Page 1 of 7 123 ... LastLast
Results 1 to 10 of 62

Thread: HackBoy - a Client API for BoI

  1. #1
    Administrator
    Join Date
    May 2009
    Location
    Denmark
    Posts
    1,439

    HackBoy - a Client API for BoI

    [size=36pt]H A C K B O Y[/size]
    A cooperative Reverse Engineering project


    The aim of this project is not to become what GWCA became to GW, but rather to be about Open-Source cooperation and learning.
    Battle of the Immortals ain't the most interesting game on Earth, but it is great to reverse engineer as it features lots of the things you'll usually encounter in MMO's and is not too complicated. On top of that, even more debug strings have been left in the client than in GW, so you have a much easier time locating stuff, which puts you right into the action of debugging functions to understand their behaviour, analyzing structures/classes to pull out the data you want and so on.

    I believe there are many people out there who wish to get to know Reverse Engineering, maybe because they were inspired by what I and others achieved in GW, maybe because they simply don't know where to start. BoI is free, though a bit dull to play, it is perfectly suited for this project. On top of that, it was released fairly recently, and therefore the amount of previously published work is fairly limited.


    Interested? Read on about how to get started!

    BoI is free, made by Perfect World Entertainment and you can register and download the client from here: http://boi.perfectworld.com/

    When you've installed the client, updated it to the latest version and maybe logged on to create your first character, you're eager to fire up your debugger. Oh wait, you're new to this stuff

    My preferred debugger is OllyDbg - it's one of my favourite applications! http://ollydbg.de/
    Now, the BoI client is actually packed with the virtualizer VMProtect, which has a couple of anti-debug measures. Fear not, we shall overcome!

    Go down and download the attachment of this post. It's an OllyDbg plugin called StrongOD. Unpack it and put the .dll in your OllyDbg folder - now (re-)start Olly and hit Plugins->StrongOD->Options in the menu. Tick everything but "AutoUpdate" and restart Olly.
    BoI also makes use of a lot of exceptions and such, so we're gonna want to pass them directly to the client and not halt 'em at the debugger. Go to the menu, Options->Debugging Options. Click the tab "Exceptions" and tick everything but "INT3 breaks" and "Integer division by 0".
    Down at "Ignore also following custom exceptions or ranges" you need to also make a tick and press "Add Range". Type in "00000000" (8*0 without the quotes) in the upper input, "FFFFFFFF" (8*F without the quotes) in the lower and hit OK.

    You should be good to go: try loading BoI's Game.exe through OllyDbg (don't attach) - remember to press F9 whenever it pauses (it should do so twice, with a pop-up in-between asking whether you wish to analyze the game object. I choose not to, because it's like 60mb unpacked, takes ages and almost makes my laptop freeze. If your PC can handle it, I advice newbies to do it though, helps a bit).

    If I missed out on any instructions and you can't get it to work, please say so. I'm not used to instructing people on setting up Olly for BoI, and I only did it once myself, so

    Actually, just refer to this wonderful topic on ePvP: http://www.elitepvpers.de/forum/batt...-game-exe.html -- just the first part of course, since unpacking the BoI client is senseless... Don't bother with setting the System breakpoint as first pause though, it's ONLY for unpacking.
    On top of that, I have also patched my OllyDbg.exe with a hex editor to rename all the OllyDbg strings in the application.

    If you run 64bit, this will not work though. See what Patrickssj6 has to say to that:
    [quote author=Patrickssj6 link=topic=1701.msg26000#msg26000 date=1292285330]
    For x64 you need a x64 support plugin like (...) OllyAdvance[d]
    [/quote]
    Wadim who got it working on Win7 x64 says the following when asked though:
    Harboe: Do you also use OllyAdvanced?
    Wadim: no
    Wadim says you need a special version of the StrongOD Dll though
    Special version of StrongOD Dll: StrongOD Dll for 64bit
    And he uses the following settings: StrongOD settings for 64bit
    If your luck is out and you're trying OllyAdvanced, look at this screenshot though: Olly Advanced settings for 64bit


    The actual project

    Just like with GWCA, I chose to host the project at GoogleCode. But this time around, the nature of the project is far more open-minded and should you wish to be added to the project member list so you can directly contribute, I will do so if you show yourself able to work in this kind of environment. What I mean is, you need to be able to contribute without requiring me to clean up after you because you do not obey to the standards of the project. If you aren't certain you can do this, simply contribute with SVN patches or by posting your work in snippets so we can add it to the project by ourselves.

