What is KalOnline Addon?
If you've found this blog, I'm pretty sure you know what it is, but just to clarify - KalOnline Addons (or plugins, core - however you call it) are modifications to KalOnline game client and server. The modifications change overall gameplay, fix existing bugs or exploits or even introduce entire new systems which are unavailable in original, vanilla/classic version of the game.
Short History
KalOnline was first published in 2004 by korean company InixSoft, which was sold or renamed to GameAgit. The game is still being developed and runs in 2023 as I'm writing this post. You can find original game client and still play! Having the game completely changed throughout the years, we can still see plenty of players still logged in, in starting town Narootuh.
Aside from original international server, there is active private server scene still around trying to deliver old-school game vibes to plenty of players split among the servers. Most visited server list can be found here.
KalOnline Game Architecture
KalOnline MMORPG uses standard client-server architecture with MSSQL Database for data storage.
The server files were leaked around 2006 from internal FTP server during the hack, which is story for another time. The files were quickly published and this is when private servers scene was born. There were plenty of private servers popping up with higher rates and hundreds of players providing competition for original public international server managed by koreans. Unfortunately, as far as I'm aware the server side source code was never released - only compiled binaries have seen the daylight, and this is how private servers operate till this day.
So why do we see post-2006 year content in current private servers you may ask?
Binary Modifications
This is due to binary modifications. Throughout the years, developers managed to modify kal binaries in sophisticated ways to extend the content and introduce all the new updates koreans made in original server.
I'm sure that you (if you have ever been KalOnline player) have performed kal binary modification at some point as well.
Let he who has not used a speed hack in KalOnline cast the first stone!
Yes, speed hack is binary modification. Using cheat-engine in general is binary modification. You edit KalOnline client in-process memory at runtime and change its original behavior.
Searching for speed value address and changing it to higher value is binary modification. The same for Z-cooridnate manipulation. Do you remember the D1 floor Z-coordinate 19993
and D1 Statue's 20020
? Changing Z value in-game is binary modification.
The same modifications we do to develop KalOnline Addons - but with more sophisticated tools and techniques.
Ways to Modify Compiled Binaries
Static .exe modifications
This works well for simple use cases. Want to change castle war day? Want to change max party size? Want to change guild set up price? There probably is a way to change it by changing MainServer executable (MainServer.exe
). For such modifications (and looking up binary files) I recommend using HxD Tool.
Pros:
- easy to change the value (just modify the file)
- no need for Addons (DLL files)
Cons:
- impossible to implement more complicated logic
In-process manual memory editing
Once the game is started, entire binary file is loaded into RAM. Aside from that, there is additional read-write access memory which procesess can use. The memory can be freely modified once hooked into the process after application is started. For this task we can use existing third party applications such as Cheat-Engine and ollydbg.
Pros:
- easy to find the value we need via value finder
- easy to debug application flow and reason about the internals
Cons:
- changes are not persisted after client/server restart
- impossible to implement more complicated logic
DLL injection
This is a process of creating proxy DLL, which job is to act as original DLL but with additional code injected at application start-up. This approach was exploited on multiple of private servers to inject cheats into the game client. It is very hard to protect against this kind of activity, but many people tried by obfuscation, which is also topic for another time.
When similar approach is used for MainServer.exe
instead of game client, we can inject arbitrary code to server application and extend the content in whatever ways we can imagine.
Pros:
- possible to implement complicated logic by hooking into existing functions and executing arbitrary code
Cons:
- changing behavior of an application without running in-depth tests may lead to undefined behavior and application crashes
This is go-to method of creating KalOnline Addons. All private servers you have played (or even ran yourself in the past?) use this approach. If you ever set up KalOnline server you either ran clean leaked 2006 files or used some pre-compiled addons (DLLs) named "Core". There are developers actively selling those pre-compiled addons (or even source code) which community has built along the way.
Addons Used in Bango Server
First BangoKal was developed by me (lafreak
) and R3volutioN
over 10 years ago now. The source was then later developed further by others and became what you know as "Core".
Bango Classic in 2021 ran on entirely new Addon, developed by myself from scratch with all the knowledge I've managed to gather throughout the years. It is still missing important features such as third job or additional player classes and custom PvP systems, but gets the job done for vanilla style servers.
If you want to see more content regarding addons or tutorials related to DLL injection, visit my discord server and let me know.
I'm out for now.
lafreak