Announcement

Collapse
No announcement yet.

Resurrecting an online server

Collapse
X
Collapse
 
  • Page of 3
  • Filter
  • Time
  • Show
Clear All
new posts
Previous 1 2 3 template Next
  • Gtlcpimp
    replied
    I'm not sure if it even is portable between SOCOM 2 and SOCOM: Combined Assault.

    Here is the Patch 1.4 Combined Assault addresses:
    Code:
    0084a830 = JAL -> Encrypt Packet
00848d30 = JAL -> Decrypt Packet
    Click image for larger version Name: SCA Encrypt and Decrypt Packets.jpg Views: 1 Size: 766.0 KB ID: 162919

    Leave a comment:

  • TheDominator
    replied
    As anyone manage to port the disable packet encryption to Combined Assault? I try doing a simple port, but was not able to.

    Leave a comment:

  • 1UP
    replied
    Originally posted by Harry62 View Post
    SOCOM 1 Code:
    Code:
    /*

Online State Connected
005D744C 

States
00010001 -- Connected
-00010003 -- Account registration
-00010004 -- User Registration
-00010005 -- Screen Name Registration
-00010006 -- Registration Failure (not required, just one I ran into)
00010007 -- Account Login
00010008 -- User Login
00010009 -- Screen Name Login
-0001000A -- prompts Login registration
0001000B -- Logged In
0001000C -- Session Begin

*/

address $2030FC34
j $000a0000

address $200a0000
// timer
lui t7, $000a
lw t8, $0200(t7)
addiu t9, zero, $10 //max time
bne t9, t8, :__end
nop

// reset timer
sw zero, $0200(t7)

// get online state
lui t0, $005D
lh t2, $744C(t0)

//check if connected
bne t2, zero :___connected
nop

//connect
addiu t3, zero, $1
beq zero, zero :__end
nop

// is connected
___connected:
addiu t1, zero, $1
bne t2, t1, :__account_login
nop

// account login
addiu t3, t2, $6
beq zero, zero :__end
nop

__account_login:
addiu t1, zero, $7
bne t2, t1, :__user_login
nop

// user login
addiu t3, t2, $1
beq zero, zero :__end
nop

__user_login:
addiu t1, zero, $8
bne t2, t1, :__screen_name_login
nop

// screen name login
addiu t3, t2, $1
beq zero, zero :__end
nop

__screen_name_login:
addiu t1, zero, $9
bne t2, t1, :__logged_in
nop

// logged in
addiu t3, t2, $2
beq zero, zero :__end
nop

__logged_in:

// session start
addiu t3, t2, $1
beq zero, zero :__end
nop

__end:
// store online state
sh t3, $744C(t0)

// increment timer
lw t8, $0200(t7)
addiu t8, t8, $1
sw t8, $0200(t7)
jr ra
    You are the real MVP. Thanks a bunch. Sucks that I lost my text file with notes in it :/

    Leave a comment:

  • Harry62
    replied
    Originally posted by 1UP View Post
    I messaged you on steam but you haven't been on in a day or so. Do you happen to still have that S1 code I sent you that allowed you to step through the connection states?
    SOCOM 1 Code:
    Code:
    /*

Online State Connected
005D744C 

States
00010001 -- Connected
-00010003 -- Account registration
-00010004 -- User Registration
-00010005 -- Screen Name Registration
-00010006 -- Registration Failure (not required, just one I ran into)
00010007 -- Account Login
00010008 -- User Login
00010009 -- Screen Name Login
-0001000A -- prompts Login registration
0001000B -- Logged In
0001000C -- Session Begin

*/

address $2030FC34
j $000a0000

address $200a0000
// timer
lui t7, $000a
lw t8, $0200(t7)
addiu t9, zero, $10 //max time
bne t9, t8, :__end
nop

// reset timer
sw zero, $0200(t7)

// get online state
lui t0, $005D
lh t2, $744C(t0)

//check if connected
bne t2, zero :___connected
nop

//connect
addiu t3, zero, $1
beq zero, zero :__end
nop

// is connected
___connected:
addiu t1, zero, $1
bne t2, t1, :__account_login
nop

