Editing conquer auth ip through dll injection

07/06/2011 18:34 tkblackbelt#1

Ok so I've been working on a proxy and been using nulls loader so far. I want to be able to redirect the client without using the loader. I messed around with the client through cheat engine and managed to redirect the client to my proxy, and I built a simple dll injector, and a dll in c++ that simply brings up a popup window. But I don't know were to go from there.

Would I just simple use a pointer to point to and change all address's that contain TQ's auth ip. Or do I have to use inline assembly?. Any advice and tips is appreciated :).

07/06/2011 19:47 phize#2

If you need to change a string in the memory, something like this should work:

Code:

DWORD oldProtect;
VirtualProtect((LPVOID)0x12345678, 16, PAGE_READWRITE, &oldProtect);

const char* new_ip = "127.0.0.1";
memcpy((void*)0x12345678, new_ip, strlen(new_ip) + 1);

VirtualProtect((LPVOID)0x12345678, 16, oldProtect, &oldProtect);

07/06/2011 23:21 tkblackbelt#3

Quote:
Originally Posted by Synsia
If you need to change a string in the memory, something like this should work:
Code:
DWORD oldProtect;
VirtualProtect((LPVOID)0x12345678, 16, PAGE_READWRITE, &oldProtect);

const char* new_ip = "127.0.0.1";
memcpy((void*)0x12345678, new_ip, strlen(new_ip) + 1);

VirtualProtect((LPVOID)0x12345678, 16, oldProtect, &oldProtect);

Thank you very much, that worked xD

07/13/2011 15:41 shitboi#4

errr, how is the IP found through CE?

Edit: Nvm, i asked the question without thinking. So by replacing all occurrences of proper server IPs, will the client be successfully directed to proxy? I know nothing about bot checks, i am a bit iffy about this.

07/13/2011 16:26 IAmHawtness#5

Just use Microsoft Detours

07/13/2011 16:40 shitboi#6

I looked through that thread. but i cannot understand it. lol.
I even looked through the similar threads about ms detour in other game sections.

07/13/2011 18:36 IAmHawtness#7

Quote:

Originally Posted by shitboi

I looked through that thread. but i cannot understand it. lol.
I even looked through the similar threads about ms detour in other game sections.

Using Detours is easy:

Include detours.h inside your project, find the function you wanna hook using

Code:

OriginalFunc = GetProcAddress(GetModuleHandle("TargetDLL.dll"), "TargetFunction))

Define your detoured function with the same signature as the original function, such as

Code:

int connect_Detoured(SOCKET s, const struct sockaddr *name, int namelen)
{
  //Change IP parameter here
}

Apply the detours using

Code:

DetourRestoreAfterWith()	
DetourTransactionBegin()
DetourUpdateThread(GetCurrentThread())

DetourAttach(OriginalFunc, DetouredFunc)

DetourTransactionCommit()

07/13/2011 19:36 shitboi#8

Cool. I'll mess around with it tonight.

07/14/2011 22:28 KraHen#9

Yep, I made a packet logger with that some time ago, it`s really easy to use, I can recommend it to everybody.