About steam VC

Started by ysc3839, Feb 12, 2016, 03:08 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions

ysc3839

Feb 12, 2016, 03:08 PM Last Edit: Feb 12, 2016, 03:34 PM by ysc3839
I bought steam vice city today. When I start the VCMP, the game shows "Application load error 5:0000065434". Then I noticed there is a "testapp.exe" in steam vice city directory. I renamed it to "gta-vc.exe" and start VCMP again, it works!

And I found that VCMPBrowser uses "vcmp-proxy.flt" to load "vcmp-steam.dll". I don't know why use this. Then I use my own launcher to start the game, VCMP says wrong gta version. However, I start the game process and wait 1 second before inject "vcmp-steam.dll", VCMP doesn't say wrong version and works very well. I hope developers should fix this to give players a better experience(steam version can't skip the intro movie, because .flt files load after the movie).

Finally, the browser can't autolocate steam version vice city, please also fix it!

Stormeus

#1
Feb 12, 2016, 07:04 PM
Quote from: ysc3839 on Feb 12, 2016, 03:08 PMAnd I found that VCMPBrowser uses "vcmp-proxy.flt" to load "vcmp-steam.dll". I don't know why use this. Then I use my own launcher to start the game, VCMP says wrong gta version. However, I start the game process and wait 1 second before inject "vcmp-steam.dll", VCMP doesn't say wrong version and works very well. I hope developers should fix this to give players a better experience(steam version can't skip the intro movie, because .flt files load after the movie).

This isn't a bug, this is because Steam games are DRM protected. You injected your DLL into an encrypted EXE and so when VC:MP did its version check routine it only read garbage. The reason it worked when you waited is because the EXE was decrypted by that point, hence why we use the steam-proxy — so that we can be completely sure that the VC:MP can be loaded.

ysc3839

#2
Feb 12, 2016, 07:10 PM Last Edit: Feb 12, 2016, 07:15 PM by ysc3839
Quote from: Stormeus on Feb 12, 2016, 07:04 PM
Quote from: ysc3839 on Feb 12, 2016, 03:08 PMAnd I found that VCMPBrowser uses "vcmp-proxy.flt" to load "vcmp-steam.dll". I don't know why use this. Then I use my own launcher to start the game, VCMP says wrong gta version. However, I start the game process and wait 1 second before inject "vcmp-steam.dll", VCMP doesn't say wrong version and works very well. I hope developers should fix this to give players a better experience(steam version can't skip the intro movie, because .flt files load after the movie).

This isn't a bug, this is because Steam games are DRM protected. You injected your DLL into an encrypted EXE and so when VC:MP did its version check routine it only read garbage. The reason it worked when you waited is because the EXE was decrypted by that point, hence why we use the steam-proxy — so that we can be completely sure that the VC:MP can be loaded.
Why not start a thread and wait it decrypt? I see many GTA 5 mods use this method.

Also, I think it shouldn't be called "DRM protected". It should be called "packed". And I think there is some method to hook the unpack function. I will have a try if I have time.

ysc3839

#3
Feb 16, 2016, 04:40 PM Last Edit: Feb 17, 2016, 04:00 AM by ysc3839
I found the OEP(Original Entry Point) of steam vice city. It's 0x00666BA0. But there is some trouble to hook it. However, this entry point calls 3 APIs to get information for WinMain. They are GetCommandLineA, GetStartupInfoA, GetModuleHandleA. I suggest you hook the GetStartupInfoA and load VCMP in it. Therefore, you can throw "vcmp-proxy" away!

@Stormeus

ysc3839

#4
Feb 22, 2016, 03:58 PM
Quote from: ysc3839 on Feb 16, 2016, 04:40 PMI found the OEP(Original Entry Point) of steam vice city. It's 0x00666BA0. But there is some trouble to hook it. However, this entry point calls 3 APIs to get information for WinMain. They are GetCommandLineA, GetStartupInfoA, GetModuleHandleA. I suggest you hook the GetStartupInfoA and load VCMP in it. Therefore, you can throw "vcmp-proxy" away!
@Stormeus
Sorry for disturb you. But I have waited for some days. Maybe you haven't seen it? ??? Please give me a reply soon. :)

Stormeus

#5
Feb 23, 2016, 03:07 PM
I'll test it when I get a chance.

ysc3839

#6
Feb 27, 2016, 02:14 PM Last Edit: Feb 27, 2016, 02:18 PM by ysc3839
Quote from: Stormeus on Feb 23, 2016, 03:07 PMI'll test it when I get a chance.
New! I found the code jump to OEP! :D The address is 0x00A4129E
 :edit: And this code is unencrypted, so you can hook it directly.
Assembly code around this address:
Code Select
CPU Disasm
Address   Hex dump   Command
00A41298  |.  5D     pop ebp
00A41299  |.  5F     pop edi
00A4129A  |.  5E     pop esi
00A4129B  |.  5A     pop edx
00A4129C  |.  59     pop ecx
00A4129D  |.  5B     pop ebx
00A4129E  |.  FFE0   jmp eax
It's enough for you to make an inline hook! :D

Stormeus

#7
Mar 01, 2016, 06:23 PM
Haven't gotten around to this yet since it'd require a browser update, which is more of a pain to modify since it doesn't self-update. This patch might very well work but it's somewhat irrelevant if the browser still refuses to directly inject the Steam DLL.

ysc3839

#8
Mar 06, 2016, 03:17 AM
Quote from: Stormeus on Mar 01, 2016, 06:23 PMHaven't gotten around to this yet since it'd require a browser update, which is more of a pain to modify since it doesn't self-update. This patch might very well work but it's somewhat irrelevant if the browser still refuses to directly inject the Steam DLL.
I think you should add self-update to the browser.
Print
Go Up Pages1
User actions