Les hommes sont ils fous?
Download OllyDBG from OllyDbg v1.10
--------------*
Open OllyDBG
--------------*
File -> Open -> Choose your elementclient.exe
Right click -> Search for -> All referenced text strings(#pic1)
In the Text strings window
*Scroll to top & left click any line(#pic2)
Right click -> Search for Text key in "launch" -> OK
Double click the line of ASCII "Plz start game from launcher.exe"(#pic3)
In the CPU window
Double click JNZ SHORT 00XXXXXX will show a Assemble box(#pic4) change JNZ to JMP -> press Assemble button & close the box
Find again text in Text strings window
Search for "running" do it again double click JE SHORT 00XXXXXX change JE to JMP -> press Assemble button & close the box
Okay~ right click in CPU window -> Copy -> Select all right click in CPU window -> Backup -> Update backup right click in CPU window -> Copy to Executable -> Selection(#pic5)
Olly will show a File window right click in File window -> Save file
Zoom Hack :
Credits,akson
open Olly
Search for sequence of commands fadd dword ptr [esi+40] fst dword ptr [esi+40]
004056BE . D985 CD000000 fld dword ptr [ebp+CD]
004056C4 . D846 40 fadd dword ptr [esi+40]
004056C7 . D956 40 fst dword ptr [esi+40]
004056CA . D81D FCAB8400 fcomp dword ptr [84ABFC] may be XXXXXX
004056D0 . DFE0 fstsw ax
004056D2 . 25 00410000 and eax, 4100
004056D7 . EB 03 jnz short 004056DC 8B07 mov eax, dword ptr [edi]
004056DE . 3BC3 cmp eax, ebx
004056E0 . 0F85 E8000000 jnz 004057CE
Jump Hack
Note:this is different in different servers I am find a command that works for all.
Search:
mov edi,[esi+00000b08] nop line below cmp edi,[XXXXXXX]
Else
MOV EAX,DWORD PTR DS:[ESI+62C] MOV EDX,EAX SHR EDX,7 TEST BL,DL One of the results with, 0045B7B6 |. 8BBE 080B0000 MOV EDI,DWORD PTR DS:[ESI+B08] 0045B7BC |. 8B0D B4EF8B00 MOV ECX,DWORD PTR