    Project URL: http://hackboy.googlecode.com/


    Now, I'll pray (not to a god, though) that anyone actually cares....
    Attached Files Attached Files


  2. #2
    Senior Member
    Join Date
    Apr 2009
    Posts
    412

    Re: HackBoy - a Client API for BoI

    hm i tried this few weeks ago with the epvp tut.

    the proc will be termineted all the time.

    win7 64bit


  3. #3
    Administrator
    Join Date
    May 2009
    Location
    Denmark
    Posts
    1,439

    Re: HackBoy - a Client API for BoI

    [quote author=kknb link=topic=1701.msg25996#msg25996 date=1292283594]
    hm i tried this a few weeks ago with the epvp tut.

    the proc will be termineted all the time.

    win7 64bit


    [/quote]
    Have you tried patching your OllyDbg.exe? And did you remember to change the name stuff in Ollydbg.ini?

    Here's my patched OllyDbg: http://harboe.gamerevision.com/ollydbg.exe


  4. #4
    Senior Member
    Join Date
    Apr 2009
    Posts
    412

    Re: HackBoy - a Client API for BoI

    jep replaced the strings with a hex editor and edited the the ini file.
    same problem with your exe.

    i think i try install boi on my vm with xp 32bit.

  5. #5
    Still rollin' GoldCoin's Avatar
    Join Date
    Jul 2009
    Location
    Neverland
    Posts
    490

    Re: HackBoy - a Client API for BoI

    Great idea, I'm gonna check this out the next days.
    They say it can't be done? We ain't never not done it yet, have we?

  6. #6
    Senior Member
    Join Date
    Feb 2010
    Location
    Ostwestfalen
    Posts
    433

    Re: HackBoy - a Client API for BoI

    For x64 you need a x64 support plugin like Phantom64 or OllyAdvance

  7. #7
    Senior Member gotmilk's Avatar
    Join Date
    Apr 2010
    Posts
    455

    Re: HackBoy - a Client API for BoI

    Looks like a great way for those of us (like myself xD) who don't have any reversing experience to do some learning before GW2 comes out. Thanks harboe!
    Moo

  8. #8
    Administrator
    Join Date
    May 2009
    Location
    Denmark
    Posts
    1,439

    Re: HackBoy - a Client API for BoI

    There's always progress: http://code.google.com/p/hackboy/source/detail?r=23
    Even though I'm almost working at the slowest pace I can achieve, I feel I need to halt to let others get a chance A lot of the easy stuff has already been done, but there are HUGE parts missing. Let me just list some of them:

    - Item handling (there are only 2 functions in HackBoy's CBag namespace atm)
    - Quests (nothing done at all yet)
    - Player enumeration (though we can get lots of info on individual agents already, we severely lack the ability to loop through them all! I can tell that it will require debugging a certain function and analyzing the data structure of the CPlayerMgr class)
    - NPC interaction (nothing done)
    - Picking up loot
    - The skill bar (albeit not necessary to make automated bots, it will make it a lot easier, since bots would be able to skip setting up that part)
    - Party'ing
    - Possible hacks

    Just a few things that sprang to my mind!


  9. #9
    cargo loader
    Guest

    Re: HackBoy - a Client API for BoI

    So this is about Reverse Engeneering some random game and up/downloading code to learn from each other?

  10. #10
    Administrator
    Join Date
    May 2009
    Location
    Denmark
    Posts
    1,439

    Re: HackBoy - a Client API for BoI

    [quote author=cargo loader link=topic=1701.msg26024#msg26024 date=1292334633]
    So this is about Reverse Engeneering some random game and up/downloading code to learn from each other?
    [/quote]
    Basically, yes. It's a game not too hard to RE, so good for beginners ... and others, like me, who simply enjoy it

    And by having a goal (a GWCA-like API) it's easier to find out what you can work on.


Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •