Luigi Auriemma

aluigi.org (ARCHIVE-ONLY FORUM!)
It is currently 19 Jul 2012 14:52

All times are UTC [ DST ]





Forum locked This topic is locked, you cannot edit posts or make further replies.  [ 22 posts ] 
Author Message
 Post subject: sendto lagger
PostPosted: 03 May 2009 11:31 

Joined: 13 Aug 2007 21:44
Posts: 4068
Location: http://aluigi.org
an user asked me if was possible to create a proxocket plugin for delaying the sending of the own packets, for example (in case of a game) to have slower movements and so being harder to hit.
I was curious and using some simple tempory buffers (32 by default) and a very very very basic solution seems to work.
maybe it's for interest to someone for curiosity, the plugin is attached.

note that the only test I have made has been a basic test in lan with quake 3.


Attachments:
sendto_lagger.zip [3.02 KiB]
Downloaded 408 times
Top
 Profile  
 
 
 Post subject: Re: sendto lagger
PostPosted: 03 May 2009 12:52 

Joined: 03 May 2009 04:22
Posts: 33
In fact movements are not slower.

Instead of sending packets in a normal way and making a continuous flow, packet must be sent in discontinuing way.

So if you make 2 movements to the right side, this 2 movements will be displayed to the other guys at the same time. They see you moving very fastly: you are warping and are difficult to hit.

Anti-lagg is flowed and this is a way to fool its hit calculation.

i had this idea because i see many player beeing warpy. their outgoing net flow is not regular. and stuff like routers which control the packets can cause this iregular outgoing packets flaw.

We can hook the sendto function or make a proxy.


Top
 Profile  
 
 Post subject: Re: sendto lagger
PostPosted: 03 May 2009 13:05 

Joined: 13 Aug 2007 21:44
Posts: 4068
Location: http://aluigi.org
that's exactly what is done by that plugin:
- collect 32 packets without sending them
- when the 32th is reached send all the 32 packets together at the same time
(note if you want to change the rule of the 32 packets without recompiling the plugin it's enough to modify the byte 0x1f at offset 0x688)

so yes, the visual effect for the other players is like a player which stays blocked for some milliseconds and then do all the rest of the movements immediately.

it's a proxocket plugin which means that it's enough to put myproxocket.dll in the same folder of the game's executable and with the ws2_32.dll file located in the proxocket package: http://aluigi.org/mytoolz.htm#proxocket
so for recompiling the source it's enough to compile myproxocket.c as dll (example: gcc -shared -o myproxocket.dll myproxocket.c), that's all


Top
 Profile  
 
 Post subject: Re: sendto lagger
PostPosted: 03 May 2009 13:27 

Joined: 03 May 2009 04:22
Posts: 33
aluigi wrote:
it's a proxocket plugin which means that it's enough to put myproxocket.dll in the same folder of the game's executable and with the ws2_32.dll file located in the proxocket package: http://aluigi.org/mytoolz.htm#proxocket

i'am going to test it
thank you.


Top
 Profile  
 
 Post subject: Re: sendto lagger
PostPosted: 03 May 2009 14:06 

Joined: 03 May 2009 04:22
Posts: 33
I tested it and it works. But 32 pakets is too much. So i'am going to edit the dll file with a hexaeditor. And what is ???0x1f???. Is it hexa? 32!=0x1f
I would like to reduce it to 3 packets.

And i would like to know why the game load this dll while it???s a pure server????

Edit: the game kicks me because of the punkbuster heartbeat.


Top
 Profile  
 
 Post subject: Re: sendto lagger
PostPosted: 03 May 2009 14:13 

Joined: 13 Aug 2007 21:44
Posts: 4068
Location: http://aluigi.org
0x1f is the hex value of 31.
in the dll it's used 31 instead of 32 because the compiler performs a minor/equal comparison instead of the minor one, so if you want to use 3 you must place a 2 where is located 1F

the dll is loaded by ws2_32.dll which is loaded by the game.
if you want to make a local test (client and server on the same computer) you must first launch the server without haing ws2_32.dll in the folder, when the server is running add ws2_32.dll and myproxocket.dll in the folder and launch the client.


Top
 Profile  
 
 Post subject: Re: sendto lagger
PostPosted: 03 May 2009 14:24 

Joined: 03 May 2009 04:22
Posts: 33
aluigi wrote:
0x1f is the hex value of 31.
in the dll it's used 31 instead of 32 because the compiler performs a minor/equal comparison instead of the minor one, so if you want to use 3 you must place a 2 where is located 1F

ok

aluigi wrote:
the dll is loaded by ws2_32.dll which is loaded by the game.

