Hey,
Found in play.exe
How do we patch it?
so in C++ it will look like:
Call it on 0x40495E.
Have fun.
Found in play.exe
Code:
0040494C: 68A4C14000 push 0040C1A4 // Version.dat 00404951: FF1568934000 call MSVCRT.fopen // Open its 00404957: 8BF8 mov edi, eax // Adds it 00404959: 83C410 add esp, 00000010 0040495C: 85FF test edi, edi // Test it 0040495E: 741E je 0040497E // Dissconnection code + Form 00404960: 57 push edi // File 00404961: 6800040000 push 00000400 // Maximum Count 00404966: 56 push esi // Buffer 00404967: FF1594934000 call MSVCRT.fgets // From File, MAX 400 0040496D: 80A37B05000000 and byte ptr [ebx+0000057B], 00 // Does something with the file here 00404974: 57 push edi // File again 00404975: FF155C934000 call MSVCRT.fclose // Close it 0040497B: 83C410 add esp, 00000010
Code:
0040494C: 68A4C14000 push 0040C1A4 // Version.dat 00404951: FF1568934000 call MSVCRT.fopen // Open its 00404957: 8BF8 mov edi, eax // Adds it 00404959: 83C410 add esp, 00000010 0040495C: 85FF test edi, edi // Test it 0040495E: 741E jmp 00404975 // Skip this 00404960: 57 push edi 00404961: 6800040000 push 00000400 00404966: 56 push esi 00404967: FF1594934000 call MSVCRT.fgets 0040496D: 80A37B05000000 and byte ptr [ebx+0000057B], 00 00404974: 57 push edi 00404975: FF155C934000 call MSVCRT.fclose // Close it 0040497B: 83C410 add esp, 00000010
Code:
#define Adr_Jump 0x00404975
DWORD aJMP = Adr_Jump;
__declspec (naked) void Patch1()
{
__asm{
push edi
JMP aJMP
}
}
Have fun.