[ALL SRO] edxSilkroadLoader Beta

Page 10 of 10 « First 89 10
09/08/2009 14:04 Macxer#136
i cant do it, ill have to rr sro
which will cause me to connect for 10000 more hours
fuck theres none working loader in whole epvp
awesome...
09/08/2009 14:11 theoneofgod#137
Quote:
Originally Posted by Macxer View Post
i cant do it, ill have to rr sro
which will cause me to connect for 10000 more hours
fuck theres none working loader in whole epvp
awesome...
We have A working loader, ^

You have more chance to connect sooner than later....

If you are committed not to relogg, then copy your Silkroad directory to another location and then do it that way :)
09/08/2009 15:36 bheaven#138
i experienced a little problem while loading isro112 (unpacked):
it patches the security seed at address 0x49111E instead of 0x491D1E.

seems as if the sig for that is not working really.
would it be possible to get the address of the CoCreateGuid function and then use the offset to this address as well in the sig (since this func is called right before the current signature start).
09/08/2009 16:03 pushedx#139
Quote:
Originally Posted by bheaven View Post
i experienced a little problem while loading isro112 (unpacked):
it patches the security seed at address 0x49111E instead of 0x491D1E.

seems as if the sig for that is not working really.
would it be possible to get the address of the CoCreateGuid function and then use the offset to this address as well in the sig (since this func is called right before the current signature start).
Which unpacked client are you using?

I already posted the one I had made using an OllyDbgScript and it's detecting it right:
[Only registered and activated users can see links. Click Here To Register...]

I've not had any problems on any other Silkroad versions myself, so I'm fairly confident the signature itself is fine. I've used the same signature for years in my edx33/sr33 hooks as well and never a problem either.

If you look at the patch itself, it's really simple:
Code:
// Security seed fix
	if(bDoSecuritySeed)
	{
		do
		{
			BYTE securitySeedSig[] =
			{
				0x8B, 0x4C, 0x24, 0x04, 0x81, 0xE1, 0xFF, 0xFF, 
				0xFF, 0x7F
			};
			results = FindSignature(securitySeedSig, 0, sizeof(securitySeedSig), pMappedFileBase, size);
			if(results.size() != 1)
			{
				printf("%i results were returned. Only %i were expected. Please use an updated signature.\n", results.size(), 1);
				break;
			}

			DWORD secSeedAddr = (DWORD)(dwImageBase + results[0] + dwCodeOffset);
			printf("secSeedAddr: 0x%X\n", secSeedAddr);

			BYTE patch1[] = {0xB9, 0x33, 0x00, 0x00, 0x00, 0x90, 0x90, 0x90, 0x90, 0x90};
			WriteBytes(secSeedAddr, patch1, sizeof(patch1));

			printf("\n");
		} while(false);
	}
If you upload your client I'll take a look at it though. That address you are getting shows that something is wrong, maybe a bug in my code elsewhere. Thanks if you can upload it.
09/08/2009 17:52 bheaven#140
i am using the client i unpacked myself with stripper2.13b9
DL: [Only registered and activated users can see links. Click Here To Register...]

this is the passage that is chosen incorrectly from my client although it does not match the sig
Code:
00491118   8B4C24 20        MOV ECX,DWORD PTR SS:[ESP+20]
0049111C   64:890D 00000000 MOV DWORD PTR FS:[0],ECX
00491123   59               POP ECX
edit:
i noticed your client (taken from page 13) is about ~12MB while mine is only ~9,5MB.
furthermore yours is detected as a possible thread by my antivirus.
did you use stripper or ollyscripts to unpack it?

edit2:
tested with your client now and its working.
the error seems to be related to the unpacking method used...
09/08/2009 18:14 pushedx#141
Quote:
Originally Posted by bheaven View Post
edit:
i noticed your client (taken from page 13) is about ~12MB while mine is only ~9,5MB.
furthermore yours is detected as a possible thread by my antivirus.
did you use stripper or ollyscripts to unpack it?
I used an OllyDbgScript. The ASProtect section is left intact, which is why the exe is larger and also why your AV detects it as a 'virus'. If stripper didn't take out the ASProtect section, you'd see the same results.

I'll check out the client later today, I only recently got the stripper program, but I don't use it for ISRO/KSRO, just JSRO.
09/08/2009 20:45 kekeven#142
I DON`T KNOW HOW TO DO IT I DIDN`T UNDERSTOOD NOTHING xd PLS HELP!! i want to play tsro but i don`t know how to add this loader XD i add the files in Tsro folder but i don`t know how to start it xD !!!HELP
09/08/2009 20:48 theoneofgod#143
Quote:
Originally Posted by kekeven View Post
I DON`T KNOW HOW TO DO IT I DIDN`T UNDERSTOOD NOTHING xd PLS HELP!! i want to play tsro but i don`t know how to add this loader XD i add the files in Tsro folder but i don`t know how to start it xD !!!HELP
Go to Bin directory and run edxSilkroadLoader_Lite.exe
09/08/2009 20:49 kekeven#144
when i press edxSilkroadLoader_Lite.exe it show me an error saying : This aplication has failed to start because configuration is incorrect.Reinstalling the application may fix the problem! HELP Xd
09/08/2009 20:57 theoneofgod#145
Quote:
Originally Posted by kekeven View Post
when i press edxSilkroadLoader_Lite.exe it show me an error saying : This aplication has failed to start because configuration is incorrect.Reinstalling the application may fix the problem! HELP Xd
Download it again, from the first post.

