HaloMD

Everything about HD, MD, and their mods.

Moderator: Halo Moderators

Sparky
Delta Force
Posts: 4194
Joined: Wed Mar 31, 2004 8:59 pm
Location: New Jersey, USA
Contact:

Re: HaloMD

Post by Sparky » Wed Feb 22, 2012 6:25 pm

I'll set up a directory for you. Details in a PM.
Either you are groping for answers, or you are asking God and listening to Jesus.

nil
Halo Moderator
Halo Moderator
Posts: 1090
Joined: Sat Jul 05, 2008 8:38 am
Location: null zone

Re: HaloMD

Post by nil » Sun Feb 26, 2012 11:34 am

Alpha 4 has been released. This now contains automatic updating and I should be able to get delta updates working in the future (which means much less downloading since it only downloads what has been changed). I removed the date expire thing.

Changes:
*Added automatic updating, which will hopefully mean future delta updates
*When joining a game, you are now alerted if Halo is already running
*HaloMD now uses its own Documents folder independent of Halo Full
*If HaloMD is being installed for the first time, you are requested for picking a name to play as
*When hovering over a server, a tooltip shows up displaying the players in the game
*Added a game inspector that displays extra information on selected server (command I to show/hide it)
*Added Game menu with several common operations
*Added people to About window

[EDIT]: p.s, sparky, FTP really blows - ought to consider SSH/SFTP.
I am no longer active to Halo or MGM, and don't guarantee a response on the forums or through email. I will however linger around the discord room for general chatting. It's been fun!

sword
Ranger
Posts: 1077
Joined: Tue Feb 07, 2006 6:53 pm

Re: HaloMD

Post by sword » Mon Feb 27, 2012 6:45 pm

This is pretty cool and pretty lol at the same time considering how it works. Then again I suppose ub is unsupported software nowadays so what the hell. I'm just curious what the names list is for.
The sword.

Image

nil
Halo Moderator
Halo Moderator
Posts: 1090
Joined: Sat Jul 05, 2008 8:38 am
Location: null zone

Re: HaloMD

Post by nil » Mon Feb 27, 2012 8:22 pm

sword wrote:This is pretty cool and pretty lol at the same time considering how it works. Then again I suppose ub is unsupported software nowadays so what the hell. I'm just curious what the names list is for.
Hey sword, haven't seen you in a while. Good to know you're still alive. :)

By names list, do you mean this?

(Me creating an 'Internet' game, shows up within this window which acts like a lobby)
Image

Basically in short, I modified the gamespy address in Halo to use HDM's server address, and a server script I wrote is running on HDM which intercepts packets monitoring when games open and close, and such. By not using Gamespy, this is one way of bypassing invalid serial key issues. The server script also maintains a list of servers for HaloMD clients.

Modzy and I had a big research thread here. And Modzy is looking into converting demo maps to full right now I think. With some snazzy gdb, wireshark, memory searcher, disassembly skills, we were able to bypass the serial key prompt when starting Halo and choose whatever key we wanted to play with, but we could not figure out how to host an Internet game with a bad key by bypassing the gamespy check (so instead what you see I'm doing is this roundabout way that uses another server instead of gamespy). My x86 dissembly findings were documented here.

On another unrelated note, I may have to get rid of the functionality that creates a user profile for you if HaloMD has not already been installed since it causes some issues with saving settings. Blasted Halo and its cryptography checks in their .sav files. (Idea behind it was that you couldn't join a game if you haven't created a profile yet.)

[EDIT]: Oh, If you mean the names.txt file inside the app, it's a randomly generated list of names that a user can choose from when picking a user profile name. Just extra nifty stuff, nothing special : ).
I am no longer active to Halo or MGM, and don't guarantee a response on the forums or through email. I will however linger around the discord room for general chatting. It's been fun!

TaxiService
Night Stalker
Posts: 6887
Joined: Thu May 24, 2007 5:52 am
Location: 41.896198, 12.4165945
Contact:

Re: HaloMD

Post by TaxiService » Mon Feb 27, 2012 10:08 pm


sword
Ranger
Posts: 1077
Joined: Tue Feb 07, 2006 6:53 pm

Re: HaloMD

Post by sword » Tue Feb 28, 2012 11:13 am

It's been a really long time since I've done anything related to halo, however, I spent a long time disassembling and looking through halo's structure and exploit information online. I remember this ( http://aluigi.altervista.org/papers.htm#gshidden ) website as having a lot of information about how gamespy handled cd key verification. I never did anything related to halo and its cd key but I might suggest you look at the cracked version of halo for ppc (I don't recall the version number) and compare it with the uncracked of the same version.

