" |
|
| Back to top |
|
|
oib111
I post too much
 Reputation: 0
Joined: 02 Apr 2007
Posts: 2947
Location: you wanna know why?
|
| Posted: Sat Feb 14, 2009 4:44 pm Post subject: |
|
|
tony you should really learn to program before you start answering posts in the General Programming section.
_________________
| 8D wrote: |
cigs dont make people high, which weed does, which causes them to do bad stuff. like killing |
|
|
| Back to top |
|
|
sponge
I'm a spammer
Reputation: 1
Joined: 07 Nov 2006
Posts: 6009
|
| Posted: Sat Feb 14, 2009 4:54 pm Post subject: |
|
|
| tony2108 wrote: | ehh did i make any mistakes in typing or you can't umderstand what i am writing?
I am trying to say that as long as the game isn't a flash game the protection files should be kept into the folder of maple stories...(reminding never played Maple Stories) |
and I'm saying you're making up bullshit.
_________________
|
|
| Back to top |
|
|
tony2108
Advanced Cheater
Reputation: 0
Joined: 26 Nov 2008
Posts: 63
Location: Hacking Battlefield
|
| Posted: Sat Feb 14, 2009 5:05 pm Post subject: |
|
|
he said he wants to disable the protection...
hedidn't say he wants to use C++ to bypass so i am posting possible solutions. And i am new to all this programming stuff i am more confident with researching than coding. I don't know C++ and propably never will but i am trying to learn some others. Still a begginner so let's get back to our topic now?...
_________________
"Dark Angel is watching you" |
|
| Back to top |
|
|
dnsi0
I post too much
![]() Reputation: 0
Joined: 04 Jan 2007
Posts: 2674
|
| Posted: Sat Feb 14, 2009 6:23 pm Post subject: |
|
|
| tony2108 wrote: | he said he wants to disable the protection...
hedidn't say he wants to use C++ to bypass so i am posting possible solutions. And i am new to all this programming stuff i am more confident with researching than coding. I don't know C++ and propably never will but i am trying to learn some others. Still a begginner so let's get back to our topic now?... |
You solution is ****. Im disabling the PAGE protection not gameguard protection...
And its not actucally code. Its the WZ files loaded into the memory with FileOpen then Reading it. So I want to edit the parts of this memory so I wrote a dll and injected into ms.
So basically waht the dll does is:
VirtualProtect(Pointer($10010000){Mob.wz base},PAGE_READWRITE,op);
then
trying to overwrite the first 4 bytes with 0xFF.
How ever I get access violation.
This is with no gameguard so I know that VirtualProtect and VirtualProtectEx are unhooked. CE gives a similar result.
So I was wondering how did maplestory achieve this and is it possible to get rid of this page protection?
I though if I were to go into kernel mode (even though I vowed not to go there again...) and use KeStackAttachProcess() then accessing would it still need to be PAGE_READWRITE before I can modify?
|
|
| Back to top |
|
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
