[Tutorials]

[SpiderByte]

Since I can't edit my posts I am just going to post it again, cheers!

Also, I figured, since Jacob (HolyFate) already decided to let you little bastards have Rockets From Sword, I might as well include it now...

HolyFate - Jacob, did help me learn how to do a lot of these in Olly, but I wrote the tutoirals myself.

Utilities Needed

The Complete Package
The Complete Package
(This Contains (Olly Debugger w/ OllyDump, OllyHelper, and HideDebugger), (ImportReconstruction), (Signatures File), and (GunzRunnable [09-03-05]).)

Creating A Runnable

Step 1 - Open Olly and change your setting to the following:
https://img150.imageshack.us/img150/7...unnable9hj.jpg

Step 2 - Select Gunz.exe:
https://img249.imageshack.us/img249/4...unnable2ai.jpg

Step 3 - Let Olly find the Original Entry Point (OEP):
https://img355.imageshack.us/img355/5...unnable7xu.jpg

Step 4 - Under Plugin, choose OllyDump, and then Dump Debugged Process:
https://img137.imageshack.us/img137/5...unnable2wu.jpg

Step 5 - Uncheck Rebuild Import and Copy the Modified OEP:
https://img140.imageshack.us/img140/6...unnable6zq.jpg

Step 6 - Press Dump and Save As Dump:
https://img157.imageshack.us/img157/9...unnable5sj.jpg

Step 7 - Minimize Olly and Open ImpRec:
https://img458.imageshack.us/img458/7...unnable9ov.jpg

Step 8 - Select Gunz.exe in the drop-box:
https://img154.imageshack.us/img154/4...unnable5yj.jpg

Step 9 - In the box next to OEP, Paste the number you Copied:
https://img138.imageshack.us/img138/9...unnable8gk.jpg

Step 10 - Press IAT AutoSearch, if you get this result then move to Step 11:
https://img149.imageshack.us/img149/6...unnable8ed.jpg

Step 11 - Press Get Imports, if you get this result then move to Step 12:
https://img455.imageshack.us/img455/3...unnable3nv.jpg

Step 12 - Press Fix Dump and choose Dump:
https://img475.imageshack.us/img475/4...unnable0ak.jpg

Step 13 - If it looks like this then you have made a runnable successfully:
https://img250.imageshack.us/img250/6...unnable2os.jpg

Making Your Runnable Run

Step 1 - Move Dump_ to your Gunz folder and open Olly:
https://img149.imageshack.us/img149/7...ablerun9ne.jpg

Step 2 - Select Dump_ in Olly:
https://img409.imageshack.us/img409/9...ablerun8on.jpg

Step 3 - Right-click and - Search For - All Referenced Text Strings:
https://img133.imageshack.us/img133/7...ablerun6fb.jpg

Step 4 - Right-click and - Search For Text - I_hate_hacker or I_love_MAIET:
https://img266.imageshack.us/img266/8...ablerun1wf.jpg

Step 5 - Right-click and - Follow In Disassembler:
https://img148.imageshack.us/img148/1...ablerun8dn.jpg

Step 6 - Scroll to the top of the function, click it, right-click, and Go To Local Call:
https://img403.imageshack.us/img403/3...ablerun9ey.jpg

Step 7 - NOP the CMP two lines under the CALL you arrived at:
https://img133.imageshack.us/img133/1...ablerun6vt.jpg



Name Hack

Step 1 - Right-click and Search For - All Referenced Text Strings - Search For Text - resultbackground.png:
https://img70.imageshack.us/img70/546...amehack5jx.jpg
https://img242.imageshack.us/img242/4...amehack2bz.jpg

Step 2 - Click on FONTa10_O2Wht, right-click, and Follow In Disassembler:
https://img138.imageshack.us/img138/9...amehack8ik.jpg

Step 3 - NOP the Jumps highlighted in red (they won't be highlighted for you):
https://img313.imageshack.us/img313/9...amehack1rk.jpg
https://img343.imageshack.us/img343/2...amehack7wx.jpg

Step 4 - If it looks like this, save it to your runnable and you will have Name Hack:
https://img494.imageshack.us/img494/9...amehack6il.jpg



Disable The Cuss Filter

55 8B 6C 24 0C 56 8B 74 24 0C 3B F5 74 2B 53

Step 1 - Open GunzRunnable [09-03-05], Copy the Binary, go back to Olly, press Ctrl+B, and Paste the Binary:
https://img153.imageshack.us/img153/3...sfilter2fj.jpg

Step 2 - Scroll up as many function as you need to until you see this chunk of code:

Code:

00505070  /$ 6A FF                PUSH -1
00505072  |. 68 E8EA5B00          PUSH GunzRunn.005BEAE8                   ;  SE handler installation
00505077  |. 64:A1 00000000       MOV EAX,DWORD PTR FS:[0]
0050507D  |. 50                   PUSH EAX
0050507E  |. 64:8925 00000000     MOV DWORD PTR FS:[0],ESP
00505085  |. 83EC 3C              SUB ESP,3C
00505088  |. 8B5424 4C            MOV EDX,DWORD PTR SS:[ESP+4C]
0050508C  |. A1 80596200          MOV EAX,DWORD PTR DS:[625980]
00505091  |. 53                   PUSH EBX
00505092  |. 56                   PUSH ESI
00505093  |. 33DB                 XOR EBX,EBX
00505095  |. 3BD3                 CMP EDX,EBX
00505097  |. 57                   PUSH EDI

https://img272.imageshack.us/img272/5...sfilter4rh.jpg

Step 3 - NOP the JNZ highlighted in red (won't be highlighted for you):
https://img154.imageshack.us/img154/9...sfilter9mr.jpg

Step 4 - If it looks like this, save it to your runnable and you will have Disabled Cuss Filter
https://img364.imageshack.us/img364/3...sfilter3zy.jpg



No Clip

83 EC 30 53 8B 5C 24 38 8B 43 14 85 C0 56 8B

Step 1 - Copy the Binary, press Ctrl+B, and Paste it:
https://img19.imageshack.us/img19/685...1noclip9gy.jpg

Step 2 - Scroll down two functions until you come to this chunk of code:

Code:

004CFED0  /$ 8B4424 1C            MOV EAX,DWORD PTR SS:[ESP+1C]
004CFED4  |. 8B5424 18            MOV EDX,DWORD PTR SS:[ESP+18]
004CFED8  |. 8B89 24020000        MOV ECX,DWORD PTR DS:[ECX+224]
004CFEDE  |. 50                   PUSH EAX
004CFEDF  |. 8B4424 18            MOV EAX,DWORD PTR SS:[ESP+18]
004CFEE3  |. 52                   PUSH EDX
004CFEE4  |. 8B5424 18            MOV EDX,DWORD PTR SS:[ESP+18]
004CFEE8  |. 50                   PUSH EAX
004CFEE9  |. 8B4424 18            MOV EAX,DWORD PTR SS:[ESP+18]
004CFEED  |. 52                   PUSH EDX
004CFEEE  |. 8B5424 18            MOV EDX,DWORD PTR SS:[ESP+18]
004CFEF2  |. 50                   PUSH EAX
004CFEF3  |. 8B4424 18            MOV EAX,DWORD PTR SS:[ESP+18]
004CFEF7  |. 52                   PUSH EDX
004CFEF8  |. 50                   PUSH EAX
004CFEF9  |. 51                   PUSH ECX
004CFEFA     E8 01190200          CALL GunzRunn.004F1800                   ;  No Clip [NOP]
004CFEFF  |. 83C4 20              ADD ESP,20
004CFF02  \. C2 1C00              RETN 1C

https://img143.imageshack.us/img143/5...2noclip5lq.jpg

Step 3 - NOP the CALL at the end of the function:
https://img404.imageshack.us/img404/5...3noclip3ip.jpg

Step 4 - If it looks like this, save it to your runnable and you will have No Clip:
https://img142.imageshack.us/img142/5...4noclip3rs.jpg



No Spread

Step 1 - Right-click and Search For - All Referenced Text Strings - Search For Text - iscashitem:
https://img306.imageshack.us/img306/9...ospread4hm.jpg
https://img408.imageshack.us/img408/7...ospread3pf.jpg

Step 2 - Right-click and Follow In Disassembler:
https://img135.imageshack.us/img135/8...ospread3od.jpg

Step 3 - Scroll down until you see ASCII "ctrl_ability":
https://img270.imageshack.us/img270/9...ospread4wq.jpg

Step 4 - NOP both of the CALL's highlighted in red (won't be highlighted fo you):
https://img307.imageshack.us/img307/7...ospread2ji.jpg
https://img311.imageshack.us/img311/2...ospread5nr.jpg

Step 5 - If it looks like this, save it to your runnable and you will have No Spread:
https://img132.imageshack.us/img132/3...ospread3as.jpg



God Mode

Step 1 - Right-click and Search For - All Referenced Text Strings - Search For Text - iscashitem:
https://img306.imageshack.us/img306/9...ospread4hm.jpg
https://img408.imageshack.us/img408/7...ospread3pf.jpg

Step 2 - Scroll up until you see ASCII "damage" (it should be right above it...):
https://img404.imageshack.us/img404/7...godmode1mb.jpg

Step 3 - NOP the two CALL's in the function:
https://img285.imageshack.us/img285/4...godmode8eh.jpg
https://img255.imageshack.us/img255/7...godmode6wj.jpg

Step 4 - If it looks like this, save it to your runnable and you will have God Mode:
https://img345.imageshack.us/img345/7...godmode2eu.jpg



Rockets From Sword

83 EC 48 56 8B F1 8D 4E 64 E8

Step 1 - Copy the Binary, press Ctrl+B (in Olly) and Paste it in the window:
https://img73.imageshack.us/img73/4358/step12fc.jpg

Step 2 - Scroll down to the first JLE and NOP it:
https://img91.imageshack.us/img91/5305/step26rk.jpg

Step 3 - Scroll back up to the top of the function (SUB ESP,48), right-click the sub-window, and Go To CALL:
https://img85.imageshack.us/img85/5206/step31ng.jpg

Step 4 - Scroll down to the next CALL, double-click it, and change it to CALL 004771B0:
https://img69.imageshack.us/img69/4551/step47sb.jpg

Step 5 - If it looks like this, save it to your runnable and you will have Rockets From Sword:
https://img70.imageshack.us/img70/4404/step59yz.jpg
https://img101.imageshack.us/img101/1614/step5a9bv.jpg

[Paolo1993]

Nicely Done.

Thanks for this

[blasius]

Nice thank you very much. But in some topic you said that MSLawnmower or something like tha\tt (insane massive) was in your tutorials topic but it dont see it

[SpiderByte]

It was, but I haven't made a tutorial for it yet. I am trying to figure out how to explain to update it -.-

[blasius]

update adresses is fuking easy can you pm me how to make it i will update the adresses myself then you dont have to explain that

[usernameee]

ok kick ass tut but i got 1 problem.... when i try 2 open the gunzrunnable it says its missing the fmod dll can n e 1 helpe me??

everything else ran smooth... nice tut ^^

[D3ATH ANG3L]

put the runnable in the Gunz folder.

[usernameee]

ty ^^ imma c if it works

[usernameee]

nice....ty it worked

[D3ATH ANG3L]

Mmmhm no problem. All modded things for Gunz should go in the Gunz folder just for future reference unless its a short cut or something.

[MaxPain01]

If you saw the picture then you will see that I dont have the Plugins tab what should I do I downloaded from the link you gave in this thread and extracted and still the same result, downloaded again and still got the same result no Plugins tab please tell me what should I do to fix this problem.

[usernameee]

when i click the runnable nothing happens, like the little hourglass for loading thing comes up then goes away but thats all. . . . . well n e ways i put the hacks i wanted but... how do i save the olly thing to the runnable? like if i close olly it jus closes theres no indication of a save. . . . o and last thing... the MSlawnmower (insane massive right?) would b kick ass if u could make a tut 4 it thx

[usernameee]

o 4 that...u gotta go 2 options then click appearence.... then change both (url's i guess) 2 where ur folder actually is i e C:\desktop\complete package\ complete package\ olly debugger\ olly debugger and vioala the plugins thing will appear

[$GHOST$]

XD nicely made GRATZ on another good tut just one thing u left out for teh noobs wen making ur runnable run after u fill teh calls with nops u have to save it to runnable sum noob might not know that add it in and its perfect lol

[Baby Uchiha Sasuke]

THank you for the tut! i rlly thank u now cus i made my own runnable with multigunz client (brax tut) and god mode wif rockets :P

thank u (mostly i dun use god mode and rockets out of sword :P)