[Release] Unpacked cabalmain Executables.

Heya dude :)

I think you talked about my unpacking try for cabalmain which i shared ;)
I done some misstakes and still workin on it to fix it.
The cabalmain have 3 packers to be completely removed from all.
Maybe we can work out a solution together, feel free to pm me :rolleyes:

Quote:

Originally Posted by Bla.de Heya dude :) I think you talked about my unpacking try for cabalmain which i shared ;) I done some misstakes and still workin on it to fix it. The cabalmain have 3 packers to be completely removed from all. Maybe we can work out a solution together, feel free to pm me :rolleyes:

The EU cabalmain.exe has just 2 packers :). Believe me, I know what I'm talking about :).

You can get rid of the first packer (the very easy one) by doing this:

Quote:

1) Put a hardware breakpoint on ESP after the first PUSHAD instuction. 2) Run once 3a) Step the code until you get an exception, intercept SEH and you're done. 3b) ...or place a memory breakpoint on the .code section and run once.

The ASProtect is a bit harder and you need to fix some emulated APIs but if you wanna know more just throw me a PM (or if you got MSN you can PM your MSN) :).

This was never,ever supposed to be posted here -.- !
I hope you won't teach any1 how to remove the Dissconnect Error's .
If you'd like,you could do such things in the UG,as its unactive atm,since we're 2-3 inside,i'd love to have skilled ppl in it,i'll also start by creating a topic with a test for it.
Afaik,there's a 3rd packer,molebox ,put on it,and last time i talked with nova,he said they all should be removed.

Quote:

Originally Posted by PunkS7yle This was never,ever supposed to be posted here -.- ! I hope you won't teach any1 how to remove the Dissconnect Error's . If you'd like,you could do such things in the UG,as its unactive atm,since we're 2-3 inside,i'd love to have skilled ppl in it,i'll also start by creating a topic with a test for it. Afaik,there's a 3rd packer,molebox ,put on it,and last time i talked with nova,he said they all should be removed.

Well I'm about to get rid of the GameGuard but if I'm not allowed to post it here I could post it in the UG (I'm already in 2moons UG). I just started testing Cabal and made an account for it 30 mins ago :S.

And about the packer, there is just the yoda and ASProtect, no MoleBox. Believe me. I've unpacked things for 2 years now :)...

Naw its kewl,I only said what Nova told me on msn,always ;p
Well,I shall warn u ,the only 1 active in the UG is me xD
But apply for it,I'll let chrome know,it won't be long till i'll take control over the UG.
If you want to know more about the D/C errors,drop ur msn via PM,I'll tell u everything I know,

First of all to Punky:

Yeap true such things aren´t meant to get public i would say ;)
I would love to help where i can, just a bit busy atm in real-life, sometimes it sucks to have one haha :p

To Instant:

I dropped ya a PM with my MSN :)

LOL,I expected this thread to be full of spam and questions ,but ,its totally the other way around.

Hehehe, maybe some people don´t know what u can all do with such stuff :rolleyes:

You better shouldn´t have written it, prepare for mass spam :D

Quote:

Originally Posted by InstantDeath If you have the knowledge you can disable GameGuard from the executable. An unpacked executable allows you to read the real application code of cabalmain.exe. However if you do not know anything about reversing etc this is nothing for you :)...

So this is something like a bypass? And if its bypass,explain how to kill GG.

Quote:

Originally Posted by bot4eto So this is something like a bypass? And if its bypass,explain how to kill GG.

No, it's not bypass, its unpacked cabalmain.exe, lrn2read.

Quote:

Originally Posted by bot4eto So this is something like a bypass? And if its bypass,explain how to kill GG.

He only said if you have the knowledge than u can disable GG from the cabalmain. I think there are not many people out there who are able to do this. Its not only a "small" step to kick out the GG from the cabalmain. There is also the server which ask in a specified amount of time IF GG is running, if not --> ErrorCode 6, so you need to disable way more than only kicking out the GG ;)

Exactly, the problem is not on how to disable the GameGuard, the problem is to be able to fool the server of thinking that GameGuard is still running so that it wont drop the connection.

You can prevent the loadup of GameGuard by altering one byte in the cabalmain.exe...

i got problem..

File is corrupt
'E:\CABAL\DATA\caz.enc' - how to fix

Try to repair your cabal with the filecheck function from launcher.
Else re-install the game and see if it works than.
It doesnt have something to do with the unpacked cabalmain cause here it works fine

Quote:

Originally Posted by InstantDeath Exactly, the problem is not on how to disable the GameGuard, the problem is to be able to fool the server of thinking that GameGuard is still running so that it wont drop the connection. You can prevent the loadup of GameGuard by altering one byte in the cabalmain.exe...

i have tried the old way of simulating GG by downgrading and installing a local copy of GG but failed :( I have checked the HTTP request packet sent and found

GET /nProtect/GameGuard/RealServer/update.cfg

which corresponds also to my local WebServer (I tried both Abyss and IIS)

modified hosts file

127.0.0.1 np.cabal.com.ph

Hope there are other ways...