EDIT: If you just want the DLL, PM me and I'll give it to you. The source code is also available in the topic.
To use the DLL, download a program to inject the DLL into blockland. This can be done using, for example, http://www.9injector.com/extreme-injector/
(Many antiviruses like Norton will detect the program as a trojan. This is a false positive. Many will detect it as a "HackTool" since it can be used for hacking, and that's all it is.)
After that, start up blockland and open the injector program. Select the Blockland process, select the downloaded DLL and click the Inject button.So Computermix has given the source code of his recent Anti-Crash DLL, which has been the recipient of many complaints about its legitimacy and safety.
This DLL, which is injected into the game using an external program, will prevent malicious users from crashing your server with the widely-distributed crash hack DLL.
This topic is made to prove that there is a safe version of the DLL available to download, along with the source if you want to compile it yourself.The entire source code is really just 90 lines of code in total, and I'll put it all right here:
#include "MologieDetours\detours.h"
typedef void(__cdecl* PrintfFn)(char* szFormat, ...);
static PrintfFn Printf;
typedef void(__cdecl* SetVariableFn)(char* szName, char* szValue);
static SetVariableFn SetVariable;
typedef char*(__cdecl* szGetVariableFn)(char* szName);
static szGetVariableFn szGetVariable;
typedef char*(__cdecl* szEvaluateFn)(char* szString, bool bEcho, char* szFileName);
static szEvaluateFn szEval;
typedef void(__thiscall* ProcessFn)(DWORD dwThis, DWORD dwConnection);
static ProcessFn Process;
MologieDetours::Detour<ProcessFn>* Detour_Process;
void __fastcall Hooked_Process(DWORD dwThis, void* blank, DWORD dwConnection)
{
int iArgc = *(int*)(dwThis + 16);
char** szArgv = (char**)(dwThis + 20);
bool bIsCrashing = false;
if (!(*(unsigned char *)(dwConnection + 288) & 1)) //this just checks if its a client on a server (in contrast to hosting in-game, where packets are back and fourth)
{
for (int i = iArgc - 1; i >= 0; i--)
{
char* szArg = szArgv[i + 1];
if (*szArg == 1) //tag?
{
//check numbers bigger than table size or less than zero
int iHax = atoi(szArg + 1);
if (iHax > (**(int**)(0x7F4254)) || iHax < 0)
{
bIsCrashing = true;
//dont return just yet- let the loop fix the spam from buffer overflow
if (i > 19)
szArgv[i + 1] = 0;
}
}
}
}
if (bIsCrashing && atoi(szGetVariable("$Pref::Server::AntidoteMode")) == 1)
{
char szBuf[128];
sprintf_s(szBuf, "messageAll('', %d.name SPC \"(BLID \" @ %d.bl_id @ \") attempted to crash the server!\");", *(int*)(dwConnection + 192), *(int*)(dwConnection + 192));
szEval(szBuf, false, 0);
sprintf_s(szBuf, "serverCmdBan(0, %d, %d.bl_id, -1, \"Attempted to crash the server. (Perma'd)\");", *(int*)(dwConnection + 192), *(int*)(dwConnection + 192));
szEval(szBuf, false, 0);
}
return bIsCrashing ? 0 : Detour_Process->GetOriginalFunction()(dwThis, dwConnection);
}
DWORD WINAPI dwMainThread(LPVOID Args)
{
//not using sigs cuz chances are an update will fix the crash anyways
Printf = (PrintfFn)0x4A8040;
szGetVariable = (szGetVariableFn)0x4A7620;
SetVariable = (SetVariableFn)0x4A6DB0;
Process = (ProcessFn)0x5813D0;
szEval = (szEvaluateFn)0x4A8260;
//hook the func that causes the crash
Detour_Process = new MologieDetours::Detour<ProcessFn>(Process, (ProcessFn)Hooked_Process);
Printf("Anti-crash injected, all set! :)\nYou can edit $Pref::Server::AntidoteMode to do different things corresponding to this list:\n= 0: Simply stop the crash and nothing happens to either the server or the user.\n= 1: Permaban that starfish.\n(default is 1)");
SetVariable("$Pref::Server::AntidoteMode", "1");
//no need to delete Detour_Process, windows will wipe my ass for me (3548)
return 0;
}
int WINAPI DllMain(HINSTANCE Instance, DWORD Reason, LPVOID Reserved)
{
if (Reason == DLL_PROCESS_ATTACH)
CreateThread(NULL, 0, (LPTHREAD_START_ROUTINE)dwMainThread, NULL, 0, NULL);
return true;
}I'll be brown townyzing this code later on, but even just giving it a quick skim can verify that this code does not contain anything malicious.
