Jump to content
MaxCheaters Official Group on Discord
-> Place your ad text here <-
We're Rebuilding – Join Our Staff Team
  • 0

Change HGUARD IP/Domain from unpacked Fire.dll

CubAfull

Asked by CubAfull,

 Share

Question

1 answer to this question

Recommended Posts

  • 0
CubAfull Newbie

CubAfull

Posted
  • Author
Posted

Ok, I'm going to continue with this because I really want the client HWID and the basic protection from this DLL.

Maybe others with the same need and more knowledge or wanting to help can join in this crusade :laughing:

 

This is what I have/found.

https://mega.nz/file/MMtAzKTK#uUsTz_QDuiqXrk2UR9UnWlUKuZ2zbT8F0TiD52kTGyw

 

This contain 5 files: 

Fire_U.dll - Unpacked. Found in RUS forum.
Fire_P1.dll - Packed. Same file as Fire_U.dll but Packed.
Fire_U1.dll - Unpacked Fire_P1.dll by me.
Fire_P2.dll - Packed. Another version.
Fire_U2.dll - Unpacked Fire_P2.dll by me.

 

If you use Fire_U.dll (rename to Fire.dll in your system) the client show you an error after loading the dll:

  

Runtime error 216 at 1314421A

 

All the unpacked files throw the same error and the error happen here.

  

.text:131441F0 loc_131441F0:                           ; CODE XREF: System::__linkproc__ StartLib(void)+44j
.text:131441F0 mov     dword_1319C63C, ecx
.text:131441F6 mov     eax, offset j_RaiseException
.text:131441FB mov     dword_1319C014, eax
.text:13144200 mov     eax, offset j_RtlUnwind
.text:13144205 mov     dword_1319C018, eax
.text:1314420A call    unknown_libname_67              ; BDS 2005-2007 and Delphi6-7 Visual Component Library
.text:1314420F mov     eax, [ebp+0Ch]
.text:13144212 inc     eax                             ; Increment by 1
.text:13144213 mov     byte_1319C658, al
.text:13144218 dec     eax                             ; Decrement by 1
.text:13144219 pop     ecx
.text:1314421A mov     edx, [ecx]                      ; Error: Runtime error 216 at 1314421A
.text:1314421C mov     dword_1319C654, edx
.text:13144222 jz      short loc_1314422B              ; Jump if Zero (ZF=1)
.text:13144224 cmp     al, 3                           ; Compare Two Operands
.text:13144226 jge     short loc_1314422B              ; Jump if Greater or Equal (SF=OF)
.text:13144228 call    dword ptr [ecx+eax*4]           ; Indirect Call Near Procedure

 

Pseudocode:

  

int __userpurge System::__linkproc__ StartLib@<eax>(int *a1@<eax>, int a2@<edx>, int a3@<ecx>, int a4@<ebx>, int a5@<ebp>, int a6@<edi>, int a7@<esi>, void (__cdecl *a8)(int *))
{
  int v8; // ecx
  int v9; // eax
  int v10; // eax
  int *v11; // ecx
  int v12; // eax
  int *v15; // [esp-4h] [ebp-4h]

  qmemcpy((void *)(a5 - 60), &dword_1319C630, 0x2Cu);
  dword_1319C650 = a6;
  dword_1319C64C = a7;
  dword_1319C644 = a5;
  dword_1319C648 = a4;
  dword_1319C638 = (int)a1;
  dword_1319C640 = a2;
  dword_1319C630 = a5 - 60;
  v8 = 0;
  if ( !*(_DWORD *)(a5 + 12) )
    v8 = *a1;
  dword_1319C63C = v8;
  dword_1319C014 = (int)j_RaiseException;
  dword_1319C018 = (int)j_RtlUnwind;
  unknown_libname_67((_EXCEPTION_REGISTRATION_RECORD *)a5);
  v9 = *(_DWORD *)(a5 + 12) + 1;
  byte_1319C658 = *(_BYTE *)(a5 + 12) + 1;
  v10 = v9 - 1;
  v11 = (int *)a3;
  dword_1319C654 = *(_DWORD *)a3; // The error happen here
  if ( v10 && (char)v10 < 3 )
    (*(void (**)(void))(a3 + 4 * v10))();
  v15 = v11;
  if ( a8 )
    a8(v11);
  v12 = *(_DWORD *)(a5 + 12);
  if ( (char)v12 >= 3 )
    ((void (*)(void))v15[v12])();
  if ( !dword_1319C02C )
    byte_1319C034 = 1;
  if ( *(_DWORD *)(a5 + 12) != 1 )
    System::__linkproc__ Halt0(a8);
  return System::_16705();
}