Otherwise, although I imagine you already thought of this, just find whatever subroutine does the cd key check in memory, nop everything related to it and just ret 1 or 0 or whatever it wants. Halo isn't exactly that advanced when it comes down to anti-piracy methods.

As for full to demo / demo to full, it's a pretty easy process. Internalize the bitmaps and sounds and update ever internal pointer using the full / demo magic number, depending on whichever direction you're planning on taking the transform. Otherwise you could do something I never wanted to do (it felt like it defeated modding) and recode halo to use a different magic number.

If you've already tried all of the above, ruled any of it out, or otherwise found ways around it then awesome. Best of luck and don't lose your minds using gdb. Also, as an aside, if you would like my work on a third person hack I would be happy to post it somewhere. I got to the point of implementing it then realized halo UB was available and I didn't want to re-research everything.

I'm fairly shocked this community is still around.
The sword.

Image

Modzy
Green Beret
Posts: 3058
Joined: Fri Feb 22, 2008 11:06 pm
Location: Portland, OR

Re: HaloMD

Post by Modzy » Tue Feb 28, 2012 1:02 pm

Demo to full and full to demo sounds easy, but it isn't in practice. Handling bitmaps and sounds is easy enough, but converting all the reflexives correctly requires a whole lot of reverse engineer tag classes. Once you get into the realm of demo to full and mods you've also got to consider protected maps, heavily modded maps, etc. A lot of problems start occuring.

sword
Ranger
Posts: 1077
Joined: Tue Feb 07, 2006 6:53 pm

Re: HaloMD

Post by sword » Tue Feb 28, 2012 4:31 pm

I know I was the one who figured out how to do the conversions. I left things to almit a long time back with QAR because his map parsing framework was much better than the hacky one I made up as a proof of concept. Instead it would be a lot simpler to hack the halo UB binary to use the demo pointers (e.g. fv magic -> demo magic). It should exist as some sort of a constant within the binary
The sword.

Image

Modzy
Green Beret
Posts: 3058
Joined: Fri Feb 22, 2008 11:06 pm
Location: Portland, OR

Re: HaloMD

Post by Modzy » Tue Feb 28, 2012 8:02 pm

sword wrote:I know I was the one who figured out how to do the conversions. I left things to almit a long time back with QAR because his map parsing framework was much better than the hacky one I made up as a proof of concept. Instead it would be a lot simpler to hack the halo UB binary to use the demo pointers (e.g. fv magic -> demo magic). It should exist as some sort of a constant within the binary
I did explore the idea of modifying Halo to load demo maps, however isn't an easy process and would require tons of reverse engineering. Since Halo doesn't use magic values as our map editors do, you'd have to edit Halo to load the index and tags into the demo section of memory, and do the same for the sbsps, server and all over in game data, as it's all part of the same general memory section. It wouldn't be a single simple value change, you'd have to edit quite a few things to get everything writing to the correct place in memory.

Halo just kind of sucks. ;P

nil
Halo Moderator
Halo Moderator
Posts: 1090
Joined: Sat Jul 05, 2008 8:38 am
Location: null zone

Re: HaloMD

Post by nil » Fri Mar 02, 2012 11:05 am

sword wrote:It's been a really long time since I've done anything related to halo, however, I spent a long time disassembling and looking through halo's structure and exploit information online. I remember this ( http://aluigi.altervista.org/papers.htm#gshidden ) website as having a lot of information about how gamespy handled cd key verification. I never did anything related to halo and its cd key but I might suggest you look at the cracked version of halo for ppc (I don't recall the version number) and compare it with the uncracked of the same version.

...

Otherwise, although I imagine you already thought of this, just find whatever subroutine does the cd key check in memory, nop everything related to it and just ret 1 or 0 or whatever it wants. Halo isn't exactly that advanced when it comes down to anti-piracy methods.
I've been at Aluigi's website. It has a lot of interesting stuff. I've seen this article about gamespy authorization and I was even able to narrow down the area in code that generated the MD5 hash of the serial key, and the client token. I was trying the nop everything related approach but I guess I just didn't figure it out. I was also trying to intercept the packet that contained "authorization failed" and try to ignore it, and ended up doing this by severing gamespy altogether =P.

