Server Help Forum Index Server Help
Community forums for Subgame, ASSS, and bots
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   StatisticsStatistics   RegisterRegister 
 ProfileProfile   Login to check your private messagesLogin to check your private messages   LoginLogin (SSL) 

Server Help | ASSS Wiki (0) | Shanky.com
Edited Continuum 0.40 client

 
Post new topic   Reply to topic Printable version
 View previous topic  Text-based LVL editor (lol) Post :: Post Command line lvl->bmp  View next topic  
Author Message
hellzlaker
Registered Cap Buster
Popping men in the ass since Oct 2005


Gender: NEVER ENOUGH!
Joined: Oct 27 2005
Posts: 34
Offline

PostPosted: Tue Jul 29, 2008 11:18 pm    Post subject: Edited Continuum 0.40 client Reply to topic Reply with quote

Continuum 0.40 hellzlaker version
---------------------------------

*This is just a quick thing I did I will see if I can edit more useful stuff.
*CONNECTS ONLY TO SSC ZONES.
*When you have to create a new account on SSC only e-mail is there (rest I taken out).
*Add/Remove Zones design changed.
*Splash screen changed.
*Spectator sign changed to a male genitalia.

Most of this is useless but i just did it for fun I'm trying make something usefull for it but so far i just did some changes, also connects only to SSC zones because i messed up something lol.

HOW TO INSTAL:
put menu040.dll, and menures.dll in you continuum directory




screen 5.PNG - 14.28 KB
File downloaded or viewed 1009 time(s)

screen 4.PNG - 15.54 KB
File downloaded or viewed 980 time(s)

Continuum hellz version.rar - 294.66 KB
File downloaded or viewed 73 time(s)


Last edited by hellzlaker on Wed Jul 30, 2008 11:51 am, edited 1 time in total
Back to top
View users profile Send private message Add User to Ignore List Send email AIM Address MSN Messenger
Hakaku
Server Help Squatter


Joined: Apr 07 2006
Posts: 299
Location: Canada
Offline

PostPosted: Wed Jul 30, 2008 1:11 am    Post subject: Reply to topic Reply with quote

I believe Doc Flabby had done this before; although he didn't want to share how he did it fearing that it's a potential way to exploit flaws.

Can you post a screenshot though? Let us know what else you can change.
Back to top
View users profile Send private message Add User to Ignore List Send email
Doc Flabby
Server Help Squatter


Joined: Feb 26 2006
Posts: 636
Offline

PostPosted: Wed Jul 30, 2008 5:24 am    Post subject: Reply to topic Reply with quote

I still distribute a patched version of continuum with the correct directory servers as default. This version has a patched version of menu040.dll.

Comparing the files, this version only has a modified menures.dll. This file contains all the resources for the menus and dialogs, but contains no code logic.

Also you can also change the splash screen by creating splash.bm2 and putting it in the graphics folder icon_smile.gif
_________________
Rediscover online gaming. Get Subspace | STF The future...prehaps
Back to top
View users profile Send private message Add User to Ignore List
k0zy
Server Help Squatter


Gender:Gender:Male
Joined: Jan 11 2003
Posts: 571
Location: Germany
Offline

PostPosted: Wed Jul 30, 2008 10:46 am    Post subject: Reply to topic Reply with quote

http://www.angusj.com/resourcehacker/
Enjoy.

Reminds me of the days I hacked all the dll files of windows to contain diffrent icons, so that it would look cool.

True Story:
We used a math program to solve equations in high school. It actually stored its registration data in a resource file. So you could just look the product key up with resourcehacker.
_________________
It's a shark! Oh my god! Unbelievable!
Back to top
View users profile Send private message Add User to Ignore List
hellzlaker
Registered Cap Buster
Popping men in the ass since Oct 2005


Gender: NEVER ENOUGH!
Joined: Oct 27 2005
Posts: 34
Offline

PostPosted: Wed Jul 30, 2008 11:42 am    Post subject: Reply to topic Reply with quote

Doc Flabby wrote:


Also you can also change the splash screen by creating splash.bm2 and putting it in the graphics folder icon_smile.gif
lol I never knew that.

