I've coded an application that is able to compress files into ENC files that Cabal clients use and vice versa .
I know there already exist tools like this but I didn't like some of them so I made my own variant. One of the tools was just a console app (hate them) and the other one was coded in Java.
This application is coded in MASM.
You can choose the XOR bytes used to XOR the first DWORD of the packed data. Use HEX characters in the boxes. Valid HEX chars are 0-9, A-F. Ie. 5F, 7C, 1A...
Furthermore, you can also choose the compression level. Values:
Minimal compression: 1
Maximal compression: 9
Note! If you modify or even repack the data files, Cabal will throw an error at startup. You need to bypass the file integrity check in Cabalmain.exe .
If you encounter any bugs, post them to this thread, don't PM me!
If your virus scanner report this application as malware, don't make a big fuzz about it because I'm not interested even slightly. It's a false positive!
hello, i already have that kind of tool, mine from balq tool. is that normal that even the tools says complete or success still bunch of random numbers and letters will show, cause i unpacked the item.enc and the only readble thing apear is the item_deccs51 and others item_desc.
Hello !
I have edited some warp points w the tool in mystery but anytime if i log in get error corrupt file -.-" The c.main have now some file check there or what? And 1 more think for warps i need edit the cabal enc only ?
+1 also try rename maps ( that one witch show up if u change map ) cuz its spanish or something but get error too -_-
I tried compress back in all level ( maybe they use 5 or 6 cuz thats space almost same as my edited file ) but never work
Hi i'm finded one offset in cabalmain where is calling the function responsive of read %/xdata.enc
One thing i dont understand about the key is...
XOR EAX,%value;
This value where are called ,because need one rotine for calculate internal main.
Nop this ->4E1A0D JNZ SHORT 004E1A3E, and there will be no .enc check, and for .ebm files use 010 editor and Yamachi's templates.
I don't get it. How can i nop adresses when i don't even have them? Range of adresses i have in memory editor is 76EE0000-76FB5FFE. Here's a SS. Please help me :))
BTW i'm using win7 64bit, maybe that's why adress is different? :D
I don't get it. How can i nop adresses when i don't even have them? Range of adresses i have in memory editor is 76EE0000-76FB5FFE. Here's a SS. Please help me )
BTW i'm using win7 64bit, maybe that's why adress is different?
How can i check what program is used to pack this cabalmain? Or do i need to try different unpackers? Here's my cabalmain, check it out and maybe you could link me to any guide that would give me knowledge about bypassing, cause i want to learn..
How can i check what program is used to pack this cabalmain? Or do i need to try different unpackers? Here's my cabalmain, check it out and maybe you could link me to any guide that would give me knowledge about bypassing, cause i want to learn..
U can use PeID, DiE, RDG packer detector or other software for detecting packers/protectors.
And cabalmain you provided is packed with VMprotect, pretty good stuff, it's beyond my capabilities.
But, u can use small trick to get to the good stuff in cabalmain.
Delete every file from X-trap/GameGuard folder, run cabalmain, then when x-trap/gameguard will be updating, run OllyDBG and attach to cabalmain process, then hit alt+e, and pick cabalmain module, now you should be able to find xors, magic keys etc.
U can use PeID, DiE, RDG packer detector or other software for detecting packers/protectors.
And cabalmain you provided is packed with VMprotect, pretty good stuff, it's beyond my capabilities.
But, u can use small trick to get to the good stuff in cabalmain.
Delete every file from X-trap/GameGuard folder, run cabalmain, then when x-trap/gameguard will be updating, run OllyDBG and attach to cabalmain process, then hit alt+e, and pick cabalmain module, now you should be able to find xors, magic keys etc.
And how about bypassing xtrap and .enc check in cabalmain.exe? Can i change and save values if it's VMprotected or i can only read them?
U can use PeID, DiE, RDG packer detector or other software for detecting packers/protectors.
And cabalmain you provided is packed with VMprotect, pretty good stuff, it's beyond my capabilities.
But, u can use small trick to get to the good stuff in cabalmain.
Delete every file from X-trap/GameGuard folder, run cabalmain, then when x-trap/gameguard will be updating, run OllyDBG and attach to cabalmain process, then hit alt+e, and pick cabalmain module, now you should be able to find xors, magic keys etc.
How to Use those XOR keys? where to put if i get those magic and XOR keys? well, thanks,
[Release Tool] iBot Auto Relogin Tool 09/12/2011 - SRO Guides & Templates - 8 Replies iBot Loader
3.2 IS OUT! NOW ADDED RUSSIAN SILKROAD SUPPORT!
How to use:
-Browse your iBot.exe
-Write your server's number to the server number (Search yours below)
-Write your informations to the loader
-PLAY WITH RELOG 24/7 WITH iBOT!
Notice: Don't forget to write your Silkroad's directory to the file
[Release Tool] iBot Auto Relogin Tool 09/12/2010 - SRO Hacks, Bots, Cheats & Exploits - 0 Replies Hello guys :) Showyka iBotRelogin Tool :)
iBot Loader 3.1
3.1 IS OUT!
How to use:
-Browse your iBot.exe
-Write your server's number to the server number (Search yours below)
-Write your informations to the loader
[question]How to detect file compression 06/10/2009 - General Coding - 0 Replies Hi there!
I am working on some files from MxO, wich extension is ltp.
In Hexviewer I saw that they contains only filenames on ASCII, each with a ltpX (where X is always the same ascii char) before it (like a delimiter) and data ater each one.
they appear to be only pyc (python compiled) files.
Filemon shows exe calling for:
![[Release] Cabal ENC Compression Tool](https://www.elitepvpers.com/forum/iconimages/cabal-private-server/release-cabal-enc-compression-tool_ltr.gif){kind=small}
.
