PDA

View Full Version : [Guide][GS 1.00.18] Party Zen Bug Fix



cuonglee
20-04-08, 01:39 PM
Party Zen Bug Fix GameServer Normal


Nguồn hướng dẫn và lưu hành : Cuonglee and TrustTeam
Từ : <b><font color=red>[Chỉ có thành viên mới xem link được. <a href="register.php"> Nhấp đây để đăng ký thành viên......</a>]</font></b> (<b><font color=red>[Chỉ có thành viên mới xem link được. <a href="register.php"> Nhấp đây để đăng ký thành viên......</a>]</font></b>)

In Ollydbg:

Go to offset 004E3437


004E3437 |> 5F POP EDI
004E3438 |. 5E POP ESI
004E3439 |. 5B POP EBX
004E343A |. 8BE5 MOV ESP,EBP
004E343C |. 5D POP EBP
004E343D \. C3 RETN


Change to:



004E3437 8B4D 0C MOV ECX,DWORD PTR SS:[EBP+C]
004E343A 33C0 XOR EAX,EAX
004E343C 8A41 64 MOV AL,BYTE PTR DS:[ECX+64]
004E343F 83F8 02 CMP EAX,2
004E3442 74 05 JE SHORT GameServ.004E3449
004E3444 83F8 03 CMP EAX,3
004E3447 75 20 JNZ SHORT GameServ.004E3469
004E3449 8B91 B4000000 MOV EDX,DWORD PTR DS:[ECX+B4]
004E344F 8955 F8 MOV DWORD PTR SS:[EBP-8],EDX
004E3452 DB45 F8 FILD DWORD PTR SS:[EBP-8]
004E3455 D80D C8186E00 FMUL DWORD PTR DS:[6E18C8]
004E345B E8 1C550B00 CALL GameServ.0059897C
004E3460 8B4D 0C MOV ECX,DWORD PTR SS:[EBP+C]
004E3463 8981 B4000000 MOV DWORD PTR DS:[ECX+B4],EAX
004E3469 5F POP EDI
004E346A 5E POP ESI
004E346B 5B POP EBX
004E346C 8BE5 MOV ESP,EBP
004E346E 5D POP EBP
004E346F C3 RETN


Or
In C++ make dll :

File *.cpp :


bool PartyZenFix (char * ini)
{
BYTE PTZenFix[] = {
0x8B,0x4D,0x0C,0x33,0xC0,0x8A,0x41,0x64,0x83,0xF8, 0x02,0x74,0x05,0x83,0xF8,0x03,
0x75,0x20,0x8B,0x91,0xB4,0x00,0x00,0x00,0x89,0x55, 0xF8,0xDB,0x45,0xF8,0xD8,0x0D,
0xC8,0x18,0x6E,0x00,0xE8,0x1C,0x55,0x0B,0x00,0x8B, 0x4D,0x0C,0x89,0x81,0xB4,0x00,
0x00,0x00,0x5F,0x5E,0x5B,0x8B,0xE5,0x5D,0xC3 } ;

if ( GetPrivateProfileInt("TSTOption","TSTFixPartyZen", 0,ini) )
{
memcpy ( (int *) GS_PARTY_ZEN_FIX , PTZenFix , sizeof(PTZenFix) );
return 1;
}
return 0;
}


File *.h :


//=========================================
// Party Zen Bug Fix
//=========================================
#define GS_PARTY_ZEN_FIX (0x004E3437)


File *.ini :


TSTFixPartyZen = 1 ;0: No fix ; 1: Fix

Đầu Gấu
20-04-08, 02:33 PM
thanks .

cuonglee
20-04-08, 02:59 PM
Party Zen Bug Fix In GS_CS

In Ollydbg:
Go to offset 004F5B97


004F5B97 |> 5F POP EDI
004F5B98 |. 5E POP ESI
004F5B99 |. 5B POP EBX
004F5B9A |. 8BE5 MOV ESP,EBP
004F5B9C |. 5D POP EBP
004F5B9D \. C3 RETN



Change to:



004F5B97 |> 8B4D 0C MOV ECX,DWORD PTR SS:[EBP+C]
004F5B9A |. 33C0 XOR EAX,EAX
004F5B9C |. 8A41 64 MOV AL,BYTE PTR DS:[ECX+64]
004F5B9F |. 83F8 02 CMP EAX,2
004F5BA2 |. 74 05 JE SHORT GameServ.004F5BA9
004F5BA4 |. 83F8 03 CMP EAX,3
004F5BA7 |. 75 20 JNZ SHORT GameServ.004F5BC9
004F5BA9 |> 8B91 B4000000 MOV EDX,DWORD PTR DS:[ECX+B4]
004F5BAF |. 8955 F8 MOV DWORD PTR SS:[EBP-8],EDX
004F5BB2 |. DB45 F8 FILD DWORD PTR SS:[EBP-8]
004F5BB5 |. D80D F0B97300 FMUL DWORD PTR DS:[73B9F0]
004F5BBB |. E8 1C8D0D00 CALL GameServ.005CE8DC
004F5BC0 |. 8B4D 0C MOV ECX,DWORD PTR SS:[EBP+C]
004F5BC3 |. 8981 B4000000 MOV DWORD PTR DS:[ECX+B4],EAX
004F5BC9 |> 5F POP EDI
004F5BCA |. 5E POP ESI
004F5BCB |. 5B POP EBX
004F5BCC |. 8BE5 MOV ESP,EBP
004F5BCE |. 5D POP EBP
004F5BCF \. C3 RETN



Or
In C++ make dll

File *.cpp :


bool PartyZenFix (char * ini)
{
BYTE PTZenFix[] = {
0x8B,0x4D,0x0C,0x33,0xC0,0x8A,0x41,0x64,0x83,0xF8, 0x02,0x74,0x05,0x83,0xF8,0x03,
0x75,0x20,0x8B,0x91,0xB4,0x00,0x00,0x00,0x89,0x55, 0xF8,0xDB,0x45,0xF8,0xD8,0x0D,
0xF0,0xB9,0x73,0x00,0xE8,0x1C,0x8D,0x0D,0x00,0x8B, 0x4D,0x0C,0x89,0x81,0xB4,0x00,
0x00,0x00,0x5F,0x5E,0x5B,0x8B,0xE5,0x5D,0xC3 } ;

if ( GetPrivateProfileInt("TSTOption","TSTFixPartyZen", 0,ini) )
{
memcpy ( (int *) GSCS_PARTY_ZEN_FIX , PTZenFix , sizeof(PTZenFix) );
return 1;
}
return 0;
}


File *.h :


//=========================================
// Party Zen Bug Fix
//=========================================
#define GSCS_PARTY_ZEN_FIX (0x004F5B97)


File *.ini :


TSTFixPartyZen = 1 ;0: No fix ; 1: Fix