// account login
addiu t3, t2, $6
beq zero, zero :__end
nop

__account_login:
addiu t1, zero, $7
bne t2, t1, :__user_login
nop

// user login
addiu t3, t2, $1
beq zero, zero :__end
nop

__user_login:
addiu t1, zero, $8
bne t2, t1, :__screen_name_login
nop

// screen name login
addiu t3, t2, $1
beq zero, zero :__end
nop

__screen_name_login:
addiu t1, zero, $9
bne t2, t1, :__logged_in
nop

// logged in
addiu t3, t2, $2
beq zero, zero :__end
nop

__logged_in:

// session start
addiu t3, t2, $1
beq zero, zero :__end
nop

__end:
// store online state
sh t3, $744C(t0)

// increment timer
lw t8, $0200(t7)
addiu t8, t8, $1
sw t8, $0200(t7)
jr ra
    Last edited by Harry62; 10-28-2016, 11:06:47 AM.

    Leave a comment:

  • 1UP
    replied
    Originally posted by Cronotrigga View Post
    Game
    SOCOM II : US NAVY SEALS
    Could you post or send me the online dumps?


    Originally posted by Harry62 View Post
    Continuing from the OP:

    We are currently using any method required in order to create the server(ie: hacks). The first version of the server will undoubtedly require a modded disc or codes via a cheat device(I believe the saveMGO team did something similar). The ultimate goal, as stated in the OP, is to create the server without the need of hacks.
    I messaged you on steam but you haven't been on in a day or so. Do you happen to still have that S1 code I sent you that allowed you to step through the connection states?
    Last edited by 1UP; 10-28-2016, 10:34:25 AM.

    Leave a comment:

  • Harry62
    replied
    Continuing from the OP:

    We are currently using any method required in order to create the server(ie: hacks). The first version of the server will undoubtedly require a modded disc or codes via a cheat device(I believe the saveMGO team did something similar). The ultimate goal, as stated in the OP, is to create the server without the need of hacks.

    Leave a comment:

  • Cronotrigga
    started a topic Resurrecting an online server

    Resurrecting an online server

    Game
    SOCOM II : US NAVY SEALS

    Contributors
    Fatality team
    - Cronotrigga
    - Harry
    - XAN

    Goals
    Create an online server that has most if not all functionality of the original

    Why?
    After spending many nights looking for information on this topic, it has come to my realization that information on resurrecting an online server is almost inexistent. This post will be an on going discussion explaining the problems associated and the process in which to solve these issues. I would also like to have an open discussion with any developers that have possibly had some experience working with ps2 networking and or any other experience that could help on this topic. Anyone that is interested in helping with this project is more then welcome. The server will be developed with C#, it will be fully open source and hopefully the fatality team can inspire others to do the same with other games.

    I have several memory dumps from when the game was online on patch r0004 and several dumps with crazy amounts of labels available for anyone that is interested. The following codes in this post are from no patch r0001.

    Status
    So far this project has been worked on by me and Harry, we have managed to find several useful codes in order to aid in debugging server code. Many hacks have been used to bypass the dnas screen, populate the universe screen and even get to the online menu without a server connection. We have also successfully disabled the packet encryption so all packets sent can be viewed in raw form using wireshark. This was originally done on SOCOM CA by GTLCPimp, which can be found in his vgate release. We have been able to force the ip addresses that SOCOM II originally used to point to our local network. From here I was able to construct a small C# program that would connect using a tcp socket on port 10071. I have so far been capable of receiving the initial connection packet and have been able to send data back to the ps2. This server will run the universe server that finds lobby servers and displays them in the gui. I have yet to construct a proper packet that will allow for the game to fully connect. After doing some research it seems that when the servers are populated in the universe screen that a person may select one to connect to, this then decides to open a separate socket. At this point using hacks to bypass the previous issue, the game's session state becomes invalid and will not allow for the connection to be sent. This could be forced however i believe it is important to take it step by step. Figuring out the first socket connection will be very useful later on.



    Discussion
    Anyone interested in helping or offering advice is more then willing to post and give possible new insight.

