WSname

[nuncamacuerdo]

Hi guys. im having problems to take WSname.

the problem is on a client packet by diuude and snoopy ejeje

the client is packet with aspackk, i use aspackdie and all ok, i can take ip and few configs more... but when i try search for wsname dont appear, any1 can say me command to find it or where can i see the name? when i use decoder for take it, the program say me .,. but that isnt the real name. can any1 help me? thx alot and sry for my bad english. see u guys

[Acidx]

useeeee comview/WPE

[nuncamacuerdo]

i use wpe and decoder, i use it in others clients and all ok i take the wsname fast, but in clients codeds by diuudee and snoopy i cant take wsname. any other idea? i have unpacked client, but cant find de wsname.

[bone-you]

Open is up in a disassembler and search for WS10. Scroll up a bit to find the WS1 (and ultimately the WS name). No one bothers to change the other WS names. Just because it's listed in the source twice doesn't mean it'll be listed in the binary twice. The screenshot replacement is the same exact string xD You'll find it there when it goes to change the WS name into the readable message on screenshots "Helbreath xxxxx"


.data:00529A90 unk_529A90 db 5 ; ; DATA XREF: sub_48F551+13Fo

That's Celestials, but other servers surely will be different if they have a slight difference in code. It will generally be in that area though.

[nuncamacuerdo]

thx for all, but u lost me, my english is so bad. i see all the fucking wsnames ws10 ws16 ws2... but the ws1 is changed and its in other place, and i dont find it.

i think i cant explain it in english and if u understand me, i neva take it if dont post one steptostep. nvm thx alot

[bone-you]

Code: Select all

.data:00529A38 aElvine_3       db 'elvine',0          ; DATA XREF: sub_48E422+182o
.data:00529A3F                 align 4
.data:00529A40 aElvhunter_3    db 'elvhunter',0       ; DATA XREF: sub_48E422+1C7o
.data:00529A4A                 align 4
.data:00529A4C a02d02d02d02d02 db '%02d:%02d - %02d:%02d:%02d',0; DATA XREF: sub_48F551+BBo
.data:00529A67                 align 4
.data:00529A68 aClientCodedBy  db ' Client coded by',0; DATA XREF: sub_48F551+101o
.data:00529A79                 align 4
.data:00529A7C aDiuuudeSnoopy8 db 'Diuuude & Snoopy81',0; DATA XREF: sub_48F551+125o
.data:00529A8F                 align 4
.data:00529A90 unk_000000      db    0;              ; DATA XREF: sub_48F551+13Fo
.data:00529A91                 db    0;  
.data:00529A92                 db    0;  
.data:00529A93                 db    0;
.data:00529A94                 db    0;
.data:00529A95                 db    0;
.data:00529A96                 db    0;  
.data:00529A97                 db    0;  
.data:00529A98                 db    0;  
.data:00529A99                 db    0;  
.data:00529A9A                 db    0;  
.data:00529A9B                 db    0;  
.data:00529A9C                 db    0;  
.data:00529A9D                 db    0;  
.data:00529A9E                 db    0;  
.data:00529A9F                 db    0;  
.data:00529AA0                 db    0;  
.data:00529AA1                 db    0;  
.data:00529AA2                 db    0;  
.data:00529AA3                 db    0;  
.data:00529AA4                 db    0;  
.data:00529AA5                 db    0;  
.data:00529AA6                 db    0;  
.data:00529AA7                 db    0;  
.data:00529AA8                 db    0;  
.data:00529AA9                 db    0;  
