Tutorials

[MoonMan]

After reading a great deal of huhuhaha's work, I decided to take a stab at the ASM editting with a good amount of success (Not nearly as much as I wished, but better than nothing) Before I can go any further, I must say thanks to Lite for helping me out on this. He truely is a great hacker and how could I forget about huhuhaha for the huge list of addresses.

Step 1
First thing to do is strip the Helbreath exe for the protection that's on these files. There is probably only one program that I have found (I wasn't looking around for anything other program ) that does the job. Which can be found <a href='http://www.is.svitonline.com/syd/' target='_blank'>HERE</a>. Simple just download it, run it, Press Open and pick the Helbreath.exe file you're going to edit, and press Unpack. It's that easy, you will later find a file in the same directory with the name _Helbreath.exe <-- Something like that. The _ means it's unpacked and ready for editing

Step 2
You'll need to find a program to edit all this crap in, one that I use a lot (Everyone probably uses it) is <a href='http://home.t-online.de/home/Ollydbg/' target='_blank'>OllyDBG</a> a great program might I add, when you know how to use it

Step 3 (Optional)
You can either find these addresses on your own or try using the ones I shall provide you with (That is if it does work). If you want to go solo I should recommend getting <a href='http://membres.lycos.fr/tsearch/' target='_blank'>TSearch v1.6</a> <span style='color:red'>NOTE:</span>After downloading TSearch, change the name of the .exe file to something like "TS.exe" or "Hacker.exe" anything BUT "TSearch.exe".

Step 4 (LOL)
Get Helbreath United, Best damn server out there!

Step 5
Now that you have all the tools needed and a unstripped Helbreath.exe we're ready to actually begin on the major editing (Not really major but it gives you "Hax0rz") I'll first provide you with some of the addresses I used for Helbreath United v2.20 exe.

Code: Select all

______________________
Helbreath Fast Cast          |
______________________
0045960F : EB 22 90 90

Open up the exe (In my case this would be "_HB United.exe") with OllyDBG. Press Ctrl+G (This is a simple shortcut to the "Goto Address" command) and type in "0045960F" (Which is the address provided from the previous code shown above) When you get there you should see something like.

Code: Select all

0045960F |     805424  50     |  LEA EDX,DWORD PTR SS:[ESP+50]          |

This here is the code we will be editting for our Fast Cast Hack. To edit the line simply right click anywhere in the debugger. A menu will popup with a few givin command. The one we are looking for is Binary > Edit or you could take the shortcut and use "Ctrl+E". A little window will come up prompting you to insert a new line of code. We'll put EB 22 90 90, Which should give us a Fast Cast hack of some sort. After you have edited this line we can save it now. To do so just right click, find "Copy to executable" > "All Modifications" > "Copy All". After this little process you'll receive a window similar to the one we were editing in. Right click on it and click "Save File", just give it some name doesn't matter.

Step 6
After you have saved it, open up the exe and check to see if the hack actually works. You shouldn't be getting that little stupid wait icon when casting spells.

I hope this helps the people who have been having some trouble getting anything to work with these programs. I know I have <_< and there might be some out there having the same problem. At the moment I don't really understand how to get's huhuhaha's code and convert it to v2.20, I would like some help for this if anyone out there could

[MoonMan]

Also I'd like to note, I have a hacked .exe with the following
Logout
Fast Cast
Speed
Pick Up
X2 Swing

I'll release it as soon as someone tells me how to get speed trap working

[flyingfox]

i got a exe i cant strip it , even i use stripper 2.03 .. any other program to recommend ??

[ratix]

After reading a great deal of huhuhaha's work, I decided to take a stab at the ASM editting with a good amount of success (Not nearly as much as I wished, but better than nothing) Before I can go any further, I must say thanks to Lite for helping me out on this. He truely is a great hacker and how could I forget about huhuhaha for the huge list of addresses.

Step 1
First thing to do is strip the Helbreath exe for the protection that's on these files. There is probably only one program that I have found (I wasn't looking around for anything other program ) that does the job. Which can be found <a href='http://www.is.svitonline.com/syd/' target='_blank'>HERE</a>. Simple just download it, run it, Press Open and pick the Helbreath.exe file you're going to edit, and press Unpack. It's that easy, you will later find a file in the same directory with the name _Helbreath.exe <-- Something like that. The _ means it's unpacked and ready for editing

Step 2
You'll need to find a program to edit all this crap in, one that I use a lot (Everyone probably uses it) is <a href='http://home.t-online.de/home/Ollydbg/' target='_blank'>OllyDBG</a> a great program might I add, when you know how to use it

Step 3 (Optional)
You can either find these addresses on your own or try using the ones I shall provide you with (That is if it does work). If you want to go solo I should recommend getting <a href='http://membres.lycos.fr/tsearch/' target='_blank'>TSearch v1.6</a> <span style='color:red'>NOTE:</span>After downloading TSearch, change the name of the .exe file to something like "TS.exe" or "Hacker.exe" anything BUT "TSearch.exe".

Step 4 (LOL)
Get Helbreath United, Best damn server out there!

Step 5
Now that you have all the tools needed and a unstripped Helbreath.exe we're ready to actually begin on the major editing (Not really major but it gives you "Hax0rz") I'll first provide you with some of the addresses I used for Helbreath United v2.20 exe.

Code: Select all

______________________
Helbreath Fast Cast          |
______________________
0045960F : EB 22 90 90

Open up the exe (In my case this would be "_HB United.exe") with OllyDBG. Press Ctrl+G (This is a simple shortcut to the "Goto Address" command) and type in "0045960F" (Which is the address provided from the previous code shown above) When you get there you should see something like.

Code: Select all

0045960F |     805424  50     |  LEA EDX,DWORD PTR SS:[ESP+50]          |

This here is the code we will be editting for our Fast Cast Hack. To edit the line simply right click anywhere in the debugger. A menu will popup with a few givin command. The one we are looking for is Binary > Edit or you could take the shortcut and use "Ctrl+E". A little window will come up prompting you to insert a new line of code. We'll put EB 22 90 90, Which should give us a Fast Cast hack of some sort. After you have edited this line we can save it now. To do so just right click, find "Copy to executable" > "All Modifications" > "Copy All". After this little process you'll receive a window similar to the one we were editing in. Right click on it and click "Save File", just give it some name doesn't matter.

Step 6
After you have saved it, open up the exe and check to see if the hack actually works. You shouldn't be getting that little stupid wait icon when casting spells.

I hope this helps the people who have been having some trouble getting anything to work with these programs. I know I have <_< and there might be some out there having the same problem. At the moment I don't really understand how to get's huhuhaha's code and convert it to v2.20, I would like some help for this if anyone out there could

did you check "keep size"?

[ratix]

i got a exe i cant strip it , even i use stripper 2.03 .. any other program to recommend ??

did you get something like....."cannot unpack file"?

[charlie]

remember about offsets with different versions people

[charlie]

i think i might add this to the tuitorial page if its ok with moonman ^_^

[ed1tor]

about binding:

you have to concern and dealth with similarity, bytes, reference text might be useful for some patch! and of course the huhuhaha posted code!

Beside, not all the patch was posted, you need to get asm knowledge, so you have some basic idea on what the line of code do so that you might even tweak already posted code so that it behave like what you expected

..just some suggestion, you can ignore + no flame plz

[flyingfox]

i got a exe i cant strip it , even i use stripper 2.03 .. any other program to recommend ??

did you get something like....."cannot unpack file"?

yeah..... u r right .... any solution for this ???

[MoonMan]

Charlie, I wouldn't mind at all

Which version of helbreath are you using to strip it? I might just upload a unstripped version later on.

My "Keep Size" box is unchecked

[LDoriginal]

remember about offsets with different versions people

ok so lets say i have a diff address and so it doesn't work... how would i go about doing this ?

what would i search ... tips/clues everything

[ed1tor]

get a hex calculator

[Tom0]

yo how did u do 2x swing, and ya a hex calc is good, ue ur default one with windwows.

[MoonMan]

I found the address of Movement, The whole (2=Running, 1=Walking, 7=Critical)

Did a autohack with that. Go back in game and make your guy bend down like he's picking up something. TSearch should give you a list of addresses. Here is a little example of what mine looks like

----------------------------------------------
484A1E: mov byte ptr [eax+0x61],0x0
482C52: lea edi,[eax+0x4]
4840BD: mov [edx+0x61],al
----------------------------------------------

Click on the one that's bold. This should put your debugger at the current address of the bold text. From there, go down one from 4840BD to 4840C0 (This should be right under 4840BD) Right click press Assemble and change the Mov to Sub

All those addresses come from Helbreath United v2.20

Hope that helps, if you need anything else just PM or post back here.

[ratix]

i got a exe i cant strip it , even i use stripper 2.03 .. any other program to recommend ??

did you get something like....."cannot unpack file"?

yeah..... u r right .... any solution for this ???

i used to get that....then i format and now it works ^^