    Codes

    Code:
    Kill dnas lookup
202cc670 03e00008
202cc674 00000000
    Code:
    Update universe ips
address $203F6920
print "192.168.1.7"
nop

address $203F6940
print "192.168.1.7"
nop

address $2044FCA8
print "192.168.1.7"
nop
    Code:
    Disable packet encryption
Authors TMBO team(ported from socom 1)
2062a79c 00000000
2062a838 00000000
    Code:
    /*
Author Harry
Populate universe screen with a fatality server
*/

address $202FB1AC
j $000A1000

// universe create
address $200A1000
addiu sp, sp, $ff80
sw ra, $0000(sp)

setreg a0, $ffffffff
addiu a1, zero, $1
addiu a2, zero, $1
setreg a3, $000B0000
jal $002FDAF0
nop

lw ra, $0000(sp)
jr ra
addiu sp, sp, $80

// server name
address $200B001C
print "Fatality Server"

// server URL
address $200B009C
print "192.168.1.101"

// server port
address $200B011C
hexcode $275B

// server description
address $200B0120
print "The official Fatality server!"

// status
address $200B0220
hexcode $1
// users
address $200B0224
hexcode $2
// max users
address $200B0228
hexcode $270F
// universe is active
address $200B022C
hexcode $1

// -------------------????????????????
address $200B023C
hexcode $00001001

address $200B0240
hexcode $00462228

address $200B0248
hexcode $1

address $200B024C
hexcode $80800051

address $200B02B4 // needed for server to display
hexcode $1

address $202cc670
jr ra
nop
    Code:
    /*
Change lan gui to online gui
Author Harry
*/

address $2027EA64
jal $000A6000

address $200A6000
addiu sp, sp, $ff80
sw ra, $0000(sp)
sw a0, $0004(sp)
sw a1, $0008(sp)
sw a2, $000C(sp)
sw v0, $0010(sp)

// check if correct menu
daddu a0, a2, zero
setreg a1, $000A6F00
jal $00198f18 //strcmp
nop
bne v0, zero :__skip
nop

// change menu state
setreg a2, $000A7000
beq zero, zero, :__online
nop

__skip:
lw a2, $000C(sp)
__online:
lw ra, $0000(sp)
lw a0, $0004(sp)
lw a1, $0008(sp)
lw v0, $0010(sp)
j $001988D0 //sprintf
addiu sp, sp, $80

address $200A6F00
print "dlgLANBriefingRoom.rdr"

address $200A7000
print "dlgWorldOfSOCOM.rdr"
    Notes
    Code:
    Pointer to decrypted packet: 00656034
Packet to be sent(before encryption): 0066BEF8
    Code:
    CREATE UNIVERSE FUNCTION: 002FDAF0
a0 = FFFFFFFF
a1 = 1
a2 = 1
a3 = high memory pointer with the following offsets:
1C: Universe display name string
9C: Universe URL string
11C: Universe port
120: Universe description string
--- Several unknown values below.
220: status dot (1 = green, 0 = red) 
224: user count (FFFFFFFF = -1)
228: max user count
22C: is universe active? (0 disconnects instantly, 1 constantly connects)
23C: 00001001
240: 00462228 (points to random place in another function)
248: 1
24C: 80800051
2B4: Server enabled BOOL? (set to FFFFFFFF in beta)
    Code:
    UDP packet receive function call
0063cac4
    Code:
    TCP Packet fnc list
00665510
    Code:
    Session master each byte displays a different state of the game
0045a0c0
    The game is using this library for packet cryption ""rt_crypt version: 1.01.0023""

    Code:
    KM_SHA1 Fnc
0062eec0
    Code:
    Account ID
Author Cronotrogga
0066a4f0

Account username
0066a4f4
    Code:
    Game lobby/ Server lobby ID
0066a5f0
    Code:
    Some text key that was associated with your account. Changing all matches of this would stop a disc ban
0066a4d0
    Code:
    Server lobby name "US EAST" pointer
0044f430

Game name pointer
0044f434
    Code:
    Player rank
0066a754
    Code:
    Clan id
0040a460

Clan leader account id or clan account id
00452984

Clan leader account id or clan account id
0045295c
    Code:
    Sets the session value on a valid connection to the main socket
002fe168
    Attached Files
    Last edited by Cronotrigga; 10-28-2016, 01:51:07 PM.
    Tags: None
Previous 1 2 3 template Next
Working...
X