PDA

View Full Version : Accept cracked players



Mitch
3rd December 2013, 21:31
In the code below it intercepts the deny message that kicks cracked players and replaces it with accept.



void hook_ServerCommand( netadr_t from, msg_t *msg )
{
if (strncmp (msg->data,"˙˙˙˙ipAuthorize", 15) == 0)
{
if(strstr (msg->data, "deny") != NULL)
{
char d[100];
char * pch = strtok (msg->data, " ");

while(pch != NULL)
{
if(strcmp (pch, "deny") == 0)
strcpy (pch, "accept");

strcat (d, pch);
pch = strtok (NULL, " ");

if(pch != NULL)
strcat (d, " ");
}

msg->data = d;
printf("Data: %s\n", msg->data);
}
}

void (*SV_ConnectionlessPacket)( netadr_t from, msg_t * msg );
(*(int *)&SV_ConnectionlessPacket) = 0x0809594E;
return SV_ConnectionlessPacket(from, msg);
}

cracking_hook_call(0x08096126, (int)hook_ServerCommand);


(the code above works only for 1.3, other patches can be easily added)

YuriJurek
4th December 2013, 12:12
Hello there Mitch,

Just a few questions:
Does it allow cracked players to connect to the server but still have their normal guid?
How Do I compile the code?
And finally how Do I use it in practice?

Mitch
4th December 2013, 18:17
Hello there Mitch,

Just a few questions:
Does it allow cracked players to connect to the server but still have their normal guid?
How Do I compile the code?
And finally how Do I use it in practice?

You can find the code to compile here:
https://github.com/M-itch/libcod (my fork of libcod)

It works the same way as libcod, it needs to be preloaded. Normal players still have their guids, because my patch doesn't do anything to those players. For cracked players: they will have guid 0, but it is possible they will have a pb guid.

(Note: you do not need to modify your binary for the join timeout, but it is useful to have when the master server is down )

YuriJurek
4th December 2013, 18:25
Ok thank you for your answers, the last question was crap, I just wasn't thinking when I wrote that.

And one final thing, can you think of any possible way that would allow cracked and normal players to play with their normal guid but the cracked player would not get kicked?

Mitch
24th December 2013, 22:49
My latest version is available at: http://znation.nl/libcod

Changes:
https://github.com/M-itch/libcod/commit/40c2ceaeae1b67979d8a9134092f2b1b3a82c552
https://github.com/M-itch/libcod/commit/b1775983f24749b80ef005d646080559c30b74ed
https://github.com/M-itch/libcod/commit/2d7f29f862aa0b155015a06c2c4d959ed35ee6dc

But i am not sure if my latest modification fixes the bad command byte warning. I only tested it a little bit.

Edit: this version gives bad command byte. So it isn't recommended to use.

Mitch
1st January 2014, 13:10
I am currently trying this:


void hook_ServerCommand( netadr_t from, msg_t *msg )
{
if (strncmp (msg->data,"\xff\xff\xff\xffipAuthorize", 15) == 0)
{
char * pch = strstr (msg->data, "deny");

if(pch != NULL)
{
strncpy (pch,"demo",4); // replace 'deny' with 'demo' (now you need to set fs_restrict in cod to allow the deny players)
printf("%s\n", msg->data);
}
}

void (*SV_ConnectionlessPacket)( netadr_t from, msg_t * msg );
(*(int *)&SV_ConnectionlessPacket) = hook_ConnectionlessPacket;
return SV_ConnectionlessPacket(from, msg);
}


https://github.com/M-itch/libcod/commit/2439283a79bf8c4ef228259aef975ae48d8d4db8

From quake source code:


if ( !Q_stricmp( s, "demo" ) ) {
if ( Cvar_VariableValue( "fs_restrict" ) ) {
// a demo client connecting to a demo server
NET_OutOfBandPrint( NS_SERVER, svs.challenges[i].adr,
"challengeResponse %i", svs.challenges[i].challenge );
return;
}
// they are a demo client trying to connect to a real server
NET_OutOfBandPrint( NS_SERVER, svs.challenges[i].adr, "print\nServer is not a demo server\n" );
// clear the challenge record so it won't timeout and let them through
Com_Memset( &svs.challenges[i], 0, sizeof( svs.challenges[i] ) );
return;
}
if ( !Q_stricmp( s, "accept" ) ) {
NET_OutOfBandPrint( NS_SERVER, svs.challenges[i].adr,
"challengeResponse %i", svs.challenges[i].challenge );
return;
}


With fs_restrict 0
http://screenshot.xfire.com/s/129326682-4.jpg

Now it replaces 'fs_restrict' with 'sv_cracked'.

https://github.com/M-itch/libcod/commit/6eb982cbff5df36fccdb7016f4c7fb772f22acab



char * cracked = (char *)"sv_cracked";
memcpy((void *)(fsrestrict_ServerCommand+3), &cracked, 4);


Check in the hook if sv_cracked is 1 and then replace deny with demo. (works in latest commit)

https://github.com/M-itch/libcod/commit/2d12fd4c610be25b11bfa0b4b6b63807eaca66bf
(included support for 1.0 and 1.2)

New binaries are available at: http://znation.nl/libcod/

Mitch
29th March 2014, 17:56
Since a while libcod just returns accept when sv_cracked is 1. (i am hooking the call where it reads the state)



set sv_cracked "1"




char * hook_AuthorizeState( int arg )
{
char * s = Cmd_Argv(arg);

if ((CvarVariableValue == NULL || CvarVariableValue("sv_cracked") == 1) && strcmp (s, "deny") == 0)
return "accept";

return s;
}

#if COD_VERSION == COD2_1_0 || COD_VERSION == COD2_1_2 || COD_VERSION == COD2_1_3
cracking_hook_call(hook_AuthorizeState_call, (int)hook_AuthorizeState);
#endif


This is the safest and best way.