Quote:
I still distribute a patched version of continuum with the correct directory servers as default. This version has a patched version of menu040.dll.

Comparing the files, this version only has a modified menures.dll. This file contains all the resources for the menus and dialogs, but contains no code logic.
I did modify menu040.dll also, in menures.dll there is only splash screen, and spectator sign, but in menu040.dll all other windows are there.

I'm going to try to debug it and dump it to see if I can actually change some code.








screen 3.PNG - 9.76 KB
File downloaded or viewed 32 time(s)

screen 2.PNG - 4.65 KB
File downloaded or viewed 33 time(s)

screen 1.PNG - 148.25 KB
File downloaded or viewed 27 time(s)
Back to top
View users profile Send private message Add User to Ignore List Send email AIM Address MSN Messenger
Snrrrub
Novice


Joined: May 29 2008
Posts: 37
Offline

PostPosted: Fri Aug 01, 2008 3:57 pm    Post subject: Reply to topic Reply with quote

While you're free to change the resources, you won't be able to modify the DLL's code. There's a check against a checksum in Continuum.exe. If you want to disable that check, you're going to have to modify Continuum.exe in addition to menu40.dll. Even if you manage to do all of that, you won't be able to log in to any zones because the executable checksum is sent to the server and the server rejects you if there's a mismatch.

-Snrrrub
Back to top
View users profile Send private message Add User to Ignore List
Doc Flabby
Server Help Squatter


Joined: Feb 26 2006
Posts: 636
Offline

PostPosted: Fri Aug 01, 2008 4:06 pm    Post subject: Reply to topic Reply with quote

Snrrrub wrote:
While you're free to change the resources, you won't be able to modify the DLL's code. There's a check against a checksum in Continuum.exe. If you want to disable that check, you're going to have to modify Continuum.exe in addition to menu40.dll. Even if you manage to do all of that, you won't be able to log in to any zones because the executable checksum is sent to the server and the server rejects you if there's a mismatch.

-Snrrrub

I'm not going to go into details on here (i can talk to you privately about it snrrrub however) but i have got around the protection on the menu040.dll code and altered it. I even made a patch to remove the size limit on wav files for macros for someone, however it didnt work as continuum has restrictions on length inbuilt.

My installer with patched menu040.dll
http://subspace2.net/Continuum040Setup-DocFlabby.exe
Back to top
View users profile Send private message Add User to Ignore List
Snrrrub
Novice


Joined: May 29 2008
Posts: 37
Offline

PostPosted: Fri Aug 01, 2008 6:10 pm    Post subject: Reply to topic Reply with quote

Ah, my mistake. I see how it works and I can confirm that, at the very least, it's possible to edit the .data and .rsrc sections of the DLL. I haven't tried modifying the .text section - it may be possible that the main executable is checking that but now that I think about it, there are a lot of indicators that suggest that it's *not* being checked.

Doc: to be honest, I'm surprised that PriitK didn't choose a better hash function. My assumption was that he would have done The Right Thing that would have made this kind of attack infeasible. Nice catch! I'll be sure to check before assuming strong security. icon_smile.gif

-Snrrrub
Back to top
View users profile Send private message Add User to Ignore List
hellzlaker
Registered Cap Buster
Popping men in the ass since Oct 2005


Gender: NEVER ENOUGH!
Joined: Oct 27 2005
Posts: 34
Offline

PostPosted: Sat Aug 02, 2008 1:36 am    Post subject: Reply to topic Reply with quote

continuum also has checksum to make sure u don't edit it with resource hacker, try it, you will get an error, I found a way of getting by it also, and it will work if I change the code...(at least I think)
Back to top
View users profile Send private message Add User to Ignore List Send email AIM Address MSN Messenger
tcsoccerman
Server Help Squatter


Age:29
Gender:Gender:Male
Joined: Jan 15 2007
Posts: 694
Location: Atlantis
Offline

PostPosted: Sat Aug 02, 2008 12:56 pm    Post subject: Reply to topic Reply with quote

so how do you edit .dll's?
Back to top
View users profile Send private message Add User to Ignore List Send email AIM Address
Samapico
No, these DO NOT look like penises, ok?


Joined: May 08 2003
Posts: 1252
Offline

PostPosted: Sat Aug 02, 2008 3:00 pm    Post subject: Reply to topic Reply with quote

ressource hackers and/or hex-editing programs, I suppose
_________________
(Insert a bunch of dead links here)
Back to top
View users profile Send private message Add User to Ignore List
Guest



Offline

PostPosted: Sat Aug 02, 2008 3:57 pm    Post subject: Reply to topic Reply with quote

Samapico wrote:
resource hackers and/or hex-editing programs, I suppose
Yea but if you try to run your edited version continuum will show up checksum errors saying the dll was modified if i get something useful out of it I'll post it
Back to top
Samapico
No, these DO NOT look like penises, ok?


Joined: May 08 2003
Posts: 1252
Offline

PostPosted: Sat Aug 02, 2008 8:21 pm    Post subject: Reply to topic Reply with quote

Nevermind what I said... I missed a few replies that had much wiser answers than mine tongue.gif
Back to top
View users profile Send private message Add User to Ignore List
hellzlaker
Registered Cap Buster
Popping men in the ass since Oct 2005


Gender: NEVER ENOUGH!
Joined: Oct 27 2005
Posts: 34
Offline

PostPosted: Mon Nov 17, 2008 8:22 pm    Post subject: Reply to topic Reply with quote

I pretty much learned allot more and found out that its very easy to edit continuum, or any dll's if you know assembly ... But so far i just got very useless/basic stuff like freezing the client, to speed hacks...

All you have to do is put menu040.dll and cont40hack.dll into your continuum folder and run continuum. A message box will pop up anyway explaining everything.

I attached the edited dll hacks below for who ever is too lazy to compile the code, but for who ever is interested in the code here...

EDIT: Also I attached unpacked continuum 0.40 client, it helps also who ever can't unpack it.

Code: Show/Hide
#include <windows.h>
#define AboutBox() MessageBox(NULL,"Made by hellzlaker@hotmail.com\n\nF1 - About box...\nF2 - Speed hack with messages (sucks)\nF3 - Speed hack without messages (good)\nF4 - Freeze\nF5 - Turn off Speed Hack/Freeze","About conthack40.dll",0);
#define gKey(a) if(GetAsyncKeyState(a))

DWORD OldProt;

DWORD SpeedAddr = 0x0042D1FA;
BYTE SpeedWithMSG[] = {0x89, 0x9E, 0x40, 0x5A, 0x00, 0x00};
BYTE SpeedWithoutMSG[] = {0x0f, 0x84, 0x66, 0xe9, 0xe9, 0x78};
BYTE Freeze[] = {0x89, 0xb6, 0x40, 0x5a, 0x00, 0x00};
BYTE NoSpeed[] = {0x89, 0xbe, 0x40, 0x5a, 0x00, 0x00};

void t()
{         
   while(1)
    {
      gKey(VK_F1)
        {
            AboutBox();
         Sleep(1000);
        }

      gKey(VK_F2)
      {
         VirtualProtect((void*)SpeedAddr, sizeof(SpeedWithMSG), PAGE_EXECUTE_READWRITE, &OldProt);
         memcpy((void*)SpeedAddr, (void*)&SpeedWithMSG, sizeof(SpeedWithMSG));
         VirtualProtect((void*)SpeedAddr, sizeof(SpeedWithMSG), OldProt, &OldProt);
      }

