Page 1 of 3 123 LastLast
Results 1 to 15 of 40

Thread: November 7th patch

  1. #1
    Registered User
    Join Date
    Jan 2006
    Posts
    357

    November 7th patch

    Well, todays patch royally broke the offset finder. Looking at the patch message, I think the changes that made things so fun on Test just went live. Scan results:

    eqgame.exe Modified=11/1/2012
    ZoneAddr Found - Offset does not match ini File.
    SpawnHeaderAddr Offset Not Identified.
    CharInfo Offset Not Identified.
    ItemsAddr Found - Offset does not match ini File.
    TargetAddr Offset Not Identified.
    WorldAddr Offset Not Identified.

    [Memory Offsets]
    ZoneAddr=0xd51cd4
    SpawnHeaderAddr=0x0
    CharInfo=0x0
    ItemsAddr=0xd412c8
    TargetAddr=0x0
    WorldAddr=0x0
    Last edited by Hidron; 11-07-2012 at 10:47 AM.

  2. #2
    Registered User
    Join Date
    Apr 2007
    Posts
    49

    Re: November 7th patch

    Aye. I got the same thing.

    This patch broke even more. One of my computers, which is several years old, won't even run everquest after this patch. Everything worked fine last night. My guess is that it has to do with video card drivers (I run an older Nvidia card with not the latest drivers, so I can still play my Thief (Garrett) games that I love). I will try on another computer with another Nvidia card but with newer drivers and see how it goes.

    Maybe MyShowEQ is broken, maybe it ain't. I saw the notices on the "everquest.exe has changed" and was reminded on how every time Sony has done this in the past my game experience goes downhill.

    I'm patching on the other computer so we'll see how that goes


    O

  3. #3
    Registered User
    Join Date
    Feb 2002
    Posts
    50

    Re: November 7th patch

    These don't get MySEQ working, but here are the new primary offsets:

    Code:
    [Memory Offsets]
    ZoneAddr=0xd51cd4
    SpawnHeaderAddr=0xdd6108
    CharInfo=0xd44760
    TargetAddr=0xd44778
    ItemsAddr=0xd412c8
    WorldAddr=0xd44730

  4. #4
    Registered User
    Join Date
    Apr 2007
    Posts
    49

    Re: November 7th patch

    Well the other computer patched and runs everquest just fine. I suppose I will have to update the video drivers on this machine.

    However, I'm worried that maybe Sony finally one-upped us and changed the EQ.exe process so that showeq will no longer work. There has been talk of late that on Test the offsets change each time. Maybe we've been outflanked....

    Hopefully the programmers here will be able to figure out what is the issue with the offset finder.

    You know, it's always said that when they build a better mouse trap, you just need to send in a better mouse...

    O

  5. #5
    Developer
    Join Date
    Nov 2007
    Posts
    539

    Re: November 7th patch

    I wont have time to look at anything until probably friday. I started looking at fixing offset finder using test as a basis. But I discovered that I need some new code to dump patterns from the exe to make the process easier. It was very time consuming. Beta is a mess too as I understand. I will try to be prepared for the expansion when it comes out.

    Razzle

  6. #6
    Developer
    Join Date
    Nov 2007
    Posts
    539

    Re: November 7th patch

    Try updating your directx too. That may help if u arent using the latest of dx9.

  7. #7
    Registered User
    Join Date
    Apr 2007
    Posts
    49

    Re: November 7th patch

    Thanks Razzle. In the grand scheme of things I can wait for an update. In a certain way it's not all that bad to play everquest flying blind for awhile.

    I doubt it is directX issue. I'm running Nvidia 56.72 drivers, and I've drunk french wines that are younger that those drivers. I knew I'd eventually have to update but I just didn't want to until it was necessary.

    I look forward to hearing what you come up with.

    O

  8. #8
    Developer
    Join Date
    Nov 2007
    Posts
    539

    Re: November 7th patch

    Historically I never updated video drivers unless EQ quit working. I remember updating a few times causing EQ to break. I also remember that version of driver. I stayed with that version til that computer died. Work great with my agp 6800 ultra space heater. Oh the good ole days when i could piss away $500 on a video card and not sweat it.

  9. #9
    Registered User
    Join Date
    Apr 2007
    Posts
    49

    Re: November 7th patch

    Aye, two peas in a pod you and I. However, now it has stopped working. I found a copy of the 81.85 version which works on the other computer, so I can perhaps use that. I will have to check into how that affects Thief by going to through the looking glass at ttlg.com and see if it is still compatible. Life goes on, but I wish Sony could have given us a heads up on this.

