slm-patcher icon indicating copy to clipboard operation
slm-patcher copied to clipboard

Published 20 hours ago verified publisher icon bousqi

About version 1103 for Linux x64

Open tomay3000 opened this issue 5 years ago • 12 comments

I get it only working for the INITIAL_LICENSE_CHECK_AOB. Neither PERSISTENT_LICENSE_CHECK_AOB nor THEME_CHECK_AOB worked for this version. Could you please provide us with the correct offsets for this version 1103.

Thank you for your understanding.

tomay3000 avatar Jan 26 '19 00:01 tomay3000

Build 1103 Linux 64-bit (With reservation because I don't have Linux and unfortunately couldn't test it)

Name Offset Original Patched
Initial License Check 0x306AD0 0x38 0x08
  0x306AD1 0x00 0x01
Persistent License Check 0x305DFD 0x00 0x01
Theme Check 0x3086D8 0x00 0x01

Initial License Check 38 00 74 42 48 8B 83 28 01 00 00 48 --> 08 01 74 42 48 8B 83 28 01 00 00 48 Persistent License Check E8 67 0D 56 00 CC 66 83 27 00 83 67 --> E8 67 0D 56 00 CC 66 83 27 01 83 67 Theme Check must be here somewhere... 55 00 C6 07 00 C3 48 8B 3F 8B 77 20

HoMeCracKeR avatar Feb 02 '19 23:02 HoMeCracKeR

I am gonna check it.

tomay3000 avatar Feb 02 '19 23:02 tomay3000

The dark theme is still not working :(

tomay3000 avatar Feb 02 '19 23:02 tomay3000

Could you please provide at least some before and after hex values.

tomay3000 avatar Feb 02 '19 23:02 tomay3000

The dark theme is only applied after a while not on the first startup.

tomay3000 avatar Feb 02 '19 23:02 tomay3000

That's what I thought with the Theme Check... As @tostercx has already written, the Dev has changed everything and the values are completely different as in build 1070

HoMeCracKeR avatar Feb 03 '19 00:02 HoMeCracKeR

The Dev must have changed it a Little bit.

tomay3000 avatar Feb 03 '19 00:02 tomay3000

OK will try to debug it myself, which disassembler/debugger do you use?

tomay3000 avatar Feb 03 '19 01:02 tomay3000

I use Hopper Disassembler v4, good luck ;)

HoMeCracKeR avatar Feb 03 '19 01:02 HoMeCracKeR

Thank you.

tomay3000 avatar Feb 03 '19 01:02 tomay3000

Old Build 1070:

0000000000495cc9 | 50                   | push rax                  |
0000000000495cca | E8 59 E0 FF FF       | call sub_493d28           |
0000000000495ccf | 48 8D 05 62 05 65 00 | lea rax, qword [0xae6238] |
0000000000495cd6 | 48 8B 0D 73 AA 64 00 | mov rcx, qword [0xae0750] |
0000000000495cdd | 48 89 01             | mov qword [rcx], rax      |
0000000000495ce0 | 48 8B 35 41 AA 64 00 | mov rsi, qword [0xae0728] |
0000000000495ce7 | 66 C7 06 00 00       | mov word [rsi], 0x0       | <-- patch this to 1
0000000000495cec | C7 46 04 00 00 00 00 | mov dword [rsi+4], 0x0    |
0000000000495cf3 | 48 8D 46 18          | lea rax, qword [rsi+0x18] |

New Build 1103:

0000000000505f7b | 53                   | push rbx                  |
0000000000505f7c | E8 5B E6 FF FF       | call sub_5045dc           |
0000000000505f81 | 48 8D 05 70 02 5C 00 | lea rax, qword [0xac61f8] |
0000000000505f88 | 48 8B 0D 91 A1 5B 00 | mov rcx, qword [0xac0120] |
0000000000505f8f | 48 89 01             | mov qword [rcx], rax      |
0000000000505f92 | 48 8B 1D 5F A1 5B 00 | mov rbx, qword [0xac00f8] |
0000000000505f99 | 48 89 DF             | mov rdi, rbx              |
0000000000505f9c | E8 59 FE FF FF       | call sub_505dfa           | <-- now using ANDs O__O
0000000000505fa1 | 48 8B 3D 88 A1 5B 00 | mov rdi, qword [0xac0130] |
0000000000505fa8 | 48 8D 15 59 40 56 00 | lea rdx, qword [0xa6a008] |

HoMeCracKeR avatar Feb 03 '19 01:02 HoMeCracKeR

This works on 1119 build but not on beta 2002.

Surendrajat avatar Mar 22 '20 17:03 Surendrajat