|
You last visited: Today at 03:10
Advertisement
OllyDBG & CO
Discussion on OllyDBG & CO within the CO2 Programming forum part of the Conquer Online 2 category.
04/13/2009, 06:24
|
#196
|
elite*gold: 0 
Join Date: Mar 2006
Posts: 96
Received Thanks: 332
|
With u value dont work, im try with "JMP SHORT 0046880B" and now running direct, but thanks for help dear. 
|
|
|
|
04/14/2009, 11:17
|
#197
|
elite*gold: 0
Join Date: Jan 2008
Posts: 303
Received Thanks: 156
|
Correct me if im wrong but if people had grasped the teachings of the first few pages of this thread they should already know how to continue this work, I see alot of "Help plx" requests for things already covered in this thread! Any nub can follow a guide to "Change this line to xyz, and that line to xyz"...
|
|
|
|
|
04/15/2009, 04:29
|
#198
|
elite*gold: 0
Join Date: Nov 2005
Posts: 28
Received Thanks: 0
|
Quote:
Originally Posted by NovaCygni
Correct me if im wrong but if people had grasped the teachings of the first few pages of this thread they should already know how to continue this work, I see alot of "Help plx" requests for things already covered in this thread! Any nub can follow a guide to "Change this line to xyz, and that line to xyz"...
|
most of them ask for being allowed to use free items to socket fan/talis 
|
|
|
|
|
04/16/2009, 19:49
|
#199
|
elite*gold: 0
Join Date: Oct 2007
Posts: 152
Received Thanks: 552
|
any1 knows how to up the fps limit like _fobos_ did? i know where to look but not what to change.
|
|
|
|
|
04/16/2009, 20:05
|
#200
|
elite*gold: 0
Join Date: Sep 2008
Posts: 490
Received Thanks: 595
|
Quote:
Originally Posted by killermanx0
any1 knows how to up the fps limit like _fobos_ did? i know where to look but not what to change.
|
open CO in olly -> search for all intermodular calls -> type in Sleep -> double click first one u find -> look for next 2 lines.
1:
00482E95 8D51 19 LEA EDX,DWORD PTR DS:[ECX+19]
into:
00482E95 8D51 14 LEA EDX,DWORD PTR DS:[ECX+14]
2:
00482E9E 83C1 19 ADD ECX,19
into:
00482E9E 83C1 14 ADD ECX,14
to remove the lock you patch the JNB
|
|
|
|
|
04/16/2009, 22:51
|
#201
|
elite*gold: 0
Join Date: Oct 2007
Posts: 152
Received Thanks: 552
|
Quote:
Originally Posted by _fobos_
open CO in olly -> search for all intermodular calls -> type in Sleep -> double click first one u find -> look for next 2 lines.
1:
00482E95 8D51 19 LEA EDX,DWORD PTR DS:[ECX+19]
into:
00482E95 8D51 14 LEA EDX,DWORD PTR DS:[ECX+14]
2:
00482E9E 83C1 19 ADD ECX,19
into:
00482E9E 83C1 14 ADD ECX,14
to remove the lock you patch the JNB
|
thnx alot bro
|
|
|
|
|
04/27/2009, 02:03
|
#202
|
elite*gold: 0
Join Date: Oct 2007
Posts: 152
Received Thanks: 552
|
srry for the doublepost but i got a request.
can any1 restrict the quiz search from internet explorer to mozilla firefox or any other browser?
i know the place in the conquer exe file but i dont know how to lead it to a other browser. it would help allot since internet explorer laggs with much ppl and often cant load the search.
|
|
|
|
|
05/02/2009, 17:06
|
#203
|
elite*gold: 0
Join Date: Jun 2006
Posts: 965
Received Thanks: 576
|
Btw if you want to remove the "Please login later" **** do this.
Search for -> All intermodular calls
Find "GetTickCount" and check them for the following code.
Code:
00434C1A |. FFD7 CALL EDI ; [GetTickCount
00434C1C |. 2B05 3C815D00 SUB EAX,DWORD PTR DS:[5D813C]
00434C22 |. 3D 10270000 CMP EAX,2710
Thing you are looking for is the CMP EAX,2710.
Patch the JBE right above "CALL EDI" to a JMP.
|
|
|
|
|
05/08/2009, 12:52
|
#204
|
elite*gold: 0
Join Date: Nov 2007
Posts: 30
Received Thanks: 1
|
hello all ,,,
can any one help me to make conquer.exe non-dc ?
