unique item filter

Threads that no longer serve a purpose. Read-only.
Locked
User avatar
void
Shadowgate Totem
1776 | 98
3264
Common Posting Badge
Posted over 1.000 messages
Great Popularity Badge
Has a thread with over 50.000 views
Common Love Badge
Earned over 20 cookies
Common Guide Badge
Created a complete character guide
ok, i get the error too.

but you know what, the dll works to some extent. why? -- because if i go into dllmain.cpp and put an error message and a return statement in front of everything else there, it will show the message when the dll is injected into d2
Image

so pls if you have any motivation pls keep trying too
btw do you have any idea what the assembly code actually does?
#71
8 years
DeaTh
Cog
206 | 16
691
void wrote:btw do you have any idea what the assembly code actually does?

I can read it line by line with Google. But I do not understand all these operations with addresses and other things.
so pls if you have any motivation pls keep trying too

I do. :bounce: Tomorrow I will look D2Template. For better understanding.
#72
8 years
User avatar
void
Shadowgate Totem
1776 | 98
3264
Common Posting Badge
Posted over 1.000 messages
Great Popularity Badge
Has a thread with over 50.000 views
Common Love Badge
Earned over 20 cookies
Common Guide Badge
Created a complete character guide
we need to find out what makes it crash on pressing alt
#73
8 years
ticktick
Sasquatch
64 | 9
0
void wrote:ok, i get the error too.

but you know what, the dll works to some extent. why? -- because if i go into dllmain.cpp and put an error message and a return statement in front of everything else there, it will show the message when the dll is injected into d2
Image

so pls if you have any motivation pls keep trying too
btw do you have any idea what the assembly code actually does?


the assembly code is hotpatched into a d2 function to make it call DROPFILTER_Main, then checks the return value of DROPFILTER_Main, if false it goes to the end of that d2 function, if true it continues at the start of that d2 function (maybe reversed, i forget how cmp works). Similar to how a rootkit works except then you're patching the kernel.

msvc adds 2 or 4 noop bytes at the begging of all functions so they can be hotpatched by overwriting them with a jmp (unless you supply some compiler argument).
#74
8 years
+1
User avatar
void
Shadowgate Totem
1776 | 98
3264
Common Posting Badge
Posted over 1.000 messages
Great Popularity Badge
Has a thread with over 50.000 views
Common Love Badge
Earned over 20 cookies
Common Guide Badge
Created a complete character guide
ticktick wrote:
void wrote:ok, i get the error too.

but you know what, the dll works to some extent. why? -- because if i go into dllmain.cpp and put an error message and a return statement in front of everything else there, it will show the message when the dll is injected into d2
Image

so pls if you have any motivation pls keep trying too
btw do you have any idea what the assembly code actually does?


the assembly code is hotpatched into a d2 function to make it call DROPFILTER_Main, then checks the return value of DROPFILTER_Main, if false it goes to the end of that d2 function, if true it continues at the start of that d2 function (maybe reversed, i forget how cmp works). Similar to how a rootkit works except then you're patching the kernel.

msvc adds 2 or 4 noop bytes at the begging of all functions so they can be hotpatched by overwriting them with a jmp (unless you supply some compiler argument).

ty for explanation, i think that this doenst explain everything but most of it helps.


i noticed that it actually goes to the point that it "enters" the file with the assembly code, because i put message boxes directly before and after the __asm () thing, and the first box actually pops up. what doesnt pop up is the box after the code, so supposedly there is a problem directly connected to the stuff between the __asm brackets

/e: so even if the asm is corrected (idk how to correct it), it will still crash after the asm file code has been run for the first time. i tried to only call the item filter conditions from the .cpp file, and it actually makes the message box from there pop up followed by a msg after the edited __asm() part
so basically it looks like this

Code: Select all

MessageBox(NULL, "hello", "D2Template", MB_OK | MB_ICONERROR);
__asm volatile(
   "call %0                     \n"
   :: "r" (DROPFILTER_Main) // <--- this contains msg box with "test"
   );
MessageBox(NULL, "mooooo", "D2Template", MB_OK | MB_ICONERROR);

all three boxes showed up before it crashed
/e: ok wtf putting this for test

Code: Select all

__asm volatile(
   "call %0                     \n"
   :: "r" (DROPFILTER_Main)
   );
MessageBox(NULL, "mooooo", "D2Template", MB_OK | MB_ICONERROR);   
MessageBox(NULL, "mooooo2", "D2Template", MB_OK | MB_ICONERROR);   
MessageBox(NULL, "mooooo3", "D2Template", MB_OK | MB_ICONERROR);   
__asm volatile("jmp [%0]                    \n"
    :: "r" (D2CLIENT_6FB09087)
    );
    MessageBox(NULL, "kamehamemoo", "D2Template", MB_OK | MB_ICONERROR);   

output is: msg:test msg:moo
not moo2
not moo3
it gets the error right there :shock:
#75
8 years
Edited by void 8 years.
ticktick
Sasquatch
64 | 9
0
void wrote:
ticktick wrote:
void wrote:ok, i get the error too.

