huh? i thought you managed to do it?
patch the pe headers, as you know, redirection and erasing occurs in cabalmain so that dumping would be impossible.. thats the use of protectors...
ok enough with the lectures
1. i patched the pe header so that it no longer erases and redirect imports
-read "i copied the pe header of an unpacked cabalmain"
(*hint: i used private server cabalmain to extract headers of an unpacked file) - again you should not rely solely on your cabal client. You must be resourceful
2. now we solved the api redirection and erasing, patch the crc check so that it always passes the check (remember that this is the main cause why unpacked client go to ExitThread)
3. you will also encounter the code that detects olly. But by configuring olly plugins (Phantom / Hideolly) properly, you can ignore this step -- but if you want, patch the code manually ^^ (there are hundred of ways to kill it, NOP it, set the condition to zero so that it will always pass, etc. etc.)
4. I do not know why you need to repack the file. My cabalmain file is not packed. I was able to generate one 2mb and one 8mb file and they are both working.
5. Fix import tables using the tools provided. Delete unnecessary thunks. Have you tried to delete some unresolved pointers? Maybe not. Try to experiment. explore it. Some will work some will fail you. BUt make sure you have found the correct OEP before fixing the IAT. (I myself have tried typing addresses from 40000 onwards in increments of 1 during my trial and error period)
And for the question on how I managed to unpack/pack back to original state-- a patched client is not its original state. One question: did you find the OEP? If you mean using cabalmain in smaller size, use LordPE rebuild PE so that it will reduce to approx ~20% of the unpacked size. But you dont have to do that unless you are in scarce for hard disk space (OMG)
I am not saying that my process is the only way. There are hundreds of ways to find the OEP. Some tools provides 1 pack unpacking. Some apps, some scripts.
omg this is a long post.. im sorry...
how will you know if thats the correct OEP? will the ImpRec will tell you if you got the right OEP? btw thanks for the hints.. can i use any cabal private servers right?
how will you know if thats the correct OEP? will the ImpRec will tell you if you got the right OEP? btw thanks for the hints.. can i use any cabal private servers right?
what i did is that i used the unpacked cabal file to copy the pe header.
as to your question, imprec will only recognize that you entered a "possible" oep. but i do not depend on imprec. as i have said in majority of my posts in this thread, OEP looks similar with many applications. all you need to do is recognize it.
try to pack and unpack many windows utilities using yoda packer and you will know what i mean. (notepad, calc, char map) if you cannot unpack what you packed... youre goin nowhere...
I wonder if there were things I missed. I have only succeeded on a few things, switching push commands and redirecting jumps on a live debug. Been running traces here and there but I can't pinpoint where I would need to edit. I know I'm doing something wrong, and as mentioned, it might just be under my nose but I haven't been able to figure it out. I am still hoping someone would help me out.
Been working on this for a long time now, didn't really have that much time to concentrate and work on it though. Not much success. With the advent of new MMORPGs, I'm kind of losing my interest. Still, I want to thank the guys who shared their insights, at least I learned a few things.
what i did is that i used the unpacked cabal file to copy the pe header.
as to your question, imprec will only recognize that you entered a "possible" oep. but i do not depend on imprec. as i have said in majority of my posts in this thread, OEP looks similar with many applications. all you need to do is recognize it.
try to pack and unpack many windows utilities using yoda packer and you will know what i mean. (notepad, calc, char map) if you cannot unpack what you packed... youre goin nowhere...
ok thanks..
EDIT: oh wait.. can you really remove the dc flag while using live debug on a packed exe?
what i did is that i used the unpacked cabal file to copy the pe header.
as to your question, imprec will only recognize that you entered a "possible" oep. but i do not depend on imprec. as i have said in majority of my posts in this thread, OEP looks similar with many applications. all you need to do is recognize it.
try to pack and unpack many windows utilities using yoda packer and you will know what i mean. (notepad, calc, char map) if you cannot unpack what you packed... youre goin nowhere...
One of the most intelligent statements so far, and of course being able to understand the basic practices of looking around, comparing and trial&error when overcoming problems, just thought id throw in little upload in that may help some people. Also, Molebox should be removed, and yes Atomics statement of not needing to repack is correct, hence why questions relating to repacking where ignored xD
LordPE should be used, ill leave your imaginations to deduce google for plugins is a good idea learn to read the flow of whats going on in the exe, the stack for example is full of useful information at times...
