Welcome
Ladies and Gents:

These forums are now closed and registration disabled.

Please join us at our new forum on Proboards. Our hope is that these new forums are more stable, provide more and better features, and allow continuation of the project forums in a safer, more secure, long term environment.

me3explorer.proboards.com

--The ME3Explorer Team

Current Research: Network

Technical research related to the structure of Mass Effect game files.

Current Research: Network

Postby WarrantyVoider » 25 Jan 2013, 19:00

so this is a very deep hidden topic. So far I found out the they use "Blaze" networks as subsystem, connect to ea servers and seem to use ssl alot... this will get pretty hard to redirect for lan, but lets see what we can do. My idea is to intercept all packets, check them for me3 and redirect them to one of our own servers. I found the urls of the initial requested servers with wireshark:

1.reports.tools.gos.ea.com:443
2.gosredirector.ea.com


I got Pcap.Net for this. Here a little demo app to watch your tcp traffic in REAL TIME^^ funny to watch actually

Image

greetz WV
always backup your files!
mess with the best or die like the rest!
"I tried everything!" - "mkay, please list that..." ; please dont pm me for help, we have a help section

WarrantyVoider has been thanked by:
User avatar
WarrantyVoider
Emeritus
 
Posts: 2270
Joined: 22 Aug 2012, 11:33
Has thanked: 480 time
Have thanks: 626 time

Re: Current Research: Network

Postby WarrantyVoider » 26 Jan 2013, 01:24

here comes the next version that only shows mass effects traffic, even MP! and it has amazingly few packets to send in mp, weird...

http://www.mediafire.com/?pkp20p8b03hb46d

just run it, start mass effect and watch

greetz WV
always backup your files!
mess with the best or die like the rest!
"I tried everything!" - "mkay, please list that..." ; please dont pm me for help, we have a help section
User avatar
WarrantyVoider
Emeritus
 
Posts: 2270
Joined: 22 Aug 2012, 11:33
Has thanked: 480 time
Have thanks: 626 time

Re: Current Research: Network

Postby Eudaimonium » 26 Jan 2013, 13:18

I assume the final result will be similar to how Diablo III and other "obligatory internet connection" games get dealt with, basically host a fake server on your own PC and have the game connect to it, thinking it's connecting to actual server. Right?

In any event, give me a yell over Skype when doing some coding on that, I could really use some knowledge in networks.
One of few surviving members of species that actually loved Mass Effect endings.
User avatar
Eudaimonium
Emeritus
 
Posts: 299
Joined: 23 Aug 2012, 23:22
Has thanked: 17 time
Have thanks: 33 time

Re: Current Research: Network

Postby WarrantyVoider » 26 Jan 2013, 15:22

always backup your files!
mess with the best or die like the rest!
"I tried everything!" - "mkay, please list that..." ; please dont pm me for help, we have a help section
User avatar
WarrantyVoider
Emeritus
 
Posts: 2270
Joined: 22 Aug 2012, 11:33
Has thanked: 480 time
Have thanks: 626 time

Re: Current Research: Network

Postby WarrantyVoider » 23 May 2013, 13:01

they seem to use the "Blaze Networking" subsystem to host mp games in bf3 too, so I hope this guy releases some source code at some point, because its exactly what I tried to do: emulate the server! then host your own matches...

http://blog.nofate.me/

greetz
always backup your files!
mess with the best or die like the rest!
"I tried everything!" - "mkay, please list that..." ; please dont pm me for help, we have a help section
User avatar
WarrantyVoider
Emeritus
 
Posts: 2270
Joined: 22 Aug 2012, 11:33
Has thanked: 480 time
Have thanks: 626 time

Re: Current Research: Network

Postby WarrantyVoider » 03 Aug 2013, 12:25

please ignore
127.0.0.1:3216		-Origin local
159.153.235.32:9988 -Origin online
159.153.98.92 -proxy.novafusion.ea.com
159.153.103.28 -reports.tools.gos.ea.com


-you can play origin server if you bind port 3216 local before origin starts
-you can play online server if you add these urls to hosts file and redirect it locally

greetz WV
always backup your files!
mess with the best or die like the rest!
"I tried everything!" - "mkay, please list that..." ; please dont pm me for help, we have a help section
User avatar
WarrantyVoider
Emeritus
 
Posts: 2270
Joined: 22 Aug 2012, 11:33
Has thanked: 480 time
Have thanks: 626 time

Re: Current Research: Network

Postby TooCasual » 22 Sep 2013, 00:29

So...regarding the "origin server" things, this means you can play ME3MP in, essentially, a LAN scenario? No outside internet connection, set up all the rigs to connect to a specific host using hosts.txt or firewall redirects, and set up firewall blocks to prevent access to the EA IPs?