But why does the game load ws2_32.dll ?

aluigi wrote:
if you want to make a local test (client and server on the same computer) you must first launch the server without haing ws2_32.dll in the folder, when the server is running add ws2_32.dll and myproxocket.dll in the folder and launch the client.

I'am testing it on a remote server but i get kicked by punkbuster because it seems the appli deals with the punbuster's packets too while he should not in this case.

How can i manage to not handle the punkbuster's packets ?


Top
 Profile  
 
 Post subject: Re: sendto lagger
PostPosted: 03 May 2009 15:10 

Joined: 13 Aug 2007 21:44
Posts: 4068
Location: http://aluigi.org
the game loads ws2_32.dll because it's linked to that dll used for handling the winsock functions.
by default (on Vista this changes a bit) any Windows program searches the dlls to which it's linked into the same folder, then if they are not found there it search them in the Windows folder and so on.
it's described in detail here: http://msdn.microsoft.com/en-us/library/ms682586(VS.85).aspx

uhmmm it's strange that it handles also the pb packets because they start with the usual "ff ff ff ff" sign and so "theoretically" should exist no problems with them (when a similar packet is received it and the next 9 aren't "lagged").


Top
 Profile  
 
 Post subject: Re: sendto lagger
PostPosted: 03 May 2009 15:35 

Joined: 03 May 2009 04:22
Posts: 33
thank you again.

What does means "punkbuster heartbeats stoped" ?


Top
 Profile  
 
 Post subject: Re: sendto lagger
PostPosted: 03 May 2009 15:44 

Joined: 13 Aug 2007 21:44
Posts: 4068
Location: http://aluigi.org
"heartbeat" is a term generally used for servers and it's that keep-alive packet sent to the master server to tell it that the server is up and running (so the master server can include it in the online servers list).

in this case I guess it's just referred to a generic keep-alive packet, although I don't see why a small delay in the sending of the packets can affect punkbuster (but I don't know much about pb so I can't say much).


Top
 Profile  
 
 Post subject: Re: sendto lagger
PostPosted: 03 May 2009 16:08 

Joined: 03 May 2009 04:22
Posts: 33
I was wondering the same. Heartbeat is not stoped but just delayed for a very short period.


Top
 Profile  
 
 Post subject: Re: sendto lagger
PostPosted: 21 Jul 2009 17:34 

Joined: 03 May 2009 04:22
Posts: 33
Can you please tell me where in the code it's asked to the prog to use mysendto ... ?

Quote:
/*
by Luigi Auriemma
*/

#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <winsock.h>
#include <windows.h>



static HMODULE wsock = NULL;
static WINAPI int (*real_sendto)(SOCKET s, char *tbuf, int len, int flags, const struct sockaddr *to, int tolen) = NULL;



void init_myproxocket(void) { // in this example I use this function for loading the real sockets function in case we want to use them
char winpath[MAX_PATH];

if(wsock) return;

GetSystemDirectory(winpath, sizeof(winpath));
strcat(winpath, "\\ws2_32.dll");

wsock = LoadLibrary(winpath);
if(!wsock) return;

real_sendto = (void *)GetProcAddress(wsock, "sendto");
}



void free_myproxocket(void) {
if(wsock) {
FreeLibrary(wsock);
wsock = NULL;
}
}



int mysendto(SOCKET s, u_char **retbuf, int len, int flags, const struct sockaddr *to, int tolen) {
u_char *buf = *retbuf; // do NOT touch this

#define MAXSKIPS 10 // some initial packets to skip from the backbuff operations
#define MAXBACKS 32 // number of packets to store and then send together at the same time
typedef struct {
u_char *pck;
int len;
int maxlen;
} backbuff_t;

static int backs = 0;
static int skips = 0;
static backbuff_t backbuff[MAXBACKS] = {{NULL,0,0}};
int i;

if((len >= 4) && !memcmp(buf, "\xff\xff\xff\xff", 4)) { // example for the Quake 3 engine
skips = 0;
} else if(skips < MAXSKIPS) {
skips++;
} else {
if(backs < MAXBACKS) { // quick example solution
if(len > backbuff[backs].maxlen) {
backbuff[backs].pck = realloc(backbuff[backs].pck, len);
backbuff[backs].maxlen = len;
}
memcpy(backbuff[backs].pck, buf, len);
backbuff[backs].len = len;
backs++;
} else {
for(i = 0; i < backs; i++) {
real_sendto(s, backbuff[i].pck, backbuff[i].len, flags, to, tolen);
}
backs = 0;
}
len = 0;
}