but you know what, the dll works to some extent. why? -- because if i go into dllmain.cpp and put an error message and a return statement in front of everything else there, it will show the message when the dll is injected into d2
Image

so pls if you have any motivation pls keep trying too
btw do you have any idea what the assembly code actually does?


the assembly code is hotpatched into a d2 function to make it call DROPFILTER_Main, then checks the return value of DROPFILTER_Main, if false it goes to the end of that d2 function, if true it continues at the start of that d2 function (maybe reversed, i forget how cmp works). Similar to how a rootkit works except then you're patching the kernel.

msvc adds 2 or 4 noop bytes at the begging of all functions so they can be hotpatched by overwriting them with a jmp (unless you supply some compiler argument).

ty for explanation, i think that this doenst explain everything but most of it helps.


i noticed that it actually goes to the point that it "enters" the file with the assembly code, because i put message boxes directly before and after the __asm () thing, and the first box actually pops up. what doesnt pop up is the box after the code, so supposedly there is a problem directly connected to the stuff between the __asm brackets

/e: so even if the asm is corrected (idk how to correct it), it will still crash after the asm file code has been run for the first time. i tried to only call the item filter conditions from the .cpp file, and it actually makes the message box from there pop up followed by a msg after the edited __asm() part
so basically it looks like this

Code: Select all

MessageBox(NULL, "hello", "D2Template", MB_OK | MB_ICONERROR);
__asm volatile(
   "call %0                     \n"
   :: "r" (DROPFILTER_Main) // <--- this contains msg box with "test"
   );
MessageBox(NULL, "mooooo", "D2Template", MB_OK | MB_ICONERROR);

all three boxes showed up before it crashed


it's probably crashing because you're not continuing the execution in d2's dropfilter function. since you removed the jmp commands the function will return after the 3rd message box instead of jmp-ing back to d2's dropfilter, which causes execution to continue in the caller of d2's dropfilter (since we jmp-ed into PATCH_DropFilter, not call-ed). it could also be that register eax has an unexpected value when returning from PATCH_DropFilter since the last function called was MessageBox which returns 9 different int values not a BOOL(TRUE = 1, FALSE = 0).
#76
8 years
User avatar
void
Shadowgate Totem
1776 | 98
3264
Common Posting Badge
Posted over 1.000 messages
Great Popularity Badge
Has a thread with over 50.000 views
Common Love Badge
Earned over 20 cookies
Common Guide Badge
Created a complete character guide
look edit pls
btw it also crashes if that file has the __asm(); thing completely removed
#77
8 years
ticktick
Sasquatch
64 | 9
0
this
ticktick wrote:it could also be that register eax has an unexpected value when returning from PATCH_DropFilter since the last function called was MessageBox which returns 9 different int values not a BOOL(TRUE = 1, FALSE = 0).

try assigning 0 or 1 to eax before the jmp.
#78
8 years
User avatar
void
Shadowgate Totem
1776 | 98
3264
Common Posting Badge
Posted over 1.000 messages
Great Popularity Badge
Has a thread with over 50.000 views
Common Love Badge
Earned over 20 cookies
Common Guide Badge
Created a complete character guide
ticktick wrote:this
ticktick wrote:it could also be that register eax has an unexpected value when returning from PATCH_DropFilter since the last function called was MessageBox which returns 9 different int values not a BOOL(TRUE = 1, FALSE = 0).

try assigning 0 or 1 to eax before the jmp.

i think that it has nothing to do with that because it will crash even if i remove all msg boxes, delete the __asm() part, or make an unconditional jump to the same thing. it doesnt matter, it will always crash upon pressing alt, so i would think it has something to do with what happens when the button is pressed.
its kinda weird, there isnt a lot of code in the files... to me it seems like nothing should happen when i press alt (as in no effect) if i turn off the fuctions themselves, but it still crashes. it only wont crash if i edit the function to apply the patch to not apply it, then its just the normal game. its rly annoying because the problem seems not to be connected to d2patchstubs.cpp or d2dropfilter.cpp
#79
8 years
ticktick
Sasquatch
64 | 9
0
try attaching a debugger. get debugging tools for windows and use windbg https://msdn.microsoft.com/en-us/librar ... 63(v=vs.85).aspx or admit defeat and use visual studio.
#80
8 years
Locked