.data:00529AAA                 db    0;  
.data:00529AAB                 db    0;  
.data:00529AAC                 db    0;  
.data:00529AAD                 db    0;  
.data:00529AAE                 db    0;  
.data:00529AAF                 db    0;  
.data:00529AB0 aCelestialIiSer db 'Celestial II Server',0; DATA XREF: sub_48F551+16Co
.data:00529AC4 aWs2            db 'WS2',0             ; DATA XREF: sub_48F551+18Do
.data:00529AC8 aApocalypseServ db 'APOCALYPSE Server',0; DATA XREF: sub_48F551+1BAo
.data:00529ADA                 align 4
.data:00529ADC aWs3            db 'WS3',0             ; DATA XREF: sub_48F551+1DBo
.data:00529AE0 a3rdServer      db '3rd Server',0      ; DATA XREF: sub_48F551+207o
.data:00529AEB                 align 4
.data:00529AEC aWs4            db 'WS4',0             ; DATA XREF: sub_48F551+228o
.data:00529AF0 a4thServer      db '4th Server',0      ; DATA XREF: sub_48F551+255o
.data:00529AFB                 align 4
.data:00529AFC aWs5            db 'WS5',0             ; DATA XREF: sub_48F551+276o
.data:00529B00 a5thServer      db '5th Server',0      ; DATA XREF: sub_48F551+2A3o
.data:00529B0B                 align 4
.data:00529B0C aWs6            db 'WS6',0             ; DATA XREF: sub_48F551+2C4o
.data:00529B10 a6thServer      db '6th Server',0      ; DATA XREF: sub_48F551+2F0o
.data:00529B1B                 align 4
.data:00529B1C aWs7            db 'WS7',0             ; DATA XREF: sub_48F551+311o
.data:00529B20 a7thServer      db '7th Server',0      ; DATA XREF: sub_48F551+33Eo
.data:00529B2B                 align 4
.data:00529B2C aWs8            db 'WS8',0             ; DATA XREF: sub_48F551+35Fo
.data:00529B30 a8thServer      db '8th Server',0      ; DATA XREF: sub_48F551+38Co
.data:00529B3B                 align 4
.data:00529B3C aWs9            db 'WS9',0             ; DATA XREF: sub_48F551+3ADo
.data:00529B40 a9thServer      db '9th Server',0      ; DATA XREF: sub_48F551+3D9o
.data:00529B4B                 align 4
.data:00529B4C aWs10           db 'WS10',0            ; DATA XREF: sub_48F551+3FAo
.data:00529B51                 align 4
.data:00529B54 a10thServer     db '10th Server',0     ; DATA XREF: sub_48F551+427o
.data:00529B60 aWs11           db 'WS11',0            ; DATA XREF: sub_48F551+448o
.data:00529B65                 align 4
.data:00529B68 a11thServer     db '11th Server',0     ; DATA XREF: sub_48F551+475o
.data:00529B74 aWs12           db 'WS12',0            ; DATA XREF: sub_48F551+496o
.data:00529B79                 align 4
.data:00529B7C a12thServer     db '12th Server',0     ; DATA XREF: sub_48F551+4C2o
.data:00529B88 aWs13           db 'WS13',0            ; DATA XREF: sub_48F551+4E3o
.data:00529B8D                 align 4
.data:00529B90 a13thServer     db '13th Server',0     ; DATA XREF: sub_48F551+510o
.data:00529B9C aWs14           db 'WS14',0            ; DATA XREF: sub_48F551+531o
.data:00529BA1                 align 4
.data:00529BA4 a14thServer     db '14th Server',0     ; DATA XREF: sub_48F551+55Eo
.data:00529BB0 aWs15           db 'WS15',0            ; DATA XREF: sub_48F551+57Fo
.data:00529BB5                 align 4
.data:00529BB8 a15thServer     db '15th Server',0     ; DATA XREF: sub_48F551+5ABo
.data:00529BC4 aWs16           db 'WS16',0            ; DATA XREF: sub_48F551+5C9o
.data:00529BC9                 align 4
.data:00529BCC a16thServer     db '16th Server',0     ; DATA XREF: sub_48F551+5F6o
.data:00529BD8 aSaveHelshot04d db 'Save\HelShot%04d%02d%02d_%02d%02d%02d_%s%03d.jpg',0

