Ultimate Docrack Offset Guide for Previously Found Offsets

[()===D====>]

Maybe this is worth a

or two



The easiest way to locate an offset is to:

1) Download and extract Win32DASM (free disassembler).

2) Open Win32DASM, then change the font to something that you can read (unless you can read wingdings). To do this, click File, Font..., Select Font.

3) Disassemble a previous eqgame.exe.

4) Save the disassembled eqgame.exe with the date included. (ie. eqgame11162005.exe). To do this, click File, Save Disassembly Text File and Create Project File, then locate the folder you want to save it in, then enter the file name. SIMPLE!

5) Disassemble the newest eqgame.exe file. To do this, click File, Open File to Disassemble.., then select the file.

6) Save the disassembled eqgame.exe with the date included. (ie. eqgame11162005.exe). To do this, click File, Save Disassembly Text File and Create Project File, then locate the folder you want to save it in, then enter the file name. SIMPLE!

7) Open the offset list of the eqgame.exe file you decompiled first (the previous eqgame.exe).

8) Copy the offset list into a new notepad file. Save this file as the newest update. (ie. MQ2DoCrack <Insert Date Here> Offsets.txt).

9) Open the saved disassembly files with Notepad.exe. This may take a few moments, as they are large files.

10) Now comes the fun part! Let's assume that..

.. you are searching for the EB offset.
.. 09.21.05 eqgame.exe = the previous eqgame.exe.
.. 11.16.05 eqgame.exe = the new eqgame.exe.

In the 9.21.05 eqgame.exe, you would look for 4BE091. Why? Because that is the offset for the 9.21.05 patch.

Locate a unique string near the searched offset. Push statements (ie. push 0036EE80) are the best strings to use.

Take the push string, and search for it in the new eqgame.exe disassembly. Match the structure of the two text files, so that each lines up, then you should find that the offset (4BE091) lines up perfectly with the 11.16.05 offset (4BE38D). Notice the only difference is only the last few digits.

Copy and paste this new data into the MQ2DoCrack <date>.txt file under address. Update the version. Don't change the normal, crack, or description.

Here is a picture of what this would look like:

1 = The offset.
2 = The unique push string
3 = The group of digits that identifies the offset. (so if there happens to be more than one push string, look for it under the same series of numbers as the offset you found in the previous eqgame.exe).

Take note that this will not find ALL offsets accurately. I would say there is about a 2% margin that is not found correctly, or I just did it in a rush and make about that many errors :P





NOTE: This process may be memory intensive for some computers. User's sanity is denied.

 

[()===D====>]

reserved space.

 

[Moonspell]

That is absolutely worth a Red Cent. Thanks for giving me something new to learn, Edge! :-)

 

[odessa]

Here are the guides this one is based on:
http://forever-hacking.com/viewforum.php?f=14

anyone who wants to start doing any of this hacking must read through all those

 

[()===D====>]

The tutorials found there are difficult to comprehend, mainly because it provides the method to locate new offsets rather than old.

 

[odessa]

Not really, all you are looking for is that 'push', the tutorial is very clear on how to get it from a text file. Also there's a tutorial on updating too (http://forever-hacking.com/viewtopic.php?t=1162) they use IDA but it doesn't matter it's the same thing plus I believe it does a better job at explaining this.

 

[()===D====>]

IDA costs $

 

[()===D====>]

And hey, I use this method, and it works for me. Takes me about an hour to locate all the offsets, maybe even less.

This is more of a, for the lack of a better term, idiots guide. You don't have to know anything to do this.

 

[odessa]

And hey, I use this method, and it works for me. Takes me about an hour to locate all the offsets, maybe even less.

This is more of a, for the lack of a better term, idiots guide. You don't have to know anything to do this.

That is true, I guess more guides is better then less no matter what

 

[()===D====>]

Like I said, Idiots Guide. Tells you something about me :P

 

[odessa]

Like I said, Idiots Guide. Tells you something about me :P

those who write idiots guides are usually far from the guides target audience

 

[maddog]

obviously you have to know something i tried this and get nowhere--somethings you say to do are pretty vague give more detail--like steps 7-8-9, and when i looked for the push for noaccel offset i was trying to find, it was a long way away from the offset, i mean i scrolled for a couple min till i found a push, trying to learn this stuff, but this is not much help, sorry.

maybe a moron can use this and figure it out but being an idiot i need more lol

i also tried the ida walkthrough on FH, but alot of the menus and clicks he refers to were not in the ida pro i downloaded, idafree.zip from freeware, right off the bat he says it will open the welcome to ida page and ask if you want to start new or work alone or something like that , either way i never saw that page didn't ask me anything. just came up with a list of files, very confusing for this idiot

 

[()===D====>]

The structures have changed, so nothing will line up for this patch. Next patch will follow this method unless SOE changes the structures again.

 

[Crystane]

Well I consider myself smart, however as long as I dont know anything about stuff I learn, all the smart guides are
"Read thru and understand nothing" for me.
So I consider, atm: I am an idiot...
voila....Nice post man. This gave me some inside how to get started. Red Cent comming.

I know as a matter of fact in a couple days reading and learning and actually understanding this shit hehe, the smart guides will start to make complete sense for me!!!

Then it will be time for me to consider myself smart again....
voila..... still good post!