Author Topic: So, I was thinking... costume creator might be possible...  (Read 128704 times)

ArachnosCommander

  • Underling
  • *
  • Posts: 13
  • www.ArachnosElite.com
    • www.ArachnosElite.com
So, I was thinking... costume creator might be possible...
« on: December 09, 2012, 09:19:55 PM »
Codewalker has released his own little Icon for us to play in! Download it here: http://www.cohtitan.com/forum/index.php/topic,7288.0.html ~Agge


I woke up from a dead sleep this morning because of a dream I had. (For context, I have been trying to import costume files into the Korean Costume Creator.)

I dreamt that I was able to turn the actual CoH client into a working costume creator by using a memory editor to bypass the login and server selection screens.

Now, this may seem far fetched, but from previous real-world experience, in 2006, using the Cheat Engine (yes, I'll admit it), I was able to access all of the developer costume options in the character creator. The only problem was that you couldn't actually create a character and log into the server since my account wasn't flagged as an admin/developer. I was able to create a character wearing Tyrants helm, with Wyvren costume parts and Lord Recluse's backpack.

What Cheat Engine did was allow you to view the memory of CoH while it was running and by tweaking the code of what was on the screen, it allowed you to open new parts and choose things that you normally don't have access to.

I really do think that it might be possible to use Cheat Engine to bypass the login and server screens to send yourself directly into the costume creator, where editing the memory again, will open up every single costume part to play with.

The only problem I have is that I haven't used the Cheat Engine in about 6 years and all of the links I had to a (now-offline) site on how to edit CoH are gone. So I don't have access to the specific memory edits anymore.

So my challenge to anyone interested in turning the CoH client into a full-fleged costume creator is this: find any sites that link City of Heroes to the Cheat Engine.

I've exhusted all of my searching capabilities and I'm going crazy trying to find anything on my PC that I used at the time relating to my Cheat Engine exploits.

I do believe this is entirely possible. Everything that I was able to edit in the memory was all client side and had nothing to do with anything server side.

Hope some of you can help with this.
« Last Edit: December 15, 2012, 07:32:52 AM by Aggelakis »

Arachnion

  • Elite Boss
  • *****
  • Posts: 642
  • Professional Cynic
Re: So, I was thinking... costume creator might be possible...
« Reply #1 on: December 09, 2012, 09:25:05 PM »
in 2006, using the Cheat Engine (yes, I'll admit it), I was able to access all of the developer costume options in the character creator. The only problem was that you couldn't actually create a character and log into the server since my account wasn't flagged as an admin/developer. I was able to create a character wearing Tyrants helm, with Wyvren costume parts and Lord Recluse's backpack.

Oh my god.

Can't believe I never thought of that before... I just assumed programs like Cheat Engine and the like were just traps/breeding grounds for viruses.

Hell, that's probably as true today as I thought it was back then, if not more so.

I'm very, very sad now  :-\

Regardless... you've highlighted a very interesting point there, friend.
I'm all dressed up with nowhere to go
Walkin' with a dead man over my shoulder

Waiting for an invitation to arrive
Goin' to a party where no one's still alive

dwturducken

  • Elite Boss
  • *****
  • Posts: 2,152
  • Now available in stereo
Re: So, I was thinking... costume creator might be possible...
« Reply #2 on: December 09, 2012, 09:35:10 PM »
I dreamt that I was able to turn the actual CoH client into a working costume creator by using a memory editor to bypass the login and server selection screens.

This reminds me of a dream I had that I assume was fever-induced, as I was very sick, at the time. In it, I was able to manipulate SIP registrations with my mind. :)

The rest certainly sounds plausible. I have been toying with setting an older dual core box back up for different kinds of testing. This sounds like a good excuse, but it'll probably be Tuesday before I can dig it out, for various IRL reasons.
I wouldn't use the word "replace," but there's no word for "take over for you and make everything better almost immediately," so we just say "replace."