The bunch of single dbs at the top is the WL name. Celestial never changes it apart from 3 letters so it's always the same, but other servers may have a different amount, may be full text, or may be random nontext letters like Celestial. It goes WLname, Viewable name, WLname, Viewable name, all the way down to WS16.

[Acidx]

Code: Select all

.data:00529A38 aElvine_3       db 'elvine',0          ; DATA XREF: sub_48E422+182o
.data:00529A3F                 align 4
.data:00529A40 aElvhunter_3    db 'elvhunter',0      ; DATA XREF: sub_48E422+1C7o
.data:00529A4A                 align 4
.data:00529A4C a02d02d02d02d02 db '%02d:%02d - %02d:%02d:%02d',0; DATA XREF: sub_48F551+BBo
.data:00529A67                 align 4
.data:00529A68 aClientCodedBy  db ' Client coded by',0; DATA XREF: sub_48F551+101o
.data:00529A79                 align 4
.data:00529A7C aDiuuudeSnoopy8 db 'Diuuude & Snoopy81',0; DATA XREF: sub_48F551+125o
.data:00529A8F                 align 4
.data:00529A90 unk_000000      db    0;              ; DATA XREF: sub_48F551+13Fo
.data:00529A91                 db    0;  
.data:00529A92                 db    0;  
.data:00529A93                 db    0;
.data:00529A94                 db    0;
.data:00529A95                 db    0;
.data:00529A96                 db    0;  
.data:00529A97                 db    0;  
.data:00529A98                 db    0;  
.data:00529A99                 db    0;  
.data:00529A9A                 db    0;  
.data:00529A9B                 db    0;  
.data:00529A9C                 db    0;  
.data:00529A9D                 db    0;  
.data:00529A9E                 db    0;  
.data:00529A9F                 db    0;  
.data:00529AA0                 db    0;  
.data:00529AA1                 db    0;  
.data:00529AA2                 db    0;  
.data:00529AA3                 db    0;  
.data:00529AA4                 db    0;  
.data:00529AA5                 db    0;  
.data:00529AA6                 db    0;  
.data:00529AA7                 db    0;  
.data:00529AA8                 db    0;  
.data:00529AA9                 db    0;  
.data:00529AAA                 db    0;  
.data:00529AAB                 db    0;  
.data:00529AAC                 db    0;  
.data:00529AAD                 db    0;  
.data:00529AAE                 db    0;  
.data:00529AAF                 db    0;  
.data:00529AB0 aCelestialIiSer db 'Celestial II Server',0; DATA XREF: sub_48F551+16Co
.data:00529AC4 aWs2            db 'WS2',0            ; DATA XREF: sub_48F551+18Do
.data:00529AC8 aApocalypseServ db 'APOCALYPSE Server',0; DATA XREF: sub_48F551+1BAo
.data:00529ADA                 align 4
.data:00529ADC aWs3            db 'WS3',0            ; DATA XREF: sub_48F551+1DBo
.data:00529AE0 a3rdServer      db '3rd Server',0      ; DATA XREF: sub_48F551+207o
.data:00529AEB                 align 4
.data:00529AEC aWs4            db 'WS4',0            ; DATA XREF: sub_48F551+228o
.data:00529AF0 a4thServer      db '4th Server',0      ; DATA XREF: sub_48F551+255o
.data:00529AFB                 align 4
.data:00529AFC aWs5            db 'WS5',0            ; DATA XREF: sub_48F551+276o
.data:00529B00 a5thServer      db '5th Server',0      ; DATA XREF: sub_48F551+2A3o
.data:00529B0B                 align 4
.data:00529B0C aWs6            db 'WS6',0            ; DATA XREF: sub_48F551+2C4o
.data:00529B10 a6thServer      db '6th Server',0      ; DATA XREF: sub_48F551+2F0o
.data:00529B1B                 align 4
.data:00529B1C aWs7            db 'WS7',0            ; DATA XREF: sub_48F551+311o
.data:00529B20 a7thServer      db '7th Server',0      ; DATA XREF: sub_48F551+33Eo
.data:00529B2B                 align 4
.data:00529B2C aWs8            db 'WS8',0            ; DATA XREF: sub_48F551+35Fo
.data:00529B30 a8thServer      db '8th Server',0      ; DATA XREF: sub_48F551+38Co
.data:00529B3B                 align 4
.data:00529B3C aWs9            db 'WS9',0            ; DATA XREF: sub_48F551+3ADo
.data:00529B40 a9thServer      db '9th Server',0      ; DATA XREF: sub_48F551+3D9o
.data:00529B4B                 align 4
.data:00529B4C aWs10           db 'WS10',0            ; DATA XREF: sub_48F551+3FAo
.data:00529B51                 align 4
.data:00529B54 a10thServer     db '10th Server',0    ; DATA XREF: sub_48F551+427o
.data:00529B60 aWs11           db 'WS11',0            ; DATA XREF: sub_48F551+448o
.data:00529B65                 align 4
.data:00529B68 a11thServer     db '11th Server',0    ; DATA XREF: sub_48F551+475o
.data:00529B74 aWs12           db 'WS12',0            ; DATA XREF: sub_48F551+496o
.data:00529B79                 align 4
.data:00529B7C a12thServer     db '12th Server',0    ; DATA XREF: sub_48F551+4C2o
.data:00529B88 aWs13           db 'WS13',0            ; DATA XREF: sub_48F551+4E3o
.data:00529B8D                 align 4
.data:00529B90 a13thServer     db '13th Server',0    ; DATA XREF: sub_48F551+510o
.data:00529B9C aWs14           db 'WS14',0            ; DATA XREF: sub_48F551+531o
.data:00529BA1                 align 4
.data:00529BA4 a14thServer     db '14th Server',0    ; DATA XREF: sub_48F551+55Eo
.data:00529BB0 aWs15           db 'WS15',0            ; DATA XREF: sub_48F551+57Fo
.data:00529BB5                 align 4
.data:00529BB8 a15thServer     db '15th Server',0    ; DATA XREF: sub_48F551+5ABo
.data:00529BC4 aWs16           db 'WS16',0            ; DATA XREF: sub_48F551+5C9o
.data:00529BC9                 align 4
.data:00529BCC a16thServer     db '16th Server',0    ; DATA XREF: sub_48F551+5F6o
.data:00529BD8 aSaveHelshot04d db 'Save\HelShot%04d%02d%02d_%02d%02d%02d_%s%03d.jpg',0

The bunch of single dbs at the top is the WL name. Celestial never changes it apart from 3 letters so it's always the same, but other servers may have a different amount, may be full text, or may be random nontext letters like Celestial. It goes WLname, Viewable name, WLname, Viewable name, all the way down to WS16.

