Since I can't edit my posts I am just going to post it again, cheers!
Also, I figured, since Jacob (HolyFate) already decided to let you little bastards have Rockets From Sword, I might as well include it now...
HolyFate - Jacob, did help me learn how to do a lot of these in Olly, but I wrote the tutoirals myself.
Utilities Needed
The Complete Package
The Complete Package
(This Contains (Olly Debugger w/ OllyDump, OllyHelper, and HideDebugger), (ImportReconstruction), (Signatures File), and (GunzRunnable [09-03-05]).)
Creating A Runnable
Step 1 - Open Olly and change your setting to the following:
https://img150.imageshack.us/img150/7...unnable9hj.jpg
Step 2 - Select Gunz.exe:
https://img249.imageshack.us/img249/4...unnable2ai.jpg
Step 3 - Let Olly find the Original Entry Point (OEP):
https://img355.imageshack.us/img355/5...unnable7xu.jpg
Step 4 - Under Plugin, choose OllyDump, and then Dump Debugged Process:
https://img137.imageshack.us/img137/5...unnable2wu.jpg
Step 5 - Uncheck Rebuild Import and Copy the Modified OEP:
https://img140.imageshack.us/img140/6...unnable6zq.jpg
Step 6 - Press Dump and Save As Dump:
https://img157.imageshack.us/img157/9...unnable5sj.jpg
Step 7 - Minimize Olly and Open ImpRec:
https://img458.imageshack.us/img458/7...unnable9ov.jpg
Step 8 - Select Gunz.exe in the drop-box:
https://img154.imageshack.us/img154/4...unnable5yj.jpg
Step 9 - In the box next to OEP, Paste the number you Copied:
https://img138.imageshack.us/img138/9...unnable8gk.jpg
Step 10 - Press IAT AutoSearch, if you get this result then move to Step 11:
https://img149.imageshack.us/img149/6...unnable8ed.jpg
Step 11 - Press Get Imports, if you get this result then move to Step 12:
https://img455.imageshack.us/img455/3...unnable3nv.jpg
Step 12 - Press Fix Dump and choose Dump:
https://img475.imageshack.us/img475/4...unnable0ak.jpg
Step 13 - If it looks like this then you have made a runnable successfully:
https://img250.imageshack.us/img250/6...unnable2os.jpg
Making Your Runnable Run
Step 1 - Move Dump_ to your Gunz folder and open Olly:
https://img149.imageshack.us/img149/7...ablerun9ne.jpg
Step 2 - Select Dump_ in Olly:
https://img409.imageshack.us/img409/9...ablerun8on.jpg
Step 3 - Right-click and - Search For - All Referenced Text Strings:
https://img133.imageshack.us/img133/7...ablerun6fb.jpg
Step 4 - Right-click and - Search For Text - I_hate_hacker or I_love_MAIET:
https://img266.imageshack.us/img266/8...ablerun1wf.jpg
Step 5 - Right-click and - Follow In Disassembler:
https://img148.imageshack.us/img148/1...ablerun8dn.jpg
Step 6 - Scroll to the top of the function, click it, right-click, and Go To Local Call:
https://img403.imageshack.us/img403/3...ablerun9ey.jpg
Step 7 - NOP the CMP two lines under the CALL you arrived at:
https://img133.imageshack.us/img133/1...ablerun6vt.jpg
Name Hack
Step 1 - Right-click and Search For - All Referenced Text Strings - Search For Text - resultbackground.png:
https://img70.imageshack.us/img70/546...amehack5jx.jpg
https://img242.imageshack.us/img242/4...amehack2bz.jpg
Step 2 - Click on FONTa10_O2Wht, right-click, and Follow In Disassembler:
https://img138.imageshack.us/img138/9...amehack8ik.jpg
Step 3 - NOP the Jumps highlighted in red (they won't be highlighted for you):
https://img313.imageshack.us/img313/9...amehack1rk.jpg
https://img343.imageshack.us/img343/2...amehack7wx.jpg
Step 4 - If it looks like this, save it to your runnable and you will have Name Hack:
https://img494.imageshack.us/img494/9...amehack6il.jpg
Disable The Cuss Filter
55 8B 6C 24 0C 56 8B 74 24 0C 3B F5 74 2B 53
Step 1 - Open GunzRunnable [09-03-05], Copy the Binary, go back to Olly, press Ctrl+B, and Paste the Binary:
https://img153.imageshack.us/img153/3...sfilter2fj.jpg
Step 2 - Scroll up as many function as you need to until you see this chunk of code:
Code:
00505070 /$ 6A FF PUSH -1
00505072 |. 68 E8EA5B00 PUSH GunzRunn.005BEAE8 ; SE handler installation
00505077 |. 64:A1 00000000 MOV EAX,DWORD PTR FS:[0]
0050507D |. 50 PUSH EAX
0050507E |. 64:8925 00000000 MOV DWORD PTR FS:[0],ESP
00505085 |. 83EC 3C SUB ESP,3C
00505088 |. 8B5424 4C MOV EDX,DWORD PTR SS:[ESP+4C]
0050508C |. A1 80596200 MOV EAX,DWORD PTR DS:[625980]
00505091 |. 53 PUSH EBX
00505092 |. 56 PUSH ESI
00505093 |. 33DB XOR EBX,EBX
00505095 |. 3BD3 CMP EDX,EBX
00505097 |. 57 PUSH EDI
https://img272.imageshack.us/img272/5...sfilter4rh.jpg
Step 3 - NOP the JNZ highlighted in red (won't be highlighted for you):
https://img154.imageshack.us/img154/9...sfilter9mr.jpg
Step 4 - If it looks like this, save it to your runnable and you will have Disabled Cuss Filter
https://img364.imageshack.us/img364/3...sfilter3zy.jpg
No Clip
83 EC 30 53 8B 5C 24 38 8B 43 14 85 C0 56 8B
Step 1 - Copy the Binary, press Ctrl+B, and Paste it:
https://img19.imageshack.us/img19/685...1noclip9gy.jpg
Step 2 - Scroll down two functions until you come to this chunk of code:
Code:
004CFED0 /$ 8B4424 1C MOV EAX,DWORD PTR SS:[ESP+1C]
004CFED4 |. 8B5424 18 MOV EDX,DWORD PTR SS:[ESP+18]
004CFED8 |. 8B89 24020000 MOV ECX,DWORD PTR DS:[ECX+224]
004CFEDE |. 50 PUSH EAX
004CFEDF |. 8B4424 18 MOV EAX,DWORD PTR SS:[ESP+18]
004CFEE3 |. 52 PUSH EDX
004CFEE4 |. 8B5424 18 MOV EDX,DWORD PTR SS:[ESP+18]
004CFEE8 |. 50 PUSH EAX
004CFEE9 |. 8B4424 18 MOV EAX,DWORD PTR SS:[ESP+18]
004CFEED |. 52 PUSH EDX
004CFEEE |. 8B5424 18 MOV EDX,DWORD PTR SS:[ESP+18]
004CFEF2 |. 50 PUSH EAX
004CFEF3 |. 8B4424 18 MOV EAX,DWORD PTR SS:[ESP+18]
004CFEF7 |. 52 PUSH EDX
004CFEF8 |. 50 PUSH EAX
004CFEF9 |. 51 PUSH ECX
004CFEFA E8 01190200 CALL GunzRunn.004F1800 ; No Clip [NOP]
004CFEFF |. 83C4 20 ADD ESP,20
004CFF02 \. C2 1C00 RETN 1C
https://img143.imageshack.us/img143/5...2noclip5lq.jpg
Step 3 - NOP the CALL at the end of the function:
https://img404.imageshack.us/img404/5...3noclip3ip.jpg
Step 4 - If it looks like this, save it to your runnable and you will have No Clip:
https://img142.imageshack.us/img142/5...4noclip3rs.jpg
No Spread
Step 1 - Right-click and Search For - All Referenced Text Strings - Search For Text - iscashitem:
https://img306.imageshack.us/img306/9...ospread4hm.jpg
https://img408.imageshack.us/img408/7...ospread3pf.jpg
Step 2 - Right-click and Follow In Disassembler:
https://img135.imageshack.us/img135/8...ospread3od.jpg
Step 3 - Scroll down until you see ASCII "ctrl_ability":
https://img270.imageshack.us/img270/9...ospread4wq.jpg
Step 4 - NOP both of the CALL's highlighted in red (won't be highlighted fo you):
https://img307.imageshack.us/img307/7...ospread2ji.jpg
https://img311.imageshack.us/img311/2...ospread5nr.jpg
Step 5 - If it looks like this, save it to your runnable and you will have No Spread:
https://img132.imageshack.us/img132/3...ospread3as.jpg
God Mode
Step 1 - Right-click and Search For - All Referenced Text Strings - Search For Text - iscashitem:
https://img306.imageshack.us/img306/9...ospread4hm.jpg
https://img408.imageshack.us/img408/7...ospread3pf.jpg
Step 2 - Scroll up until you see ASCII "damage" (it should be right above it...):
https://img404.imageshack.us/img404/7...godmode1mb.jpg
Step 3 - NOP the two CALL's in the function:
https://img285.imageshack.us/img285/4...godmode8eh.jpg
https://img255.imageshack.us/img255/7...godmode6wj.jpg
Step 4 - If it looks like this, save it to your runnable and you will have God Mode:
https://img345.imageshack.us/img345/7...godmode2eu.jpg
Rockets From Sword
83 EC 48 56 8B F1 8D 4E 64 E8
Step 1 - Copy the Binary, press Ctrl+B (in Olly) and Paste it in the window:
https://img73.imageshack.us/img73/4358/step12fc.jpg
Step 2 - Scroll down to the first JLE and NOP it:
https://img91.imageshack.us/img91/5305/step26rk.jpg
Step 3 - Scroll back up to the top of the function (SUB ESP,48), right-click the sub-window, and Go To CALL:
https://img85.imageshack.us/img85/5206/step31ng.jpg
Step 4 - Scroll down to the next CALL, double-click it, and change it to CALL 004771B0:
https://img69.imageshack.us/img69/4551/step47sb.jpg
Step 5 - If it looks like this, save it to your runnable and you will have Rockets From Sword:
https://img70.imageshack.us/img70/4404/step59yz.jpg
https://img101.imageshack.us/img101/1614/step5a9bv.jpg