Jump to content
MaxCheaters Official Group on X
MaxCheaters Official Group on Discord
  • 0

Change HGUARD IP/Domain from unpacked Fire.dll

CubAfull

Asked by CubAfull,

 Share

Question

1 answer to this question

Recommended Posts

  • 0
CubAfull Newbie

CubAfull

Posted
  • Author
Posted

Ok, I'm going to continue with this because I really want the client HWID and the basic protection from this DLL.

Maybe others with the same need and more knowledge or wanting to help can join in this crusade :laughing:

 

This is what I have/found.

https://mega.nz/file/MMtAzKTK#uUsTz_QDuiqXrk2UR9UnWlUKuZ2zbT8F0TiD52kTGyw

 

This contain 5 files: 

Fire_U.dll - Unpacked. Found in RUS forum.
Fire_P1.dll - Packed. Same file as Fire_U.dll but Packed.
Fire_U1.dll - Unpacked Fire_P1.dll by me.
Fire_P2.dll - Packed. Another version.
Fire_U2.dll - Unpacked Fire_P2.dll by me.

 

If you use Fire_U.dll (rename to Fire.dll in your system) the client show you an error after loading the dll:

  

Runtime error 216 at 1314421A

 

All the unpacked files throw the same error and the error happen here.

  

.text:131441F0 loc_131441F0:                           ; CODE XREF: System::__linkproc__ StartLib(void)+44j
.text:131441F0 mov     dword_1319C63C, ecx
.text:131441F6 mov     eax, offset j_RaiseException
.text:131441FB mov     dword_1319C014, eax
.text:13144200 mov     eax, offset j_RtlUnwind
.text:13144205 mov     dword_1319C018, eax
.text:1314420A call    unknown_libname_67              ; BDS 2005-2007 and Delphi6-7 Visual Component Library
.text:1314420F mov     eax, [ebp+0Ch]
.text:13144212 inc     eax                             ; Increment by 1
.text:13144213 mov     byte_1319C658, al
.text:13144218 dec     eax                             ; Decrement by 1
.text:13144219 pop     ecx
.text:1314421A mov     edx, [ecx]                      ; Error: Runtime error 216 at 1314421A
.text:1314421C mov     dword_1319C654, edx
.text:13144222 jz      short loc_1314422B              ; Jump if Zero (ZF=1)
.text:13144224 cmp     al, 3                           ; Compare Two Operands
.text:13144226 jge     short loc_1314422B              ; Jump if Greater or Equal (SF=OF)
.text:13144228 call    dword ptr [ecx+eax*4]           ; Indirect Call Near Procedure

 

Pseudocode:

  

int __userpurge System::__linkproc__ StartLib@<eax>(int *a1@<eax>, int a2@<edx>, int a3@<ecx>, int a4@<ebx>, int a5@<ebp>, int a6@<edi>, int a7@<esi>, void (__cdecl *a8)(int *))
{
  int v8; // ecx
  int v9; // eax
  int v10; // eax
  int *v11; // ecx
  int v12; // eax
  int *v15; // [esp-4h] [ebp-4h]

  qmemcpy((void *)(a5 - 60), &dword_1319C630, 0x2Cu);
  dword_1319C650 = a6;
  dword_1319C64C = a7;
  dword_1319C644 = a5;
  dword_1319C648 = a4;
  dword_1319C638 = (int)a1;
  dword_1319C640 = a2;
  dword_1319C630 = a5 - 60;
  v8 = 0;
  if ( !*(_DWORD *)(a5 + 12) )
    v8 = *a1;
  dword_1319C63C = v8;
  dword_1319C014 = (int)j_RaiseException;
  dword_1319C018 = (int)j_RtlUnwind;
  unknown_libname_67((_EXCEPTION_REGISTRATION_RECORD *)a5);
  v9 = *(_DWORD *)(a5 + 12) + 1;
  byte_1319C658 = *(_BYTE *)(a5 + 12) + 1;
  v10 = v9 - 1;
  v11 = (int *)a3;
  dword_1319C654 = *(_DWORD *)a3; // The error happen here
  if ( v10 && (char)v10 < 3 )
    (*(void (**)(void))(a3 + 4 * v10))();
  v15 = v11;
  if ( a8 )
    a8(v11);
  v12 = *(_DWORD *)(a5 + 12);
  if ( (char)v12 >= 3 )
    ((void (*)(void))v15[v12])();
  if ( !dword_1319C02C )
    byte_1319C034 = 1;
  if ( *(_DWORD *)(a5 + 12) != 1 )
    System::__linkproc__ Halt0(a8);
  return System::_16705();
}

 

This is all for the moment. I update the post when have more info :)