I didn't know there was a PPC crack version similar to the PC ones. I've seen a PPC crack before, but it didn't bypass gamespy. Probably difficult to find.

I personally don't care much about third person. I could admire the hack and research required to accomplish it, but playing Halo in third person is just not that cool to me..

In other news, I was able to figure out the checksum of the Halo profile blam.sav files. The last 4 bytes of the file is the "checksum", and the CRC-32 of the entire file is always 0xFFFFFFF. So I used and found some interesting code that claimed that you can forge a checksum for CRC-32 by inserting 4 bytes anywhere in a file.

Also, new update:
Alpha 7

Changes:
*Fixed creation of user profiles so that they now save properly
*Updated Sparkle framework. Delta updates should work the *next* time around
*Added temporary icon for testing purposes
I am no longer active to Halo or MGM, and don't guarantee a response on the forums or through email. I will however linger around the discord room for general chatting. It's been fun!

sword
Ranger
Posts: 1077
Joined: Tue Feb 07, 2006 6:53 pm

Re: HaloMD

Post by sword » Fri Mar 02, 2012 1:21 pm

I remember back when I was just beginning Jonathan figured out the blam file had a CRC-32 checksum and he wrote a tool I used for a while to rewrite playlists so we could play things like king of the hill, etc. It was kinda cool but really tedious. Also, I can't remember how the halo crack I had worked. I remember I could get onto gamespy and play, however I also remember I ran into gamespy errors claiming someone else on the same server was using my cd key. Obviously it hadn't bypassed the cd key part of the gamespy handshake.

Agreed on third person too - I did it to say I could and gave up when I realized how little I was going to get out of it by making it work for halo ub.

Also someone go on the mgm minecraft server. I'm in the library trying not to do my quantum mechanics homework.
The sword.

Image

nil
Halo Moderator
Halo Moderator
Posts: 1090
Joined: Sat Jul 05, 2008 8:38 am
Location: null zone

Re: HaloMD

Post by nil » Fri Mar 02, 2012 5:58 pm

I'm kind of aware of Jonathon's gametype tool. I actually wrote a GUI gametype editor. The CRC-32 checksum for gametype files is slightly different than the CRC-32 checksum I was just trying to figure out. For gametype files, it is *something* like reverse the bytes of one's complement of CRC-32 of first 0x98 bytes in the file, and 0x98 was the offset to the 32-bit checksum, and after that was zeroes (or unimportant garbage stuff Halo uses for something...). My tool (and probably jonathon's too) only worked for Halo Demo gametype files though because much of the file format (and what is written in ~/Documents likely) is dependent on byte order (Halo Demo being big endian). [On another note, I think some things in the gametype file format are native byte order, and other things are non-native byte order, very odd].
I am no longer active to Halo or MGM, and don't guarantee a response on the forums or through email. I will however linger around the discord room for general chatting. It's been fun!

Sparky
Delta Force
Posts: 4194
Joined: Wed Mar 31, 2004 8:59 pm
Location: New Jersey, USA
Contact:

Re: HaloMD

Post by Sparky » Fri Mar 02, 2012 8:01 pm

sword, stop by the MGM programming subforum; Koingo software is hiring and I posted info there.
Either you are groping for answers, or you are asking God and listening to Jesus.

TaxiService
Night Stalker
Posts: 6887
Joined: Thu May 24, 2007 5:52 am
Location: 41.896198, 12.4165945
Contact:

Re: HaloMD

Post by TaxiService » Fri Mar 02, 2012 9:55 pm

If needed i can provide a copy of Jon's gametype tool, a sample gametype document and the documentation he wrote back when he was an active member.

He told me not to give it to anyone, but so much time has passed… he wanted to make a gui for it before public release.
  • TaxiService! Shitposting since 2007!
MGM Sig

sword
Ranger
Posts: 1077
Joined: Tue Feb 07, 2006 6:53 pm

Re: HaloMD

Post by sword » Sat Mar 03, 2012 1:38 pm

Sparky wrote:sword, stop by the MGM programming subforum; Koingo software is hiring and I posted info there.
thanks man, I'll check it out but I'm already either working on high energy physics research, in a finance firm, or at a friend's startup. I'm actually in the library teaching myself ruby and a specific js framework for an interview on tuesday while simultaneously writing a few emails to research groups on campus and bitching that Obama is going to be speaking at barnard instead of here at columbia for this year's commencement.
The sword.

Image

Post Reply

Who is online

Users browsing this forum: Ahrefs [Bot] and 47 guests