Arachnion

  • Elite Boss
  • *****
  • Posts: 642
  • Professional Cynic
Re: So, I was thinking... costume creator might be possible...
« Reply #3 on: December 09, 2012, 09:37:25 PM »
This reminds me of a dream I had that I assume was fever-induced, as I was very sick, at the time. In it, I was able to manipulate SIP registrations with my mind. :)

The rest certainly sounds plausible. I have been toying with setting an older dual core box back up for different kinds of testing. This sounds like a good excuse, but it'll probably be Tuesday before I can dig it out, for various IRL reasons.

Hehe.

Good luck, when you get around to it.

Might wanna be careful as well.

EDIT: Found some info in this topic. http://www.cohguru.com/forum/showpost.php?p=168303&postcount=26

Old screenshots from that thread, not mine:
http://img176.imageshack.us/img176/1678/legacyol5.jpg
http://img137.imageshack.us/img137/1654/nemesisus9.jpg

>The first method was by overriding the original list with a hacked one that had everything unlocked and de-categorized enough to select, and the second was done by modifying the RAM on a clean instance to change the costume outside of the menu or standard limitations. I am not going to disclose the exact details or programs used

Soooo... it looks like our options for this are: virtual memory editing, and list files..

 :)
« Last Edit: December 09, 2012, 10:49:13 PM by Arachnion »
I'm all dressed up with nowhere to go
Walkin' with a dead man over my shoulder

Waiting for an invitation to arrive
Goin' to a party where no one's still alive

dwturducken

  • Elite Boss
  • *****
  • Posts: 2,152
  • Now available in stereo
Re: So, I was thinking... costume creator might be possible...
« Reply #4 on: December 09, 2012, 11:42:50 PM »
Oh, it looks like a slog, and the add-on lists are "de-categorized," but we have a large group of very creative individuals, here, who have suddenly found themselves without a defined hobby, so to speak.
I wouldn't use the word "replace," but there's no word for "take over for you and make everything better almost immediately," so we just say "replace."

The Fifth Horseman

  • Elite Boss
  • *****
  • Posts: 961
  • Outside known realities.
Re: So, I was thinking... costume creator might be possible...
« Reply #5 on: December 10, 2012, 08:53:09 AM »
Quote
Can't believe I never thought of that before... I just assumed programs like Cheat Engine and the like were just traps/breeding grounds for viruses.
Depends on the program. Targeted exploits often are. Cheat Engine is a general-purpose tool for examining (and editing) memory offsets.

The only problem is that the normal way of using CE relies on analyzing offset values changing as the application runs. Which is kind of a non-option here.
We were heroes. We were villains. At the end of the world we all fought as one. It's what we did that defines us.
The end occurred pretty much as we predicted: all servers redlining until midnight... and then no servers to go around.

Somewhere beyond time and space, if you look hard you might find a flash of silver trailing crimson: a lone lost Spartan on his way home.

Arachnion

  • Elite Boss
  • *****
  • Posts: 642
  • Professional Cynic
Re: So, I was thinking... costume creator might be possible...
« Reply #6 on: December 10, 2012, 06:13:48 PM »
Depends on the program. Targeted exploits often are. Cheat Engine is a general-purpose tool for examining (and editing) memory offsets.

The only problem is that the normal way of using CE relies on analyzing offset values changing as the application runs. Which is kind of a non-option here.

So wait.

What you're saying, is that the problem is it relies on changing values that aren't static?

Because I'm pretty sure it's the static values you need to change... that count.