    O

  10. #10
    Registered User
    Join Date
    Jan 2006
    Posts
    357

    Re: November 7th patch

    I am just as guilty with updates. I only used to update DirectX & drivers during the downtime for EQ expansion launches, or the night before if I had to work that day. Now, I don't normally touch either unless I am actually experiencing a problem.

  11. #11
    Registered User
    Join Date
    Feb 2002
    Posts
    50

    Re: November 7th patch

    They use ASLR now for eqgame.exe so now we have to take the offsets from IDA or whatever and subtract 0x400000 from them. Then, we have to obtain the modulebase for the currently running eqgame.exe and add that to the adjusted offsets. I'm working on code for that and will post once I have it complete.

  12. #12
    Developer
    Join Date
    Nov 2007
    Posts
    539

    Re: November 7th patch

    Oh wonderful.

    Thanks for any code you can put together. I guess I get to learn something new now.

    Razzle

  13. #13
    Registered User
    Join Date
    Feb 2002
    Posts
    50

    Re: November 7th patch

    Ok, this little commandline tool gets the base address for all running eqgame.exe processes. You should be able to easily pull in the bits that would be needed for MySEQ to obtain the info as well. It's really just a minor update to the normal method of getting the process handle.

    Code:
    // get_process_info.cpp : finds the base address of running eqgame.exe processes
    //
    
    #include "stdafx.h"
    #include <windows.h>
    #include <stdio.h>
    #include <psapi.h>
    
    bool AdjustPrivileges();
    
    int _tmain(int argc, _TCHAR* argv[])
    {
    	AdjustPrivileges();
    	DWORD dwBase = -1;
    
    	DWORD aProcesses[1024], cbNeeded, cProcesses;
    	WCHAR processName[MAX_PATH] = L"<Unknown";
    
    	if (!EnumProcesses( aProcesses, sizeof(aProcesses), &cbNeeded ))
    		return 0;
    
    	cProcesses = cbNeeded / sizeof(DWORD);
    
    	for (unsigned int i= 0; i < cProcesses; i++) {
    		HANDLE hProcess = OpenProcess(PROCESS_QUERY_INFORMATION |
    			PROCESS_VM_READ,
    			FALSE,
    			aProcesses[i] );
    		if (NULL != hProcess ) {
    			HMODULE hMod;
    			DWORD cbNeeded;
    			if (EnumProcessModules( hProcess, &hMod, sizeof(hMod), &cbNeeded)) {
    				GetModuleBaseName( hProcess, hMod, processName, sizeof(processName)/sizeof(WCHAR));
    				if (lstrcmp(processName, L"eqgame.exe") == 0) {
    					wprintf(L"Process: %s (PID: %u) dwBase = 0x%X\n", processName, aProcesses[i], (DWORD)hMod);
    				}
    			}
    		}
    	}
    	return 0;
    }
    
    bool AdjustPrivileges() {
      HANDLE hToken;
      TOKEN_PRIVILEGES tp;
      TOKEN_PRIVILEGES oldtp;
      DWORD dwSize = sizeof(TOKEN_PRIVILEGES);
      LUID luid;
    
      if (!OpenProcessToken(GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, &hToken))
      {
        if (GetLastError() == ERROR_CALL_NOT_IMPLEMENTED)
          return true;
        printf("OpenProcessToken() failed.");
        return false;
      }
    
      if (!LookupPrivilegeValue(NULL, SE_DEBUG_NAME, &luid))
      {
        printf("LookupPrivilege() failed.");
        CloseHandle(hToken);
        return false;
      }
    
      ZeroMemory(&tp, sizeof(tp));
      tp.PrivilegeCount = 1;
      tp.Privileges[0].Luid = luid;
      tp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
    
      /* Adjust Token Privileges */
      if (!AdjustTokenPrivileges (hToken, FALSE, &tp, sizeof(TOKEN_PRIVILEGES), &oldtp, &dwSize))
      {
        printf("AdjustTokenPrivileges() failed.");
        CloseHandle(hToken);
        return false;
      }
    
      return true;
    }
    So once you find the base address, to calculate your offsets you simply do:

    newOffset = eqgame.exe + (IDAOffset - 0x400000)

    For example, pTarget:

    currentpTarget = eqgame.exe + 0x944778 # (0xD44778-0x400000)

    So if you want to make it easy, you can keep the config files using the IDA offsets like they do now, and just find the eqgame.exe base and do the math (including subtracting 0x400000) in the MySEQ code.

  14. #14
    Registered User
    Join Date
    Nov 2012
    Posts
    2

    Re: November 7th patch

    I am really not sure what to do with this code. It looks like C++ code but I am not a programmer. Can anyone help with getting the correct offsets?

    I was good with using the old style of getting the offsets with the server running in debug mode (or something like that) but now that has changed and I don't think i can get the offsets that way any longer.

    Maybe I should wait until someone updates the server software?

    Thanks,

    Junky

    Quote Originally Posted by iluvseq View Post
    Ok, this little commandline tool gets the base address for all running eqgame.exe processes. You should be able to easily pull in the bits that would be needed for MySEQ to obtain the info as well. It's really just a minor update to the normal method of getting the process handle.

    Code:
    // get_process_info.cpp : finds the base address of running eqgame.exe processes
    //
    
    #include "stdafx.h"
    #include <windows.h>
    #include <stdio.h>
    #include <psapi.h>
    
    bool AdjustPrivileges();
    
    int _tmain(int argc, _TCHAR* argv[])
    {
        AdjustPrivileges();
        DWORD dwBase = -1;
    
        DWORD aProcesses[1024], cbNeeded, cProcesses;
        WCHAR processName[MAX_PATH] = L"<Unknown";
    
        if (!EnumProcesses( aProcesses, sizeof(aProcesses), &cbNeeded ))
            return 0;
    
        cProcesses = cbNeeded / sizeof(DWORD);
    
        for (unsigned int i= 0; i < cProcesses; i++) {
            HANDLE hProcess = OpenProcess(PROCESS_QUERY_INFORMATION |
                PROCESS_VM_READ,
                FALSE,
                aProcesses[i] );
            if (NULL != hProcess ) {
                HMODULE hMod;
                DWORD cbNeeded;
                if (EnumProcessModules( hProcess, &hMod, sizeof(hMod), &cbNeeded)) {
                    GetModuleBaseName( hProcess, hMod, processName, sizeof(processName)/sizeof(WCHAR));
                    if (lstrcmp(processName, L"eqgame.exe") == 0) {
                        wprintf(L"Process: %s (PID: %u) dwBase = 0x%X\n", processName, aProcesses[i], (DWORD)hMod);
                    }
                }
            }
        }
        return 0;
    }
    
    bool AdjustPrivileges() {
      HANDLE hToken;
      TOKEN_PRIVILEGES tp;
      TOKEN_PRIVILEGES oldtp;
      DWORD dwSize = sizeof(TOKEN_PRIVILEGES);
      LUID luid;
    
      if (!OpenProcessToken(GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, &hToken))
      {
        if (GetLastError() == ERROR_CALL_NOT_IMPLEMENTED)
          return true;
        printf("OpenProcessToken() failed.");
        return false;
      }
    
      if (!LookupPrivilegeValue(NULL, SE_DEBUG_NAME, &luid))
      {
        printf("LookupPrivilege() failed.");
        CloseHandle(hToken);
        return false;
      }
    
      ZeroMemory(&tp, sizeof(tp));
      tp.PrivilegeCount = 1;
      tp.Privileges[0].Luid = luid;
      tp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
    
      /* Adjust Token Privileges */
      if (!AdjustTokenPrivileges (hToken, FALSE, &tp, sizeof(TOKEN_PRIVILEGES), &oldtp, &dwSize))
      {
        printf("AdjustTokenPrivileges() failed.");
        CloseHandle(hToken);
        return false;
      }
    
      return true;
    }
    So once you find the base address, to calculate your offsets you simply do:

    newOffset = eqgame.exe + (IDAOffset - 0x400000)

    For example, pTarget:

    currentpTarget = eqgame.exe + 0x944778 # (0xD44778-0x400000)

    So if you want to make it easy, you can keep the config files using the IDA offsets like they do now, and just find the eqgame.exe base and do the math (including subtracting 0x400000) in the MySEQ code.

  15. #15
    Registered User
    Join Date
    Feb 2002
    Posts
    50

    Re: November 7th patch

    The code I posted doesn't help get offsets. It was for Razzle to show how he could figure out the process base address, which is now a component in accessing the EQ memory. The old way was 'open process, grab data at offset', the new way is 'find out process base address, open process, grab data at offset - 0x400000 + process base address'

    I already posted all the primary offsets for the new release at the top of the thread. The issue is that they don't work without process base address and so Razzle needs to update the server with this new logic. There may be other changes as well, but this has to be modified first before we can figure the rest out.
    Last edited by iluvseq; 11-07-2012 at 08:07 PM.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

You may post new threads
You may post replies
You may post attachments
You may edit your posts
HTML code is Off
vB code is On
Smilies are On
[IMG] code is On