[Guide] Basic DLL Editing 1: One Charge Fireball

Quote:

Originally Posted by kgptzac o.o i thought i found a cmp al,5 for fireball... have you tested?

I did not not find that...

the code is somehow longer

and it appears it's controlled by some other code.

According to dark is probably right... heww...

~step 4 "look threw the code" can somebody help with this, i can find the debug thing but not the currentstackcount help?

Does this even work anymore?

I just did a quickie check for the occurrences of the CSkill and noticed a whole whack of external calls.

Am I right in assuming that this and possibly other skills have been distributed through numerous files?

This still works, but you will no longer find the "JNB Short" if you just copy-pasted your old code, which was "100432CF". Find the new one for the G9 skill.dll and you can get it to work.

Hint: Find this line in IDA:
text:1004DA77 call ds:?GetCurrentStackCount@ISkillMgr@core@@QBEEW4ESk illAlternativeType@2@@Z ; core::ISkillMgr::GetCurrentStackCount(core::ESkill AlternativeType)

Two lines below that is what you want to find. (Starts with jnb)

Thanks for the pointer - I just realized I was using my VISTA lappy for the check *facepalm* - on my XPpro desktop its no problemo to find it.

just a question kev.. when i found the address for taming (im incorporation this for taming success rate 100% btw) i copied it and pasted it in olly, but olly returned with no address or something like that.. can u tell me how to fix/do this right plz?
thanks~ xD

FYI, this still works D: and you have that error problem in oly, just spawm the shift+9 button and hpoefully u can then find the "1004DA77"

Uhm, I found the address containing the JNB that we're looking for, but when I go to Olly and try to look for it with ctrl-g, it doesn't work. in olly, all the addresses start with 775, rather than 100

Did i get some option wrong with Olly, or did nexon add a bunch of crap in the g9 patch and change some stuff? o.o

I'd appreciate a push in the right direction ._.

This is way weird - I had it working but without uber range.
I then went and got my trusty noginogi's up and running again (oh the headaches with collisions) now it messes up my hotkeys and other functions. Lucky I always archive the originals .... After some sleep I'll recompile ... my sleep deprived brain says the nogi's have changed a few things so the DLL needs to be updated ...ZZZZzzzzz......

Ive done everything right, used the new address instead of the old in olly. When I launch mabi, I sometimes am able to get in game and then get detected instantly or get in game and get detected a few minutes later. I would appreciate some help in terms of if doing 1 charge fireball with this method is possible without a bypass, if so, I would also appreciate it if someone could give me a hint in how to prevent the hack shield from detecting my edited .dll.

This still works except there seems to be some time restriction they put on from the outter source. It will fire instantly after the first charge, but the monsters wouldn't take the second immediate ball damage.

Is there a bypass necessary to make this work?Because it keeps detecting my modified .dll file all ive done is change fireball, what am I doing wrong here?. I would greatly appreciate any help >.<

When I go to the step where you find the adress in Olly, ctrl+G only works on the adress|ASCII dump tab(lower left) and nothing shows up in the CPU main thread tab(upper left). And when I searched for the adress in the adress|ASCII dump tab there are only some random symbols appeared (like this ---> s.婰$h?*...隣嬑.嬋尪.婽) beside the adress. I tried to change to different code(hex/text/etc.) but no luck getting anything done. Can anyone help me out? Thank you.

Quote:

Originally Posted by qwiqwi When I go to the step where you find the adress in Olly, ctrl+G only works on the adress|ASCII dump tab(lower left) and nothing shows up in the CPU main thread tab(upper left). And when I searched for the adress in the adress|ASCII dump tab there are only some random symbols appeared (like this ---> s.婰$h?*...隣嬑.嬋尪.婽) beside the adress. I tried to change to different code(hex/text/etc.) but no luck getting anything done. Can anyone help me out? Thank you.

Yeah when I do the number from IDA into OllyDbg it doesn't find it just gives me "No memory on the specified address". Not sure what I'm doing wrong since I know it's the right thing but on the skill.dll in OllyDbg it just starts with 7D's :/