Eureka - PSO Gamecube Patching possible soon

Sylverant is a homebrew open source server for Phantasy Star Online. Dreamcast users still play PSO online with this server even today! This is the official forum for both the online game server as well as the open source project itself. Feel free to post and get a gathering started online! We can also show you how to get connected!

Moderators: BlueCrab, Aleron Ives

Post Reply
KuromoriYu
DCEmu Junior
DCEmu Junior
Posts: 37
Joined: Mon Apr 13, 2015 8:45 am

Eureka - PSO Gamecube Patching possible soon

Post by KuromoriYu » Mon Oct 31, 2016 5:08 pm

Hello,

after some ingame discussion with AleronIves about some patches he had for gamecube, I started a new personal project:

figure out how the PSO patching system for Gamecube works.

The only information really was the old Homebrew-loader which surfaced around 2003 (PSOLoader / PSUL).

After long nights of staring at HEX, Assembly-Code and Sylverant source code (and some coding inbetween, also lots of smoking and tea) - I figured out the protocoll...at least enough to be able to upload my own code.

Turns out the update functionality of PSO seems to be indeed: upload executable code, run it, *maybe* interpret the return value (it is put into the "answer packet" PSO sends to the server.

My code is grown to a point where I need some real world tests now (I look at you Ives!).
I have a console application which will apply a patch, then redirect to another ship (e.g. sylverant).
I also have lots of UI-applications, but those are for internal use mainly hehe ;)

@Bluecrabs: this feature should be rather easy to implement in sylverant. some details have to be researched though (e.g. can we reliably tell which version connects, or is the first "patch-code" probably exactly that - determining the EXACT version of the game)

I've attached the Console-Application for you guys to try out.
The Console-Application does NOT server DNS-requests, so you have to setup a 3rd party DNS-server (i use fuzziger soft fsdnsr something).
The Patch-XML Format should be self-explanatory.

Regards

Kuromori Yu
Attachments
PSOPatcher.zip
(51.66 KiB) Downloaded 43 times
Last edited by KuromoriYu on Mon Oct 31, 2016 6:21 pm, edited 1 time in total.
User avatar
BlueCrab
The Crabby Overlord
The Crabby Overlord
Posts: 5273
Joined: Mon May 27, 2002 11:31 am
Location: Sailing the Skies of Arcadia
Contact:

Re: Heureka - PSO Gamecube Patching possible soon

Post by BlueCrab » Mon Oct 31, 2016 5:50 pm

KuromoriYu wrote:@Bluecrabs: this feature should be rather easy to implement in sylverant. some details have to be researched though (e.g. can we reliably tell which version connects, or is the first "patch-code" probably exactly that - determining the EXACT version of the game)
There are a few things you can do for figuring out the version... The game actually does report what version it is running as part of the login packets, for instance.

I've never had a use for that information in Sylverant, so I've never actually added it to the code. Of course, if I have a reason, then I could easily do so. :wink:
KuromoriYu
DCEmu Junior
DCEmu Junior
Posts: 37
Joined: Mon Apr 13, 2015 8:45 am

Re: Heureka - PSO Gamecube Patching possible soon

Post by KuromoriYu » Mon Oct 31, 2016 5:54 pm

The reason would be the kind of patches we had in mind: altering bytes right in the loaded executable.
For that you have to know the exact version to decide which patch to upload.
User avatar
BlueCrab
The Crabby Overlord
The Crabby Overlord
Posts: 5273
Joined: Mon May 27, 2002 11:31 am
Location: Sailing the Skies of Arcadia
Contact:

Re: Heureka - PSO Gamecube Patching possible soon

Post by BlueCrab » Mon Oct 31, 2016 5:59 pm

KuromoriYu wrote:The reason would be the kind of patches we had in mind: altering bytes right in the loaded executable.
For that you have to know the exact version to decide which patch to upload.
I figured that, hence the winking emoticon. :wink:

We'd have to discuss things (probably by way of IRC rather than here on the forum, so we can easily loop everyone involved in) a bit more before we'd be able to make everything work nicely.
User avatar
Aleron Ives
Psychotic DCEmu
Psychotic DCEmu
Posts: 739
Joined: Wed Jan 05, 2011 2:15 pm
Location: California
Contact:

Re: Eureka - PSO Gamecube Patching possible soon

Post by Aleron Ives » Tue Nov 01, 2016 12:54 am

As a quick update, we did some testing this evening, and it works! :o I was able to send patches to PSO and observe that they had an effect in game. It looks like people on genuine GC hardware won't be left out in the cold when it comes to some of these patches, after all. 8-)
"Fear the HUnewearl."
Image
KuromoriYu
DCEmu Junior
DCEmu Junior
Posts: 37
Joined: Mon Apr 13, 2015 8:45 am

Re: Eureka - PSO Gamecube Patching possible soon

Post by KuromoriYu » Tue Nov 01, 2016 4:26 pm

New version:
- better patch xml - easier to write by hand.
- port configurable ("-p XXX")
- verbose output ("-v") - have a look at hex hehe
- multiple file support ("-i file1.xml file2.xml file3.xml")
- if multiple redirects are among those files, the first one is picked
....
Attachments
PsoPatcher.zip
(111.82 KiB) Downloaded 31 times
KuromoriYu
DCEmu Junior
DCEmu Junior
Posts: 37
Joined: Mon Apr 13, 2015 8:45 am

Re: Eureka - PSO Gamecube Patching possible soon

Post by KuromoriYu » Sat Nov 12, 2016 6:15 am

Seems like restore could be realized on PSO-GC as well:
HAXomoriYu.png
I did change my char in the following way:
1) inserted 3 chars in name: "HAX"
2) put 999.999 MST in my chars backpack.

