Code:
; this is now old but still relevant for people wanting to patch their own exe
.text:00822F44 57 push edi ; hInstance
.text:00822F45 FF D6 call esi ; LoadStringW
.text:00822F47 E8 F8 CD FF FF call sub_81FD44
.text:00822F4C 85 C0 test eax, eax
.text:00822F4E 75 16 jnz short loc_822F66
.text:00822F50 68 80 FD 81 00 push offset TopLevelExceptionFilter ; lpTopLevelExceptionFilter
.text:00822F55 FF 15 44 33 DB 00 call ds:SetUnhandledExceptionFilter
.text:00822F5B 57 push edi ; replace with jmps loc_822F66 (EB09)
.text:00822F5C E8 F8 CD FF FF call sub_81FD59 ; this is hackshield call, nop
.text:00822F61 59 pop ecx ; nop the rest
.text:00822F62 85 C0 test eax, eax ; nop
.text:00822F64 74 BC jz short loc_822F22 ; nop
.text:00822F66
.text:00822F66 loc_822F66: ; CODE XREF: wWinMain(x,x,x,x)+85j game code continues here.
.text:00822F66 53 push ebx
.text:00822F67 FF 15 88 3C DB 00 call ds:__imp_timeGetTime
.text:00822F6D 50 push eax ; Src
.text:00822F6E FF 15 D4 35 DB 00 call ds:srand
search: 57 E8 F8 CD FF FF 59 85 C0 74 BC
replac: EB 09 90 90 90 90 90 90 90 90 90
what it does:
sub_81FD59 is beginning of hackshield load, i looked through it but got bored quickly. decided to just never call it.
so we jump over it (jmps loc_822F66, 2 byte instruction EB09) and clean up the rest with nops so it looks nice.
Update:
Latest client patch. Make sure you updated to the latest version and use a good hex editor. I use HxD
To patch latest exe to bypass HackShield. This will be the last exe I will make. Please use the above information to find the new locations to patch as it is almost exactly the same.
Code:
search: 57 E8 DA CD FF FF 59 85 C0 74 B6
replac: EB 09 90 90 90 90 90 90 90 90 90
or download the latest from this post. I reattached latest exe.
How To Use Bypass
1. You need your "PlayerID" and and "Access Token" which is created everytime you login using ro2client.exe. Simpler way to get that information is login using
Code:
https://loginro2sg.playpark.net/ro2_main.aspx
And it will return your player id and access token seperated by a | . eg.
Code:
PP000000000000001234D|187EE94DB4DA4145A72C65962C45B7E9
Your player ID will be
PP000000000000001234D
And your access token will be
187EE94DB4DA4145A72C65962C45B7E9
You can type this by hand in command prompt if you like but an easier way is to make a .bat file in the root game folder.
C:\PlayPark\RO2\bypass.bat
Inside that file can be something like
Code:
@echo off
start SHIPPING\Rag2.exe PP00000000000000XXXXX XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX login.playro2.com
there the XXXXX is your Player ID and your Access Token
Token lifetime used to be reusable as many times as you like. But I think now if you try to reuse your token, you will get a login timeout error as the token is probably thrown away after successful login. So just get a new one after you are done.
2. You need a patched exe if you want to bypass HackShield.
The above trick should still work with HackShield but if you want to bypass it, you can download it from the post or hex edit the latest exe on the date of this post (
2013-01-24). If you have a different exe the hex locations might change so if your hex search fails, then download the one here. The game currently still allows older clients to login so I'm not sure how much longer that will last. But to prevent possible errors you should try to use the latest one.
I attached latest exe but I haven't tested it. All I did was load the game and I see no hackshield then I quit. I don't have time to run around to see if anything crashes or broken as I don't play this game anymore.
X. Failed to run shader parsers errors
If you run into this error it usually means the game can't find the correct shaders. You most likely are trying to run the game outside the RO2 root folder. You need to run it from C:\PlayPark\RO2 or whereever you installed it. If you're using bypass then you need to run it with the working directory as C:\PlayPark\RO2 (adjust according to your configs)
That is it. I hope everybody enjoys their game. I probably won't check this thread much anymore. I'm not sure how long it is before they implement something to prevent this but I think they are just busy getting the servers to run smoothly for now.