CelestialII = rocked

[nuncamacuerdo]

thx again. the wsname at celestial is elvine then? thx i go try it at my client... less my luck.. muehehe

and other question, u use olly for search for that? want command for search? omg im so newbie using thats programs

[nuncamacuerdo]

FUCK now my olly dsnt work fking errors.... i use a gun on my head if i give u the client u can give me the wsname?


here are the 2 clients i cant find the wsname, the number1 say me .,.

<a href='http://hb-cure.ovh.org/pliki/Helbreath% ... cstasy.exe' target='_blank'>http://hb-cure.ovh.org/pliki/Helbreath% ... asy.exe</a>

and the 2nd wpe say me cant injec the dll...
<a href='http://24.250.112.239:8080/hb-fusion4.3.rar' target='_blank'>http://24.250.112.239:8080/hb-fusion4.3.rar</a>

if u can work on it u make my happy thx a log

[bone-you]

The WSname is NOT elvine. I blocked out the WS name because I'm not trying to get people to hack celestial. It's the client I happened to have in disassembly at the time of the post.

Code: Select all

.data:00529A90 unk_000000      db    0;            ; DATA XREF: sub_48F551+13Fo
.data:00529A91                 db    0;  
.data:00529A92                 db    0;  
.data:00529A93                 db    0;
.data:00529A94                 db    0;
.data:00529A95                 db    0;
.data:00529A96                 db    0;  
.data:00529A97                 db    0;  
.data:00529A98                 db    0;  
.data:00529A99                 db    0;  
.data:00529A9A                 db    0;  
.data:00529A9B                 db    0;  
.data:00529A9C                 db    0;  
.data:00529A9D                 db    0;  
.data:00529A9E                 db    0;  
.data:00529A9F                 db    0;  
.data:00529AA0                 db    0;  
.data:00529AA1                 db    0;  
.data:00529AA2                 db    0;  
.data:00529AA3                 db    0;  
.data:00529AA4                 db    0;  
.data:00529AA5                 db    0;  
.data:00529AA6                 db    0;  
.data:00529AA7                 db    0;  
.data:00529AA8                 db    0;  
.data:00529AA9                 db    0;  
.data:00529AAA                 db    0;  
.data:00529AAB                 db    0;  
.data:00529AAC                 db    0;  
.data:00529AAD                 db    0;  

That was the WS name but I nulled it out.

I don't use olly, I use IDA.

That Ecstasy client was packed with aspack.

[nuncamacuerdo]

oks thx i go try now again, yes i know is with aspack i use unaspack and is died... IDA? can u say me the complete name? i go use my oldfriend google

hotkey on ida to search for?

[bone-you]

<a href='http://www.helbreathx.net/files/HelbreathEcstasy.rar' target='_blank'>http://www.helbreathx.net/files/HelbreathEcstasy.rar</a>

for the unpacked client.

Their WSname

Code: Select all

.data:004BDE94 aApocalypseServ db 'APOCALYPSE Server',0; DATA XREF: .text:0045E9BCo
.data:004BDE94                                        ; .text:004812C3o ...
.data:004BDEA6                 db    0;  
.data:004BDEA7                 db    0;  
.data:004BDEA8 aWs2            db 'WS2',0             ; DATA XREF: .text:0045BEADo
.data:004BDEA8                                        ; .text:0045C0F8o ...
.data:004BDEAC aTheHeldenian   db 'The HeldeniaN',0   ; DATA XREF: .text:0045E977o
.data:004BDEAC                                        ; .text:00481263o ...
.data:004BDEBA                 db    0;  
.data:004BDEBB                 db    0;  
.data:004BDEBC a___0           db '.,.',0             ; DATA XREF: .text:0045BEF3o

".,."

.,.

that's it xD

[nuncamacuerdo]

nope guy u are wron... isnt is .,. im saying all clients created by diuudi and snoopy says wsname is .,. i think they change the localization... my english is so bad, and u are joking with my... danm now im crazy

[bone-you]

The WSname for Ecstasy is .,.

If you say I'm wrong, then what is it? You're here asking for help because you can't do it, but when I do it you say I'm wrong. Also, "all clients" is not true because Celestial uses it but doesn't have .,.

[nuncamacuerdo]

i say u are wrong because when i unpack aspack and see .,. i try it and say world server is not activate....

and isnt the 1st time i see .,. in a client and when try it all time says isnt activate... sry for ur time... thx