Hardline Dreams - A Python Matrix Online Server Project

Full Version: Auth Packets -> stopping randomizing!
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
Pages: 1 2 3


even with both msvcr71 and advapi32 hooked to stop randomization, the time randomization remains...
i even nopped out time() to return a static time, and its still getting the proper time somehow
thanks for doing your job on advapi.dll. I got so much troubles hooking/testing that on game code for me.

news for ya:

apart from the dll's known, matrix.exe imports, after one or more exceptions and after entering user+pass, some dll's, including:

msvcr.dll (i mean without the "71") from system directory having:
time, time64, ..., rand, srand

winmm.timeGetTime (acts like a timer)

kernel32.getTickCounts (it does use this... why? dunno, but still a source for changes)

so you need to nop any of them. I can see some troubles for in-game actions that will require time counters, but login first, taking care of what to do being logged later.

I had done this, but i was stuck with advapi32, so i wont get the full pie noped/faked.
Maybe this helps. Randomizing crap prevents us to go through the next steps xD.

I may try this tomorrow, what did you use to hook to advapi32?


i did all time functions and ran in msvcr71... anything that aclled GetSystemTimeInFileTIme or whatever, was set up to return a static value
and yet, it still gets the correct time...advapi was easy, i just used that proxy dll generator
i have tested it out ...greaaaat work dude Wink
You can now sniff a session , resend the packets and it works PC independent .

This is very great, and brings us a big step further.

Now i think about a good "login solution" (my idea is to create a client application before matrix.exe starts that verify user and password and then start matrix.exe with the parameters).

I will make today some test with serverlist generation, etc. and will later explain it better how did i mean that Wink

The only Problem i see at the login and charakter process is, that we dont really can decrypt the margin server packets for things like character level etc. ...but with this modified DLLs we are able to login and start the world without a real account and without a wacky "only works for one PC" solution Wink

EDIT: serios, at home it was success , at work not -.- . check this near .
EDIT2: ok seems that advapi32.dll is loaded from system32 and not from MxO directory here.

I tried to disable SafeDLL mode but doesnt took an effect on advapi32.dll ..it directly loads from windows\system32\


neo, stop failing, you havent done anything correctly since this whole thing started
is "fail" your only word for everything ?

i never said :
- i am the uber-reverse-engineer person, or the C++ Uber Guru.
- i make the uber emulator, get everything workes etc.

I promise nothing ..if there is no chance to get something working - ok , if yes - great.
So this postings about "neo failed" or something is just waste and useless.

And sure i had done many things :
- Setting up website with forum and some basic informations
- Packet Collection and analyzing .
- Setup a test enviroment for internal testing
- and Advertise this site a little bit (35 member are not coming from nothing).

So this what i had to said about this topic, and think its now enough!!!
Both of you, having reason or not, please dont discuss.

Thats not good for any,nor the project.

I have uploaded a list (ordered in time) about what time/random calls do matrix.exe call during execution till 1st packet sent to auth server (in theory, the timestamped one).

Please check if it's useful in any way.


always be on gtalk when you can bro, plz
Pages: 1 2 3