& how to make it work with the speed hack !
help pls if u know how
|
|
|
|
|
05/08/2009, 22:44
|
#205
|
elite*gold: 0
Join Date: Mar 2009
Posts: 427
Received Thanks: 479
|
ok my question is sort of unrelated to everything and more of just a ollyDBG problem... when i run Conquer.exe through ollyDBG, i always get the same problem, it creates the conquer task and puts it at the bottom, but i can't see the window or get the window to appear, so i'm stuck with not being able to run Conquer.exe through ollyDBG . . .
|
|
|
|
|
05/09/2009, 04:38
|
#206
|
elite*gold: 0
Join Date: Mar 2009
Posts: 427
Received Thanks: 479
|
nvm, i figured out that there's an attach option... so thats that... but now i have a new question... or err.. request
i'm trying to find how to jump on top of where somebody already is... so i searched for the "100023=You can't stop here!" i.e. "PUSH 186B7"... and playing around with it for a little while... i ended up finding nothing really...
Code:
004C617E EB 2B JMP SHORT Conquer_.004C61AB
004C6180 FF15 7C805700 CALL DWORD PTR DS:[<&GraphicData.GameDat>; GraphicD.GameDataSetQuery
004C6186 8B10 MOV EDX,DWORD PTR DS:[EAX]
004C6188 6A 00 PUSH 0
004C618A 6A 00 PUSH 0
004C618C 68 0000FF00 PUSH 0FF0000
004C6191 68 D5070000 PUSH 7D5
004C6196 68 B7860100 PUSH 186B7
004C619B > 8BC8 MOV ECX,EAX
004C619D . FF52 3C CALL DWORD PTR DS:[EDX+3C]
004C61A0 . 50 PUSH EAX
004C61A1 . B9 A0855D00 MOV ECX,Conquer_.005D85A0
004C61A6 . E8 9D47FDFF CALL Conquer_.0049A948
004C61AB > 5F POP EDI
004C61AC . 5E POP ESI
004C61AD . 5B POP EBX
004C61AE . C9 LEAVE
i've tried just about everything to make my char jump on the spot of another player (and i also randomly tried to jump on places you can't actually jump on)... but the most i managed to do, was to remove the message, and thats by replacing 004C6186 with the line 004C617E... i'm pretty sure NOP'ing it would have the same affect though so err w/e... but ne way... i tried redirecting the 004C617E to a bunch of places, with no success, it'd just crash when u attempt to jump... only thing else i can think of... is to CALL the jump function some how... but i'm not even sure what the jump function or w/e is  ...
like i know if u try to bypass the gate jumping your char will jump there and warp back... but for when i got the message to not come up for jumping in a place you can't jump the message doesn't come up, and u don't jump at all . . .
any help plz? 
|
|
|
|
|
05/09/2009, 11:30
|
#207
|
elite*gold: 20
Join Date: Aug 2007
Posts: 1,749
Received Thanks: 2,199
|
Quote:
Originally Posted by ookamocka
any help plz? |
Code:
004C60F6 |. 8B4D FC MOV ECX,DWORD PTR SS:[EBP-4]
004C60F9 |. 85C9 TEST ECX,ECX
004C60FB |. 74 0E JE SHORT Conquer.004C610B
004C60FD |. E8 78C20000 CALL Conquer.004D237A
004C6102 |. 83E0 20 AND EAX,20
004C6105 |. 33C9 XOR ECX,ECX
Change into:
Code:
004C60F6 |. 8B4D FC MOV ECX,DWORD PTR SS:[EBP-4]
004C60F9 |. 85C9 TEST ECX,ECX
004C60FB |. 74 0E [B]JMP SHORT Conquer.004C610B[/B]
004C60FD |. E8 78C20000 CALL Conquer.004D237A
004C6102 |. 83E0 20 AND EAX,20
004C6105 |. 33C9 XOR ECX,ECX
However, it's still pretty hard actually jumping on top of the players, you need to click somewhere around their right food or so .
