Register for your free account! | Forgot your password?

Go Back   elitepvpers > MMORPGs > Mabinogi > Mabinogi Hacks, Bots, Cheats & Exploits
You last visited: Today at 17:42

  • Please register to post and access all features, it's quick, easy and FREE!


[Release] Modified AF v0.5 [Broken]

Reply
 
Old   #1
 
elite*gold: 0
Join Date: Sep 2014
Posts: 545
Received Thanks: 582
[Release] Modified AF v0.5 [Broken]

NOTE: THIS DOES NOT FIX PAKE, MORE DETAILS BELOW.

Hello everyone. Let's just get straght into the details

Sometime in March, Patch #236 of Luoqi contained a new network update that killed ReadFromNetworkBuffer.
This also made the Morrighan Proxy not work in Luoqi for a while.
Today, we got the same update in the new NA Client.


I went ahead and updated the pattern, when it was updated another pattern broke down, All patterns eventually got updated.
The new problem now lies within DINPUT8. After logging in, the client will just crash.
I don't know why it crashes (I've been told that we got a new packet structure/protocol) , I just know that it crashes inside DINPUT8.
Last Trigger would be around DINPUT8.Recv+40, You can breakpoint that and figure it out yourself if you want





So this contains the Fixed version of AllisaFix with all patterns up to date.
I'm givng it out since I have no use for it anymore, and that I no longer have the time to waste hours and hours upon experimenting why it crashes.
I'm leaving it up to you people now (Presumably the 2ch.net People for the DINPUT8 error or YYDZH Moderators to figure out the problem and reverse engineer it themselves if they wanted too.)


I don't believe pake is dead.
after all, pake will never get patched, right?

Download:

Well, I'm off.
See you in another realm I guess?



[P2933]Step29 is offline  
Thanks
4 Users
Old 04/16/2016, 20:40   #2
 
elite*gold: 0
Join Date: May 2009
Posts: 166
Received Thanks: 515
Firstly You should not release the files that I specifically only gave to you. It was not intended for the public.

Secondly you released a non-working AF binary...what the? It is totally useless.

Thirdly anyone who doesn't have working pake and can fix it all along won't be able to fix it now. Even if they have AF source.


tliu0c is offline  
Old 04/17/2016, 00:32   #3
 
elite*gold: 0
Join Date: Sep 2014
Posts: 545
Received Thanks: 582
Quote:
Originally Posted by tliu0c View Post
Firstly You should not release the files that I specifically only gave to you. It was not intended for the public.
Oh Shoot, I do apologize for that.
It's the Dinput8 correct? If you want I can just remove that and replace it with the other dinput8, if I can find it
Please let me know anytime.

Quote:
Secondly you released a non-working AF binary...what the? It is totally useless.
That is incorrect. This version of AF is fixed on the newest NA Client (and the Luoqi CH Client). All the Hooks and patterns are corrected for this version. As I've previously said the new problem lies around dinput8. It will not work as soon as you log in regardless of all the hooks being corrected in AF. When I attached a debugger on this, the main file of AF has no problems, however Dinput8 itself will crash due to an incorrect structure/format and I would assume Dinput8 has to be recompiled again with the correct structure/format.


As far as I know, no source code of dinput8 exist anywhere. It's created by 1 anon of 2ch and it's most likely to believe that he doesn't play mabinogi anymore.

Quote:
Thirdly anyone who doesn't have working pake and can fix it all along won't be able to fix it now. Even if they have AF source.
I would assume it's because of the new protocol packet structure?
I'm not really too sure on this, due to the lack of time I have experimenting it. But I probably wouldn't even understand it as well due to the fact that the RFNB function is encrypted

Edit: dinput8 is now back to it's original state
Only thing that I modifed is DINPUT8.SEND+BA in order to correct an improper jmp.
( jmp DINPUT8.RECV+140 -> jmp DINPUT8.RECV+143)
[P2933]Step29 is offline  
Old 04/18/2016, 06:50   #4
 
elite*gold: 0
Join Date: Apr 2008
Posts: 2
Received Thanks: 0
does this hack work if yes sweet i been looking forever to for some one to do it + link is broken

+ can you tell me all i need to hack it like the programs and all that
to bypass and all that i want to learn how to hack mabi and to update hacks


jackpot100 is offline  
Old 04/18/2016, 09:47   #5
 
elite*gold: 0
Join Date: Jan 2015
Posts: 128
Received Thanks: 14
Quote:
Originally Posted by jackpot100 View Post
does this hack work if yes sweet i been looking forever to for some one to do it + link is broken

