GameGuard - what i know so far (not working yet!)

Page 1 of 4 1234 LastLast
Results 1 to 15 of 55
  1. #1
    The Dinosaur chumpywumpy is offline
    The OmegaRank
    Jun 2008 Join Date
    /f451/Location
    5,132Posts

    Red face GameGuard - what i know so far (not working yet!)


    RaGEZONE Recommends

    RaGEZONE Recommends

    Notes: This doesn't actually work yet i am just sharing the results of my experiments so others can try. I have never really tried emulating a GG server before but people who have done other pservers may have more experience than me and might be able to see where i am going wrong.

    Do not complain at me and ask for help to make it work as if i could do that this would be a working release.

    For testing i used a current EU client which is probably why it doesn't work, but more about this later.

    How GG does it's updates

    The client has a CabalOnlineUK.ini, which is encrypted, and this controls where the client will update GG from. These can be decrypted with the gguardfile utility. These examples are from the official EU GG server earlier this month.

    Quote Originally Posted by CabalOnlineUK.ini
    [GAMEMON]
    GAME_NAME=CabalOnlineUK
    UPDATE_SERVER=gameguard.cabalonline.com
    UPDATE_PATH=/gameguard/nProtect/GameGuard/RealServer/
    BACKUP_SERVER=
    BACKUP_PATH=
    OPTION_VALUE=0
    SPEEDCHECK_INTERVAL=1000
    SENDERL=1
    GAMECRC=1
    USE_GGSCAN=1
    SENDERRLOG=2
    LOG_SERVER=211.233.43.45
    REVISION=47
    So, the client gets it's updates from hxxp://gameguard.cabalonline.com/gameguard/nProtect/GameGuard/RealServer/ and once we know that we can set up a webserver with the same directory structure. You will need to redirect gameguard.cabalonline.com to you own webserver using either DNS records or the hosts file.

    The first thing GG does is download the update.cfg file so it know what it needs to update. This is encrypted in the same way as the ini file from the client.

    Quote Originally Posted by update.cfg
    [GAME]
    GAME_NAME=CabalOnlineUK

    [FILE101]
    DESCRIPTION=nProtect GameGuard Engine
    FILENAME=GameMon.npz
    REALFILENAME=GameMon.des
    DESTINATION={appgg}
    VERSION=2008.12.18.1
    CRC32=1147193640
    OPTION=0

    [FILE102]
    DESCRIPTION=nProtect GameGuard Engine
    FILENAME=npgg9x.npz
    REALFILENAME=npgg9x.des
    DESTINATION={appgg}
    VERSION=2008.8.28.1
    CRC32=4142835861
    OPTION=0

    [FILE103]
    DESCRIPTION=nProtect GameGuard Engine
    FILENAME=npggNT.npz
    REALFILENAME=npggNT.des
    DESTINATION={appgg}
    VERSION=2008.12.3.1
    CRC32=1279772719
    OPTION=0

    [FILE104]
    DESCRIPTION=nProtect GameGuard Engine
    FILENAME=npsc.npz
    REALFILENAME=npsc.des
    DESTINATION={appgg}
    VERSION=2008.10.17.1
    CRC32=2587108299
    OPTION=0

    [FILE105]
    DESCRIPTION=nProtect GameGuard Engine
    FILENAME=nppt9x.npz
    REALFILENAME=nppt9x.vxd
    DESTINATION={sys}
    VERSION=
    CRC32=317793346
    OPTION=0
    NOAUTH=1

    [FILE106]
    DESCRIPTION=nProtect GameGuard Engine
    FILENAME=npptNT2.npz
    REALFILENAME=npptNT2.sys
    DESTINATION={sys}
    VERSION=2005.1.5.1
    CRC32=3155204954
    OPTION=0
    NOAUTH=1

    [FILE107]
    DESCRIPTION=nProtect GameGuard Engine
    FILENAME=CabalOnlineUK.npz
    REALFILENAME=CabalOnlineUK.ini
    DESTINATION={appgg}
    VERSION=
    CRC32=1026638557
    OPTION=0

    [FILE108]
    DESCRIPTION=nProtect GameGuard Engine
    FILENAME=Splash.npz
    REALFILENAME=Splash.jpg
    DESTINATION={appgg}
    VERSION=
    CRC32=2078401564
    OPTION=0
    NOAUTH=1

    [FILE109]
    DESCRIPTION=nProtect GameGuard Engine
    FILENAME=ggscan.npz
    REALFILENAME=ggscan.des
    DESTINATION={appgg}
    VERSION=2007.1.4.1
    CRC32=3896960380
    OPTION=0

