Welcome!

Join our community of MMO enthusiasts and game developers! By registering, you'll gain access to discussions on the latest developments in MMO server files and collaborate with like-minded individuals. Join us today and unlock the potential of MMO server development!

Join Today!

SOURCE CODE d3d8thk.dll

Master Summoner
Joined
Sep 5, 2013
Messages
582
Reaction score
54
packetsamurai because when I use the server to function as an off hamachi interface
Use at least
therefore puzzled that it is most likely you will be able to work temporary private server
if it is not enclosed in an apartment with 2 PC
One player but City and more
 
Initiate Mage
Joined
Sep 23, 2013
Messages
40
Reaction score
15
Stuff I've found for the unpacked versions of d3d8thk.dll:

The byte at offset 0x00003C3E indicates the length of the main difference string. It's either 0x0D (13) or 0x0E (14) and any of the ones that have a length of 13 have a 0 as their 14th byte.

Here are all of the difference strings for each of the dlls:

Code:
Aion Sea,       IP(103.246.18.234), d3d8thk(02 09 4E 4C 05 0A 0B 33 1B 4C 0C 0B 0A 00)
Conquest Aion,  IP(176.31.235.31),  d3d8thk(0F 39 3F 07 4C 10 3F 0E 0A 0D 4C 0D 08 05)
Eternal Aion,   IP(88.190.212.4),   d3d8thk(01 0A 4C 0B 02 17 09 07 1B 33 4C 04 08 00)
Evolution Fr,   IP(5.135.141.17),   d3d8thk(4F 4C 33 3F 0B 02 09 0A 08 0D 33 4C 15 09)
Gamez Aion,     IP(69.167.179.118), d3d8thk(05 3F 33 0B 10 3F 07 0D 0C 4C 39 0D 33 00)
Just Aion,      IP(188.138.11.122), d3d8thk(0A 4C 00 1B 09 0A 3F 07 0D 0C 4C 0C 0B 0A)
Unforgotten,    IP(178.254.20.148), d3d8thk(08 14 4F 4F 4A 4E 4C 4F 38 02 1B 4C 3A 0B)

I noticed that the first 4 bits of each of the entries is always 0,1,3 or 4.
 
Initiate Mage
Joined
May 20, 2013
Messages
58
Reaction score
31
Actually if you try to diff some 120k dlls you will see there is often only 14 bytes changing and you can see in IDA those are used in a part that takes those bytes and a static number which must be the length of that data.
I don't know much what's happening from here but it seems that function is trying to decrypt the data and that data is then passed to getaddrinfo.

I also noticed that the length I was talking about in my previous post was 13 or 14, depends of the dll.
 
Master Summoner
Joined
Sep 5, 2013
Messages
582
Reaction score
54
I have just aion dll
I opened HexEditor
but none of these or similar lines
as you find him? and which can be found by editing it?.
 
Initiate Mage
Joined
May 20, 2013
Messages
58
Reaction score
31
Search for the text "string" three times on any 120k dll and that's just one line below.
 
Master Summoner
Joined
Sep 5, 2013
Messages
582
Reaction score
54
hexeditor - SOURCE CODE  d3d8thk.dll - RaGEZONE Forums

no search line :S
 

Attachments

You must be registered for see attachments list
Initiate Mage
Joined
May 20, 2013
Messages
58
Reaction score
31
What are you trying to find, ip or length?

Put "16" instead of "14" in the box on the top of the window it'll be easier...
 
Initiate Mage
Joined
Sep 20, 2013
Messages
25
Reaction score
3
NotAion is override getaddrinfo to ls.notaion.com and just aion to a.justaion.net
 
Master Summoner
Joined
Sep 5, 2013
Messages
582
Reaction score
54
What are you trying to find, ip or length?

Put "16" instead of "14" in the box on the top of the window it'll be easier...


look me screen link, bite format 14 box on the top

and me searching just aion dll 120kb file hexeditor code


Just Aion, IP(188.138.11.122), d3d8thk(0A 4C 00 1B 09 0A 3F 07 0D 0C 4C 0C 0B 0A)

no search the line 14 bit

offset rows that nothing can go wrong
 
Master Summoner
Joined
Sep 5, 2013
Messages
582
Reaction score
54
so if you can find it, you can also edit?
because you can simply replace that line its own IP
probability and if it works we'd have a solution
I looked at this line: 0x00016C84
before us then is there such a hex ip coded as a reference
if you can edit it and know where it is, we can all work together to figure out this solution
 
Initiate Mage
Joined
Sep 23, 2013
Messages
40
Reaction score
15
I got it. The 13 or 14 byte string in the dll corresponds to the URL for the server. You can see below how the characters in each URL matches between themselves (i.e. 'a' = 3F, '.' = 4C, etc)

Code:
Aion Sea: ls0.gtemu.net
02 09 4E 4C 05 0A 0B 33 1B 4C 0C 0B 0A 00
l  s  0  .  g  t  e  m  u  .  n  e  t

Conquest Aion: qcai.zapto.org
0F 39 3F 07 4C 10 3F 0E 0A 0D 4C 0D 08 05
q  c  a  i  .  z  a  p  t  o  .  o  r  g

Eternal Aion: kt.elysium.fr
01 0A 4C 0B 02 17 09 07 1B 33 4C 04 08 00
k  t  .  e  l  y  s  i  u  m  .  f  r

Gamez Aion: gamezaion.com
05 3F 33 0B 10 3F 07 0D 0C 4C 39 0D 33 00
g  a  m  e  z  a  i  o  n  .  c  o  m

Just Aion: t.justaion.net
0A 4C 00 1B 09 0A 3F 07 0D 0C 4C 0C 0B 0A
t  .  j  u  s  t  a  i  o  n  .  n  e  t

Unforgotten: rv1140.1blu.de
08 14 4F 4F 4A 4E 4C 4F 38 02 1B 4C 3A 0B
r  v  1  1  4  0  .  1  b  l  u  .  d  e

Knowing this, I took the gamezaion version, put it in bin32 and then edited my hosts file to map 127.0.0.1 to gameszion.com. That works fine. However, if I used my local machine IP (192.168.1.x) it failed.
 
Initiate Mage
Joined
May 20, 2013
Messages
58
Reaction score
31
I got it. The 13 or 14 byte string in the dll corresponds to the URL for the server. You can see below how the characters in each URL matches between themselves (i.e. 'a' = 3F, '.' = 4C, etc)

Knowing this, I took the gamezaion version, put it in bin32 and then edited my hosts file to map 127.0.0.1 to gameszion.com. That works fine. However, if I used my local machine IP (192.168.1.x) it failed.

I did think of using the windows hosts file but after I digged through servers I though they all used ips even in the dll, which seemed weird considering most of them are dynamic. Great find!

Now we will have to reverse the whole character <-> value table or peoples will fight each other to get domains.

The "4C" also bothered me but since I was looking for an ip I thought it wasn't possible there wasn't enough occurence of the character "." but now makes sense.
 
Last edited:
Initiate Mage
Joined
Sep 23, 2013
Messages
40
Reaction score
15
Okay, I can't seem to get it to work using my local network ip as the mapping in the hosts file. I can get in to the server selection and then it quits saying "cannot connect to the server". I must have missed a setting somewhere, as I changed all of the network.properties files and the -ip setting on the client command line (aion_start_local.bat).
 
Initiate Mage
Joined
Sep 23, 2013
Messages
40
Reaction score
15
Found it. Forgot the ipconfig.xml one.

So, what we could do, is just edit a version of our own (I plugged in aionserver.com) and then mapped my local 192.168.1.x to that in the hosts file. That seems easy enough and we wouldn't need to create a tool to hack the dll for everyone.

lol, you got it just before I posted, pwet99 :) right on the money.
 
Initiate Mage
Joined
May 20, 2013
Messages
58
Reaction score
31
Sure, reminds me the old servers of Lineage II, but it's not really a good solution for public servers.
You would have to edit every user hosts file and that can lead to rights problems or to erase user confs.

But that's a great step forward already.

Edit:
You should release the aionserver.com's dll and make a little tuto for peoples that already want a solution.
 
Initiate Mage
Joined
Sep 23, 2013
Messages
40
Reaction score
15
True, I was only thinking of being able to play it on a local lan. We will need a tool for those trying to setup a private server for external access. I'm guessing the ULR has to be a max of 15 chars (NULL terminated for 16 bytes), as there is more data after that.
 
Initiate Mage
Joined
May 20, 2013
Messages
58
Reaction score
31
Yeah I have never seen the 15th byte used.

Well, now there is a temp solution the main problem is still to reverse the way the data is crypted, then it will allow peoples to use domains <= 15 characters.
The best solution would be to recode the dll from scratch and find a way to fully unrestrict it but I am afraid I have no idea how to unpack game.dll and know how aion's client is interacting with d3d8thk.dll yet.
 
Back
Top