ProjectHax

ProjectHax General Programming

Closed Thread
 
Thread Tools Display Modes
  #1  
Old 07-18-2011
WeeMan WeeMan is offline
Administrator
 
Join Date: Apr 2011
Location: United States
Posts: 12,358
Default Prevent GameGuard from loading

First off let me say that this will disconnect you after a certain amount of time!

1. Load sro_client.exe into OllyDbg
2. Right Click -> Search For -> All Referenced Text Strings
3. In the new window Right Click -> Search for text
4. Search for 'GameGuard'
5. Look for something similar to this
Code:
007F1E6A     56                                    PUSH ESI
007F1E6B     FFD5                                  CALL EBP
007F1E6D     50                                    PUSH EAX                                                                                           ; kernel32.BaseThreadInitThunk
007F1E6E     56                                    PUSH ESI
007F1E6F     68 9888D400                           PUSH sro_clie.00D48898                                                                             ; ASCII "GameGuard"
007F1E74     FFD5                                  CALL EBP
007F1E76     50                                    PUSH EAX                                                                                           ; kernel32.BaseThreadInitThunk
007F1E77     68 9888D400                           PUSH sro_clie.00D48898                                                                             ; ASCII "GameGuard"
007F1E7C     68 01000100                           PUSH 10001
007F1E81     68 00040000                           PUSH 400
007F1E86     FF15 E0D1CF00                         CALL DWORD PTR DS:[<&kernel32.CompareStringA>]                                                     ; kernel32.CompareStringA
6. Go to the address of 'GameGuard' in the dump window and change it to GameGuar2
7. Save the EXE by copying the changed byte and right clicking and choosing Copy to executable
8. Load the saved EXE into olly and repeat steps 2 through 3
9. Now this time search for 'n_protect.dat'. You should see something like this.
Code:
00AC9C40     8B4424 04                             MOV EAX,DWORD PTR SS:[ESP+4]
00AC9C44     68 3CD7D600                           PUSH sro_clie.00D6D73C                                                                             ; ASCII "config\\n_protect.dat"
00AC9C49     A3 E0110701                           MOV DWORD PTR DS:[10711E0],EAX                                                                     ; kernel32.BaseThreadInitThunk
00AC9C4E     E8 2DFDFFFF                           CALL sro_clie.00AC9980
00AC9C53     83C4 04                               ADD ESP,4
00AC9C56     8D4C24 04                             LEA ECX,DWORD PTR SS:[ESP+4]
00AC9C5A     51                                    PUSH ECX
00AC9C5B     6A 00                                 PUSH 0
00AC9C5D     6A 00                                 PUSH 0
00AC9C5F     68 509BAC00                           PUSH sro_clie.00AC9B50
00AC9C64     6A 00                                 PUSH 0
00AC9C66     6A 00                                 PUSH 0
00AC9C68     A3 C0110701                           MOV DWORD PTR DS:[10711C0],EAX                                                                     ; kernel32.BaseThreadInitThunk
00AC9C6D     FF15 94D1CF00                         CALL DWORD PTR DS:[<&kernel32.CreateThread>]                                                       ; kernel32.CreateThread
00AC9C73     A3 DC110701                           MOV DWORD PTR DS:[10711DC],EAX                                                                     ; kernel32.BaseThreadInitThunk
00AC9C78     33C0                                  XOR EAX,EAX                                                                                        ; kernel32.BaseThreadInitThunk
00AC9C7A     C3                                    RETN
10. On the line where it says 'n_protect.dat' you want to modify it by press space on that line and typing 'RET' and hitting enter
11. Right click on the main OllyDbg disassembly window and choose Copy to executable -> All modifications -> (New window appears) Copy all
12. Right click on the new window -> Save file
13. You got the rest
__________________
New forum coming soon!
https://forum.projecthax.com/t/welcome/37
Closed Thread

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 08:11 PM.
Powered by vBulletin® Version 3.8.11
Copyright ©2000 - 2018, vBulletin Solutions Inc.

Google+ Facebook Twitter