    [FILE110]
    DESCRIPTION=nProtect GameGuard Engine
    FILENAME=npgmup.npz
    REALFILENAME=npgmup.des
    DESTINATION={appgg}
    VERSION=2009.1.28.1
    CRC32=313176569
    OPTION=0
    [FILE111]
    DESCRIPTION=nProtect GameGuard Engine
    FILENAME=TeCtrl.dll.npz
    REALFILENAME=TeCtrl.dll
    DESTINATION={commonty}
    VERSION=2008.8.28.0
    CRC32=2086036782
    OPTION=1
    NOAUTH=1
    [FILE112]
    DESCRIPTION=nProtect GameGuard Engine
    FILENAME=tyav32.dll.npz
    REALFILENAME=tyav32.dll
    DESTINATION={commonty}
    VERSION=2008.11.11.0
    CRC32=341796621
    OPTION=1
    NOAUTH=1
    [FILE113]
    DESCRIPTION=nProtect GameGuard Engine
    FILENAME=TYAVP_000.npz
    REALFILENAME=TYAVP_000.bin
    DESTINATION={commonty}
    VERSION=2008.11.14.00
    CRC32=2106599450
    OPTION=1
    NOAUTH=1
    [FILE114]
    DESCRIPTION=nProtect GameGuard Engine
    FILENAME=TYAVP_001.npz
    REALFILENAME=TYAVP_001.bin
    DESTINATION={commonty}
    VERSION=
    CRC32=2951889252
    OPTION=1
    NOAUTH=1
    [FILE115]
    DESCRIPTION=nProtect GameGuard Engine
    FILENAME=TYAVP_002.npz
    REALFILENAME=TYAVP_002.bin
    DESTINATION={commonty}
    VERSION=
    CRC32=1300993572
    OPTION=1
    NOAUTH=1
    [FILE116]
    DESCRIPTION=nProtect GameGuard Engine
    FILENAME=TYAVP_003.npz
    REALFILENAME=TYAVP_003.bin
    DESTINATION={commonty}
    VERSION=
    CRC32=51465540
    OPTION=1
    NOAUTH=1
    [FILE117]
    DESCRIPTION=nProtect GameGuard Engine
    FILENAME=TYAVP_004.npz
    REALFILENAME=TYAVP_004.bin
    DESTINATION={commonty}
    VERSION=
    CRC32=2929953137
    OPTION=1
    NOAUTH=1
    [FILE118]
    DESCRIPTION=nProtect GameGuard Engine
    FILENAME=TYAVP_EXP.npz
    REALFILENAME=TYAVP_EXP.bin
    DESTINATION={commonty}
    VERSION=
    CRC32=2966243243
    OPTION=1
    NOAUTH=1
    [FILE119]
    DESCRIPTION=nProtect GameGuard Engine
    FILENAME=GameGuard.npz
    REALFILENAME=GameGuard.des
    DESTINATION={appgg}
    VERSION=2009.1.28.1
    CRC32=1785911752
    OPTION=0
    Now these 2 files are encrypted using a shared key method from what i have read which largely means decrypting is quite easy, encrypting is almost impossible unless we have the private key too (which we don't). This means that for this to work we need an update.cfg and a set of matching GG files as it is checking the crc.

    If i set this up, enable GG on the server and try logging in with my pserver client i get booted right away which is exactly what we want, only protected and verified exes allowed. If i try with the EU client (using the batch file and internal.txt obviously) i can get past login but i get booted around the char select screen.

    Our servers only have GG libs up to v52 and i know what GG goes higher than this. As our server version is quite old the official one has obviously updated to a newer version of GG which i am pretty sure is the reason i get booted as the server GG lib is too old for the current GG files used by official.

    The real problem is how to get older Cabal GG files. Getting the files themselves is no real problem but without the matching update.cfg the files are useless. A better method would be to find an updated lib (libggauth2.so.xx) for the server so we can use the current GG version rather than older exploitable ones.

    One other possible solution is to use older update.cfg and GG files from another game as. GG is definitely going to check the game name in the cfg and ini matches but i don't know if the client also verifies this. I don't have any other GG files from other games to test with but maybe somebody else does.