Guest
This topic is now closed to further replies.
 Share
Go to question listing


  • Posts

    • protoftw
      Graphic/Html Designs - Protojah

      By protoftw · Posted

      L2 DEVS - HTML DESIGN (ALL NPC'S)    
    • Tinker123aa
      HAPPY 2025 By Guytis

      By Tinker123aa · Posted

      I only share for free what they are reselling 🙂 You keep crying in all the publications, and if you are looking for h5 or gd wait for 5 or 6 years... cheers.... GENERAL Cached Extended to 8192kb IOBuffer Hair2SlotCache ItemBidAuctioner Clan Hall Current Olympiad Season Rank pages System (Shows Points/Games - Fully Configurable) Automatic Flag Around Raidboss System Offline Shop & Buffers Restore After Restart (Fixed location) Offline Buffer System PvP Auto Announce System Rebuilt with Extra Addons (Fully Configurable, Name, Zones, Rewards) Automatic Announce System Rebuilt with Extra Addons (Fully Configurable) ALT+B Augmentation House Shift+Click Droplist/Spoil List Epic Items Rank RB points Rank ChangeColorName ChangeColorTitle Change Skin (Race) Change Gender Custom Subclass (Acumulative) Achievements Item Delivery System  Augmentations/Enchants Automatic Announce System Auto Learn Skills PvP Reward Pk Reward War Reward Scheme buffer GlobalChatTrade Trade Augment Items Castle Announce Time Castle Standby Time Fix Spiritshots delay SpellbooksDrop Enable/Disable Drop custom Fully configurable, lvl min max allmobs, allrb, individual New cancel effect min,max BlessedarmorEnchantRate BlessedmagicWeaponEnchantRate BlessednormalWeaponEnchantRate MaxSlosChars MaxSlotsDwarfs Enable or disable all commands Fix fast loading npc OlympiadRestoreStatsOnFightStart OlympiadSystemSecondTimeEnabled OlympiadEnterLast10Minute OlympiadThirdClassSummons MinLevelTrade AnnounceSubClassMsg1 AnnounceSubClassMsg2 AnnounceSubClassMsg3 LimitedSubClassRace NoSellItems Change ID SealStones for AA NoPrivateBuyItems NoDropPlayerOnDie DisableSkillEnchantData Show Level Mobs Show npc clan flag DespawnSummonEnBattle SummonPetEnBattle RideSummonPetEnBattle DitanceToTargetMove EnterWorld_Undying EnterWorld_UnHide BlockWhispMessagePlayerToGM UseItemsWithHide CriticalSkillDamageBonusPer=4.0 Disable SSQSystem OnCastle Siege End Use any dyes Buy halls directly in auctioneer without waiting for the auction, configuration to change the item you consume MensajeEnterWorldServer Command .hero enable/disable hero aura Config vip global chat character, chat by systemsg Soulshots: NoSendSystemMessageUse Panel //admin Global vote reward Agathions system Anti Interface, control all patch files by md5 Command .menu configurable, last restart, name, maxusers, privatestores Spawn protection activate deactivate consume items to activate  Activate or deactivate autoloot for vip characters EVENTS Happy Hour Event reworked Configurable by announcements or systemsg Team VS Team Capture The Flag Death Match Last Man Standing Destroy The Base Korean Style Castle Siege Check if the player is inside the tvt event due to disconnection/critical error Top 1/5 killer reward/announce TimeAfk ResetReuseSkills ResetBuffsOnFinish Firework effect Reward win/lost Add Team Location Title custom Red/blue Open Door/Wall System BalanceBishops Show kills in title Invest positions Show Death To Top Delete Non-Subclass Skills     RELOADS Reload Enterworld Html Option Reload Faction System Reload Donate Shop Reload OfflineBuffer Reload Champion NPC Reload CliExt Reload AntiBot Reload Vip System Reload Auction Reload AutoLoot Reload CastleSiegeManager Reload CharacterLock Reload ClanPvPStatus Reload AutoLearn Reload ClanReputationRank Reload ClanSystem Reload CreatureAction Reload Customs.ini Reload L2server.ini Reload SkillData.txt Reload doordata.txt Reload decodata.txt Reload Multisell Reload DropList   Extender tested for more than 3 years. Assured stability. Possibility of adding MOD's upon request. (Not included, consult).
    • Nightw0lf
      HAPPY 2025 By Guytis

      By Nightw0lf · Posted

      some peoples trash is another mans treasure, is that your treasure?   people might like the content but you are still the rat in the room     thats the community judging you.  
    • Nightw0lf
      Happy 2025 Ext IL, Packs and Webs. By Guytis

      By Nightw0lf · Posted

      was that the decoy topic?
    • Tinker123aa
      Happy 2025 Ext IL, Packs and Webs. By Guytis

      By Tinker123aa · Posted

      Keep reselling what I publish here for free!!! 🙂 GG  

  • Topics

×
×
  • Create New...