 

This is all for the moment. I update the post when have more info :)

Guest
This topic is now closed to further replies.
 Share
Go to question listing


  • Posts

    • Huggo
      MAP ADEN CLASSIC for IL

      By Huggo · Posted

      Check my post where I shared Lucera pack, you can pick textures from there. Here is a link of datapack/srv  https://eu2.contabostorage.com/d4b39866f6bb4084b6c969ec8fe20063:kita/Lucera_Classic_Remaster/Lucera Classic Remaster Server and Datapack files.rar
    • SephirothFx
      MAP ADEN CLASSIC for IL

      By SephirothFx · Posted

      Hi friends, does anyone have these Aden Classic textures for IL + geodata? Please ❤️  
    • SocNet
      [SOCNET STORE] | Telegram, Facebook, Twitter, Discord etc.

      By SocNet · Posted

      New products in our store: ➡Telegram Ukraine +380 | NO USED BEFORE | CLEAR ACCOUNTS | TDATA | No Spam Block | 2FA included | Age: from 3 days | Price from $3.2 ➡Facebook OLD Account 2020–2023 | Geo: EU+ASIA | Age: 2020–2023 | Profile filled with real friends: 50+ | Email Included + 2FA included | Real accounts | Price from $4.5 ➡SORA 2 | Invite code for YOUR account or a READY ChatGPT account + Sora 2 (read the product description) | Price from $2 ➡Instagram REALLY OLD accounts (2010–2013) with/without 2FA access | Country: MIX | Submail included | Price from $4 ➡Reddit FOR ONLYFANS Karma OLD Accounts | 1,000–10,000 KARMA (your choice) | MIX IP Registered | High-Quality Accounts for ONLYFANS WORKERS | Price from $4 ➡Mail.tm (temporary mails) AutoReg Account | Mixed IPs and Mixed Gender | IMAP, POP3, and SMTP Enabled | Price from $0.005 ➡ShadowSocks, VLESS, Trojan VPN Client | Any Country of Your Choice | Works on All Devices and in Any Country (Including Russia!) | Duration: 30/90/180/360 days | Price from $3 ➡TIKTOK ADS VERIFIED ACCOUNTS | GEO: ASIA/USA/EUROPE, AFRICA, ARABIC COUNTRIES, SOUTH AMERICA | Business Verified On ASIA/USA/EUROPE Company + POSTPAY | FULL ACCESS | Price from: $20 ➡TIKTOK ADS ACCOUNTS | GEO: Europe + Australia (your choice) | Business Verified + POSTPAY + BONUS COUPON for $6000 | Manual Registration | Email access + Cookies + VAT Info | Price from: $6 ➡Telegram API/HASH USA +1 Autoreg 1+ month age TDATA + SESSION + JSON + 2FA + API/HASH ID | Price from: $0.95 ➡KYC Business Verification Services | Verification for any service | Available geo: EUROPE, USA, ASIA Companies | Price from $300 ➡Telegram USA/Canada +1 with ACTIVE PREMIUM UP TO 01.12.2025 Autoreg | Age: from 6+ months | TDATA + SESSION + JSON + 2FA + PREMIUM | Price from $0.65 ➡Telegram USA/Canada +1 with ACTIVE PREMIUM (30 DAYS) Autoreg | Age: from 6+ months | TDATA + SESSION + JSON + 2FA + PREMIUM for 30 DAYS | Price from $5 Available for purchase in our store on the website or via the Telegram bot! Active links: Digital goods store (Website): Go to Store Telegram bot: Go to – convenient access to the store through the Telegram messenger. Other services: Virtual numbers service: Go to Telegram bot for purchasing Telegram Stars: Go to – fast and profitable purchase of Stars in Telegram. SMM Panel: Go to – promotion of your social media accounts. We want to present you the current list of promotions and special offers for purchasing our service’s products and services: 1. You can use a promo code for your first purchase: SOCNET (15% discount) 2. Get $1 on your store balance or a 10–20% discount — simply send your username after registering on our website using the following template: "SEND ME BONUS, MY USERNAME IS..." — you need to write this in our forum thread! 3. Get $1 for the first trial start of the SMM Panel: just open a ticket with the subject “Get Trial Bonus” on our website (Support). 4. Weekly Telegram Stars giveaways in our Telegram channel and in our bot for purchasing stars! News: ➡ Telegram channel: https://t.me/accsforyou_shop ➡ WhatsApp channel: https://chat.whatsapp.com/K8rBy500nA73z27PxgaJUw?mode=ems_copy_t ➡ Discord server: https://discord.gg/y9AStFFsrh Contacts and Support: ➡ Telegram: https://t.me/socnet_support ➡ WhatsApp: https://wa.me/79051904467 ➡ Discord: socnet_support ➡ ✉ Email: solomonbog@socnet.store
    • SocNet
      [SOCNET STORE] | Telegram, Facebook, Twitter, Discord etc.

