[release]AlissaFix v0.5

Alwaho · 11/07/2013, 04:11

Quote:

Originally Posted by zodiaczero

Hrmm, I've actually ready this. I've modifying the specific line pointed so it wouldn't jump, and when I save this it tells me the dll can't be found when it runs. Maybe I'm going about this the wrong way, I've already had to jump through a few hoops to actually load the file, involving changing the characteristics of the dll using another file so I can actually run it in a debugger. Otherwise I get a MSVCR90.dll missing error, which is odd because I have all the redistributable packages installed, and can load other DLLs just fine.

Honestly, I am really quite stupid when it comes to things past leeching... loool, so I wouldn't know why you are getting problems. However, judging by the wording in the first post, it seems that you are on the right track with jumping a specific function, which was so keenly pointed out in the picture. SO then, how do we jump it? Read the thingy I posted before. Should that actually work, I have no clue... XD. The whole point is to jump to the end of the detection system so that when the code is called, everything is all nice and happy and all.

. ANYWAY, as to why you are getting an error, I couldn't tell you... XD. Do you get it while trying to edit in the debugger then? AND I think thats all I have... sorry if that didn't answer anything x3

zodiaczero · 11/07/2013, 04:19

That's fine, I'm just giving a bit of information. I'm sure if i keep messing with it I'll figure it out. I've read the file ya posted, twice now actually, just in case I missed something. I'm seriously thinking my problem lies within not being able to actually execute the .dll within the debugger I'm using. If I'm on the right track, then this is actually quite simple, and I just need to figure out this last little setback. As to people who are wanting a one click duping tool, I doubt they would even be able to figure out Alissa if they even got it working.

Alwaho · 11/07/2013, 04:21

Quote:

Originally Posted by zodiaczero

That's fine, I'm just giving a bit of information. I'm sure if i keep messing with it I'll figure it out. I've read the file ya posted, twice now actually, just in case I missed something. I'm seriously thinking my problem lies within not being able to actually execute the .dll within the debugger I'm using. If I'm on the right track, then this is actually quite simple, and I just need to figure out this last little setback. As to people who are wanting a one click duping tool, I doubt they would even be able to figure out Alissa if they even got it working.

Lol, Alissa was my favorite thing to toy around in! I never got anything done because I ended up just making my pet fetch like... 1000+ times because I thought it was funny to watch.......... Yep... im that person XD! And also, check the pm I am sending to you right now O:

zodiaczero · 11/07/2013, 06:56

Well I'm going to give another crack at it tomorrow I think. Do some more research on how to load the file, try some new theories out. I'm sure eventually I'll get it working.

ronnykill · 11/07/2013, 08:20

Can anyone help me get this working since i need some AP ingame...
And it closes right after this screen pop-up

contact me tro skype or msn : Pray_1

How to make it work.

Elmend · 11/07/2013, 09:19

Thanks indeed
I love u

tliu0c · 11/07/2013, 10:18

Quote:

Originally Posted by Alwaho

<--- found this little thing from the same place the helpful picture was posted.

I uploaded that thing for you guys. You acutally bothered to find it. Nice. I am happy.

@zodiaczero
I know, you can't load the dll. I know even if I post that picture people still won’t be able to edit it.

Since you are actually putting effort into this and are on the right track, let me lead you to the result then

But really, you guys should be figuring out this on your own lol.

There are many ways to catch this dll in olly, but here is what you can do. First put that dll in your mabi folder. Then load Mabinogi.exe in olly and get it running. Then set a breakpoint on DisableThreadLibraryCalls. Now you need to inject that dll into mabinogi.exe using whatever tool you want. After you inject it, you should land on DisableThreadLibraryCalls immediately in olly. Now press run till return and you will return to the module you’ve been chasing for.

~~step29~~ · 11/07/2013, 18:24

Quote:

Originally Posted by tliu0c

I uploaded that thing for you guys. You acutally bothered to find it. Nice. I am happy.

