Перейти к содержанию
Авторизация  
apTmusic

Engine.dll Или Authport.dll

Рекомендуемые сообщения

Нужна помощь в смене логин порта в Engine.dll на клиенте C6 Interlude.

;Lineage 2 authorization port changer, version 1.2b

;Copyleft (?) GoldFinch, 2008

;

;You may freely use, modify and distribute this code.

;

;Compile this file with fasm (http://flatassembler.net)

;===================== SETUPS ===========================

;pattern

virtual

use32

;- begin -

pushd 9015

;- end ---

load PATTERN dword from $$

end virtual

;================ MACRO DEFINITIONS =====================

;High-level-like imported api calls macro.

;Lite version with procedure calls and string constants with "\n" support.

macro IMPORTS [dll,funclist] {

common data import

forward dd 0,0,0,rva a#dll, rva v#dll

common dd 0,0,0,0,0

end data

forward v#dll: irp func,funclist \{

p\#func dd rva a\#func

macro func [line*] \\{common

match (arglist)tail,line* \\\{ push_r arglist \\\}

call [p\#func] \\} \}

dd 0

forward a#dll db `dll#".dll",0

irp func,funclist \{a\#func db 0,0,\`func,0\} }

macro push_r [arg] { reverse

if arg eqtype ""

call @f

local str

str db arg,0

@@: fix_str str,$-str

else

pushd arg

end if }

macro fix_str pStr,nLen {

repeat nLen-1

load w word from pStr+%-1

if w="\n"

store word 0x0D0A at pStr+%-1

end if

end repeat }

;==============================================

;Some console output macro (print and println)

macro __print text {

local size,str

push_r size,0,0

call @f

str db text

@@: size = $-str

fix_str str,size

WriteFile([stdout]) }

macro __printf format,[arglist] {

common wsprintfA(gMsgBuf,format,arglist)

local ..argcount

..argcount=0

forward ..argcount=..argcount+1

common add esp,8+..argcount*4

WriteFile([stdout],gMsgBuf,eax,0,0) }

macro print format,[arg] {common

if arg eq

__print format

else

__printf format,arg

end if }

macro println format,[arglist] {common print format#"\n",arglist}

;********************* PROGPAM CODE **************************************************

format PE console

section 'O_o' code readable executable writeable

IMPORTS KERNEL32, < GetStdHandle,WriteFile,ReadFile,CreateFileA,SetFilePointer,GetLastError,CopyFileA,LoadLibraryA,CloseHandle,\

FreeLibrary,DeleteFileA,ExitProcess>,\

USER32,

entry $

GetStdHandle(-11) ;STD_OUTPUT_HANDLE

mov [stdout],eax

GetStdHandle(-10) ;STD_INPUT_HANDLE

mov [stdin],eax

print "L2 authorization port changer version 1.2b\nCopyleft (?) GoldFinch, 2008\n\n"#\

"This program changes auth port number in engine.dll\nIt must be placed in lineage2\system folder\n"#\

"Enter '1' to proceed or nothing to terminate program: "

ReadFile([stdin],gMsgBuf,1024,nRead,0)

cmp byte[gMsgBuf],"1"

jne exit_err

;------------------------------------------------

;[1] Analyse file

print "Opening engine.dll ... "

CreateFileA("engine.dll",0xC0000000,1,0,3,0,0)

cmp eax,-1

jnz open_ok

GetLastError()

println "failed with error code = %#x",eax

jmp exit_err

open_ok:

mov [hFile],eax

println "OK"

;Get PE header offset

SetFilePointer([hFile],0x3C,0,0)

ReadFile([hFile],dwPE,4,nRead,0)

;Get entrypoint

mov eax,[dwPE]

add eax,0x28

SetFilePointer([hFile],eax,0,0)

ReadFile([hFile],Entrypoint,4,nRead,0)

;Check if file was patched

cmp [Entrypoint],4

jnz not_patched

;_______________________________________________

;File is already patched

println "WARNING: File is already patched";

;Get port value

SetFilePointer([hFile],port_value-__patch_data,0,0)

ReadFile([hFile],port_value,4,nRead,0)

println "Current port number is %d",[port_value]

;Ask new port value

call InputPortNumber

;Write new port value

SetFilePointer([hFile],port_value-__patch_data,0,0)

WriteFile([hFile],port_value,4,nWritten,0)

CloseHandle([hFile])

;Exit

println "Port number was changed.\n\nPress [Enter] to close log."

