PDA

View Full Version : [APP] Halo 2 Vista XLiveless



Skarma
May 28th, 2009, 03:41 AM
Halo 2 Vista XLiveless
By: Skarma

Description:
Anti-debug protections are stripped and XLive is rendered useless, thus allowing developers to now easily analyze the Halo 2 for Windows Vista. You may only attach a debugger in single player mode, multi player is completely disabled! Source code is included, coded in C++ with MSVC++ Express 2008.

Usage:
Copy xlive.dll into the Halo 2 Vista directory, where halo2.exe is. Start the game!

Creds:
Listener, Rick, and Seemaan. I don't know any of them, but Listeners GTA IV wrapper helped me and props to me for reversing the rest of the exports and stripping unneeded ones.

Note: This app is only good to programmers and reverse engineers, everyone else will find this useless. PLEASE REPORT ANY BUGS!

Download Here (http://www.mediafire.com/file/nad2ugw0qgd/h2v_XLiveless.zip)

supersniper
May 28th, 2009, 02:30 PM
Holyshit, I would recommend posting this on all those other sites I listed k9dev.com allenthinks.com remnantmods.com etc

InnerGoat
May 28th, 2009, 02:36 PM
Nice!

=sw=warlord
May 28th, 2009, 03:53 PM
This looks awesome.
Just wondering are there any plans on making a tool to extract SP content such as bipeds and other tags?
I remember ghost and korn working on a tool set years ago which never really saw the light of day.

KIWIDOGGIE
May 28th, 2009, 05:27 PM
I like this. I found a way around it along time ago. But now I can finally do some assembly patching and camera researching.

To the generic user its worthless but to a dev. You get the idea.

I said this to Shock120 over aim. Quick Funny.


h2v says "wtf dud li3k s0m3 hax0r just st0l3 meh live nao wut??"

Pyong Kawaguchi
May 28th, 2009, 08:03 PM
Hmm, could this possibly lead to hamachi?

Skarma
May 28th, 2009, 10:46 PM
This looks awesome.
Just wondering are there any plans on making a tool to extract SP content such as bipeds and other tags?
I remember ghost and korn working on a tool set years ago which never really saw the light of day.Sure, I just recently started working on h2v and still working on reversing all the tag structures. I was never really into the modding scene, but it's really interesting stuff and fun as hell when dissecting everything and making use of it all. What exactly does 'extracting content' outline? Like, just output binary files of a maps entire tag structures? Like HMT? Sorry, I'm still virgin modder, these things need explained! :D


I like this. I found a way around it along time ago. But now I can finally do some assembly patching and camera researching.

To the generic user its worthless but to a dev. You get the idea.

I said this to Shock120 over aim. Quick Funny.How'd you manage that? Cuz, both xlive and halo2 modules call IsDebuggerPresent twice and check the debug port. This is most basic method to bypass, but once you get past that, there is a more advance anti-debug feature. Now don't quote me on this, because I am still learning about this stuff... I think h2v is debugging itself and setting random software breakpoints (usually int41). When a breakpoint is hit, the exception handler decides what to do from there. Since Halo is debugging itself and you also have a debugger attached, your debugger catches the breakpoint instead of Halo catching it. How Halo handles all this is still a mystery to me, but it has to do with the exception handler for sure. Not sure how you got past this, but good job!


Hmm, could this possibly lead to hamachi?What's dat?

Rook
May 28th, 2009, 11:13 PM
Hamachi = lan over internet.

I've only did it once over CE many years ago tho!

Skarma
May 29th, 2009, 12:28 AM
Yes, I'm sure that is all possible, but what leads to it not working with h2v like with any other game? Server just not show up for clients or you can see the server, you just can't join? Whats up?

Pyong Kawaguchi
May 29th, 2009, 12:05 PM
What it is, is that it won't even notice it.
I have a few theories:
1. H2v detects that a tunneling program (like hamachi) is running, and disables all lan in general
2. H2v doesn't detect the emulated network adapter that hamachi is running, and therefore the servers do not start
3. Windows live is using the 30ms check to see if someone is attempting to tunnel the network.

For no. 3, It turns out that for GTA4 pc that a trick/hack was made/found to bypass the 30ms limit, it could be if that was bypassed, it would work.

Talk to me if you are curious, I used to do a bit of h2v and H2x modding, so I know quite a bit.

You might wanna read up on some of the H2X documentation and plugins for H2X and see if there is anything there that would help you edit the tag structure.

Good luck.

