Mode Hack

I managed to enable the UM Button..
But i think they check it serversided again, 'cause u'll lose connection after pressing 'OK' :(
Maybe I'm wrong and only forgot to edit something? o:
In that case I hope the exe may help (it's the german one) to finish it o:
Using Ollydbg simply right-click in the code -> Search For -> All Commands -> LEA EDI,DWORD PTR DS:[ESI+675C] .. that's where the game decides to enabled or disable the button (:

//Edit:
Forgot to say, what I've changed o:
CMP BYTE PTR DS:[21E2703],3 -> CMP BYTE PTR DS:[21E2703],2
so it takes the next jump and doesn't do the call where it disables the button (:

Nice. =)

This should be very helpful for some people who havn't and/or don't want to unlock UM haha....


<--- lvl 47 hm =)

Thx again..
Concreate13

Quote:

Originally Posted by schniefen I managed to enable the UM Button.. But i think they check it serversided again, 'cause u'll lose connection after pressing 'OK' :( Maybe I'm wrong and only forgot to edit something? o: In that case I hope the exe may help (it's the german one) to finish it o: Using Ollydbg simply right-click in the code -> Search For -> All Commands -> LEA EDI,DWORD PTR DS:[ESI+675C] .. that's where the game decides to enabled or disable the button (: //Edit: Forgot to say, what I've changed o: CMP BYTE PTR DS:[21E2703],3 -> CMP BYTE PTR DS:[21E2703],2 so it takes the next jump and doesn't do the call where it disables the button (:

You get DCed because there is an additional check that is done to see if your able to make hard/ultimate modes. Jewbacca once said that you need to change one push and one call and nop another call to get it to work. I've been toying around with it for quite awhile now and I'm making progress but still no total solution.

Quote:

Originally Posted by lilprohacker You get DCed because there is an additional check that is done to see if your able to make hard/ultimate modes. Jewbacca once said that you need to change one push and one call and nop another call to get it to work. I've been toying around with it for quite awhile now and I'm making progress but still no total solution.

Quote:

Originally Posted by schniefen I managed to enable the UM Button.. But i think they check it serversided again, 'cause u'll lose connection after pressing 'OK' :( Maybe I'm wrong and only forgot to edit something? o: In that case I hope the exe may help (it's the german one) to finish it o: Using Ollydbg simply right-click in the code -> Search For -> All Commands -> LEA EDI,DWORD PTR DS:[ESI+675C] .. that's where the game decides to enabled or disable the button (: //Edit: Forgot to say, what I've changed o: CMP BYTE PTR DS:[21E2703],3 -> CMP BYTE PTR DS:[21E2703],2 so it takes the next jump and doesn't do the call where it disables the button (:

sorry, but i can't understand why you don't write to your guide/tool that it's only helpful for pserver!
a GM or any player can see your level and your mode :facepalm:

if you want to use stuff like that, do it
but be careful

Quote:

Originally Posted by Polypropylen sorry, but i can't understand why you don't write to your guide/tool that it's only helpful for pserver! a GM or any player can see your level and your mode :facepalm: if you want to use stuff like that, do it but be careful

Why should it only be helpful for pserver? they can see your mode, but they cann't see if you got another char lvl 40 HM?
And I don't think the GM's will check >every< account o:

btw thx lilprohacker, I'll try to find that too (:

if it would be just a extra check of the byte (probly not ^^)
use MOV BYTE PTR DS:[21E2703],3 before the CMP :>
anyway you should also break at the ok_button and look for the calls there :p

Quote:

Originally Posted by wurstbrot123 if it would be just a extra check of the byte (probly not ^^) use MOV BYTE PTR DS:[21E2703],3 before the CMP :> anyway you should also break at the ok_button and look for the calls there :p

Tried that, there's more to it. From what jewbacaa said, there is a Call that needs to be noped out. I'm still searching for it.

Quote:

Originally Posted by lilprohacker Tried that, there's more to it. From what jewbacaa said, there is a Call that needs to be noped out. I'm still searching for it.

Good luck guys, wouldnt be that bad if you finish it ^^
i just added zoomhack to my Last Chaos Loader, later i should take a look at shaiya again but idk yet ^^
Btw if you get it done, how is it if you have a lvl 40 or 50 char at US version (idk settings there ^^) in hard mode and delete it ?
can you still create UM Chars?

Quote:

Originally Posted by wurstbrot123 Good luck guys, wouldnt be that bad if you finish it ^^ i just added zoomhack to my Last Chaos Loader, later i should take a look at shaiya again but idk yet ^^ Btw if you get it done, how is it if you have a lvl 40 or 50 char at US version (idk settings there ^^) in hard mode and delete it ? can you still create UM Chars?

Well the way it works is that once you reach the milestone for unlocking a mode a setting is set on the server. Now when you log into a server that setting is sent to you saying that you have these modes unlocked. Now if you delete your HM toon but keep atleast one toon on the server you will still have the modes unlocked. But if you delete all the toons then the setting is reset. One of the things I'm trying is to intercept that packet to trick the client into thinking those are unlocked. which then means the checks it does would still work correctly. I have been able to create a darky toon on my lighty account via this method. Kinda fun i guess.

I think i saw this dark / light setting a lil back when i stopped with shaiya ^^
Hmm anyway if the server sets a flag for modes than it should be impossible.
Cause if they was smart, they do it like that (lets say u already enabled UM button):
Client sends Requests to Create the Char with account data and new char data (also wich mode). Server checks the Data from the Account in the DB and looks if the Flag for UM is set, if its not, the Server wont Create the Char and simply DC you or send a message that the create was denied. If they did it like that, you wont be able to do it but lets see.. ^^

Quote:

Originally Posted by wurstbrot123 I think i saw this dark / light setting a lil back when i stopped with shaiya ^^ Hmm anyway if the server sets a flag for modes than it should be impossible. Cause if they was smart, they do it like that (lets say u already enabled UM button): Client sends Requests to Create the Char with account data and new char data (also wich mode). Server checks the Data from the Account in the DB and looks if the Flag for UM is set, if its not, the Server wont Create the Char and simply DC you or send a message that the create was denied. If they did it like that, you wont be able to do it but lets see.. ^^

True but they aren't that smart. I know this because I monitored the packets. If you try to create a HM toon without unlocking it it will DC you. Well I watched the packets being sent and received when doing this and it will send out the create toon packet but it dcs you before you get any response. So I take it as the client doing a check right after sending the packets, and if the check fails, it dcs you.

maybe someone could try to compare the german and the us client? that may be helpful because on the german servers HM is always unlocked

Quote:

Originally Posted by schniefen maybe someone could try to compare the german and the us client? that may be helpful because on the german servers HM is always unlocked

Did that! like I was saying before the packet that the sever sends when you login to a server, sends the byte that unlocks the modes. On the german servers, it always sends the byte to unlock HM.

Edit:
I did more testing and I am correct to say that the checks are client sided. I did this by breaking at the send packet command and waited for the packet that is sent to create a toon. As soon as it stopped at the break, I unplugged my modem. Then I let it continue. if followed through the same code and the same error message popped up saying you've been disconnected from the server. seeing that that all the same code was followed when I was connect and when I wasn't shows thats its client side.

Have you tried comparing packets between a normal level up vs. a lv 39-40 level on a fresh account?

It may provide helpful information; and if you're lucky, a solution.

thanxxxxxxx