ReadFile([stdin],gMsgBuf,1,nRead,0) ;OR die ()

ExitProcess(0)

;_______________________________________________

;File is not patched

not_patched:

;Make a copy of file to load it

print "Creating temporary file engine.tmp ... "

CopyFileA("engine.dll","engine.tmp",0)

test eax,eax

jnz copy_ok

GetLastError()

println "failed with error code = %#x",eax

jmp exit_err

copy_ok:

println "OK"

;Load dll

print "Loading engine.tmp ... "

LoadLibraryA("engine.tmp")

test eax,eax

jnz load_ok

GetLastError()

println "failed with error code = %#x",eax

DeleteFileA("engine.tmp")

jmp exit_err

load_ok:

mov [hEngine],eax

println "OK"

;Get image size

mov eax,[hEngine]

add eax,[dwPE]

pushd [eax+0x50] ;SizeOfImage

popd [sizeOfImage]

;Find pattern

print "Looking for the pattern %#08x ... ",PATTERN

mov edi,[hEngine]

mov ecx,[sizeOfImage]

mov eax,PATTERN

cld

@@: repne scasb

test ecx,ecx

jz @f

cmp dword[edi-1],eax

jne @r

jmp _found

@@: println "not found. \n Base=%x, Size=%x",[hEngine],[sizeOfImage]

jmp exit_err

_found:

sub edi,[hEngine] ;get rva

println "OK, found at rva %#x",edi

add [port_delta],edi

;Ask port number

call InputPortNumber

;Change entrypoint

mov eax,[Entrypoint]

add [oep_rel],eax

mov [Entrypoint],4

mov eax,[dwPE]

add eax,0x28 ;Entrypoint

SetFilePointer([hFile],eax,0,0)

WriteFile([hFile],Entrypoint,4,nWritten,0)

;Write patch code

SetFilePointer([hFile],0,0,0)

WriteFile([hFile],__patch_data,__patch_size,nWritten,0)

println "%#x bytes was written.\nEngine.dll was patched with new auth port number.",[nWritten]

CloseHandle([hFile])

;Exit

println "\nNow this program will be terminated.\nYou can use it to change port number again.\n"#\

"Warning: probably, this program will crash now, it's normal for this version.\n\n"#\

"Press [Enter] to close log."

ReadFile([stdin],gMsgBuf,1,nRead,0)

FreeLibrary([hEngine])

DeleteFileA("engine.tmp")

ExitProcess(0)

;---------------------------

exit_err:

println "\nPress [Enter] to close log."

ReadFile([stdin],gMsgBuf,1,nRead,0)

ExitProcess(0)

;------------------

InputPortNumber: ;Asking a port number

print "Input new port number to patch or nothing to abort patching:\n-> "

ReadFile([stdin],gMsgBuf,10,nRead,0)

xor eax,eax ;for digits

xor edx,edx ;for a number

cld

mov esi,gMsgBuf

mov ecx,[nRead]

sub cl,2 ;strip CR,lF

jz exit_err ;lmp if empty line

str2dw_loo:

lodsb

imul edx,10

sub al,"0"

cmp al,9

ja exit_err ;jmp if not a number

add edx,eax

loop str2dw_loo

mov [port_value],edx

ret

;_____________________________________________

;Patch body

align 16

__patch_data:

dd "MZ"

;new entrypoint will be here

pushd [esp+0x0C] ;copy Dllmain arguments

pushd [esp+0x0C]

pushd [esp+0x0C]

;call themida "original" entry point

db 0xE8 ;"call rel32"

;Relative offset. Must be equal to (OEP RVA) - (ret_addr RVA)

oep_rel: dd -(ret_addr-__patch_data) ;= negative ret_addr RVA, add (OEP RVA) here

ret_addr: call __base

__base: pop edx ;get __base virtual address, rva=4

;in-memory patch

db 0xC7,0x82 ;mov dword[edx+imm32],imm32

;Patch place delta offset. Must be equal to (PortValue RVA) - (__base RVA)

port_delta dd -(__base-__patch_data) ;= negative __base RVA, add (PortValue RVA) here

port_value dd 0 ;rva 0x0C ;write desired port value here

ret 0x0C ;return to OS

__patch_size=$-__patch_data

;_____________________________________________

;Uninitialized data. Must be at end of section

dwPE dd ?

Entrypoint dd ?

SizeOfImage dd ?

;---------------

hFile dd ?

hEngine dd ?

;---------------

nRead dd ?

org $-4

nWritten dd ?

stdout dd ?

stdin dd ?

gMsgBuf db 1024 dup (?)

 

на вин7 не получилось скомпилировать.

а так же вместо "engine.dll", есть доп библиотека "authport.dll" но её над прикручивать к l2.exe, может у кого есть уже готовоя l2.exe с прекрученым authport.dll?

Поделиться сообщением


Ссылка на сообщение
Поделиться на другие сайты

/del тему, нашел решение..поздно восползивался поиском.

Поделиться сообщением


Ссылка на сообщение
Поделиться на другие сайты

Для публикации сообщений создайте учётную запись или авторизуйтесь

Вы должны быть пользователем, чтобы оставить комментарий

Создать учетную запись

Зарегистрируйте новую учётную запись в нашем сообществе. Это очень просто!

Регистрация нового пользователя

Войти

Уже есть аккаунт? Войти в систему.

Войти
Авторизация  

  • Последние посетители   0 пользователей онлайн

    Ни одного зарегистрированного пользователя не просматривает данную страницу

×
×
  • Создать...