Assembly Help

08/19/2009 18:56 sachamo512#1

I am still trying to learn assembly, but I'm getting better. I found a tut that looked really promising (by Lela or something), but it was all about cracking registration things and such, which doesn't really help me with 2Moons. So if anybody has a tut that is more guided to game hacking, a link would be greatly appreciated.

Anyway, here is what I need help with. Here is the part of the code I'm looking at:

[Only registered and activated users can see links. Click Here To Register...]

What I need is for it to jump to the cases 1,2. I have tried changing the JA SHORT to 0050CE4C, but that didn't work...

08/19/2009 20:34 xhugox#2

Your monitor sucks, buy a new one. :P
Replace the "JA ......" (lol sounds funny if you are german^^) with
"JMP 0050CE4C".
I'm not sure if it will work, since I'm not certain how cases are made in asm.(Maybe there is a pointer somewhere...)
This JA... is a conditional jump, it will only jump to 0050CE51 if the default case of the switch is true.

Does it help if I tell you that serverside commands do not work anymore because Acclaim gave their GMs a new client?

Quote:

I found a tut that looked really promising (by Lela or something), but it was all about cracking registration things and such, which doesn't really help me with 2Moons.

You need to understand the whole machine, before you change a bolt. Continue the Tuts! :)

And again, buy a new monitor you can hardly read the stuff on it.

08/19/2009 20:50 sachamo512#3

lol, my monitor is fine, i just used printscreen, so it shrunk the pic. Left click on it to make it bigger. I think I tried that, but I'll try again just in case

as for server-sided commands, I still think they can be done. One of my friends has it working, I just don't know how xD

08/19/2009 21:09 xhugox#4

If it is a RL friend you can punch his face for pulling your leg. :P
If it is a Webfriend, oh well, everything you say on the internet is true.

It really does not work, they changed op codes...

Alternatively you could NOP everything from JA to 0050CE4C

or

You could replace the stuff beginning from JA with

Code:

CALL 00748060
JMP 0050CE51

Just save the Screenshot with paint as .jpg, it will reduce the size extremely.

08/19/2009 21:18 Vaidas B#5

Quote:

Originally Posted by xhugox

If it is a RL friend you can punch his face for pulling your leg. :P
If it is a Webfriend, oh well, everything you say on the internet is true.

Welcome to the internet, where all of ur believe's are now proven facts :)
(the point is, nothing is real)

08/19/2009 21:20 sachamo512#6

sshhh. i want to believe. ur first idea didn't work, but i'm trying the nop idea now. I'm not sure what you mean by the changing JA to CALL & JMP

08/19/2009 21:27 HellSpider#7

Huh? I can read everything just fine on the pic :).

But yeah if you want to execute the case 1,2 always just change the JA (JumpIfAbove) to JMP (Jump) as xhugox said.

And about the tutorials, if you're reading the tutorials by Lena151 I suggest that you continue. I've read the whole series of the tutorials (40) and that's about how I learned using Olly and started to understand the PE structure :).

EDIT: Change the instruction by clicking it once and press SPACE. Then write "JMP 0050CE4C" without the quotes.

08/19/2009 21:58 Cr0_Fr3aK#8

Hey Instand could you give me the link to his/her Olly tutorials pls ?

And thx for explaining me the Unpacked Dekaron executable :).

08/19/2009 22:18 sachamo512#9

changing the JA to JMP 0050CE4C doesn't work...is it possible that it is double-checked somewhere?