README: WIP Documenting reversing

2023-06-06 23:28:58 +03:00 · 2023-06-06 23:28:58 +03:00 · 13afe8b0d7
commit 13afe8b0d7
parent 4691d93c02
1 changed files with 140 additions and 9 deletions
--- a/README.md
+++ b/README.md
@ -1,30 +1,111 @@
+# Deploy
 TODO:
-
 - Custom maps
- increase people amount
-    - play with config
-    - inspect the mutator
-
 - Proper shutdown with game status control
 - Solve logging with custom /dev/null: `mknod /path/to/black/hole c 1 3`
 - Apply webadmin patch
 - Establish updates using <https://superuser.com/questions/1727148/check-if-steam-game-requires-an-update-via-command-line>
+- Change as nothing as possible


-# Reverse engineering 
-## Signals listening
+# Reverse engineering & Tricks
+
+TODO: 
+- Investigate `LogInternal` slow (buffering?)
+- Proper shutdown with game status control
+- increase people amount
+    - play with config
+    - inspect the mutator
+- fix discord presence (at least for local client)
+- Investigate balance_tweaks.bin
+
+## Console commands execution
+From `Core/Classes/Actor.uc`:
+```
+// Execute a console command in the context of the current level and game engine.
+native function string ConsoleCommand(string Command, optional bool bWriteToLog = true);
+```
+
+So it appears that console commands execution logic located in c++ code.
+
+## Logging
+From `Core/Classes/Object.uc`:
+```
+//
+// Logging.
+//
+/**
+ * Writes a message to the log.  This function should never be called directly - use the `log macro instead, which has the following signature:
+ *
+ * log( coerce string Msg, optional bool bCondition=true, optional name LogTag='ScriptLog' );
+ *
+ * @param   Msg             the string to print to the log
+ * @param   bCondition      if specified, the message is only printed to the log if this condition is satisfied.
+ * @param   LogTag          if specified, the message will be prepended with this tag in the log file
+ *
+ */
+native(231) final static `{prevent_direct_calls} function LogInternal( coerce string S, optional name Tag );
+
+/**
+ * Same as calling LogInternal(SomeMsg, 'Warning');  This function should never be called directly - use the `warn macro instead, which has the following signature:
+ *
+ * warn( coerce string Msg, optional bool bCondition=true );
+ */
+native(232) final static `{prevent_direct_calls} function WarnInternal( coerce string S );
+```
+
+This function being called on every log record, located in KFGameServ binary file: `0x0000000000e43210  UObject::execLogInternal(FFrame&, void*)`
+
+## Shutdown
+Shutdown with exit code 0 can be achieved using `quit` console command in webadmin.
+```
+curl 'http://192.168.1.25:8081/ServerAdmin/console' -X POST -H 'Content-Type: application/x-www-form-urlencoded' -H 'Cookie: authcred="YWRtaW4KQWRtaW5UaGVCZXN0"' 'command=quit'
+```
+
+Also investigate first line of logs: `Shutdown handler: initalize.`
+
+WebAdmin console command stack:
+
+- QHCurrent.handleQuery
+- QHCurrent.handleConsole
+- QHCurrent.adminCmdHandler.execute
+
+### Signals listening
 ```
 SigIgn: TRAP(5) ALRM(14)
 SigCgt: ILL(4) ABRT(6) BUS(7) FPE(8) SEGV(11) (33)
 ```
+None of them invokes successful shutdown
+
+## GUID manipulations
+Get GUID of a package in python:
+```python
+# It's placed from 69 (dec) byte and takes 16 (dec) bytes in size 
+import uuid
+with open("WebAdmin.u", "br") as file:
+    file.seek(69)
+    r = file.read(16)
+
+print(uuid.UUID(bytes_le=r))
+```
+
+Write GUID:
+```python
+import uuid
+u = uuid.UUID('753cbe46-8ff8-4383-a8a8-1a6338d55838')
+with open("WebAdmin.u", "r+b") as file:
+    file.seek(69)
+    file.write(u.bytes_le)
+```

-# Hacks
 ## Parse maps cycle in python
 ```python
 maps.split('=')[2].split(')')[0].replace('(', '[') + ']'
 ```

-## Language 
+It's enough to set GUID of an original package to make game consider it as the same package.
+
+## Language fix to try
 ```1. Кракозябры в админке:
 Почему: сервер читает значение переменной LANG и пытается в мультиязычность (но не может).
 Лечение: Перед запуском сервера установить LANG в английский, например так:
@ -32,6 +113,40 @@ export LANG=en_US.utf8
 ```
 src: https://steamcommunity.com/sharedfiles/filedetails/?id=1298957956

+**This method tested to not work**
+
+## Language & encoding RE
+Players to webadmin: 
+ISO-8859-1 -> UTF-8
+
+Player to webadmin module still gives:
+```
+// `log("Message "$entry.message,,'WebAdmin');
+[0092.35] WebAdmin: Message 83@>:1
+```
+
+`IPDrv.WebResponse.CharSet` appears to not work
+
+Sending message from web-admin call stack:
+
+- WebAdmin.u: QHCurrentKF.IQueryHandler
+- WebAdmin.u: QHCurrentKF.handleQuery
+- WebAdmin.u: QHCurrent.handleCurrentChatData
+- WebAdmin.u: QHCurrent.BroadcastMessage
+- Engine.u: webadmin.WorldInfo.Game.BroadcastHandler.BroadcastText
+- Engine.u: Receiver.TeamMessage
+- ????
+
+TODO: investigate `MessageEntry` class
+
+## Modules patching
+How to log with substition:
+```
+`log("Message "$entry.message,,'WebAdmin');
+// Maps to
+LogInternal("Message " $ Entry.Message, 'WebAdmin');
+```
+
 # Patch to webadmin
 This patch should be applied to `KFGame/Web/ServerAdmin`

@ -101,3 +216,19 @@ index 217a460..e3d29ff 100755
 </head>
 <body class="<%page.css.class%>">
 ```
+
+# References
+## Web
+
+- https://docs.unrealengine.com/udk/Three/CommandletList.html
+- https://docs.unrealengine.com/udk/Three/PackagesAndNetworking.html
+- https://docs.unrealengine.com/udk/Three/CharacterEncoding.html
+- https://docs.unrealengine.com/udk/Three/UnrealScriptFunctions.html
+- https://tripwireinteractive.atlassian.net/wiki/spaces/KF2SW/pages/26247172/KF2+Code+Modding+How-to
+- https://steamcommunity.com/sharedfiles/filedetails/?id=1298957956
+- https://docs.unrealengine.com/udk/Three/ConsoleCommands.html
+- https://docs.unrealengine.com/udk/Three/ConfigurationFiles.html
+
+## Not web
+
+- `killingfloor2\Development\Src` - Source code of some packages