Jump to content

Recommended Posts

Posted

ATM there are no servers with token protection (or maybe there are, but I don't know xD), anyway, here is a guide to extract the interlude token directly from memory.

 

1 - Download this files:

--------------->http://rapidshare.com/files/104921796/NWindow.rar.html (Nwindow GG cracked)

--------------->http://rapidshare.com/files/104921709/CProcess.exe.html (CurProcess)

 

2 - Copy NWindow.dll to your system, so you will disable GG.

 

3 - Start the game (L2) form the loader of your server, or directly form l2.exe

 

4 - Start CProcess.exe and find L2.exe in the upper list, and after that, select Engine.dll in the bottom list.

 

5 - Press Right Click over Engine.dll and click "Dump Memory", select a file name and as file format (Binary File). Then press "dump memory".

 

6 - Open the resulting file with any Hex editor (HexProbe, HexComparison, XVI32, etc) and look for the adress: 0x7F8BC0 there will be the token.

 

The default token for interlude is: 33313D3D2D252640215E2B5D5B3B272E5D39342D

 

 

PD: For more information, the PUSH instruction that reads the token is in adress: 0x165E80 in engine.dll

Guest
This topic is now closed to further replies.

×
×
  • Create New...