The changes will be saved to VMU no problem.

Next step: send a complete char copy of my main char. (the inram-representation seems to be exactly what the client sends to the server)

P.S:
first try didnt work that well:
full_restore_1.png
the old PC trick choose save 3 times does not work. (maybe you need more patience? like 10 times?! hehe)

P.P.S:

HAXomoriYu is no more...a clone of my main char took its place:

connected to iselia after patch:
full_restore_2_beforesafe.png
it saved alright, and I could connect again.
difference this time: I did only transmit char data upto, and excluding cmode-data.

The address is the same everytime I tried. so it is probably fixed. As a safety net, could send a "compare RAM" program, which would compare the RAM to the expected value (the char data that was just sent) and verify the correct address....

well...the verification only would work, when patching the char data at that point in login process is OK (which i suspect it is. I patched it right after the HL packet the cube sends...need to try out different times in login process....or...even on ship - which would be more convenient for the player, command which would execute immediately (send patch, redirect to lobby.)
User avatar
bogglez
Moderator
Moderator
Posts: 567
Joined: Sun Apr 20, 2014 9:45 am

Re: Eureka - PSO Gamecube Patching possible soon

Post by bogglez » Sat Nov 12, 2016 1:42 pm

Wow, can you really patch the entire RAM and executable? Like you could add client-side cheat detection, add PSOBB items, fix bugs like duping and weapon stacking, upload a homebrew game, etc?
Wiki & tutorials: http://dcemulation.org/?title=Development
Wiki feedback: viewtopic.php?f=29&t=103940
My libgl playground (not for production): https://bitbucket.org/bogglez/libgl15
My lxdream fork (with small fixes): https://bitbucket.org/bogglez/lxdream
KuromoriYu
DCEmu Junior
DCEmu Junior
Posts: 37
Joined: Mon Apr 13, 2015 8:45 am

Re: Eureka - PSO Gamecube Patching possible soon

Post by KuromoriYu » Sat Nov 12, 2016 3:20 pm

bogglez wrote:...upload a homebrew game, etc?
this was the only prior use. I investigated those exploits to find out how it works.
User avatar
bogglez
Moderator
Moderator
Posts: 567
Joined: Sun Apr 20, 2014 9:45 am

Re: Eureka - PSO Gamecube Patching possible soon

Post by bogglez » Sat Nov 12, 2016 3:27 pm

As a former paying customer of sonic team I'm just shaking my head in disbelief that they had the technology to save their online game and they even wrote the code to fix many issues (in pso plus) but just couldn't be assed to use their patching system.. :|
Wiki & tutorials: http://dcemulation.org/?title=Development
Wiki feedback: viewtopic.php?f=29&t=103940
My libgl playground (not for production): https://bitbucket.org/bogglez/libgl15
My lxdream fork (with small fixes): https://bitbucket.org/bogglez/lxdream
User avatar
Aleron Ives
Psychotic DCEmu
Psychotic DCEmu
Posts: 739
Joined: Wed Jan 05, 2011 2:15 pm
Location: California
Contact:

Re: Eureka - PSO Gamecube Patching possible soon

Post by Aleron Ives » Sat Nov 12, 2016 3:43 pm

bogglez wrote:Wow, can you really patch the entire RAM and executable?
That would require a huge patch and too much bandwidth. ;)
bogglez wrote:add PSOBB items
Adding new items is possible, but a) you have to use a modified disc, because you need to modify more than just the executable file, and b) you can't add BB items yet, because there is no way to convert BB models to GC format.

My guess is that Sega never intended to use the patching feature for the release server and only used it to speed up the testing process during development, because instead of having to burn a new test disc for every change, they could just have the server patch the latest changes onto an existing alpha disc. This is supported by the fact that US 1.0 and US 1.01 identify themselves as the same disc to the server at login, so if Sega had ever intended to support patching on the public server, they would have had to increment the version number for US 1.01 so that the server could tell 1.0 and 1.01 apart for patching purposes.

The fact that Sega didn't do this meant that Kuro had to write an extra version detection program for us to be able to implement patching for every disc.
"Fear the HUnewearl."
Image
KuromoriYu
DCEmu Junior
DCEmu Junior
Posts: 37
Joined: Mon Apr 13, 2015 8:45 am

Re: Eureka - PSO Gamecube Patching possible soon

Post by KuromoriYu » Sun Dec 11, 2016 6:11 am

I finally got around to publishing my source code.

The solution needs VS2015 (Express for Desktop) to be built.

https://github.com/johannescolmsee/pso-loader
Post Reply