|
|
|
|
|
05/09/2009, 17:36
|
#208
|
elite*gold: 0
Join Date: Mar 2009
Posts: 427
Received Thanks: 479
|
Quote:
Originally Posted by IAmHawtness
Code:
004C60F6 |. 8B4D FC MOV ECX,DWORD PTR SS:[EBP-4]
004C60F9 |. 85C9 TEST ECX,ECX
004C60FB |. 74 0E JE SHORT Conquer.004C610B
004C60FD |. E8 78C20000 CALL Conquer.004D237A
004C6102 |. 83E0 20 AND EAX,20
004C6105 |. 33C9 XOR ECX,ECX
Change into:
Code:
004C60F6 |. 8B4D FC MOV ECX,DWORD PTR SS:[EBP-4]
004C60F9 |. 85C9 TEST ECX,ECX
004C60FB |. 74 0E [B]JMP SHORT Conquer.004C610B[/B]
004C60FD |. E8 78C20000 CALL Conquer.004D237A
004C6102 |. 83E0 20 AND EAX,20
004C6105 |. 33C9 XOR ECX,ECX
However, it's still pretty hard actually jumping on top of the players, you need to click somewhere around their right food or so . |
oh man your amazing lol... ya thats np on still needing to click on right at their feet or whatever... because i'm using it for a bot, so i don't have to worry about randomizing the variables to avoid obstacles, i can just jump right on to players in the way ^_^... so again, ty soooo much for that one... i spent an hour yesterday trying to find it lol
also, if u don't mind, how exactly did u find it? did u just search for PUSH 186B7 and just kept going above it and JMP the first JE/JNZ/JNE/etc. into JMP and seeing if it worked, and if it didn't work do the next one above it? if u did then i feel like an idiot cuz i got all the way to
Code:
004C6109 . 74 75 JE SHORT Conquer_.004C6180
doing that, and it didn't work, so i gave up on trying that approach... lol just 1 more and i would of had it >.<
thx for the insight... and if u don't feel like publicizing how u found it, send me a PM plz ^_^
again, i'm very greatfull for this
|
|
|
|
|
05/09/2009, 18:21
|
#209
|
elite*gold: 20
Join Date: Aug 2007
Posts: 1,749
Received Thanks: 2,199
|
Quote:
Originally Posted by ookamocka
also, if u don't mind, how exactly did u find it? did u just search for PUSH 186B7 and just kept going above it and JMP the first JE/JNZ/JNE/etc. into JMP and seeing if it worked, and if it didn't work do the next one above it? if u did then i feel like an idiot cuz i got all the way to
|
I loaded Conquer.exe in ollydbg, right clicked -> Search for -> All commands -> PUSH 186B7.
I found two "PUSH 186B7" instructions - one at 004C6196, one at 0050B66A
Then I had Conquer opened with Cheat Engine attached to it (I always use Cheat Engine for these kind of things)
I used Cheat Engine to set a breakpoint at both the "PUSH 186B7" instructions and tried jumping on a player in CO, and found out which one of them caused the "You can't jump here" (or whatever) error.
Then I just started tracing back.
Code:
[B]004C6180 |> FF15 7C805700 CALL DWORD PTR DS:[<&GraphicData.GameDat>; GraphicD.GameDataSetQuery[/B]
004C6186 |. 8B10 MOV EDX,DWORD PTR DS:[EAX]
004C6188 |. 6A 00 PUSH 0
004C618A |. 6A 00 PUSH 0
004C618C |. 68 0000FF00 PUSH 0FF0000
004C6191 |. 68 D5070000 PUSH 7D5
004C6196 |. 68 B7860100 PUSH 186B7
^ See that command there?
If you click on that and press Find references to -> Selected command (hotkey Ctrl+R) you'll see the addresses that jumps there.
Then you'll find the JE Conquer.004C6180, and 3 instructions below that is the JE Conquer.004C610B instruction, which needs to be JMP'd .
It's a lot easier doing these kinds of things if you combine Cheat Engine and ollydbg, really .
|
|
|
|
|
05/21/2009, 01:42
|
#210
|
elite*gold: 0
Join Date: Mar 2007
Posts: 52
Received Thanks: 2
|
OK new EXE, 5127 patch, most changes can be made, however I havent been able to find the "TQ_CONQUER" for multi? Any ideas?
LOL nevermind - PUSH 4AE "FTW? I THINK SO!"
|
|
|
|
 |
|
Similar Threads
|
How to use OllyDBG
12/13/2009 - 12Sky2 - 1 Replies
Is there any tutorial for this program? I want to learn how to hack 12Sky but I don't know how to use it. I know some basics but nothing more. I know to work in CE and in AutoIT really well.
|
[Help]Ollydbg.
12/10/2009 - Mabinogi - 4 Replies
I didnt have problems until today.
For some reason, when i open any dll with ollydbg this error message pops up.
If you dont mind, help me with this problem.
|
Ollydbg help
08/03/2009 - Dekaron - 23 Replies
I am trying to get a GM hack working, but I am still pretty noob with olly and assembly language. Is there anybody who would be willing to help me along, or work on it with me? I'm not asking for somebody to tell me what to do, just for somebody to give me a few pointers and tips and such to get this going.
What I did was backtrack a few of the gm commands using the call tree, and I ended up at the same offset for each code (0050CE37). So, I'm assuming that is the line that determines if...
|
OllyDBG
07/16/2009 - Perfect World - 5 Replies
hey can i have question what can i do with ollydbg at pw all? can i change my atk or gold with them? pls tell me what all can i do with this programm at pw:handsdown:
|
OllyDBG Help
03/25/2008 - General Coding - 4 Replies
Hi,i recently heard you could dupe items in ROSE Online with OllyDBG,it's patched already,and i was wondering if this works with any game.If so,could someone release a Tutorial or something to help me understand how to use OllyDBG better?
I'm sorry if there is one already posted,i searched and couldnt find any.
|
All times are GMT +1. The time now is 03:11.
|
|
