Hi people, I'm having a question/problem while OllyDbg-ing Conquer.exe. I want to remove the MentorReward button (that one near ShoppingMall, ItemLock etc.). I've managed to remove the icon and not by deleting the icon files from the client, but I can't completly remove it from there. I think's a way cause, like they added it, they can remove it by reversing the steps or just delete some parts from that dissasembly code. What I'm asking for? Someone who's having a bit more knowledge about dissasembling than me, to tell where exactly to NOP or JMP over or w/e, or just to give me some hints about...Not asking for a spoonfeding here, just some tips. Thanks alot!
[Help]OllyDbg
01/30/2011 23:15
CGeorge#1
01/31/2011 11:49
Syst3m_W1z4rd#2
Try resource hack. It can manage the interface.
01/31/2011 15:17
CGeorge#3
Thanks mate, I'll try that and edit here if it's working or not.
Umm...it's not working. Anyway, close the thread, I've solved my problem so I don't need to remove it anymore. Thanks alot.
Umm...it's not working. Anyway, close the thread, I've solved my problem so I don't need to remove it anymore. Thanks alot.
02/17/2011 03:06
*M*#4
Has anyone used a resource hacker to successfully move buttons?
Nvm, Gui.ini does all this
Nvm, Gui.ini does all this
02/17/2011 13:27
shitboi#5
i am wondering. how did you guys start conquer using ollydbg?
doesn't Conquer take "blacknull" as argument to start on it's own?
Is there something that i need to set before i invoke Conquer.exe using Olly?
Currently i can never start Conquer.exe using olly
doesn't Conquer take "blacknull" as argument to start on it's own?
Is there something that i need to set before i invoke Conquer.exe using Olly?
Currently i can never start Conquer.exe using olly
02/17/2011 14:20
Syst3m_W1z4rd#6
You should be able to just do it directly.
02/17/2011 16:29
shitboi#7
you mean attach instead of open?
EDIT: CO freezes upon attaching
EDIT: CO freezes upon attaching
02/17/2011 18:44
Syst3m_W1z4rd#8
Dunno then. What version are you tried with? I haven't tried since 5200 and under.
02/17/2011 18:46
shitboi#9
I have been trying on newer versions. Since the first time i ever tried olly with conquer many patches ago, it didn't work for me.Quote:
Dunno then. What version are you tried with? I haven't tried since 5200 and under.
02/18/2011 00:15
*M*#10
Yes as running it in olly won't issue the blacknull command. You need to fool the code into thinking it has. You used to be able to just search for the blacknull string and patch a jump above it. TQ has made it a little more difficult for unknown reasons but here it is:Quote:
doesn't Conquer take "blacknull" as argument to start on it's own?
Is there something that i need to set before i invoke Conquer.exe using Olly?
Currently i can never start Conquer.exe using olly
First patch:
Code:
CPU Disasm Address Hex dump Command Comments 00581D87 5E POP ESI 00581D88 83C6 2B ADD ESI,2B 00581D8B 83FE 00 CMP ESI,0 00581D8E 0F84 08000000 JE 00581D9C 00581D94 FFE6 JMP ESI 00581D96 0F85 11000000 JNE 00581DAD 00581D9C 813D 618D85E8 F CMP DWORD PTR DS:[E8858D61],50FFFFFC 00581DA6 8D85 64FCFFFF LEA EAX,[EBP-39C] 00581DAC 50 PUSH EAX 00581DAD 8D85 70FFFFFF LEA EAX,[EBP-90] 00581DB3 50 PUSH EAX 00581DB4 8D85 ECFDFFFF LEA EAX,[EBP-214] 00581DBA 50 PUSH EAX 00581DBB 8D85 70FEFFFF LEA EAX,[EBP-190] 00581DC1 50 PUSH EAX 00581DC2 68 D4558B00 PUSH OFFSET 008B55D4 ; ASCII "%s %s %s %s %s" 00581DC7 8B85 4CFAFFFF MOV EAX,DWORD PTR SS:[EBP-5B4] 00581DCD FF70 74 PUSH DWORD PTR DS:[EAX+74] 00581DD0 FF15 94977D00 CALL DWORD PTR DS:[<&MSVCRT.sscanf>] 00581DD6 83C4 1C ADD ESP,1C 00581DD9 8985 E8FDFFFF MOV DWORD PTR SS:[EBP-218],EAX 00581DDF 83BD E8FDFFFF 0 CMP DWORD PTR SS:[EBP-218],5 00581DE6 0F94C0 SETE AL 00581DE9 A2 34828E00 MOV BYTE PTR DS:[8E8234],AL 00581DEE 83BD E8FDFFFF 0 CMP DWORD PTR SS:[EBP-218],1 00581DF5 0F8D B4000000 JGE 00581EAF 00581DFB 60 PUSHAD 00581DFC E8 17000000 CALL 00581E18 00581E01 59 POP ECX 00581E02 5F POP EDI 00581E03 5E POP ESI 00581E04 5B POP EBX 00581E05 C9 LEAVE 00581E06 51 PUSH ECX 00581E07 C3 RETN
Second patch:
Code:
CPU Disasm Address Hex dump Command Comments 00581ECD 59 POP ECX 00581ECE 83C1 2F ADD ECX,2F 00581ED1 83F9 00 CMP ECX,0 00581ED4 0F84 08000000 JE 00581EE2 00581EDA FFE1 JMP ECX 00581EDC 0F85 1B000000 JNE 00581EFD 00581EE2 8115 6168C055 8 ADC DWORD PTR DS:[55C06861],858D008B 00581EEC 70 FE JO SHORT 00581EEC 00581EEE FF DB FF ; Unknown command 00581EEF FF50 FF CALL DWORD PTR DS:[EAX-1] 00581EF2 15 2C987D00 ADC EAX,7D982C 00581EF7 59 POP ECX 00581EF8 59 POP ECX 00581EF9 85C0 TEST EAX,EAX 00581EFB 0F84 A1000000 JE 00581FA2 00581F01 60 PUSHAD 00581F02 E8 0E000000 CALL 00581F15 00581F07 83C4 24 ADD ESP,24 00581F0A C3 RETN
*M*
02/18/2011 03:48
ShinMiyazaki#11
Nice *M*, Glad that you're back with some promising tutorials.
Why don't you make thread for reversing tutorial for dummies ?
Just a simple basic tutorial because i want to learn specially those code cave like making standalone speedhack.
Why don't you make thread for reversing tutorial for dummies ?
Just a simple basic tutorial because i want to learn specially those code cave like making standalone speedhack.
02/18/2011 05:18
*M*#12
Conquer specific tuts don't really help give an understanding of the whole process, why x does y. I'd recommend doing general reversing tutorials, that way you can attack any piece of software.
The tutorials I studied are Lena's ones - [Only registered and activated users can see links. Click Here To Register...], if you can finish those you'll be prepared for anything, not just CO
The tutorials I studied are Lena's ones - [Only registered and activated users can see links. Click Here To Register...], if you can finish those you'll be prepared for anything, not just CO
03/06/2011 18:53
IAmHawtness#13
Quote:
Why not just:
[Only registered and activated users can see links. Click Here To Register...]
03/10/2011 02:00
*M*#14
BoringQuote:
[Only registered and activated users can see links. Click Here To Register...]
03/10/2011 07:28
IAmHawtness#15
Haha, I figured you'd say something like that :DQuote: