|
You last visited: Today at 17:39
Advertisement
[ALL SRO] edxSilkroadLoader Beta
Discussion on [ALL SRO] edxSilkroadLoader Beta within the SRO Hacks, Bots, Cheats & Exploits forum part of the Silkroad Online category.
09/08/2009, 14:04
|
#136
|
elite*gold: 0 
Join Date: Aug 2009
Posts: 120
Received Thanks: 38
|
i cant do it, ill have to rr ****** />
which will cause me to connect for 10000 more hours
**** theres none working loader in whole epvp
awesome...
|
|
|
|
09/08/2009, 14:11
|
#137
|
elite*gold: 20
Join Date: Mar 2008
Posts: 3,940
Received Thanks: 2,211
|
Quote:
Originally Posted by Macxer
i cant do it, ill have to rr ****** />
which will cause me to connect for 10000 more hours
**** theres none working loader in whole epvp
awesome...
|
We have A working loader, ^
You have more chance to connect sooner than later....
If you are committed not to relogg, then copy your Silkroad directory to another location and then do it that way 
|
|
|
|
|
09/08/2009, 15:36
|
#138
|
elite*gold: 0
Join Date: Jun 2009
Posts: 51
Received Thanks: 25
|
i experienced a little problem while loading isro112 (unpacked):
it patches the security seed at address 0x49111E instead of 0x491D1E.
seems as if the sig for that is not working really.
would it be possible to get the address of the CoCreateGuid function and then use the offset to this address as well in the sig (since this func is called right before the current signature start).
|
|
|
|
|
09/08/2009, 16:03
|
#139
|
elite*gold: 260
Join Date: Aug 2008
Posts: 560
Received Thanks: 3,779
|
Quote:
Originally Posted by bheaven
i experienced a little problem while loading isro112 (unpacked):
it patches the security seed at address 0x49111E instead of 0x491D1E.
seems as if the sig for that is not working really.
would it be possible to get the address of the CoCreateGuid function and then use the offset to this address as well in the sig (since this func is called right before the current signature start).
|
Which unpacked client are you using?
I already posted the one I had made using an OllyDbgScript and it's detecting it right:
I've not had any problems on any other Silkroad versions myself, so I'm fairly confident the signature itself is fine. I've used the same signature for years in my edx33/sr33 hooks as well and never a problem either.
If you look at the patch itself, it's really simple:
Code:
// Security seed fix
if(bDoSecuritySeed)
{
do
{
BYTE securitySeedSig[] =
{
0x8B, 0x4C, 0x24, 0x04, 0x81, 0xE1, 0xFF, 0xFF,
0xFF, 0x7F
};
results = FindSignature(securitySeedSig, 0, sizeof(securitySeedSig), pMappedFileBase, size);
if(results.size() != 1)
{
printf("%i results were returned. Only %i were expected. Please use an updated signature.\n", results.size(), 1);
break;
}
DWORD secSeedAddr = (DWORD)(dwImageBase + results[0] + dwCodeOffset);
printf("secSeedAddr: 0x%X\n", secSeedAddr);
BYTE patch1[] = {0xB9, 0x33, 0x00, 0x00, 0x00, 0x90, 0x90, 0x90, 0x90, 0x90};
WriteBytes(secSeedAddr, patch1, sizeof(patch1));
printf("\n");
} while(false);
}
If you upload your client I'll take a look at it though. That address you are getting shows that something is wrong, maybe a bug in my code elsewhere. Thanks if you can upload it.
|
|
|
|
|
09/08/2009, 17:52
|
#140
|
elite*gold: 0
Join Date: Jun 2009
Posts: 51
Received Thanks: 25
|
i am using the client i unpacked myself with stripper2.13b9
DL:
this is the passage that is chosen incorrectly from my client although it does not match the sig
Code:
00491118 8B4C24 20 MOV ECX,DWORD PTR SS:[ESP+20]
0049111C 64:890D 00000000 MOV DWORD PTR FS:[0],ECX
00491123 59 POP ECX
edit:
i noticed your client (taken from page 13) is about ~12MB while mine is only ~9,5MB.
furthermore yours is detected as a possible thread by my antivirus.
did you use stripper or ollyscripts to unpack it?
edit2:
tested with your client now and its working.
the error seems to be related to the unpacking method used...
|
|
|
|
|
09/08/2009, 18:14
|
#141
|
elite*gold: 260
Join Date: Aug 2008
Posts: 560
Received Thanks: 3,779
|
Quote:
Originally Posted by bheaven
edit:
i noticed your client (taken from page 13) is about ~12MB while mine is only ~9,5MB.
furthermore yours is detected as a possible thread by my antivirus.
did you use stripper or ollyscripts to unpack it?
|
I used an OllyDbgScript. The ASProtect section is left intact, which is why the exe is larger and also why your AV detects it as a 'virus'. If stripper didn't take out the ASProtect section, you'd see the same results.
I'll check out the client later today, I only recently got the stripper program, but I don't use it for ISRO/KSRO, just JSRO.
|
|
|
|
|
09/08/2009, 20:45
|
#142
|
elite*gold: 0
Join Date: Dec 2008
Posts: 136
Received Thanks: 0
|
I DON`T KNOW HOW TO DO IT I DIDN`T UNDERSTOOD NOTHING xd PLS HELP!! i want to play tsro but i don`t know how to add this loader XD i add the files in Tsro folder but i don`t know how to start it xD !!!HELP
|
|
|
|
|
09/08/2009, 20:48
|
#143
|
elite*gold: 20
Join Date: Mar 2008
Posts: 3,940
Received Thanks: 2,211
|
Quote:
Originally Posted by kekeven
I DON`T KNOW HOW TO DO IT I DIDN`T UNDERSTOOD NOTHING xd PLS HELP!! i want to play tsro but i don`t know how to add this loader XD i add the files in Tsro folder but i don`t know how to start it xD !!!HELP
|
Go to Bin directory and run edxSilkroadLoader_Lite.exe
|
|
|
|
|
09/08/2009, 20:49
|
#144
|
elite*gold: 0
Join Date: Dec 2008
Posts: 136
Received Thanks: 0
|
when i press edxSilkroadLoader_Lite.exe it show me an error saying : This aplication has failed to start because configuration is incorrect.Reinstalling the application may fix the problem! HELP Xd
|
|
|
|
|
09/08/2009, 20:57
|
#145
|
elite*gold: 20
Join Date: Mar 2008
Posts: 3,940
Received Thanks: 2,211
|
Quote:
Originally Posted by kekeven
when i press edxSilkroadLoader_Lite.exe it show me an error saying : This aplication has failed to start because configuration is incorrect.Reinstalling the application may fix the problem! HELP Xd
|
Download it again, from the first post.
Extract all files to your desktop, open Bin directory, and load edxSilkroadLoader.exe from there, if that fails.....
Install this and try again..
|
|
|
|
|
09/08/2009, 21:56
|
#146
|
elite*gold: 260
Join Date: Aug 2008
Posts: 560
Received Thanks: 3,779
|
Quote:
Originally Posted by bheaven
edit2:
tested with your client now and its working.
the error seems to be related to the unpacking method used...
|
I looked into this more and the issue has to do with my address calculating code. The client the stripper generates is 'valid' since Windows loads it, but it unfortunately makes things a lot more complicated.
After some research and trial and error, I have a fix. I will include the updated code in my next release. I still need to clean up a few things in the calculations, but I'm confident it should work properly now with stripped clients on JSRO/ISRO. I'll also test KSRO later, but it should work there as well.
jsro
Code:
dwSizeLow: 9851392
dwSizeHigh: 0
GetImageBase: 400000
GetOEP: A1DD82
GetCodeStart: 401000
GetDataStart: C2F000
GetCodeSize: 82E000
GetCodeOffset: C00
GetDataOffset: C00
header.PointerToRawData: 8575488
secSeedAddr: 0x42DFFE
logicalAddress1: 0xC38A40
patchAddress: 0x4CCE6C
patchAddress: 0x5058C6
patchAddress: 0x673E9B
nudePatchAddr: 0x8D4A4B
zoomHackAddr: 0x640DE6
physicalKoreanStringAddress: 0xC73870
physicalChineseStringAddress: 0xC73868
physicalTaiwanStringAddress: 0xC73860
physicalJapanStringAddress: 0xC73858
physicalEnglishStringAddress: 0xC73850
physicalVietnamStringAddress: 0xC73848
logicalKoreanStringAddress: 0x6F028F
logicalChineseStringAddress: 0x6F02B7
logicalTaiwanStringAddress: 0x6F02F0
logicalJapanStringAddress: 0x6F031D
logicalEnglishStringAddress: 0x6F035D
logicalVietnamStringAddress: 0x6F0396
physicalCharSelectStringAddress: 0xC73FDC
logicalCharSelectStringAddress: 0x6F4169
callOffset: 0xFFD74E5D
callAddr: 0x468FE0
physicalLauncherStringAddress: 0xC72858
logicalLauncherStringAddress: 0x6DB8C5
codecaveAddr: 0x6DB931
customMultiAddr: 0xD5E884
mutexStringAddress: 0xC728D0
patchAddress: 0x6DB850
macAddrSigAddr: 0x43B8CA
codecaveAddr: 0x43B8D3
callOffset: 0xFFFD84A8
callAddr: 0x413D80
bindSigAddr: 0x9B6970
isro
