Climb Anywhere

ools needed:

CE 5.x or higher
ollydbg

Steps:

1. Locate your X cood using CE.
2. Search using Float, Truncated, ie: If your X is 1234.56789 use 1234 as the initial search paramater.
3. After getting around 8-12 resutls, test your findings by adding +10/-10 to each of the results... If your character moves, then you've located your correct X coord. ( This is also tele hack )
4. onces obtained the X Coord " Find out what access this address ", There should be a sequences of op codes it follows, the one your interested in is as follows:

mov ebx,[edx]
After that you want to open memory viewer.
The following should be:

MOV
CMP
then follow by a Jump code

hint: change the JNZ to JMP
You have got yourself climb anywhere hack.

Get the address, open ollydbg and make the modification in the GAME.EXE respectively. Then your done.

I'm not here to spoon feed, I'm not here to give you step by step 100% spoon feed methods. I've already given WAY TOO MUCH hints... Anymore might result in a perma patch.

Regards,

Runner.

*Runs away*
Note: I'll not be responding to this post... going foward, good luck in finding it yourself. All the hints are there... Any extra, learn how to use the tools yourself not my job to teach you.

Read rest of entry

GG Bypass

STEP 1

Download OllyDbg. Download links are at the bottom of this post

Install and open OllyDbg.

Click File>Open or press F3

Navigate to the folder Shaiya is installed in. (this is probably in C:\AERIA GAMES\Shaiya, depending on install)

Open game.exe


STEP 2
In the big section that pops up, do the following:

Right Click>Search For>All intermodular Calls

In the window that appears /fills up with information, sort the results by destination. (this can be done by clicking on the column header)


Now remember that procedure. In the rest of this tutorial i will only be referring to it as searching for IC's.



STEP 3

So search for IC's and scroll down until you find kernel32.CreatMutexA. (in the destination column)

Double click on the first kernel32.CreatMutexA

3 lines under the line that is now highlighed (the kernel32.CreatMutexA), you should see JNZ SHORT game. in the middle column.

Double click the JNZ bit, and in the small window that pops up, change JNZ to JMP and click Assemble



STEP 4

Search for IC's

Scroll to find kernel32.GetCurrentProcessId, and double click on the first one.

A couple of lines up in the middle column should be JNZ game.(numbers)

Double click on it, and change the JNZ to JMP, and click Assemble.



STEP 5

Search for IC's

Scroll to find kernel32.CreateProcessA, and double click on the second last one.

Above that, about 5 or 6 lines up, will be PUSH 1, and InheritHandles = TRUE.

Double click on it, and change the PUSH 1 to PUSH 0, and click Assemble



STEP 6

Search for IC's

Scroll down till u find USER32.FindWindowA, and double click on it

Under the command TEST EAX,EAX change 1st JE to JMP



STEP 7

Right Click>Search for>All referenced text strings

Scroll to find ASCII "start game", and double click on it

About 5 lines under you should see JE game.(numbers)

Double click on it, and change the JE to JMP



STEP 8

Right Click>Search for>All referenced text strings

Scroll to find ASCII "nProtect GameGuard", and double click on it

Directly under it you should see JNZ SHORT game.(numbers)

Double click on it, and change the JNZ to JMP

STEP 9

Press Ctrl+F

In the Find Command window that appears, copy in MOV EAX,262

In the line that Olly navigates to, double click it, and change to the MOV EAX,262 to MOV EAX,755 then click Assemble



STEP 10

Right Click>Copy to executable>All modifications

In the new window that appears, Right Click>Save File and save it in the Shaiya folder.



STEP 11

Make a copy of the shorcut on your desktop/start menu, and called it "No GG Shaiya" or something. You probably shouldnt delete the original shortcut, so that you can update shaiya when you need to. Sometimes an update will not patch the game.exe, but when it does then just follow the above steps again.

In the new shortcut you made, Right Click>Properties

In the bit that says "C:\AeriClick Ok and you are done!a Games\Shaiya\game.exe", add start game to the end.

Your new shortcut should look like "C:\Aeria Games\Shaiya\game.exe" start game

Read rest of entry

GG Bypass and Multiclient

Quick Reference
Quote:
Originally Posted by zerosignal
Download and install OllyDBG, this requires basic knowledge how to use it.

* In Shaiya installed folder, open "game.exe".
* Make sure you have selected the "game.exe" Executable Module (View -> Executable Modules).
* To do a Intermodular call search, right click on ASM Code window, select Search for -> All intermodular calls. It's useful to sort by Destination.
* To do Text string search, right click on ASM Code win, select Search for -> All referenced text strings. Then in the results, right click, then Search for text.

Code:

search for Intermoduler call kernel32.CreatMutexA
Under CMP EAX,0B7
Change JNZ to JMP.
Look for USER32.FindWindowA
Under TEST EAX,EAX
Change JE to JMP


Search for ASCII "nProtect GameGuard".
Directly underneath it.
Change from JNZ to JMP.


Search for IC the first kernel32.GetCurrentProcessId.
Above it look for TEST AL,AL.
Underneath change JNZ, to JMP.


Search for IC the second last kernel32.CreateProcessA.
Scroll up till you see ASCII "enc: %s".
Below it should be a set of PUSH commands,
Change the 3rd last PUSH 1 to PUSH 0.


Search for IC last kernel32.GetExitCodeProcess.
Above it look for the first MOV EAX,262.
Change from MOV EAX,262 to MOV EAX,755.

(Optional - So you do not have to pass start game arguments to exe)
search for ASCII "start game",
Under TEST EAX,EAX
Change from JE to JMP.

Credits:
Jewbacca (Ploxoraus).
Everyone else who contributed.
Detailed Instructions
Quote:
Originally Posted by Lucky_Phil
Detailed tutorial on making a No GameGuard Multi-Client executable.

So far the tutorials i have seen here are good, but for all you absolute newbies with none/next-to-none experience with Ollydbg here is a detailed tutorial on making the hacked client. (GG Bypass and Multi-Client)

Before you begin:
Make a backup of your game.exe file. I normally just make a copy of it in the same folder, except rename it to game.bak. That way, if you screw things up, you can easily delete the bad file, and then rename game.bak back to game.exe.

STEP 1

Download OllyDbg. Download links are at the bottom of this post
Install and open OllyDbg.
Click File>Open or press F3
Navigate to the folder Shaiya is installed in. (this is probably in C:\AERIA GAMES\Shaiya, depending on install)
Open game.exe



STEP 2
In the big section that pops up, do the following:

Right Click>Search For>All intermodular Calls
In the window that appears /fills up with information, sort the results by destination. (this can be done by clicking on the column header)


Now remember that procedure. In the rest of this tutorial i will only be referring to it as searching for IC's.

STEP 3

So search for IC's and scroll down until you find kernel32.CreatMutexA. (in the destination column)
Double click on the first kernel32.CreatMutexA
3 lines under the line that is now highlighed (the kernel32.CreatMutexA), you should see JNZ SHORT game. in the middle column.
Double click the JNZ bit, and in the small window that pops up, change JNZ to JMP and click Assemble


Code:

1: Search for All intermodular calls
2: Sort by Destination
3: Scroll down till u find USER32.FindWindowA, and double click on it
4: Under the command TEST EAX,EAX change 1st JE to JMP


STEP 4

Search for IC's
Scroll to find kernel32.GetCurrentProcessId, and double click on the first one.
A couple of lines up in the middle column should be JNZ game.(numbers)
Double click on it, and change the JNZ to JMP, and click Assemble.



STEP 5

Search for IC's
Scroll to find kernel32.CreateProcessA, and double click on the second last one.
Above that, about 5 or 6 lines up, will be PUSH 1, and InheritHandles = TRUE.
Double click on it, and change the PUSH 1 to PUSH 0, and click Assemble



STEP 6

Press Ctrl+F
In the Find Command window that appears, copy in MOV EAX,262
In the line that Olly navigates to, double click it, and change to the MOV EAX,262 to MOV EAX,755 then click Assemble



STEP 7

Right Click>Search for>All referenced text strings
Scroll to find ASCII "start game", and double click on it
About 5 lines under you should see JE game.(numbers)
Double click on it, and change the JE to JMP



STEP 8

Right Click>Search for>All referenced text strings
Scroll to find ASCII "nProtect GameGuard", and double click on it
Directly under it you should see JNZ SHORT game.(numbers)
Double click on it, and change the JNZ to JMP



STEP 9

Right Click>Copy to executable>All modifications
In the new window that appears, Right Click>Save File and save it in the Shaiya folder.



STEP 10

Make a copy of the shorcut on your desktop/start menu, and called it "No GG Shaiya" or something. You probably shouldnt delete the original shortcut, so that you can update shaiya when you need to. Sometimes an update will not patch the game.exe, but when it does then just follow the above steps again.
In the new shortcut you made, Right Click>Properties
In the bit that says "C:\Aeria Games\Shaiya\game.exe", add start game to the end.
Your new shortcut should look like "C:\Aeria Games\Shaiya\game.exe" start game
Click Ok and you are done!


Credits:
Jewbacca (Ploxoraus).
ZeroSignal.
Everyone else who contributed.

OllyDbg Download links
Download Page: Download
http://www.ollydbg.de/download.htm
Direct Download Link: www.ollydbg.de/odbg110.zip

Read rest of entry

Shaiya bots: Shaiya-AutoPots and AutoAttack

I've been addicted to this game and still loves playing it when i have time,
but when i dont have time I run this:

A) AutoPots - Self Heal script, I never play any game manually without having one.

How to Use:
1) Open Shaiya client and login your character.
2) Place all pots you need at the control tab (mine is 8=HP, 9=MP and 0=SP)
3) Make sure the game is set at 1024 x 768 resolution (Other resolution unsupported)
3) Open Shaiya-AutoPots and assign the same arrangement at the INPUT BOX .
(expample: HP={8} MP={9} and SP={0} always use {} )
4) Click "Save" and "Start"

Click Here to Download Shaiya-AutoPots


B) AutoAttack - Script that i run together with AutoPots when i need to go AFK.

Settings:
Attack Key = 1
Pickup Key = 2
Skill Key = 3
Skill Key = 4
Skill Key = 5
Skill Key = 6

¨Click Here to Download Shaiya-AutoAttack

Read rest of entry

How to restart in Shaiya

Shaiya order to be able to play, you need a AERIA account, because with these logs you in Shaiya On. If you have such an account yet, you can under http://login.aeriagames.com/user/register register. When registering, the usual data. The data for your own person are voluntary statements. Only the date of birth, the country and of course user name and e-mail address are required.
If you created the account, you can log in Shaiya. Even after this first login, you have an important choice: It must be for the alliance of light or for the Union of Wrath decide. In the light of the alliance fighting the people and the Elves and the Union according to Nordein and Vail.

If this decision can be created his own character. It can change the gender, class, the job and the appearance will be selected. Of course, the character also given a name, which will also happen here.

Finally, he will still own mode for the game experience elected. These can vary from light, normal, heavy, the ultimate mode chosen. Shaiya played for the first time, should you opt for the normal mode to decide. Did you ever have no experience in playing MMORPGs, the mode is rather easy to recommend. The ultimate mode differs from the requirements that the players are, not the mode difficult, but here are the bonuses for their own status and capabilities increased. At the same time, there are exclusive items, skills and spells, the player can be used. A choice of this mode, but you should carefully consider, as each character that dies in the game and not within 3 minutes aufersteht, deleted and will be forever lost.


If this decision is the fundamental decisions behind the players and the actual game can be started. Before starting in the world around, you should still see the different windows, which are the main characteristics of their own character or play but the imperative is to defend against potential adversaries may be. The ads are usually self, but nevertheless occur once questions, they can at http://de.shaiya.aeriagames.com/guide.php?q=guide/start soon be answered.

Finally, a few words about the movement in Shaiya. Here you can choose between the locomotion of clicking with the mouse or by using the keys W, S, A and D. It is the key variant is very popular because the mouse buttons for the struggles optics.

Read rest of entry

Shaiya trick: Bypass Auto-Update

It appears that the launcher uses CreateProcessA. Further analysis tells that it uses the command line:

Game.exe start game

With that, we know that we can create a shortcut to game.exe and simply add start game.

For those who still don't understand, here is what you should do. Make a new shortcut. Then, paste this:

C:\Sonov\Shaiya\game.exe start game

Read rest of entry

Shaiya movies of week 48 - 2008

Shaiya PvP Event


Shaiya kill steal


Monsters


PvP Revenge


Sexy Monster

Read rest of entry