GameServer DLL

[CyberClaus]

Hi all, and i want to thank Max for continue with the community, as this is my first post in here! Thanks Max.

Now, i've been working on the hook idea. Ive read the packets for the moonstatue,wasd movement and so... Now, with this, ive managed to make 4 dll's, later ill reduce it if no lagg occurs, to 1, with the functions to complete what the client wants from the server. Im sure that, when i have the dll debugged and hooked with the gameserver ill be able to run the client with moonstatue,rareoptions,wasd,siban and roy, and everything new that be created... But now, after all this work, i cant make the GameServer use the dll... so what i have done is this, i use the JMP comand before the flag that gives error, for instance when you try to use the moonstatue, didnt work and im stuck, cause my ASM knowlegde is just of 1 year moreless... Can some1 help me? Any idea?

[filix_93]

that a rly cool idea . I hope some one can help you , I'm not able to do that xD

[Nikolee]

Hi all, and i want to thank Max for continue with the community, as this is my first post in here! Thanks Max.

Now, i've been working on the hook idea. Ive read the packets for the moonstatue,wasd movement and so... Now, with this, ive managed to make 4 dll's, later ill reduce it if no lagg occurs, to 1, with the functions to complete what the client wants from the server. Im sure that, when i have the dll debugged and hooked with the gameserver ill be able to run the client with moonstatue,rareoptions,wasd,siban and roy, and everything new that be created... But now, after all this work, i cant make the GameServer use the dll... so what i have done is this, i use the JMP comand before the flag that gives error, for instance when you try to use the moonstatue, didnt work and im stuck, cause my ASM knowlegde is just of 1 year moreless... Can some1 help me? Any idea?

 

 

As first youre Right, the Forum is nice thanks Max!

 

But for your Post for the WASD movemant you dont need to make it Server Side, this is Clientside. (If you log in with ep2 client you can move with WASD )

[hunsolo]

You're better off writing a emu project. It would take you just as long to code hooks to be able to do this as it would to code a base for a emulator. Even if you were able to add in said features, the server files are still insecure and have tons of dupe methods in them (right now there is another gold dupe method that works on all EP1 servers). You could never run a official rate server off of these unless you re-wrote them. Which would take ten times longer in asm.

[CyberClaus]

As first youre Right, the Forum is nice thanks Max!

 

But for your Post for the WASD movemant you dont need to make it Server Side, this is Clientside. (If you log in with ep2 client you can move with WASD )

 

Dam your right Nikola, thanks for the eye opening!!! So the function i was writing, i could simply past it in the client.... Holy crap... LOL

[someone]

Read this tutorial first 2

Simple hook without patching the DLL file.

1)First thing you will need to create a DLL.

2)You will need to read on these functions

- OpenProcess

- CloseHandle

- WriteProcessMemory

- ReadProcessMemory

- VirtualAllocEx

- CreateRemoteThread

- WaitForSingleObject

- GetExitCodeThread

- VirtualFreeEx

 

3)You would need to know some ASM + Debugging

 

Basic Hooking:

int iPid = FindProcess("GameServer.exe");
//open the process for read and write
HANDLE hProcess = OpenProcess(PROCESS_ALL_ACCESS, true, iPid);
if(!hProcess){
//error could not open the process
return -1;
}

//allocate space for the code section(here will be your code)
DWORD dwMemCode =(DWORD) VirtualAllocEx(hProcess, NULL, 0x100, MEM_COMMIT | MEM_RESERVE, PAGE_EXECUTE_READ);
if(!dwMemCode){
//error could not allocate memory
return -1;
}

//allocate space for the Data section(here will be your variables and strings)
DWORD dwMemData =(DWORD) VirtualAllocEx(hProcess, NULL, 0x100, MEM_COMMIT | MEM_RESERVE, PAGE_READWRITE);
if(!dwMemData){
//error could not allocate memory
return -1;
}

//writing the dll path to the process memory for your functon to find it
char sDllPath[] = "C:\\MyHook.dll";
if(!WriteProcessMemory(hProcess,(LPVOID)dwMemData, sDllPath ,strlen(sDllPath), NULL)){
printf("errot could not write to memory");
return -1;
}

//create a remote Thread that will run on the process
//the remote thread is the function LoadLibraryA and as parameter is the sDllPath in theprocess memory
HANDLE hRemoteThread = CreateRemoteThread(hProcess, NULL, NULL, (LPTHREAD_START_ROUTINE)LoadLibraryA,(LPVOID)dwMemData,NULL, NULL);

//wait till the thread finishes
DWORD dwRet = WaitForSingleObject(hRemoteThread, INFINITE);
if(dwRet){
// if anything other then WAIT_OBJECT_0 close app
return -1;
}

//get the return code of the function loaded in CreateRemoteThread(LoadLibraryA)
DWORD hLibModule;
if(!GetExitCodeThread(hRemoteThread, &hLibModule)){
return -1;
}

//check if it returned correct
if(!hLibModule){
//could not attach the dll hook to the process
//either you didn't give a good path to the Dll, etc
return 1;
}
//close the thread
CloseHandle(hRemoteThread);

//do other operations

//At app Closing
//free the memory
VirtualFreeEx(hProcess,(LPVOID) dwMemCode, 0, MEM_RELEASE);
VirtualFreeEx(hProcess,(LPVOID) dwMemData, 0, MEM_RELEASE);

//close the process
CloseHandle(hProcess); //Close Handle

[CyberClaus]

/*


* Last Chaos


* Copyright © 1998, CroTeam. All rights reserved.


*


*/


 


 


#include "StdH.h"


#include <io.h>


#include <fcntl.h>


#include <sys/stat.h>


#include <process.h>


#include <Engine/CurrentVersion.h>


#include <Engine/Templates/Stock_CEntityClass.h>


#include <Engine/Templates/Stock_CFontData.h>


#include <Engine/Interface/UIManager.h> // yjpark


#include <Engine/Interface/UIMouseCursor.h>


#include <Engine/GameState.h>


#include <Engine/GlobalDefinition.h>


#define DECL_DLL


#include <EntitiesMP/Global.h>


#include "resource.h"


//#include "SplashScreen.h"


#include "Mainwindow.h"


#include "GlSettings.h"


//#include "LevelInfo.h"


//#include "LCDDrawing.h"


#include "CmdLine.h"


//#include "Credits.h"


#include <Engine/Base/Protection.h>


#if COPY_PROTECTION


#include <Engine/Base/Protection.cpp>


#endif


#include <Engine/Network/Web.h>


#include <TlHelp32.h>


#include <float.h>


#include <Ext_ipc_event.h> // IPC


ENGINE_API extern cWeb g_web;


extern ENGINE_API char *g_szExitError;

 

Thanks alot someone for that... you just cleared it for me... Now, about what Nikola said... The wasd moves are on NKSP.exe, as we can see here, the old nksp.exe source code doesnt call the wasd dll... till now... i mean, if i call it, it should work as a charm? no?

[CyberClaus]

You're better off writing a emu project. It would take you just as long to code hooks to be able to do this as it would to code a base for a emulator. Even if you were able to add in said features, the server files are still insecure and have tons of dupe methods in them (right now there is another gold dupe method that works on all EP1 servers). You could never run a official rate server off of these unless you re-wrote them. Which would take ten times longer in asm.

 

and you are probably right hunsolo, but im taking so much fun from this, that its just a hobbie and not a rush to own a gameserver. I started with knowing nothing, and i still dont know nothing XD, and im enjoying so much learning from this, i cant even describe it.

[someone]

WASD is in Engine.dll, not Nksp.exe, instead of injecting keyboard codes to the client its much simple to make the early EP2 client compatible, since some packets(inventory packets) are the the things that crashes the server.

 

What you posted looks like the libs that are included.

[CyberClaus]

yes they are the libs that are included... thats why i posted it... was thinking of include a movement lib... you think its possible? and i was not thinking of injecting, was thinking of rewriting it just calling the libs i need... what i posted is the source of nksp.exe

and your idea of maing the ep2 files compatible is not bad, i just dont know where to start... think that i may give it a try... whats the earlier version of the ep2? you have a link? Thanks.

And thanks again for your advice, you sparing me alot of work