Code:
dwSizeLow: 10024960
dwSizeHigh: 0
GetImageBase: 400000
GetOEP: A44C42
GetCodeStart: 401000
GetDataStart: C50000
GetCodeSize: 84F000
GetCodeOffset: 0
GetDataOffset: 0
header.PointerToRawData: 8712192
anotherOffset: 3072
secSeedAddr: 0x491D1E
logicalAddress1: 0xC591D0
patchAddress: 0x558349
patchAddress: 0x58CEB6
patchAddress: 0x700375
nudePatchAddr: 0x95783B
zoomHackAddr: 0x6CDE66
physicalKoreanStringAddress: 0xC92BDC
physicalChineseStringAddress: 0xC92BD4
physicalTaiwanStringAddress: 0xC92BCC
physicalJapanStringAddress: 0xC92BC4
physicalEnglishStringAddress: 0xC92BBC
physicalVietnamStringAddress: 0xC92BB4
logicalKoreanStringAddress: 0x77B4AF
logicalChineseStringAddress: 0x77B4D7
logicalTaiwanStringAddress: 0x77B510
logicalJapanStringAddress: 0x77B550
logicalEnglishStringAddress: 0x77B590
logicalVietnamStringAddress: 0x77B5C9
physicalCharSelectStringAddress: 0xC93358
logicalCharSelectStringAddress: 0x77F329
callOffset: 0xFFD768BD
callAddr: 0x4F5C00
physicalLauncherStringAddress: 0xC91C64
logicalLauncherStringAddress: 0x766FF5
codecaveAddr: 0x767061
customMultiAddr: 0xD88060
mutexStringAddress: 0xC91CD8
patchAddress: 0x766F80
macAddrSigAddr: 0x49C16A
codecaveAddr: 0x49C173
callOffset: 0xFFFDB988
callAddr: 0x477B00
bindSigAddr: 0xA399E0
|
|
|
|
|
09/08/2009, 21:57
|
#147
|
elite*gold: 0
Join Date: Dec 2008
Posts: 136
Received Thanks: 0
|
thx for support!! it`s working
|
|
|
|
|
09/09/2009, 02:37
|
#148
|
elite*gold: 0
Join Date: Aug 2009
Posts: 12
Received Thanks: 0
|
done it , works great btw ... tnx 
|
|
|
|
|
09/09/2009, 03:15
|
#149
|
elite*gold: 260
Join Date: Aug 2008
Posts: 560
Received Thanks: 3,779
|
I have now released a slightly updated version: .
Please use that thread and release as this beta 1 is now completed and finished. I think people will like the new thread a lot better in terms of how clear the instructions are as well. More to come later!
(This thread can be closed now, thanks!)
|
|
|
|
|
09/09/2009, 03:25
|
#150
|
elite*gold: 20
Join Date: Mar 2008
Posts: 3,940
Received Thanks: 2,211
|
#Unsticky
#Closed
|
|
|
|
 |
|
Similar Threads
|
[cSRO] edxSilkroadLoader Beta 3c Testing
03/27/2010 - SRO Hacks, Bots, Cheats & Exploits - 46 Replies
Currently reversing the entire security system to come up with a new version that is more effective. No downloads for now.
This thread is for testing a new revision of my loader that adds security measures to be compatible with cSRO's latest protections. It is far from being a "complete" solution for cSRO, but I have made the minimal implementations to allow the Loader and all of its features to be used without getting detected (I think).
In short, if you can use the loader normally and...
|
edxSilkroadLoader
02/02/2010 - Silkroad Online - 0 Replies
Hallo lieber user.
Ich hoffe ihr könnt mir bei dem folgendem Problem helfen.
Wenn ich edxSilkroadLoader_lite Beta 3 starte und nur bei Multiclient, Patch Seed und Redirect Login Ip ein häckchen mache, dan zeigt er mir im Silkroad Login fenster ein disconnect an.
ich hoffe ihr könnt mir bei dem problem helfen.
lg bloks1
|
edxSilkroadLoader Lite
01/21/2010 - Silkroad Online - 1 Replies
i just followed all the steps to run silkroad... but when i click in the Start! button after configuring the patches a message appears "sro_client.exe stopped working" and it just closes
i'm using windows vista and already tried running edxSilkroadLoader Lite as administrator and also read the FAQs... can someone help me?
sorry for bad english :)
|
All times are GMT +1. The time now is 17:39.
|
|
![[ALL SRO] edxSilkroadLoader Beta](https://www.elitepvpers.com/forum/iconimages/sro-hacks-bots-cheats-exploits/all-sro-edxsilkroadloader-beta_ltr.gif){kind=small}