Extract all files to your desktop, open Bin directory, and load edxSilkroadLoader.exe from there, if that fails.....

Install this [Only registered and activated users can see links. Click Here To Register...] and try again..
09/08/2009 21:56 pushedx#146
Quote:
Originally Posted by bheaven View Post
edit2:
tested with your client now and its working.
the error seems to be related to the unpacking method used...
I looked into this more and the issue has to do with my address calculating code. The client the stripper generates is 'valid' since Windows loads it, but it unfortunately makes things a lot more complicated.

After some research and trial and error, I have a fix. I will include the updated code in my next release. I still need to clean up a few things in the calculations, but I'm confident it should work properly now with stripped clients on JSRO/ISRO. I'll also test KSRO later, but it should work there as well.

jsro
Code:
dwSizeLow: 9851392
dwSizeHigh: 0
GetImageBase: 400000
GetOEP: A1DD82
GetCodeStart: 401000
GetDataStart: C2F000
GetCodeSize: 82E000
GetCodeOffset: C00
GetDataOffset: C00

header.PointerToRawData: 8575488
secSeedAddr: 0x42DFFE

logicalAddress1: 0xC38A40
patchAddress: 0x4CCE6C
patchAddress: 0x5058C6
patchAddress: 0x673E9B

nudePatchAddr: 0x8D4A4B

zoomHackAddr: 0x640DE6

physicalKoreanStringAddress: 0xC73870
physicalChineseStringAddress: 0xC73868
physicalTaiwanStringAddress: 0xC73860
physicalJapanStringAddress: 0xC73858
physicalEnglishStringAddress: 0xC73850
physicalVietnamStringAddress: 0xC73848

logicalKoreanStringAddress: 0x6F028F
logicalChineseStringAddress: 0x6F02B7
logicalTaiwanStringAddress: 0x6F02F0
logicalJapanStringAddress: 0x6F031D
logicalEnglishStringAddress: 0x6F035D
logicalVietnamStringAddress: 0x6F0396

physicalCharSelectStringAddress: 0xC73FDC
logicalCharSelectStringAddress: 0x6F4169
callOffset: 0xFFD74E5D
callAddr: 0x468FE0

physicalLauncherStringAddress: 0xC72858
logicalLauncherStringAddress: 0x6DB8C5
codecaveAddr: 0x6DB931
customMultiAddr: 0xD5E884

mutexStringAddress: 0xC728D0
patchAddress: 0x6DB850
macAddrSigAddr: 0x43B8CA
codecaveAddr: 0x43B8D3
callOffset: 0xFFFD84A8
callAddr: 0x413D80
bindSigAddr: 0x9B6970
isro
Code:
dwSizeLow: 10024960
dwSizeHigh: 0
GetImageBase: 400000
GetOEP: A44C42
GetCodeStart: 401000
GetDataStart: C50000
GetCodeSize: 84F000
GetCodeOffset: 0
GetDataOffset: 0

header.PointerToRawData: 8712192
anotherOffset: 3072
secSeedAddr: 0x491D1E

logicalAddress1: 0xC591D0
patchAddress: 0x558349
patchAddress: 0x58CEB6
patchAddress: 0x700375

nudePatchAddr: 0x95783B

zoomHackAddr: 0x6CDE66

physicalKoreanStringAddress: 0xC92BDC
physicalChineseStringAddress: 0xC92BD4
physicalTaiwanStringAddress: 0xC92BCC
physicalJapanStringAddress: 0xC92BC4
physicalEnglishStringAddress: 0xC92BBC
physicalVietnamStringAddress: 0xC92BB4

logicalKoreanStringAddress: 0x77B4AF
logicalChineseStringAddress: 0x77B4D7
logicalTaiwanStringAddress: 0x77B510
logicalJapanStringAddress: 0x77B550
logicalEnglishStringAddress: 0x77B590
logicalVietnamStringAddress: 0x77B5C9

physicalCharSelectStringAddress: 0xC93358
logicalCharSelectStringAddress: 0x77F329
callOffset: 0xFFD768BD
callAddr: 0x4F5C00

physicalLauncherStringAddress: 0xC91C64
logicalLauncherStringAddress: 0x766FF5
codecaveAddr: 0x767061
customMultiAddr: 0xD88060

mutexStringAddress: 0xC91CD8
patchAddress: 0x766F80
macAddrSigAddr: 0x49C16A
codecaveAddr: 0x49C173
callOffset: 0xFFFDB988
callAddr: 0x477B00
bindSigAddr: 0xA399E0
:)
09/08/2009 21:57 kekeven#147
thx for support!! it`s working
09/09/2009 02:37 Xavit#148
done it , works great btw ... tnx :handsdown:
09/09/2009 03:15 pushedx#149
I have now released a slightly updated version: [Only registered and activated users can see links. Click Here To Register...].

Please use that thread and release as this beta 1 is now completed and finished. I think people will like the new thread a lot better in terms of how clear the instructions are as well. More to come later!

(This thread can be closed now, thanks!)
09/09/2009 03:25 theoneofgod#150
#Unsticky
#Closed
Page 10 of 10 « First 89 10