=sw=warlord
May 29th, 2009, 01:29 PM
Sure, I just recently started working on h2v and still working on reversing all the tag structures. I was never really into the modding scene, but it's really interesting stuff and fun as hell when dissecting everything and making use of it all. What exactly does 'extracting content' outline? Like, just output binary files of a maps entire tag structures? Like HMT? Sorry, I'm still virgin modder, these things need explained! :D

What i mean by extracting content is output the tags in their native form much like HEK+ does for custom edition maps.
Im not entirely sure on the dev side of it but my understanding is the program reads the cache files determines the tag clusters and outputs the data to their basic tag form in the same arrangement they would be compiled into a cache form in the first place.

KIWIDOGGIE
June 2nd, 2009, 03:34 PM
both xlive and halo2 modules call IsDebuggerPresent twice and check the debug port. This is most basic method to bypass, but once you get past that, there is a more advance anti-debug feature.

You could use a built in plugin for OllyDBG to bypass the isDebuggerPresent. Also the Debug Port check is real easy to pass. Most of the other checks rely on that. Google around for the Battlefield 2: Debug Port Reset.

That is how you would bypass it. Also xliveless has been done for GTA4.

Also the H2EK is freaking useless for all getout.

Skarma
June 2nd, 2009, 10:41 PM
What i mean by extracting content is output the tags in their native form much like HEK+ does for custom edition maps.
Im not entirely sure on the dev side of it but my understanding is the program reads the cache files determines the tag clusters and outputs the data to their basic tag form in the same arrangement they would be compiled into a cache form in the first place.Not sure what native cache form encapsulates.. could you explain the format difference of this from a tag struct that is already in a map file? I know that the tags folder in HEK are all weird and have a weird format compared to what they are in the actual map file, I don't get why they do that. I just finished a tool that extracts all tags from a map into the respective paths, but they are the same format as they are in the map file, so idk how to get them into this "native form"... if anyone could explain how and WHY I can whip something out.


You could use a built in plugin for OllyDBG to bypass the isDebuggerPresent. Also the Debug Port check is real easy to pass. Most of the other checks rely on that. Google around for the Battlefield 2: Debug Port Reset.

That is how you would bypass it. Also xliveless has been done for GTA4.

Also the H2EK is freaking useless for all getout.Like I said the IsDebuggerPresent() check is basic and easy to bypass, but that doesn't help anything. There is more than that... their exception handler seems to do some sort of anti debug. And also as I said in my first post, I credited the guy who did the wrapper for gta4, because that's where I got the idea.. and someone already unlocked Guerilla at least for full functionality, which is helping me with tag reversing, so I'd say it's garbage with all the locked stuff. Thanks for re-posting what I already stated! :embarrassed:

=sw=warlord
June 3rd, 2009, 08:59 AM
Skarma: im not too sure on alot of things about coding but it could be you already have extracted the tags in their native form if you have extracted them into their directories, your best bet would be to contact kornman or theghost and see if they could give any pointers to you.
I am only decribing on tidbits i read from when HEK+ was released a few years back.

Pyong Kawaguchi
June 4th, 2009, 06:50 AM
I don't exactly know how to do this but, if I was in your position and I did, I would deconstruct the stock tool.exe and figure out how it compiles tags, and do the reverse.

Choking Victim
June 4th, 2009, 09:38 AM
I don't exactly know how to do this but, if I was in your position and I did, I would deconstruct the stock tool.exe and figure out how it compiles tags, and do the reverse.
Because it's just that easy, right?

ShadowSpartan
June 4th, 2009, 09:46 AM
Skarma: im not too sure on alot of things about coding but it could be you already have extracted the tags in their native form if you have extracted them into their directories, your best bet would be to contact kornman or theghost and see if they could give any pointers to you.
I am only decribing on tidbits i read from when HEK+ was released a few years back.
TheGhost did not work on Guerilla Radio, so he would be of no help. And I doubt Kornman would help him with it. Skarma has not extracted the tags into their "native" format, it sounds like the only thing he has done is save the tag data from the map file directly...which is really not that hard to do. Tag extraction is a lot more complicated than that, which is why only a few people have done tag extraction for H2V.


I don't exactly know how to do this but, if I was in your position and I did, I would deconstruct the stock tool.exe and figure out how it compiles tags, and do the reverse.
...it's not that easy.

supersniper
June 4th, 2009, 01:23 PM
steal the source from microsoft
:conspiracy:

but yeah it really isn't, i'm one of those people who read a tut on coding and was like woah wtf.

