RunUO - Ultima Online Emulation - View Single Post

Arkryal · 08-13-2008, 11:39 PM

Quote:

Originally Posted by b0b01

Sounds like you live on a different planet than i do. The most populated runuo shards are the pre-AOS shards. ....
btw for a custom client check Main Page - Iris.

I am advocating client modification, not saying it's unreasonable. But the scope of the changes I'm talking about reach beyond casual mul patches and map edits. I'm talking about core client functionality. Iris is a fine project, but it's a fork in development, not a continuation of UO emulation. We're talking apples and oranges.

You say it's easier to find and patch encryption than work on a new client. I agree, that is specifically the problem. As we've seen, encryption changes can occur with a small client patch and it all must be done again. In the long run, I think an open client that strives to emulate the look and functionality of the current 2D client would be beneficial. That type of project would not gain the type of momentum needed because as you say it's easier to "patch".

Client patching is also not terribly difficult. While I can't speak to the exact process with any UO client, I don't imagine it differs much from that of other software checks. Basically Dump the exe before and after patch, compare the results looking for differences. Rinse and repeat a few times to generate a variety of test samples and do some (typically very basic) algebra. Determine the process that takes the hash from before the patch and makes it the hash after the patch. If that works on all your test data, jot down the algorithm and write a program to generate it given any set of hashes. I'm oversimplifying a bit, but that's the general process for 99% of software / DRM schemes / software level encryption out there today. Dust off an old copy of softice and dive in. For a dead piece of software, it still works most of the time and there are a thousand+ tutorials out there.

With newer games, it gets trickier. Many use abstract hashes. While a standard hash is basically a string of ASCII characters (values 0-255), an abstract hash exists as an equation unknown on the client end. Instead you seed one server who returns a resulting equation who's computed result you pass to a second server for verification. Since the formula used changes based on your seed which changes constantly, you would need tens of thousands of pieces of sample data to make a crack that always worked. I don't know if KR uses this or not, as I said I haven't looked. But if they did, every client patch would require thousands of samples before anyone could even look at it. Given UO's affiliation with EA, who is notorious for using abstract hash encryption, I'd just as soon get away from their client all together. If it's not implemented yet, it could be very soon.