    Here are the GG files, decrypted ini/cfg and a copy of gguardfile. Hopefully there are some GG experts out there that can prove my noobness to everybody :P
    http://www.mediafire.com/download.php?jw4zidnhzmn


    Quote Originally Posted by GameGuard error codes
    // Callback Message
    #define NPGAMEMON_UNDEFINED 1000 // Undefined message
    #define NPGAMEMON_COMM_ERROR 1001 // Communication error
    #define NPGAMEMON_COMM_CLOSE 1002 // Communication closing

    #define NPGAMEMON_SPEEDHACK 1011 // SpeedHack detected
    #define NPGAMEMON_GAMEHACK_KILLED 1012 // GameHack killed
    #define NPGAMEMON_GAMEHACK_DETECT 1013 // GameHack detected
    #define NPGAMEMON_INIT_ERROR 1014 // GameMon Init Error
    #define NPGAMEMON_GAMEHACK_DOUBT 1015 // GameHack doubt
    #define NPGAMEMON_CHECK_CSAUTH 1016 // CSAuth
    #define NPGAMEMON_CHECK_CSAUTH2 1017 // CSAuth2

    // Error Code 110 - 300
    #define NPGAMEMON_ERROR_EXIST 110 // GameMon Already Exist
    #define NPGAMEMON_ERROR_CREATE 111 // GameGuard Directory Create Error
    #define NPGAMEMON_ERROR_NPSCAN 112 // npscan.des Error
    #define NPGAMEMON_ERROR_THREAD 113 // CreateThread Error
    #define NPGAMEMON_ERROR_INIT 114 // GameMon Initialize Error
    #define NPGAMEMON_ERROR_GAME_EXIST 115 // Game Instance Already Exist
    #define NPGAMEMON_ERROR_AUTH_INI 120 // .ini Authentication Fail
    #define NPGAMEMON_ERROR_AUTH_NPGMUP 121 // npgmup.des Authentication Fail
    #define NPGAMEMON_ERROR_AUTH_GAMEMON 122 // GameMon.des Authentication Fail
    #define NPGAMEMON_ERROR_AUTH_NEWUP 123 // npgmup.des.new Auth Fail
    #define NPGAMEMON_ERROR_AUTH_GAMEGUARD 124 // GameGuard.des Authentication Fail
    #define NPGAMEMON_ERROR_DECRYPT 130 // .ini File Decryption Fail
    #define NPGAMEMON_ERROR_CORRUPT_INI 141 // Corrupt ini file Error
    #define NPGAMEMON_ERROR_CORRUPT_INI2 142 // Not match GameName in ini file Error
    #define NPGAMEMON_ERROR_NFOUND_INI 150 // ini File not Found
    #define NPGAMEMON_ERROR_NFOUND_NPGMUP 151 // npgmup.des not found
    #define NPGAMEMON_ERROR_NFOUND_NEWUP 152 // npgmup.des.new not found
    #define NPGAMEMON_ERROR_NFOUND_GG 153 // GameGuard.des not found
    #define NPGAMEMON_ERROR_NFOUND_GM 154 // GameMon.des not found
    #define NPGAMEMON_ERROR_CRYPTOAPI 155 // rsabase.dll is corrupted
    #define NPGAMEMON_ERROR_COMM 160 // Communication Init Error
    #define NPGAMEMON_ERROR_EXECUTE 170 // GameMon Execute Error
    #define NPGAMEMON_ERROR_EVENT 171 // GameMon Event Create Error
    #define NPGAMEMON_ERROR_NPGMUP 180 // npgmup.dll Error
    #define NPGAMEMON_ERROR_MOVE_INI 191 // Move ini Error
    #define NPGAMEMON_ERROR_MOVE_NEWUP 192 // Move npgmup.des.new Error

    #define NPGAMEMON_ERROR_ILLEGAL_PRG 200 // Detected a illegal program

    #define NPGAMEMON_ERROR_GAMEMON 210 // GameMon Init Error
    #define NPGAMEMON_ERROR_SPEEDCHECK 220 // SpeedCheck Init Error
    #define NPGAMEMON_ERROR_GAMEGUARD 230 // GameGuard Init Error

    // Error Code 310 - 400
    // Update Error Code
    #define NPGMUP_ERROR_DOWNCFG 340 // Download Error
    #define NPGMUP_ERROR_ABORT 350 // Canceled by User
    #define NPGMUP_ERROR_AUTH 360 // File Authentication Error
    #define NPGMUP_ERROR_AUTH_INI 361 // .ini Authentication Error
    #define NPGMUP_ERROR_DECRYPT 370 // .ini Decrypt Error
    #define NPGMUP_ERROR_CONNECT 380 // Connect to update server Fail
    #define NPGMUP_ERROR_INI 390 // .ini is corrupted


  2. #2
    The Cat in the Hat cypher is offline
    ModeratorRank
    Oct 2005 Join Date
    IrelandLocation
    5,167Posts

    Re: GameGuard - what i know so far (not working yet!)

    i think that we don`t have the exact server and client version.

  3. #3
    Account Inactive Moonfly is offline
    InactiveRank
    Feb 2009 Join Date
    ESTONIALocation
    121Posts

    Re: GameGuard - what i know so far (not working yet!)

