ZenHAX

Free Game Research Forum | Official QuickBMS support | twitter @zenhax | SSL HTTPS://zenhax.com
It is currently Mon Oct 14, 2019 1:16 pm

All times are UTC




Post new topic  Reply to topic  [ 9 posts ] 
Author Message
 Post subject: Refractor 2 BitStream
PostPosted: Fri Jun 07, 2019 8:57 am 

Joined: Fri Jun 07, 2019 8:50 am
Posts: 7
I decided to opensource the project I have worked on for a few weeks, hoping someone will come along and help me fix it's current issues. I decided to post about it here since I got the idea from BF2Loop and found bit functions there too.

As long as you don't send ServerInfo and MapList it's fine but without those the game doesnt load ofcourse :P
I started it because my end goal is to emulate the later games, BF Heroes and BF Play4Free, whose latest server files did not leak. So if they didn't leak, how do we get them? Let us emulate them :P
It has no systems for user authentication or rankings, the main goal is to get the game to load 1 player. Then load more players and keep them in sync and THEN I'd work on authentication and rankings.

You can find the code here: https://github.com/lifecoder-phoenix/Re ... m-Emulator

To continue the issue discussion, after authentication succeeded we must send the ServerInfo block and MapList block. If I send any, everything fine, but it doesnt load. If I send both however the game disconnects with the following error message: "network data corruption". I have noticed it never calls DataBlock::executeClient on those blocks. As if it doesnt recognize the packets. This issue has been my headache for 2 weeks now. Couldn't figure it out, hope it will be figured out soon.


Top
   
PostPosted: Fri Jun 07, 2019 10:33 am 

Joined: Fri Jun 07, 2019 8:50 am
Posts: 7
And I fixed the DataBlock issue, comments will be in the code. Long story short, seems there is also an increasing id in the event transmission. Actually increasing it worked


Top
   
PostPosted: Mon Jun 10, 2019 12:00 pm 

Joined: Fri Jun 07, 2019 8:50 am
Posts: 7
Alright, it seems the game loads the objects when it loads the level. Now the issue is that once the client finished loading the server is supposed to send every object on the map to it. But it also asks template id's and I cant seem to find them out. I wish to note that the template id increases too, like, if 2 objects have ladder_4m as template then for object A it will be template id 49 and for object B it would be template id 50


Top
   
PostPosted: Mon Jun 10, 2019 4:06 pm 
Site Admin
User avatar

Joined: Wed Jul 30, 2014 9:32 pm
Posts: 10790
Not sure if there are users here active on the BF protocol but I'm happy you posted here :D
Keep up the good work!


Top
   
PostPosted: Fri Jun 14, 2019 3:35 pm 

Joined: Fri Jun 07, 2019 8:50 am
Posts: 7
No problem :P

I doubt anyone will be that interested in this, unless I get spawning to work. But you never know.

Current issue: the game expects the kits and objects from the server, these use an object id and a template id. The main question now is, how does the game know the id's? When are they loaded? Are they defined when loaded? Are they defined using the files loaded by the levels server zip?


Top
   
PostPosted: Sun Jun 23, 2019 1:11 am 
Site Admin
User avatar

Joined: Wed Jul 30, 2014 9:32 pm
Posts: 10790
Unfortunately I don't have an answer about that doubt.
Probably server and client must have access to the same files and resources but I don't know how the IDs are assigned.

Just for curiosity do you have an example of such IDs (both objects and templates)?


Top
   
PostPosted: Sun Jun 23, 2019 6:26 pm 

Joined: Fri Jun 07, 2019 8:50 am
Posts: 7
I indeed believe so. What I believe is that it first initializes ServerArchives.con and then loads a few con files. Then the level con and when it loads the level's init.con it triggers ObjectManager::getNewId() which is used for the object ids. I haven't found it for the template id's yet but I think the templates are loaded upfront and when they are used they get their id. In case you did not know, here is a very useful thread: https://www.unknowncheats.me/forum/batt ... infos.html which contains debug symbols for bf2. A massive help with reversing this.

As for an example, this is a log made with conditional breakpoints in x32dbg, I added it as attachment. It returns to Object::Object() so it returns to the initializer of the new object.

Objects are thus probably loaded in order they appear in the level con files. And start by id 1.

No idea about templates yet, there are a few functions that I believe do the templates but I'm totally not sure.

EDIT: All data is loaded using the server files so *server.zip, the client zips only contain stuff for visuals. The server ones contain the good stuff


Attachments:
log.png [91.24 KiB]
Not downloaded yet
Top
   
PostPosted: Mon Jun 24, 2019 12:14 pm 

Joined: Fri Jun 07, 2019 8:50 am
Posts: 7
I think I finally have it figured out, template ids are also chronological. So in their case, it first loads FreeCamera, then creates the template for Sunlight and then chronological through all files in objects_server.zip


Top
   
PostPosted: Fri Aug 02, 2019 11:36 am 

Joined: Fri Jun 07, 2019 8:50 am
Posts: 7
Been a while, life sucks, but I got further. So except for the kits we ofcourse need to give the game spawngroups(not spawnpoints, well spawnpoints have a group) if we send the sendClientDatabaseComplete event before sending kits/spawngroups the client will disconnect saying the stream got corrupted. This is giving me a real headache


Top
   
Display posts from previous:  Sort by  
Post new topic  Reply to topic  [ 9 posts ] 

All times are UTC


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Powered by phpBB® Forum Software © phpBB Limited