[In Progress]Gameguard Bypass

[Only registered and activated users can see links. Click Here To Register...]

Like the other bypass you can not select a channel with it for now, ill keep you updated and post here when i release a beta version.

Very nice, might this work on the non-german EU version aswell?

no idea, but the method i used to get this far is so simple it will probably work on any client i get my hands on, but without passing the Server select it doesn't matter ^^

Very true. I hear the reasoning behind the server select is that you cannot run the game without GG or HS on. Maybe run EU with HS and SEA with GG? xDD

It could be that you achieved like nothing.

If I attach an "uce" to Dragonica prior GG loading.

It wont let me select a channel too ;)
Same with mhs or how its called.



But I could be wrong, go for it ^^

Thats the same state i currently have, now to cases:

1. If this is a gg version wich requires a serverside ack to continue we achived nothing. The server won't talk to us after login.
2. If this is a gg version wich does NOT require a serverside ack we need to transfer the game into the next state. (Thats what GG normaly would do)

From the packets i loged i would say that we are at case 2. Meaning we need to get the game into the next state and start sending the packets to continue. I don't know how familiar you are with GG but normaly the Game and Gamemon.des comunicate over a named pipe, Sockets, file or any other interprocess comunication mechanism.

Quote:

Originally Posted by Kuma123 Thats the same state i currently have, now to cases: 1. If this is a gg version wich requires a serverside ack to continue we achived nothing. The server won't talk to us after login. 2. If this is a gg version wich does NOT require a serverside ack we need to transfer the game into the next state. (Thats what GG normaly would do) From the packets i loged i would say that we are at case 2. Meaning we need to get the game into the next state and start sending the packets to continue. I don't know how familiar you are with GG but normaly the Game and Gamemon.des comunicate over a named pipe, Sockets, file or any other interprocess comunication mechanism.

I vote #1. The first bypass we created has been doing the same thing, stopping at channel select. Didn't happen in SEA, since they had HS not GG.

Since you seem to have both Versions, did you try to compare the packets send to see if there is further communication with the server beside the regular, when GG is active?

Gameguard starts a thread inside the Dragonica executeable and that thread executes not a gameguard function it executes a dragonica function.

Since we didn't start gameguard that Dragonica Thread is not present and the server selection probably misses it, it is the thread where it communicates through pipes aka files.

that wont work.. what we need to do for that ist snixx ALL gameguard packets from login and one hour after.
then we need to write a GG emu that sends the packets to the server to pretend gg is active.. but noone got it for now

the thread im talking about is the thread that sends the according packets to tell the server gg is alive, its an instance of gameguard inside the target application.
GameGuard.des and GameMon.des itself don't communicate with the dragonica server.

I didn't have time yet to do further reversing on dragonica and gg but from former versions of gg and other games there are multible Versions of GG around. Some do communicate throug the gameclient with a serverpart (some encryption action related with themida VM..., if thats the case its realy nasty see MU), others only have client side protections, like checks if GG is running and callbacks from the GameGuard executable into the game. (you only need to emulate the callbacks, one of these could be the init of the chanel select)

@Kane49 So the GG version actually differes in the communication with the server. Meaning we have some serverside verification.

BLUE SCREEN OF DEATH, oh man ....

What did you do to get that? O.o

Quote:

Originally Posted by Zacko7 What did you do to get that? O.o

all the time when i screw around with gameguard ^^