Results 1 to 6 of 6
  1. #1
    Dwar
    Dwar is offline
    Veteran Dwar's Avatar
    Join Date
    2010 Mar
    Posts
    2,222
    Thanks Thanks Given 
    211
    Thanks Thanks Received 
    2,230
    Thanked in
    292 Posts
    Rep Power
    10

    [Guide] Client Modifying

    A Guide with explanation how to modify the Jade Dynasty client
    Инструкция по модификации игрового клиента

    Русский вариант здесь

    As usual, we will use OllyDbg to disassemble the client and make some useful code correction. You can choose another debugger if you wish, the modifying technique doesn’t change

    At the beginning, I’ll provide all steps with pictures.

    Note: I use Russian client and addresses are differ from other clients

    1. How to remove “Screenshot was saved…” after taking the screenshot
    Attach debugger to the JD client (or open it in debugger). In CPU window “Right click -> Search for -> Referenced string”

    In “Text strings referenced” window call text searching “Right click -> Search for text” and enter “screenshot” into dialog box.


    We know that the screenshot always saved in “Screenshot” folder, so we must find following text “Screenshots”

    Select this address and press Enter to follow it in CPU window.

    Ok, above we see format string for screenshot filename (you can change it…), so that means that we found needed function. If you wish you can go to the function beginning and set BP (break point) at the first instruction, return to the game and press “print screen”. BP stoped the process and you can manually trace the function.
    So, we find out that there is a call at end of function.

    Select this call and press Enter (follow the instruction)

    Hm, we got it. First JE instruction is unnecessary and we changed it to jump

    004192A3  |.  0F84 31010000 JE 004193DA
    ->
    004192A3 /E9 32010000 JMP 004193DA



    2. Removing buildings
    This modification will remove all static objects. In early version of Perfect World, this patch gave opportunity to walk thru all objects, but now this bug closed (also closed in JD).
    Following piece of code is for Russian client. For other clients, you can use binary search and try to find first bytes from this function: 51 56 8B F1 57 33 FF D9
    00432940  /$  51            PUSH ECX                                 ; elementclient.00432940(guessed Arg1)
    00432941 |. 56 PUSH ESI
    00432942 |. 8BF1 MOV ESI,ECX
    00432944 |. 57 PUSH EDI
    00432945 |. 33FF XOR EDI,EDI
    00432947 |. D946 10 FLD DWORD PTR DS:[ESI+10]
    0043294A |. D80D B84AA000 FMUL DWORD PTR DS] ; FLOAT 0.5000000
    00432950 |. D95C24 08 FSTP DWORD PTR SS:[LOCAL.0]
    00432954 |> D94424 08 FLD DWORD PTR SS]
    00432958 |. D804BD 103EAA FADD DWORD PTR DS:[EDI*4+0AA3E10]
    0043295F |. D85C24 10 FCOMP DWORD PTR SS:[ARG.1]
    00432963 |. DFE0 FSTSW AX
    00432965 F6C4 01 TEST AH,01
    00432968 75 65 JNE SHORT 004329CF
    0043296A D94424 10 FLD DWORD PTR SS:[ESP+10]
    0043296E |. D81CBD 103EAA FCOMP DWORD PTR DS:[EDI*4+0AA3E10]
    00432975 |. DFE0 FSTSW AX
    00432977 |. F6C4 41 TEST AH,41
    0043297A |. 0F84 6E010000 JE 00432AEE


    Changing JNE instruction to JMP will prevent client from drawing scene objects

    00432968      75 65         JNE SHORT 004329CF
    ->
    00432968 EB 65 JMP SHORT 004329CF



    3. Remove limitation for Camera distance


    4. Jump hack


    5. Video un-freeze
    (c) Dwar
    Please, post your questions on forum, not by PM or mail

    I spend my time, so please pay a little bit of your time to keep world in equilibrium

  2. #2
    Flaffera
    Flaffera is offline
    Guest
    Join Date
    2010 Jun
    Posts
    1
    Thanks Thanks Given 
    0
    Thanks Thanks Received 
    0
    Thanked in
    0 Posts
    Rep Power
    0

    Re: [Guide] Client Modifying

    Quite nice, man You supply a lot of nice tutorials. I believe this forum needs more members

  3. #3
    MrSmith
    MrSmith is offline
    Member-in-training
    Join Date
    2010 Aug
    Posts
    85
    Thanks Thanks Given 
    9
    Thanks Thanks Received 
    7
    Thanked in
    4 Posts
    Rep Power
    0

    Re: [Guide] Client Modifying

    Un-freeze is very simple.

    1. Open CE & Jade Dynasty doesn't matter which client. Go to CE options > Hotkeys > Set hotkey next scan - exact value (I used alt + 2)

    2. Minimize Jade Dyansty > Scan 0 > Wait for scan to finish then change value to 1 (don't click next scan)

    3. With Jade Dynasty open press alt + 2 (or whatever hotkey you set in CE) > Wait for scan to finish.

    4. Repeat till you have 1-3 addresses. (It will be static)

    5. Freeze value at 1 and that's it you have unfreeze hack.

    This isn't client editing though this is just contempary hack for memory reading/writing.

    Regards, MrSmith
    Ever Danced With The Devil By The Pale Moonlight ?

  4. #4
    no0ob91
    no0ob91 is offline
    Guest
    Join Date
    2010 Oct
    Location
    Germany
    Posts
    2
    Thanks Thanks Given 
    1
    Thanks Thanks Received 
    5
    Thanked in
    0 Posts
    Rep Power
    0

    Re: [Guide] Client Modifying

    lol yep MrSmith ... freeze the value is rly a easy way but it's slowing down the game and CE ^^
    a better way with CE is to edit the opcode to set the window state to 1 it's easy too if you have found the unfreeze address
    just find out what writes to the address (the thing what writes to it should look like mov[ebx+000009e4],al ) let you show this in the disassambler and look to the code some lines above the code you found before... there should be something like mov edx,[esp+00000100] .
    doubleclick on it and change the [esp+00000100] to 1 then press enter or ok or whatever and apply the NOP replace now the function sets the variable for windowstate to 1 and it will not freeze the window ^^ .. or just add the "setnc al" to your codelist and replace it with code that do nothing (this will show a the value 28 in your Unfreeze address but it works ^^

    and btw your Guides are nice Dwar (i dont need them but they are nice ;D)

  5. #5
    emoisback
    emoisback is offline
    Full member
    Join Date
    2011 Dec
    Location
    Indonesia there i'm
    Posts
    508
    Thanks Thanks Given 
    83
    Thanks Thanks Received 
    244
    Thanked in
    68 Posts
    Rep Power
    13
    @Dwar i have interisting with this game on IN..

    can you tell what kind of hack is exist at this game...
    Learn from PGC for Share on PGC..


    For another Stuff i have make try to find it [Please, register to view links]
    If i have help you, please thanks and respect ..

  6. #6
    TTGNorg
    Guest
    wow I love it.
    Thanks a bunch for this guide
    +1 to OP

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •