Lineage 2 dump

gistfile1.txt

#include <windows.h>

void DumpFile()
{
	typedef void (__cdecl *f_appLoadFileToArray)(char *, wchar_t *, int);
	typedef void (__cdecl *f_appSaveArrayToFile)(char *, wchar_t *, int);

	f_appLoadFileToArray appLoadFileToArray = (f_appLoadFileToArray)GetProcAddress(GetModuleHandleA("Core.dll"), "?appLoadFileToArray@@YAHAAV?$TArray@E@@PBGPAVFFileManager@@@Z");
	f_appSaveArrayToFile appSaveArrayToFile = (f_appSaveArrayToFile)GetProcAddress(GetModuleHandleA("Core.dll"), "?appSaveArrayToFile@@YAHABV?$TArray@E@@PBGPAVFFileManager@@@Z");

	char TArray[0x14];
	memset(TArray,0,0x14);

	appLoadFileToArray(TArray, L"..\\System\\Interface.u", *((int *)GetProcAddress(GetModuleHandleA("Core.dll"), "?GFileManager@@3PAVFFileManager@@A")));
	appSaveArrayToFile(TArray, L"..\\System\\Interface.decrypted.u", *((int *)GetProcAddress(GetModuleHandleA("Core.dll"), "?GFileManager@@3PAVFFileManager@@A")));
}
bool dumped = false;
void StartCheck()
{
	// wait until WinDrv is loaded just so we know everything we need is initialized correctly
	if (GetModuleHandleA("WinDrv.dll") != NULL) {
		if (!dumped) {
			DumpFile();
			dumped = true;
		}
	}
}
__declspec(dllexport) BOOL APIENTRY DllMain( HMODULE hModule, DWORD ul_reason_for_call, LPVOID lpReserved )
{
	switch (ul_reason_for_call)
	{
	case DLL_PROCESS_ATTACH:
	case DLL_THREAD_ATTACH:
		StartCheck();
	case DLL_THREAD_DETACH:
	case DLL_PROCESS_DETACH:
		break;
	}
	return TRUE;
}

Hi there,

Did everything as you described, but I think they patched it. After I tried to open L2.exe in order to invoke l2.bin it does nothing. The game doesn't open and interface.decrypt.u is not generating inside the system folder. I tried opening Core.dll with CFF Explorer and couldn't find appLoadFileToArray or appSaveArrayToFile inside it. Any ideas?