I've been having trouble finding the D/C flags mainly because Xtrap detects Olly and shut Cabal down I tried using TwinR to bypass but it ends up TwinR detcets olly aswell lol so I used StrongOD to hide from TwinR but then I can't open Cabalmain.exe without using the phantOm plugin and if I use phantOm then TwinR detects Olly >.> back to square 1. I've tried many dif combinations of setting in phantOm and hideOD but to no success
seems ur the only interested on this hack from cabal na.. hehe
patched xtrap first since rider and twinr wont work for you.. edit the xtrap first so u can proceed on the modifying the exe for dh
Question/Frage:
-Im done with unpacking the cabal.exe file,then im done into live debugging(i got myself DCed from trying to stack the braces via level hack) Now im into tracing which callers call the function to get dc.What i did was tracing thru socket trace + call trace (im aware that in order to use call trace u must enable socket trace first) im done looking to the codes which got the error if tried NOPing them 1 by 1 (trial and error) All i get is same result, either i edit the wrong code or it gets terminated. Now My questions are,
am i doing the right thing?? or is there anything that i need to do?? Can anyone pls guide me with this?? thanks in advance/danke im voraus
Question/Frage:
-Im done with unpacking the cabal.exe file,then im done into live debugging(i got myself DCed from trying to stack the braces via level hack) Now im into tracing which callers call the function to get dc.What i did was tracing thru socket trace + call trace (im aware that in order to use call trace u must enable socket trace first) im done looking to the codes which got the error if tried NOPing them 1 by 1 (trial and error) All i get is same result, either i edit the wrong code or it gets terminated. Now My questions are,
am i doing the right thing?? or is there anything that i need to do?? Can anyone pls guide me with this?? thanks in advance/danke im voraus
Dont NOP the check's, just change what its checking for, theres 4 methods to do it the easiast is to edit the Switch's..... and as for unpacking 100% fine, getting the REAL OEP and rebuilding the ImportTable... that Olly folder I posted contains ollyscripts for that purpose, I missed out the ollyscript plugin because I expected people to spot there where scripts they needed to use there and to download the plugin to use those scripts!.
honestly, im a noob about olly, but still ill try my best to figure this out... thanks for the additional datus, il be trying it as soon as CR updates..
@enteng for us PH users, Yes its enuf
@nova as what i have understand check's and switch's are like "if then statement"
so if check(if) and switch(then) so i think it goes like this.. IF I WORE THE BRACE(VIA LEVEL HACK) THEN A.)I WOULD NOT DC B.)I WOULD GET DC. So meaning i will edit the B for me not to get DCed.. Ill be trying this now..BTW, the olly folder you have posted helped me alot..
[Discussion]Removing Weapon hit(s) limitations. 12/15/2009 - Mabinogi - 20 Replies Was wondering, your thoughts/ideas about removing these restrictions.
Like a short sword "Normal 3 hit weapon"
I'd like to work on this, however. I'm clueless as to where to start or what to try.
DLL edits?
Maybe a PE saying "I've only hit once, let me keep slashing this bears throat s'more"
that sort of thing.
cause N + (figure 8 here) sounds pretty sweet.
Removing Dc Flag guides. 09/26/2009 - Cabal Online - 5 Replies Hey all.
I need a bit help with this ... i was reading all removing dc flag threads but i dont understand much, can someone give me bit of guides that will help me with this ?
ok i have bypass , but i need really good guides bcoz im noob :(
cabal discussion. and program discussion xtrap killer 08/02/2009 - Cabal Online - 1 Replies now alot of people had the chance of trying how to hack and such, google only gave me small hints on bypassing and factors. on my search of learning how to bypass xtrap i came across an interesting pogram... " Xtrap Killer 2279"
a person named of Irius or some sort made the program.
Cheat Engine :: View topic - X-trap Killer 2275
it was at the cheatengine site so i thought maybe the community can take a look at it! since this is trusting enough.
i managed to understand how to...
Binary Discussion Discussion 04/08/2009 - CO2 Private Server - 10 Replies I dont think thats going to work, youve just made yourself a hell of alot of work :rolleyes:
Would be better to ban advertising servers in this section since 90% of people moved over to binarys anyway, theres barely any source code released because everyone either uses LOFT or the binarys, neither of which really need code (LOFT needs a complete rewrite but nothing really specific)
I would release a few things but all i can only really give out is some classes, all of my systems are...
![[Discussion] Removing DC Flag](https://www.elitepvpers.com/forum/iconimages/cabal-online/discussion-removing-dc-flag_ltr.gif){kind=small}
learn to read the flow of whats going on in the exe, the stack for example is full of useful information at times...
I tried using TwinR to bypass but it ends up TwinR detcets olly aswell lol so I used StrongOD to hide from TwinR but then I can't open Cabalmain.exe without using the phantOm plugin and if I use phantOm then TwinR detects Olly >.> back to square 1. I've tried many dif combinations of setting in phantOm and hideOD but to no success 