    Keep up the great work ;) im sure you'll get it work eventually!

  4. #4
    Account Inactive jamirhudas is offline
    InactiveRank
    May 2007 Join Date
    274Posts

    Re: GameGuard - what i know so far (not working yet!)

    my server use xtrap. and no one can use CE on my server now because if they do, their pc will restart..
    which is more accurate to use on server (cabal) xtrap or gameguard?

  5. #5
    Infraction Banned master_unknown is offline
    True MemberRank
    Oct 2004 Join Date
    HellLocation
    752Posts

    Re: GameGuard - what i know so far (not working yet!)

    I think I've read cypher's comment that sooner or later GG will not work on p.servers anymore.
    So basically this is the whole point of this post, to emulate GG for it to work on p.servers.

  6. #6
    Go go go! Cath22 is offline
    True MemberRank
    Aug 2008 Join Date
    Cabal-ArenaLocation
    714Posts

    Re: GameGuard - what i know so far (not working yet!)

    im willing to host the config to centrilize the url...

  7. #7
    The Cat in the Hat cypher is offline
    ModeratorRank
    Oct 2005 Join Date
    IrelandLocation
    5,167Posts

    Re: GameGuard - what i know so far (not working yet!)

    the only way to make the server secure is to use a old version of gameguard (not xtrap, because the server cannot know if the client it`s running with or without xtrap, but can know for gg) The tricky part is to get a specific server side gameguard version with a compatible client side gg version.

    cypher

  8. #8
    Banned Yamachi is offline
    BannedRank
    Oct 2006 Join Date
    Jolly EnglandLocation
    3,528Posts

    Re: GameGuard - what i know so far (not working yet!)

    http://www.gamershell.com/download_16858.shtml <-- CABAL EU client from December 1st, 2006. Installing and updating that client should give you all the update_xxx.dat files you need to get a client with the same gg version as our privvies support. If not, here's a list of some other versions of CABAL: http://www.gamershell.com/search/?q=cabal+online

  9. #9
    The Dinosaur chumpywumpy is offline
    The OmegaRank
    Jun 2008 Join Date
    /f451/Location
    5,132Posts

    Re: GameGuard - what i know so far (not working yet!)

    I already have a copy of that client as well as GG versions from other Cabal territories. the trouble is that the GG files in the client don't come with the update.cfg, in fact the only time the client has a copy is in the middle of an update :(

  10. #10
    Go go go! Cath22 is offline
    True MemberRank
    Aug 2008 Join Date
    Cabal-ArenaLocation
    714Posts

    Re: GameGuard - what i know so far (not working yet!)

    can we create are own update.cfg?

  11. #11
    The Dinosaur chumpywumpy is offline
    The OmegaRank
    Jun 2008 Join Date
    /f451/Location
    5,132Posts

    Re: GameGuard - what i know so far (not working yet!)

    Making one is easy it is encrypting it again that is hard. The type of encryption used makes it easy to decode the file but not encode it again and i have not found a way yet.

  12. #12
    Account Inactive poison100 is offline
    InactiveRank
    Dec 2008 Join Date
    PolandLocation
    28Posts

    Re: GameGuard - what i know so far (not working yet!)

    If i remember some1 upload a bypass for version gg rev 1059 in elite....de and cabal eu ep2 with first update :) we can try with this :) but this gameguard is not full secure old cheats work :)

  13. #13
    Go go go! Cath22 is offline
    True MemberRank
    Aug 2008 Join Date
    Cabal-ArenaLocation
    714Posts

    Re: GameGuard - what i know so far (not working yet!)

    we need to try everything and fast....

  14. #14
    The Dinosaur chumpywumpy is offline
    The OmegaRank
    Jun 2008 Join Date
    /f451/Location
    5,132Posts

    Re: GameGuard - what i know so far (not working yet!)

    Quote Originally Posted by poison100 View Post
    If i remember some1 upload a bypass for version gg rev 1059 in elite....de and cabal eu ep2 with first update :) we can try with this :) but this gameguard is not full secure old cheats work :)
    I know the exact bypass you mean (the 2 moons one) and those are the non-cabal files i am experimenting with as they are the only other full set (including the cfg) i have found so far.

    I know older files can be exploited but not easily and it is better than nothing. All of my initial experiments were with the latest GG files even though i didn't think it would work without the latest linux GG lib :(

  15. #15
    Go go go! Cath22 is offline
    True MemberRank
    Aug 2008 Join Date
    Cabal-ArenaLocation
    714Posts

    Re: GameGuard - what i know so far (not working yet!)

    you can do it mr.magoo. , Keep up the good work.




Page 1 of 4 1234 LastLast

Advertisement