      gKey(VK_F3)
      {
         VirtualProtect((void*)SpeedAddr, sizeof(SpeedWithoutMSG), PAGE_EXECUTE_READWRITE, &OldProt);
         memcpy((void*)SpeedAddr, (void*)&SpeedWithoutMSG, sizeof(SpeedWithoutMSG));
         VirtualProtect((void*)SpeedAddr, sizeof(SpeedWithoutMSG), OldProt, &OldProt);
      }

      gKey(VK_F4)
      {
         VirtualProtect((void*)SpeedAddr, sizeof(Freeze), PAGE_EXECUTE_READWRITE, &OldProt);
         memcpy((void*)SpeedAddr, (void*)&Freeze, sizeof(Freeze));
         VirtualProtect((void*)SpeedAddr, sizeof(Freeze), OldProt, &OldProt);
      }

      gKey(VK_F5)
      {
         VirtualProtect((void*)SpeedAddr, sizeof(NoSpeed), PAGE_EXECUTE_READWRITE, &OldProt);
         memcpy((void*)SpeedAddr, (void*)&NoSpeed, sizeof(NoSpeed));
         VirtualProtect((void*)SpeedAddr, sizeof(NoSpeed), OldProt, &OldProt);
      }

    }   
}

extern "C"
{
    __declspec(dllexport) BOOL __stdcall DllMain(HINSTANCE hInst,DWORD reason,LPVOID lpv)
    {
        DisableThreadLibraryCalls(hInst);

        if(reason == DLL_PROCESS_ATTACH)
        {
         AboutBox();
            CreateThread(NULL,0,(LPTHREAD_START_ROUTINE)&t,0 ,NULL,NULL);
            return TRUE;
        }

        if(reason == DLL_PROCESS_DETACH)
        {
            ExitThread(0);
        }

        return true;
    }
}




unpacked 0.40 cleint

Continuum40_unpacked.rar - 782.92 KB
File downloaded or viewed 92 time(s)


Last edited by hellzlaker on Mon Nov 17, 2008 8:48 pm, edited 1 time in total
Back to top
View users profile Send private message Add User to Ignore List Send email AIM Address MSN Messenger
Bak
?ls -s
0 in


Age:22
Gender:Gender:Male
Joined: Jun 11 2004
Posts: 1826
Location: USA
Offline

PostPosted: Mon Nov 17, 2008 8:36 pm    Post subject: Reply to topic Reply with quote

why are you releasing speed hacks again?
_________________
SubSpace Discretion: A Third Generation SubSpace Client
Back to top
View users profile Send private message Add User to Ignore List AIM Address
hellzlaker
Registered Cap Buster
Popping men in the ass since Oct 2005


Gender: NEVER ENOUGH!
Joined: Oct 27 2005
Posts: 34
Offline

PostPosted: Mon Nov 17, 2008 8:51 pm    Post subject: Reply to topic Reply with quote

i removed the compiled dll and left just source but just showed how you can edit lots of things, all you have to do is look at unpacked continuum and because you can't really edit allot because of crc check's so I just made another dll and once continuum is started the dll would edit memory
Back to top
View users profile Send private message Add User to Ignore List Send email AIM Address MSN Messenger
Cheese
Wow Cheese is so helpful!


Joined: Mar 18 2007
Posts: 1017
Offline

PostPosted: Tue Nov 18, 2008 2:50 pm    Post subject: Reply to topic Reply with quote

because he doesnt want to return to SSC, ever
_________________
SSC Distension Owner
SSCU Trench Wars Developer
Back to top
View users profile Send private message Add User to Ignore List Visit posters website AIM Address
Display posts from previous:   
Post new topic   Reply to topic    Server Help Forum Index -> Misc User Apps All times are GMT - 5 Hours
Page 1 of 1

 
Jump to:  
You can post new topics in this forum
You can reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum
View online users | View Statistics | View Ignored List


Software by php BB © php BB Group
Server Load: 67 page(s) served in previous 5 minutes.

phpBB Created this page in 0.140884 seconds : 44 queries executed (62.0%): GZIP compression disabled