If you want the source code so you can compile it yourself, you can find it
here. (Mega.co.nz)If you want the compiled DLL that was made from the source (Which is entirely comprised of the code I posted and the library found here:
https://github.com/kimperator/MologieDetours ) just PM me and I'll send it to you.
Now for an brown townysis of the code.
#include "MologieDetours\detours.h"
typedef void(__cdecl* PrintfFn)(char* szFormat, ...);
static PrintfFn Printf;
typedef void(__cdecl* SetVariableFn)(char* szName, char* szValue);
static SetVariableFn SetVariable;
typedef char*(__cdecl* szGetVariableFn)(char* szName);
static szGetVariableFn szGetVariable;
typedef char*(__cdecl* szEvaluateFn)(char* szString, bool bEcho, char* szFileName);
static szEvaluateFn szEval;
typedef void(__thiscall* ProcessFn)(DWORD dwThis, DWORD dwConnection);
static ProcessFn Process;
MologieDetours::Detour<ProcessFn>* Detour_Process;This part simply defines things for the code to use later on.
void __fastcall Hooked_Process(DWORD dwThis, void* blank, DWORD dwConnection)
{
int iArgc = *(int*)(dwThis + 16);
char** szArgv = (char**)(dwThis + 20);
bool bIsCrashing = false;
if (!(*(unsigned char *)(dwConnection + 288) & 1)) //this just checks if its a client on a server (in contrast to hosting in-game, where packets are back and fourth)
{
for (int i = iArgc - 1; i >= 0; i--)
{
...
}
}
}The code where the dots are is coming next.
The code here seems to define a couple variables and then the variable
bIsCrashing, which indicates if a crashing packet was detected.
After that it checks if the packet was received by a client on the server, and then loops through all the different parts of the packet.
char* szArg = szArgv[i + 1];
if (*szArg == 1) //tag?
{
//check numbers bigger than table size or less than zero
int iHax = atoi(szArg + 1);
if (iHax > (**(int**)(0x7F4254)) || iHax < 0)
{
bIsCrashing = true;
//dont return just yet- let the loop fix the spam from buffer overflow
if (i > 19)
szArgv[i + 1] = 0;
}
}This code first checks if the part of the packet is a tag, and then checks if the argument is greater than the total size of the netstring table, or less than 0. Either of those would cause the server to crash. If it's detected it sets the variable to true and continues on.
I'm not entirely sure what the if statement and the line after it does, but it seems based on the comment that it cleans up the console spam that would otherwise be left by the crash attempt. (If you have any insight into this, lemme know and I'll edit it in)
if (bIsCrashing && atoi(szGetVariable("$Pref::Server::AntidoteMode")) == 1)
{
char szBuf[128];
sprintf_s(szBuf, "messageAll('', %d.name SPC \"(BLID \" @ %d.bl_id @ \") attempted to crash the server!\");", *(int*)(dwConnection + 192), *(int*)(dwConnection + 192));
szEval(szBuf, false, 0);
sprintf_s(szBuf, "serverCmdBan(0, %d, %d.bl_id, -1, \"Attempted to crash the server. (Perma'd)\");", *(int*)(dwConnection + 192), *(int*)(dwConnection + 192));
szEval(szBuf, false, 0);
}
return bIsCrashing ? 0 : Detour_Process->GetOriginalFunction()(dwThis, dwConnection);This code checks if there has been a crashing packet detected and if the "antidote" mode has been activated through a getVariable function.
If both are true, it evals 2 lines of code that say that a certain player has tried to crash the server, and then permanently bans them.
After that, if a crashing packet was detected, it returns 0, completely skipping the other packet processing code. If not, it goes through the regular packet processing code.
The remainder of the code is just setting up the functions like the eval and getVariable functions, and handling injection into the exe.
On another note, when I compiled the source code with the same options that Computermix used (He told me which options to use as I'm not totally familiar with it) and the DLL was slightly bigger than the original that I got from wrapperup. He's explained this in a steam chat to me:
Take that how you will, but the version that is obtained from compiling this source is safe.