I am surprised they have managed to found it too O_O;
also, unlock your "Stuff" folder >:U, Every time I try to get in it always gives me a 404.

I wish we can go back to the old days where you can just type in index in the url and you can see every file there is :c, or at least that how I used to remember doing back when I was 7 or something.

Alwaho · 11/07/2013, 20:28

Quote:

Originally Posted by step29

I am surprised they have managed to found it too O_O;
also, unlock your "Stuff" folder >:U, Every time I try to get in it always gives me a 404.

I wish we can go back to the old days where you can just type in index in the url and you can see every file there is :c, or at least that how I used to remember doing back when I was 7 or something.

Im the 7 year old fool, how could i not find it?

zodiaczero · 11/08/2013, 05:05

Okay so, I'm probably missing something yet again. I've done as you said, and I'm looking for the call to disablethreadlibrarycalls, and I'm coming up with no calls to it. I've got to stop again for the night though, classes early in my part of the world. I'm going to try different modifications of the same debugger, maybe that will give me a new breakthrough. If not, I hope I can find some strand that won't let my search end. I can feel the answers in front of me, I just can not grasp them yet.

Just an edit so I can show my progress and just get told if I'm heading in the right direction. Following Tilu0c's instructions I have moved the dll in question into the mabi folder and attempt to open the client, not the launcher through a debugger. This doesn't get me where I need to go though, so I am assuming that I may need to hide the debugger in some way so the client doesn't recognize it is being looked at. If that isn't the case, then I may just be missing the call to disablethreadlibrary calls. Am I still on the right track or did I veer off into a ditch?

tlqkfrl1 · 11/08/2013, 19:12

Well i found whatever thing is 75 11? and still don't know what to do ..

GlennFrogg · 11/08/2013, 20:13

I'm kinda new to this so dont shoot me.

By changing the call for disablethreadlibrarycalls to loadlibraryw I have able to successfully chainload pake and alissafix all the way to patching complete press enter to close window. But I think this change I made also breaks cs cuz when I close the alissa fix windows it crashes. Any ideas?

My conclusion so far.
0x64 Talks about Disablethreadlibrarycalls.....I open up cs in IDA, and sure enough, dtlc is one of the first things I find in dllentrypoint. So, I google Disablethreadylibrarycalls.

"Disables the DLL_THREAD_ATTACH and DLL_THREAD_DETACH notifications for the specified dynamic-link library (DLL). This can reduce the size of the working set for some applications."

Well, dont that make sense. Earlier, while not using alissafix and using pakes dinput8 I noticed my mods would start and then dissapear. Id check the dlls in CE and even though the dll names where there, there is nothing in those dlls.

So, disablethreadlibrarycalls prevented pake from running even though it was loaded.
So, the idea was to change disablethreadlibrarycalls to loadlibraryw.

zodiaczero · 11/09/2013, 00:35

You may or may not be on to something. I'm not entirely sure. The DLL can be accessed, but whenever line in question is changed, as it pertains to the picture. It returns an error saying the dll is not found when I try to run it all. Now there must be something more to it than that.

ArsonalGuy · 11/09/2013, 01:17

@zodiaczero, are you saving the dll once you change the jump?

i believe changing that one line is not the entire process, something else is still making mabi stop responding after Themida unpacks, I'm unsure if I'm just doing something wrong or if crackshield needs to be edited in some way as well.

What I've done so far:

load olly, load mabinogi.exe in debug, run it till i get the game start button, set breakpoint to DisableThreadLibraryCalls, inject the dll, execute till return, this lets me right click and View "dll in question", this brings me to the dll and the code within, i find the jump call that needs changing....

here is were i get confused, ive tryed changing JNZ to JE, this gives me a dinput8 is missing, I've right clicked the file and filled it with NOPs, this goes as far as Themida unpacking, but then stops responding.

any ideas? am i doing something wrong? any help would be great

zodiaczero · 11/09/2013, 01:20

You've gotten about as far as I have sadly. I'm looking into the matter more, but I'm at a standstill as well.