Battlefield 1942 Secret Weapons of WWII Demo Crash

Posted: Sat Mar 10, 2012 9:08 pm
by username
I need someone who can help me with my server! it is someone crash the server all the time! is someone skilled and have the time to help me!

them crash all server in demo and will destroy the whole demo. there and allreday now its it olmsote no life at all there! besuce the guys crash them!

would appreciate any help I can get!

Posted: Sun Mar 11, 2012 12:35 pm
by tuia
I've tried patching the BF1942 Secret Weapons of WWII Demo server some months ago, while fixing the BF1942 and BFVietnam versions. I did manage to patch it against the 2 exploits, however, whenever I tried to connect to the patched server with an unchanged client executable, I couldn't enter it, because of the error: "Data differs from server". The server checks if the checksum of his server executable and the client executable connecting to it are the same. I disabled content check in the serversettings.con (game.ServerContentCheck 0) and still the same error. I could not find how to disable the check, so I did not publish the patches. I'll take a look once again to the server code.

Posted: Mon Mar 12, 2012 8:51 pm
by username
tuia wrote:Hi,
I've tried patching the BF1942 Secret Weapons of WWII Demo server some months ago, while fixing the BF1942 and BFVietnam versions. I did manage to patch it against the 2 exploits, however, whenever I tried to connect to the patched server with an unchanged client executable, I couldn't enter it, because of the error: "Data differs from server". The server checks if the checksum of his server executable and the client executable connecting to it are the same. I disabled content check in the serversettings.con (game.ServerContentCheck 0) and still the same error. I could not find how to disable the check, so I did not publish the patches. I'll take a look once again to the server code.

thank you very much. would appreciate any help I can get!
have you xfier so I can add you? if it is OK! send a pm to me your xfier!

Posted: Mon Mar 12, 2012 11:45 pm
by tuia
I've patched today the BF1942.exe against the game.createLocalPlayer exploit, had do it from scratch as I did not find my previous works. Still, I can't connect to the patched server with an unpatched client, the error message shows up: Data Differs from Server. The client can only connect to the server if the checksum of his BF1942.exe is the same as the server. :( I tried to to find in the code where to disable this check, but I couldn't find it, yet. I'll look more carefully at the code, tomorrow.
I do have a Xfire account, but I can't connect to it for weeks, because I've ruined my Windows. You can contact me through this board's PM.

Posted: Tue Mar 13, 2012 9:38 pm
by username
that was weird! what program do you use to create a server? test this BFServerManager thise version work in demo! might get a different result of the test with it! here is the link ... %20Manager

gratitude for all the help you Provide

Posted: Wed Mar 14, 2012 12:52 am
by tuia
I couldn't find today how to disable content check. I've placed the "game.serverContentCheck 0" in ServerSettings.con and it's always checking when connecting if the files BF1942.exe, objects.rfa and Hellendoorn.rfa are the same as the server. I'm guessing it's not possible to disable content check in Secret Weapons Demo. Only way, is changing the code, but I'm not sure what to change. I might be wrong, maybe you can find out how to.
I run a server through the command line: "BF1942.exe +restart 1 +dedicated 1 +hostserver 1". I didn't try running through BFServerManager, I'm almost sure it won't disable content check.
Anyway, I've edited the executable code and confirmed it's successfully patched against the 2 crash bugs. Here are the instructions:

Code: Select all

Battlefield 1942 Secret Weapons of WWII Demo v1.45 (original)
File:   BF1942.exe
MD5:   A113C7C9C021A2A8752562DBA2F3FFA6

  4975b2:	8b ce                	mov    ecx,esi
  4975b4:	e8 a7 76 01 00       	call   0x4aec60
  4975b9:	84 c0                	test   al,al
  4975bb:	0f 85 19 01 00 00    	jne    0x4976da
  50c7c3:	90 90 90 90 90 90    	nop
  50c7c9:	90 90 90 90 90 90    	nop
  50c7cf:	90                   	nop
  50c83d:	8b 0d 68 d8 c8 00    	mov    ecx,DWORD PTR ds:0xc8d868
  50c843:	33 d2                	xor    edx,edx
  50c845:	8a 53 0c             	mov    dl,BYTE PTR [ebx+0xc]
  50c848:	52                   	push   edx
  50c849:	e8 52 84 f9 ff       	call   0x4a4ca0
  50d397:	0f 84 74 09 00 00    	je     0x50dd11
  50d39d:	8b 70 10             	mov    esi,DWORD PTR [eax+0x10]
  50d3a0:	85 f6                	test   esi,esi
  50d3a2:	0f 84 69 09 00 00    	je     0x50dd11
  50d3a8:	8b ce                	mov    ecx,esi
  50d3aa:	e8 a1 bd 67 00       	call   0xb89150
  50d3af:	85 c0                	test   eax,eax
  50d3b1:	0f 84 5a 09 00 00    	je     0x50dd11
  50d3b7:	8b 7d 00             	mov    edi,DWORD PTR [ebp]
  50d3ba:	33 c9                	xor    ecx,ecx
  50d3bc:	8a 4b 0d             	mov    cl,BYTE PTR [ebx+0xd]
  50d3bf:	51                   	push   ecx
  50d3c0:	8b ce                	mov    ecx,esi
  50d3c2:	e8 89 bd 67 00       	call   0xb89150
  50d3c7:	50                   	push   eax
  50d3c8:	8b cd                	mov    ecx,ebp
  50d3ca:	ff 97 30 01 00 00    	call   DWORD PTR [edi+0x130]
  50d3d0:	e9 3c 09 00 00       	jmp    0x50dd11  

Code: Select all

Battlefield 1942 Secret Weapons of WWII Demo v1.45 (patched)
File:   BF1942.exe

  4975b2:	8b ce                	mov    ecx,esi
  4975b4:	e9 23 01 00 00       	jmp    0x4976dc   ; skip check of .dll files and Hellendoorn.rfa
  4975b9:	84 c0                	test   al,al
  4975bb:	0f 85 19 01 00 00    	jne    0x4976da
  50c7c3:	8a 4e 04             	mov    cl,DWORD PTR [esi+4]   ; get game event number
  50c7c6:	83 f9 01             	cmp    ecx,0x1   ; is it 2nd game event?
  50c7c9:	74 74                	je     0x50c83f   ; if yes, createPlayer
  50c7cb:	e9 41 15 00 00       	jmp    0x50dd11   ; if no, skip createPlayer
  50c83d:	eb 84                	jmp    0x50c7c3   ; detour to check game event number
  50c83f:	8a 4b 0c             	mov    cl,BYTE PTR [ebx+0xc]
  50c842:	51                   	push   ecx
  50c843:	8b 0d 68 d8 c8 00    	mov    ecx,DWORD PTR ds:0xc8d868
  50c849:	e8 52 84 f9 ff       	call   0x4a4ca0
  50d397:	74 27                	je     0x50d3c0
  50d399:	8b 70 10             	mov    esi,DWORD PTR [eax+0x10]
  50d39c:	85 f6                	test   esi,esi
  50d39e:	74 20                	je     0x50d3c0
  50d3a0:	89 f0                	mov    eax,esi
  50d3a2:	8b 40 04             	mov    eax,DWORD PTR [eax+4]
  50d3a5:	85 c0                	test   eax,eax
  50d3a7:	74 17                	je     0x50d3c0
  50d3a9:	8b 7d 00             	mov    edi,DWORD PTR [ebp]
  50d3ac:	33 c9                	xor    ecx,ecx
  50d3ae:	8a 4b 0d             	mov    cl,BYTE PTR [ebx+0xd]
  50d3b1:	83 f9 02             	cmp    ecx,2
  50d3b4:	77 0a                	ja     0x50d3c0
  50d3b6:	51                   	push   ecx
  50d3b7:	50                   	push   eax
  50d3b8:	8b cd                	mov    ecx,ebp
  50d3ba:	ff 97 30 01 00 00    	call   DWORD PTR [edi+0x130]
  50d3c0:	e9 4c 09 00 00       	jmp    0x50dd11
  50d3c5:	90 90 90 90 90 90    	nop
  50d3cb:	90 90 90 90 90 90    	nop
  50d3d1:	90 90 90 90          	nop
I've introduced also a skip to a function that checks if ASEHost.dll, GameSpyHost.dll, GameSpyJoin.dll and Hellendoorn.rfa are untouched at the start of the game. This idea was obtained from here:
Please note that, this is a work in progress as I've not been able remove the check of the BF1942.exe checksum.
You can download the patched executable and test it: -> MD5: 32303601F2B68966DD3860B9B1ED7255

Posted: Wed Mar 14, 2012 9:03 pm
by username
hey man! hrm! hehe I have the files you sent me how to install the patch? I get a message that the folder does not exist! so I add the mauelt! but then I get permison denied? in BFServerManager you can select content chake mode off, pure, unpure! wen u add it gives you a new serversettning.con file when you add it. and hrm agien what do i find MD5sum? or what is it? this is beyond my knowledge

thanks =)

Posted: Thu Mar 15, 2012 12:51 am
by tuia
You just need to overwrite your BF1942.exe in EA Games\Battlefield 1942 Secret Weapons of WWII Demo\ with the patched one from package. You should backup your original BF1942.exe as this patched executable, is incomplete, I haven't removed the check. You can put Content Check to Unpure, Pure or Off, it still checks.

Posted: Thu Mar 15, 2012 1:55 pm
by tuia
Good news, I've finished the patch today and it's working correctly, now. :) I've redirected the check to a BF1942.old file which is the untouched executable. This idea to redirect the check, was taken from the FAiRLiGHT patch to BF1942 retail version.
Download the patched executable: -> MD5: 32303601F2B68966DD3860B9B1ED7255

Posted: Thu Mar 15, 2012 9:26 pm
by username
tuia wrote:Good news, I've finished the patch today and it's working correctly, now. :) I've redirected the check to a BF1942.old file which is the untouched executable. This idea to redirect the check, was taken from the FAiRLiGHT patch to BF1942 retail version.
Download the patched executable: ... -> MD5: 0DCDD7A017F10B9E93800B67624495A8

man you are fantastic! thanks so much! We all thank you from the demo!