+ can you tell me all i need to hack it like the programs and all that
to bypass and all that i want to learn how to hack mabi and to update hacks
Wow, you really don't know how to read, do you?
Seren30 is offline  
Old 04/18/2016, 11:41   #6
 
elite*gold: 0
Join Date: Apr 2008
Posts: 2
Received Thanks: 0
Quote:
Originally Posted by Seren30 View Post
Wow, you really don't know how to read, do you?
dude don't be a jack *** i no you need Visual Studio but i don't no how to get source or how to make it in to like a injector or some **** i'm new to this kind of ****
and o i just read it all i see now my bad
jackpot100 is offline  
Old 04/20/2016, 16:27   #7
 
elite*gold: 0
Join Date: Dec 2007
Posts: 4
Received Thanks: 0
Quote:
Originally Posted by [P2933]Step29 View Post
I would assume it's because of the new protocol packet structure?
I'm not really too sure on this, due to the lack of time I have experimenting it. But I probably wouldn't even understand it as well due to the fact that the RFNB function is encrypted
There's no new protocol. Everything works exactly as it did before.

Pretty sure what he's talking about with not being able to fix mabipake's dinput8 is that it expects a fixed number of bytes for it's jmp hook, which is no longer the right size.

Why haven't you guys made your own version of Mabipake yet? It's so much easier to maintain than having to pander to out-dated code.
KouLeifou is offline  
Old 04/20/2016, 20:51   #8
 
elite*gold: 0
Join Date: Sep 2014
Posts: 545
Received Thanks: 582
Quote:
Originally Posted by KouLeifou View Post

Pretty sure what he's talking about with not being able to fix mabipake's dinput8 is that it expects a fixed number of bytes for it's jmp hook, which is no longer the right size.

Checking around Dinput8 and AF's copying bytes coding, you actually did gave me an idea.

DINPUT8.Send+86 and DINPUT8.Send+77F has been fixed with the correct offset of DINPUT8.RECV+140 -> 143 and I've reuploaded it again . However I am still crashing, I've checked all the JMPS in both Send and Recv functions of the DINPUT8 and other then AF copying the bytes of the RTNB function incorrectly due to the lack of bytes required to correctly allocate dinput8, every other function seems to be copying and jmping the bytes to the correct positions



But even with that being corrected, I am still crashing, debugging further to my tracer it appears that I crash

@ DINPUT8.Recv+40 (Start)
-DINPUT8+10960
-DINPUT8+2EA2
-ntdll.RtlAllocateHeap (from DINPUT8+2F19)
-ntdll.RtlpNtSetValueKey+2BFE
- ntdll.ResetRTLTranslations+E8
-ntdll.NtQueryInformationProcess (Crash Here)

At this point, I just don't know what to do about this whole thing, I'm running out of ideas why it would be crashing around this area.


Quote:
Why haven't you guys made your own version of Mabipake yet? It's so much easier to maintain than having to pander to out-dated code.
Because I'm too stupid to figure it out via C++/C# for me to code anything for myself . It took me 2 months to fix pake by reading thur AllisaFix's Uncommented codes and about >500 failed crash testings when the Client got upgraded to vc2010+
[P2933]Step29 is offline  
Old 04/20/2016, 22:13   #9
 
elite*gold: 0
Join Date: Dec 2007
Posts: 4
Received Thanks: 0
Quote:
Originally Posted by [P2933]Step29 View Post
You don't want to overwrite the interrupts, that push ebp is the correct spot to write the hook. The problem is that mabipake expects to overwrite, IIRC, 7 bytes and you now have something which is 9.

When your bucket is too small to catch the rain, you don't move it out from under the hole, you get a bigger bucket.
KouLeifou is offline  
Old 05/08/2016, 07:34   #10
 
elite*gold: 0
Join Date: Jun 2015
Posts: 1
Received Thanks: 1
so.. Have not still working FIX for now ?
hettp1123 is offline  
Old 05/08/2016, 08:28   #11
 
elite*gold: 0
Join Date: Jan 2015
Posts: 128
Received Thanks: 14
Quote:
Originally Posted by hettp1123 View Post
so.. Have not still working FIX for now ?
Someone posted it a few days ago, didn't you see?
Seren30 is offline  
Old 06/12/2016, 08:58   #12
 
elite*gold: 0
Join Date: Jun 2013
Posts: 2
Received Thanks: 0
what is the password ? thanks!


mark2165 is offline  
Reply



« Tutorial[]-Hacks/Bots/Cheats | [release] mabimods mods »



All times are GMT +2. The time now is 17:42.


Powered by vBulletin®
Copyright ©2000 - 2018, Jelsoft Enterprises Ltd.
SEO by vBSEO ©2011, Crawlability, Inc.

Support | Contact Us | FAQ | Advertising | Privacy Policy | Abuse
Copyright ©2018 elitepvpers All Rights Reserved.