Skarma
June 5th, 2009, 02:50 PM
Well, thanks for paraphrasing what has already been said, now onto the why and how! As I said already, I'm still beginner with modding maps, so telling me how hard something is does not help at all, because everything has been a challenge so far, which I enjoy though else I wouldn't be trying.
I have not even gotten to reversing the tag data yet, I've just been focusing on extracting the tag data into files, so I can easily analyze it without calculating an offset every time I want to browse a tag in binary form. I was thinking of comparing the internal tag data to the tags that came with the H2 map editing tools to see what some of the differences might be. I could also reverse the functions used by the h2ek tools that manipulate the tag structures, not really that hard.
So, the purpose of changing the format of a tag to 'native form' is just so it can be used by the other tools in the h2ek? If so, why? Why can I not use the format that is already used by the map file to edit them with my own written tools? These are some answers I'm trying to get at, please help!

=sw=warlord
June 5th, 2009, 03:46 PM
As much as i would love to help you skarma what i've said is about all i know however im guessing shadowspartan there might know a thing or two and could give some usefull information.

Con
June 5th, 2009, 10:40 PM
Nice work, +rep

Syuusuke
June 5th, 2009, 10:44 PM
Well this is useful for me by allowing me to use Paulus' little "dev"trainer (LIVE will not crash halo 2 anymore).

teh lag
June 24th, 2009, 07:07 AM
meant to lock this

several months later

skarma pm'd me asking to reopen this for an update, so okay skarma here is your thread

Skarma
September 28th, 2009, 01:29 PM
meant to lock this

several months later

skarma pm'd me asking to reopen this for an update, so okay skarma here is your threadThank you so much man! I updated the broken download link. And shame on the tards that got my thread locked, thanks for deleting those posts.

Dwood
September 28th, 2009, 01:35 PM
Thank you so much man! I updated the broken download link. And shame on the tards that got my thread locked, thanks for deleting those posts.

You know if you created the thread you can lock and unlock them.

Skarma
September 28th, 2009, 02:27 PM
You know if you created the thread you can lock and unlock them.That would defeat the purpose of me asking teh lag to delete the irrelevant flame war posts that got this thread locked in the first place. I wasn't even sure I could unlock it since a moderator locked it. I couldn't even edit my post. Moderators are moderators for a reason, this is their job.

By the way, this is something you could have PM'ed me, instead of cluttering my thread with irrelevance to the topic, which got it closed the first time.

Kornman00
February 26th, 2011, 09:49 PM
Since this is related, I thought I'd note that I started work on a XLive wrapper (http://code.google.com/p/open-sauce/source/browse/#hg%2FOpenSauce%2FHalo2%2FXLive) in OpenSauce's codebase. Not that it's being used for anything in OS atm, I just thought it'd be a good inclusion for whatever the future may bring.

supersniper
February 27th, 2011, 03:27 AM
do you want the source to silent's xlive? or do you not need it?

Shock120
February 27th, 2011, 06:49 AM
do you want the source to silent's xlive? or do you not need it?No need, source already comes with the download file. :3

Patrickssj6
February 27th, 2011, 07:46 AM
place a retn at the mem check done xD

Skarma
February 27th, 2011, 06:52 PM
Does anyone have one of the xlive pdb's? I am not sure what version it was for.

Kornman00
February 27th, 2011, 07:14 PM
AFAIK, no developer has ever made the mistake of distributing a pdb for xlive with their game.

Skarma
February 27th, 2011, 08:00 PM
Rick, the guy who did the gta wrapper noted it in his blog: http://blog.gib.me/2008/12/16/hacking-grand-theft-auto-iv-part-ii/
Some devs make mistakes like this :]

Patrickssj6
February 27th, 2011, 08:26 PM
where did they get it from? no developer would be that stupid to bundle a 200mb file

Kornman00
February 27th, 2011, 11:44 PM
I too would like to know where they got the pdb. Not even my pockets go that deep. And 200mb sounds too big for a native pdb file.

e: wow, he really likes to flaunt the fact that he has that pdb file doesn't he?

Skarma
February 28th, 2011, 01:16 AM
Just like you, he is probably taking his pdb ehrm idb to the grave with him. ;]
If it was released with a version of xlive, golly jee you think it would be all over the internet by now.. being a reversers best friend and all. Oh well, just have to ask him about it I guess.

Patrickssj6
February 28th, 2011, 07:31 AM
And 200mb sounds too big for a native pdb file.


was thinking about idb there for a sec :S

oh btw Crisis 2 leaked has one