anyone here that made some expierence with debugging archlord ?
atm iam trying to do some cooldown hack/cheat with ollydbg instead of using wpe.
the problem with wpe ist that it take always some time to setup all filters.
sometimes filter need to setup again when porting etc.
the first thing i found out with ollydbg is the first timecheck for sending the
first 64 byte packet.
i was able to simply bypass this so that the first 64 byte packet is send.
but for some reason the 40 byte packet is not sended.
i tried alot of debugging but still was not able to find where the 40 byte is generated or tested for sending.
i tried to reverse the calls from the send call but got no luck so far.
( iam not really pro on using ollydbg atm.)
anyone found this out like i described above ?
or was able to bypass some code to get two packets sended ?
some hints would be nice. dont need code or adresses
i have also some question on the two packets that where sended.
after the header informations in the packet size etc.
there is a counter that is incremented after each packet.
ist this a counter that is genrated inside the code ?
i sended just two packets for testing but the counter was wrong and my
character where frozen.
the game where still runing but i was not able to do any action.
i know that most of the stuff is server side but i think the timers for the skill are not.
i did a simply test with a buff that got a cooldown of 70 secs to reload.
i did a breakpoint before the call to the api send function.
then i pressed the buff in the game and switched backed to the debugger where the breakpoint was triggerd before the send.
i waited arround 70 secs the time need to reload the buff cooldown time.
i removed the breakpoint and continue the game.
since the send was now triggerd i got the buff but when i look down to the
skill button i see that there was no downtime.
and i was able to recast the spell again while it was still running.
so i think that the downtime is on the clientside.
ofcourse finding the adress for the cooldown would be nice so it could be bypass very easy instead of using filters with wpe.
atm iam debugging and trying to find the timers. i found alot of timers but not the correct one so far.
like i said above i found the first timer check for the buff.
was something like this.
-----------------------------
mov eax,cooldown_will_end
cmp eax, actualTime
jbe short downtime_over
-----------------------------
so i made a jmp short... and the first 64 byte packet was sended.
but iam still was not able to get the second 40 byte packet sended so far.
anyone else got some hints on debugging archlord or did made some expierence ?
or found some nice functions inside the code ?
i wonder where the functions is that is called when you select a character.
after the reload all skills a reset.
woul be nice to finding this adress and make a custom call to reset the skills with a simply code cave or code injection.
( sorry english is not my native language.... )