      By SocNet · Posted

      New products in our store: ➡Telegram Ukraine +380 | NO USED BEFORE | CLEAR ACCOUNTS | TDATA | No Spam Block | 2FA included | Age: from 3 days | Price from $3.2 ➡Facebook OLD Account 2020–2023 | Geo: EU+ASIA | Age: 2020–2023 | Profile filled with real friends: 50+ | Email Included + 2FA included | Real accounts | Price from $4.5 ➡SORA 2 | Invite code for YOUR account or a READY ChatGPT account + Sora 2 (read the product description) | Price from $2 ➡Instagram REALLY OLD accounts (2010–2013) with/without 2FA access | Country: MIX | Submail included | Price from $4 ➡Reddit FOR ONLYFANS Karma OLD Accounts | 1,000–10,000 KARMA (your choice) | MIX IP Registered | High-Quality Accounts for ONLYFANS WORKERS | Price from $4 ➡Mail.tm (temporary mails) AutoReg Account | Mixed IPs and Mixed Gender | IMAP, POP3, and SMTP Enabled | Price from $0.005 ➡ShadowSocks, VLESS, Trojan VPN Client | Any Country of Your Choice | Works on All Devices and in Any Country (Including Russia!) | Duration: 30/90/180/360 days | Price from $3 ➡TIKTOK ADS VERIFIED ACCOUNTS | GEO: ASIA/USA/EUROPE, AFRICA, ARABIC COUNTRIES, SOUTH AMERICA | Business Verified On ASIA/USA/EUROPE Company + POSTPAY | FULL ACCESS | Price from: $20 ➡TIKTOK ADS ACCOUNTS | GEO: Europe + Australia (your choice) | Business Verified + POSTPAY + BONUS COUPON for $6000 | Manual Registration | Email access + Cookies + VAT Info | Price from: $6 ➡Telegram API/HASH USA +1 Autoreg 1+ month age TDATA + SESSION + JSON + 2FA + API/HASH ID | Price from: $0.95 ➡KYC Business Verification Services | Verification for any service | Available geo: EUROPE, USA, ASIA Companies | Price from $300 ➡Telegram USA/Canada +1 with ACTIVE PREMIUM UP TO 01.12.2025 Autoreg | Age: from 6+ months | TDATA + SESSION + JSON + 2FA + PREMIUM | Price from $0.65 ➡Telegram USA/Canada +1 with ACTIVE PREMIUM (30 DAYS) Autoreg | Age: from 6+ months | TDATA + SESSION + JSON + 2FA + PREMIUM for 30 DAYS | Price from $5 Available for purchase in our store on the website or via the Telegram bot! Active links: Digital goods store (Website): Go to Store Telegram bot: Go to – convenient access to the store through the Telegram messenger. Other services: Virtual numbers service: Go to Telegram bot for purchasing Telegram Stars: Go to – fast and profitable purchase of Stars in Telegram. SMM Panel: Go to – promotion of your social media accounts. We want to present you the current list of promotions and special offers for purchasing our service’s products and services: 1. You can use a promo code for your first purchase: SOCNET (15% discount) 2. Get $1 on your store balance or a 10–20% discount — simply send your username after registering on our website using the following template: "SEND ME BONUS, MY USERNAME IS..." — you need to write this in our forum thread! 3. Get $1 for the first trial start of the SMM Panel: just open a ticket with the subject “Get Trial Bonus” on our website (Support). 4. Weekly Telegram Stars giveaways in our Telegram channel and in our bot for purchasing stars! News: ➡ Telegram channel: https://t.me/accsforyou_shop ➡ WhatsApp channel: https://chat.whatsapp.com/K8rBy500nA73z27PxgaJUw?mode=ems_copy_t ➡ Discord server: https://discord.gg/y9AStFFsrh Contacts and Support: ➡ Telegram: https://t.me/socnet_support ➡ WhatsApp: https://wa.me/79051904467 ➡ Discord: socnet_support ➡ ✉ Email: solomonbog@socnet.store
    • SmurfsZone
      SmurfsZone: Your Best Source for League of Legend

      By SmurfsZone · Posted

      This is a bump

  • Topics

×
×
  • Create New...

AdBlock Extension Detected!

Our website is made possible by displaying online advertisements to our members.

Please disable AdBlock browser extension first, to be able to use our community.

I've Disabled AdBlock