*retbuf = buf; // do NOT touch this
return(len);
}



BOOL WINAPI DllMain(HINSTANCE hinstDLL, DWORD fdwReason, LPVOID lpReserved) {
switch(fdwReason) {
case DLL_PROCESS_ATTACH: {
DisableThreadLibraryCalls(hinstDLL);
init_myproxocket(); // put your init here
break;
}
case DLL_PROCESS_DETACH: {
free_myproxocket(); // put anything to free here
break;
}
default: break;
}
return(TRUE);
}


Top
 Profile  
 
 Post subject: Re: sendto lagger
PostPosted: 21 Jul 2009 18:28 

Joined: 03 May 2009 04:22
Posts: 33
a respons please?


Top
 Profile  
 
 Post subject: Re: sendto lagger
PostPosted: 21 Jul 2009 19:13 

Joined: 13 Aug 2007 21:44
Posts: 4068
Location: http://aluigi.org
mysendto is used before the real send.
it's proxocket (ws2_32.dll/wsock32.dll) which calls it


Top
 Profile  
 
 Post subject: Re: sendto lagger
PostPosted: 21 Jul 2009 19:20 

Joined: 03 May 2009 04:22
Posts: 33
ok, thank you, and excuse me if i but i dont understdand all this proxy tchnic and i whish to.
i did it whit a detour and it works fine, but PB kicks for "disalowed program driver".


Top
 Profile  
 
 Post subject: Re: sendto lagger
PostPosted: 22 Jul 2009 02:23 

Joined: 26 Apr 2008 21:50
Posts: 27
Crocodyle wrote:
ok, thank you, and excuse me if i but i dont understdand all this proxy tchnic and i whish to.
i did it whit a detour and it works fine, but PB kicks for "disalowed program driver".


Are you trying it on a Punkbuster enabled server? It won't work because punkbuster check for detours.


Top
 Profile  
 
 Post subject: Re: sendto lagger
PostPosted: 26 Jul 2009 08:44 

Joined: 24 Oct 2007 00:44
Posts: 26
Can you make this work with hotkeys to enable/disable it and support mysend also?


Top
 Profile  
 
 Post subject: Re: sendto lagger
PostPosted: 26 Jul 2009 11:00 

Joined: 13 Aug 2007 21:44
Posts: 4068
Location: http://aluigi.org
sure if you are a programmer


Top
 Profile  
 
 Post subject: Re: sendto lagger
PostPosted: 29 Aug 2009 11:16 

Joined: 13 Aug 2007 21:44
Posts: 4068
Location: http://aluigi.org
I have written a plugin for proxocket/sudppipe which creates a real delay on each packet:

http://aluigi.org/testz/myproxocket_delay.zip

it uses a parallelal thread which handles all the send and sendto operations applying the desired delay.
the plugin covers both mysend and mysendto so it must be recompiled/hexedited to adapt it to only one of them (for example rename "mysend" as "skip") and changing the milliseconds of delay from 230 (offset 0x8b5).


Top
 Profile  
 
 Post subject: Re: sendto lagger
PostPosted: 07 Jun 2010 23:12 

Joined: 08 May 2010 17:58
Posts: 55
Location: In vast nothingness of space...
Old thread, i know...

Anyways, i wanted to ask something: i found myproxocket.dll in my server host dir, so i was wondering, why would they want to delay sending of packets?
if i got it correct what it's supposed to do


Top
 Profile  
 
 Post subject: Re: sendto lagger
PostPosted: 08 Jun 2010 08:39 

Joined: 13 Aug 2007 21:44
Posts: 4068
Location: http://aluigi.org
myproxocket is a customizable plugin so it can be used for an endless amount of jobs.
in your specific case it's probably used for limiting the fake players bug (you should notice a packet.dat file there) or for a custom job written by your hoster (ever at level of filtering specific packets).

I have seen the image you posted in the other thread and I noticed packet.dat so it's for limiting the fake players attack


Top
 Profile  
 
 Post subject: Re: sendto lagger
PostPosted: 08 Jun 2010 21:12 

Joined: 08 May 2010 17:58
Posts: 55
Location: In vast nothingness of space...
yes, there is a pacekt.dat file
and yes, i thought about limitating players, but wasnt sure
now i am

Thank you for answering :D


Top
 Profile  
 
Display posts from previous:  Sort by  
Forum locked This topic is locked, you cannot edit posts or make further replies.  [ 22 posts ] 

All times are UTC [ DST ]


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for: