BF1942 Demo Server Crashes

Re: BF1942 Demo Server Crashes

Postby moodiscreet » Tue Aug 02, 2011 10:50 pm

Hello everyone, we runs windows 2003 version of BF 1.6 (its 1.619) is there eventually patch for our version ?

Thanks people and greetz to BF community !
moodiscreet
 
Posts: 2
Joined: Mon Aug 01, 2011 10:53 pm

Re: BF1942 Demo Server Crashes

Postby dierighty » Wed Aug 03, 2011 7:41 pm

Here is the modification of the patch for the older 1.6v windows version of BF1942_w32ded.exe.

Detour:
Original:
Code: Select all
Virtual_Addr File_Offset Bytes  Instruction
0045A50F     0005A50F    8B 10  mov edx,[eax]
Modified
Virtual_Addr File_Offset Bytes  Instruction
0045A50f     0005A50f    EB 82  jmp


Comparison:
Original:
Code: Select all
Virtual_Addr File_Offset Bytes                                  Instruction
0045A493     0005A493    90 90 90 90 90 90 90 90 90 90 90 90    nop
Modified:
Virtual_Addr File_Offset Bytes    Instruction
0045A493     0005A493    8B 10    mov edx,[eax]
0045A495     0005A495    8B 4F 04 mov ecx,[edi+4] ;get the event sequence
0045A498     0005A498    83 F9 01 cmp ecx,1
0045A49B     0005A49B    74 74    je 0045a511
0045A49D     0005A49D    EB 4C    jmp 0045a4eb

//The offsets are just off by 0x20 from later versions of the .exe
dierighty
 
Posts: 11
Joined: Fri Jul 29, 2011 5:38 pm

Re: BF1942 Demo Server Crashes

Postby motoko » Wed Aug 03, 2011 11:09 pm

Sorry to be a bother, but how would Battlefield Vietnam look like? And also, what is the difference from Linux to Windows?
User avatar
motoko
 
Posts: 217
Joined: Sun Nov 21, 2010 8:43 pm
Location: Dante's 6th Pit of Hell

Re: BF1942 Demo Server Crashes

Postby ldrhavoc » Mon Aug 29, 2011 9:42 pm

I will pay someone to code me a nam 1.2 fix and a 1.6 windows 2008 fix will someone out there help?
ldrhavoc
 
Posts: 3
Joined: Sat Nov 06, 2010 6:01 pm

Re: BF1942 Demo Server Crashes

Postby dierighty » Sat Sep 03, 2011 4:06 pm

The .text section for the dynamic 1.61 is different, as indicated by the result from the readelf command:
From readelf -S bf1942_lnxded.dynamic:
Code: Select all
Section Headers:
  [Nr] Name              Type            Addr     Off    Size   ES Flg Lk Inf Al
  [12] .text             PROGBITS        08052ab0 00aab0 611480 00  AX  0   0 16


Here are the modifications to be made for the dynamic executable:
detour, original bytes:
Code: Select all
VirtualAddr FileOffset Original_Instruction_Bytes     Instructions
0813cd87    F4D87   B8 00 00 00 00                 mov eax,0                   
0813cd8c    F4D8C   8B 5D 10                       mov ebx,[ebp+0x10]     ;get address of the game event obj

detour, modified bytes:
Code: Select all
VirtualAddr FileOffset Modified_Instruction_Bytes     Instructions
0813cd87    F4D87   8B 5D 10                       mov ebx,[ebp+0x10]    ;get address of the game event obj
0813cd8a    F4D8A   EB 89                          jmp 0813cd15          ;jump to the comparison
0813cd8c    F4D8C   31 C0                          xor eax,eax
0813cd8e    F4D8E   90                               nop


Comparison, original bytes:
Code: Select all
VirtualAddr FileOffset Original_Instruction_Bytes     Instructions
0813cd15    F4D15   00 00 00 00 8D BC 27 00 00 00  ;padding

Comparison, modified bytes:
Code: Select all
VirtualAddr FileOffset Modified_Instruction_Bytes     Instructions
0813cd15    F4D15       8B 73 04  mov esi,dword ptr[ebx+4]
0813cd18    F4D18       83 fe 01  cmp esi,1
0813cd1b    F4D1B       74 6F     je 0813cd8c
0813cd1d    F4D1D       EB 5B     jmp 0813cd7a
dierighty
 
Posts: 11
Joined: Fri Jul 29, 2011 5:38 pm

Re: BF1942 Demo Server Crashes

Postby Senshi » Sat Sep 03, 2011 6:27 pm

Once again, a huge thank you for your effort. If you or someone else could provide a "fixed exe" for WIN OS as well, we'd have the complete set available and could spread that pack to server admins. Maybe even get it posted on some of the BF news sites (I'd go and file it with bfgames.net, largest german BF news site).
User avatar
Senshi
 
Posts: 695
Joined: Sun Oct 18, 2009 1:14 pm
Location: Germany

Re: BF1942 Demo Server Crashes

Postby Android » Tue Sep 06, 2011 11:03 pm

Could someone please post the modifications, or better, the premodded .static file for Battlefield 1942 v1.6 Full Server [Linux] RC2

Or did I miss the link for that one somewhere above?

Thanks again you guys, you do excellent work that will help keep this game alive.
Android
 
Posts: 5
Joined: Fri Aug 06, 2010 3:30 am

Re: BF1942 Demo Server Crashes

Postby Senshi » Wed Sep 14, 2011 7:20 am

First of all, welcome :) .

The problem is that there is no fixed executable for the Wake demo? Maybe dierighty can take a look that the exec there as well and figure out the correct hex parts to change as well.
User avatar
Senshi
 
Posts: 695
Joined: Sun Oct 18, 2009 1:14 pm
Location: Germany

Re: BF1942 Demo Server Crashes

Postby Jeronimo » Wed Sep 14, 2011 5:57 pm

Like Senshi said, let's hope dierighty can come up with another fix for the wake demo, too.
Apart from that, I think that this community isn't the right place to discuss these "disagreements" there are between you guys. It's a fact that this exploit has been used by many people out there, on many different servers, and I think everybody here is able to decide for himself what to do against it and who to "blame", which makes this discussion unnecessary.
Image
Jeronimo
 
Posts: 196
Joined: Sun Dec 27, 2009 8:55 pm
Location: Germany

Re: BF1942 Demo Server Crashes

Postby dierighty » Thu Sep 15, 2011 1:11 am

Modification for the BF1942Demo.exe version 1.0

1. Modify before func.00485583
Code: Select all
Offset Original      Modified Instructions               comments
85583  90 90 90      8B 45 04 mov eax,dword ptr[ebp+0x4] ;get the event #
85586  90 90 90      83 F8 01 cmp eax,1                  ;is this createPlayer event at the expected event #?
85589  90 90         74 05    je 00485590
8558B  90 90         EB 29    jmp 004855b6

2. Modify after func.00485583
Code: Select all
Offset Original            Modified    Instructions comments
855b6  90 90 90 90 90      68 A0DB6200 push 0062dba0
855bb  90 90 90            c2 0800     retn 8

3. Modify func.00485583
Code: Select all
Offset Original_Bytes      Modified_Bytes Instructions comments
22d4cb E8 c0 80 E5 FF      E8 B380E5FF    call func.00485583


/*
The padding of byte 90's between the functions in the demo was too small to fit the comparison instructions. A new way was needed
to check the event sequence #.
There was however enough room for a comparison around the call to func.00485583 in the handleGameEventManagerEvent() function.
*/
dierighty
 
Posts: 11
Joined: Fri Jul 29, 2011 5:38 pm

PreviousNext

Return to Battlefield server and client

Who is online

Users browsing this forum: No registered users and 10 guests

cron