Just curious...this seems fascinating.
TooCasual
User
 
Posts: 7
Joined: 23 Jul 2013, 21:12
Has thanked: 3 time
Have thanks: 0 time

Re: Current Research: Network

Postby Renmiri » 23 Sep 2013, 05:56

Not sure, in any case, it might void your Origin account so I wouldn't try it ;)
Renmiri
Emeritus
 
Posts: 207
Joined: 31 Aug 2012, 20:42
Has thanked: 141 time
Have thanks: 37 time

Re: Current Research: Network

Postby WarrantyVoider » 29 Sep 2013, 00:03

Wrote a little tool today to intercept blaze's vsnzprintf function. its used for creating strings like debug messages... enjoy

Image

Download

get "Winject" tool and my dll from "Release" Subfolder. inject the dll with winject into a running me3 process and watch :D

greetz WV


PS: c++ code
Spoiler:
#include "stdafx.h"
#include "stdio.h"
#include <time.h>
#include <io.h>
#include <fcntl.h>
#include <detours.h>
#include <iostream>

int ADDRESS1; //0x00f02b20
unsigned char pattern[] = {0x56, 0x8B, 0x74, 0x24, 0x0C, 0x85, 0xF6, 0x75, 0x04, 0x33, 0xC0, 0x5E, 0xC3};

int __cdecl blaze_vsnzprintf(char *pBuffer, unsigned int uLength, const char *pFormat, ...)
{
va_list args;
va_start (args, pFormat);
int result;
if ( uLength )
{
result = vsnprintf(pBuffer, uLength, pFormat, args);
if ( result >= (signed int)uLength || result < 0 )
result = 0;
pBuffer[result] = 0;
}
else
{
result = 0;
}
printf("%s\n", pBuffer);
FILE* Log = NULL;
fopen_s ( &Log, "BLAZE.txt", "a+" );
fprintf (Log, pBuffer);
fclose ( Log );
return result;
}

static void OpenConsole()
{
int outHandle, errHandle, inHandle;
FILE *outFile, *errFile, *inFile;
AllocConsole();
CONSOLE_SCREEN_BUFFER_INFO coninfo;
GetConsoleScreenBufferInfo(GetStdHandle(STD_OUTPUT_HANDLE), &coninfo);
coninfo.dwSize.Y = 9999;
SetConsoleScreenBufferSize(GetStdHandle(STD_OUTPUT_HANDLE), coninfo.dwSize);

outHandle = _open_osfhandle((long)GetStdHandle(STD_OUTPUT_HANDLE), _O_TEXT);
errHandle = _open_osfhandle((long)GetStdHandle(STD_ERROR_HANDLE),_O_TEXT);
inHandle = _open_osfhandle((long)GetStdHandle(STD_INPUT_HANDLE),_O_TEXT );

outFile = _fdopen(outHandle, "w" );
errFile = _fdopen(errHandle, "w");
inFile = _fdopen(inHandle, "r");

*stdout = *outFile;
*stderr = *errFile;
*stdin = *inFile;

setvbuf( stdout, NULL, _IONBF, 0 );
setvbuf( stderr, NULL, _IONBF, 0 );
setvbuf( stdin, NULL, _IONBF, 0 );

std::ios::sync_with_stdio();

}

static void FindAddress()
{
ADDRESS1 = 0;
printf("Searching address...\n");
unsigned char * p = (unsigned char*)(0x401000);
for(int i = 0; i < 0xE00000; i ++)
{
if(p[0] == pattern[0] && p[1] == pattern[1])
{
bool Found = true;
for(int j = 0; j < 13; j++)
if(p[j] != pattern[j])
Found = false;
if(Found)
{
ADDRESS1 = (int)(p);
printf("Found Address @0x:%p\n", ADDRESS1);
break;
}
}
p++;
}
}

BOOL APIENTRY DllMain(HANDLE hModule, DWORD dwReason, LPVOID lpReserved)
{
switch (dwReason)
{
case DLL_PROCESS_ATTACH:
OpenConsole();
printf("Im in!^^...\n");
FindAddress();
if(ADDRESS1)
DetourFunction((PBYTE)ADDRESS1, (PBYTE)blaze_vsnzprintf);
else
printf("ADDRESS NOT FOUND!\n");
break;
}
return TRUE;
}
always backup your files!
mess with the best or die like the rest!
"I tried everything!" - "mkay, please list that..." ; please dont pm me for help, we have a help section
User avatar
WarrantyVoider
Emeritus
 
Posts: 2270
Joined: 22 Aug 2012, 11:33
Has thanked: 480 time
Have thanks: 626 time

Re: Current Research: Network

Postby Dzimi90 » 03 Nov 2013, 10:50

I just thought you'd like to know
http://blog.nofate.me/?p=131
User avatar
Dzimi90
User
 
Posts: 36
Joined: 25 Sep 2012, 10:18
Has thanked: 3 time
Have thanks: 7 time

Next

Return to Technical Research

Who is online

Users browsing this forum: No registered users and 0 guests

cron
suspicion-preferred