Hmm.
I'm all dressed up with nowhere to go
Walkin' with a dead man over my shoulder

Waiting for an invitation to arrive
Goin' to a party where no one's still alive

The Fifth Horseman

  • Elite Boss
  • *****
  • Posts: 961
  • Outside known realities.
Re: So, I was thinking... costume creator might be possible...
« Reply #7 on: December 10, 2012, 06:45:54 PM »
I wasn't very clear, my apologies. The big question here is whether the memory addresses used by the game to store the relevant data are the same on every launch or not. If they are, you may succeed - if you find them in the first place, of course - and produce a general exploit. If they are not you'll be changing offsets at random in hope of getting the desired result (not recommended).
A slightly more suitable tool for this would be a debugger such as IDAPro or OllyDbg. Using them, you can actually modify the executable (in IDAPro it's a bit roundabout - you can't alter the file directly, but can create a .diff patch for it and then apply that using another program).
We were heroes. We were villains. At the end of the world we all fought as one. It's what we did that defines us.
The end occurred pretty much as we predicted: all servers redlining until midnight... and then no servers to go around.

Somewhere beyond time and space, if you look hard you might find a flash of silver trailing crimson: a lone lost Spartan on his way home.

Arachnion

  • Elite Boss
  • *****
  • Posts: 642
  • Professional Cynic
Re: So, I was thinking... costume creator might be possible...
« Reply #8 on: December 10, 2012, 06:48:45 PM »
I wasn't very clear, my apologies. The big question here is whether the memory addresses used by the game to store the relevant data are the same on every launch or not. If they are, you may succeed - if you find them in the first place, of course - and produce a general exploit. If they are not you'll be changing offsets at random in hope of getting the desired result (not recommended).
A slightly more suitable tool for this would be a debugger such as IDAPro or OllyDbg. Using them, you can actually modify the executable (in IDAPro it's a bit roundabout - you can't alter the file directly, but can create a .diff patch for it and then apply that using another program).

Oh, thank you.

That does explain it better.

It seems like someone with above advanced computer knowledge, would be required to endeavor on this task.

Which means, not me  :P
I'm all dressed up with nowhere to go
Walkin' with a dead man over my shoulder

Waiting for an invitation to arrive
Goin' to a party where no one's still alive

Codewalker

  • Hero of the City
  • Titan Network Admin
  • Elite Boss
  • *****
  • Posts: 2,740
  • Moar Dots!
Re: So, I was thinking... costume creator might be possible...
« Reply #9 on: December 10, 2012, 07:23:25 PM »
>The first method was by overriding the original list with a hacked one that had everything unlocked and de-categorized enough to select, and the second was done by modifying the RAM on a clean instance to change the costume outside of the menu or standard limitations. I am not going to disclose the exact details or programs used

That sounds like a lot of work.

Assuming you were connected to a server, it would be a lot easier to just change the value at memory address 0x0167C800 (I24 beta client) to 1.

That enables the "NPC Edit" mode that the developers used to create costumes, and unlocks all possible costume parts, complete with color coding to indicate which parts are dev-only, which are normally restricted based on store purchases, etc.

Actually getting the costume editor working without a server would be a considerable amount of work, since the main loop does things like send keepalive messages over the network so that you don't time out while you're making your costume. It's probably not doable with simple hex editing of memory values.

Arachnion

  • Elite Boss
  • *****
  • Posts: 642
  • Professional Cynic
Re: So, I was thinking... costume creator might be possible...
« Reply #10 on: December 10, 2012, 07:26:55 PM »
So... there's an NPC Edit mode that gives you *all* parts!?

Maaaaaaaaaaan.

 :'(
I'm all dressed up with nowhere to go
Walkin' with a dead man over my shoulder

Waiting for an invitation to arrive
Goin' to a party where no one's still alive

Codewalker

  • Hero of the City
  • Titan Network Admin
  • Elite Boss
  • *****
  • Posts: 2,740
  • Moar Dots!
Re: So, I was thinking... costume creator might be possible...
« Reply #11 on: December 10, 2012, 07:28:25 PM »
It's normally turned on by /editnpc 1, but you have to have an accesslevel of >= 1 to do it that way. :)

RedRaccoon

  • Underling
  • *
  • Posts: 5
Re: So, I was thinking... costume creator might be possible...
« Reply #12 on: December 10, 2012, 08:21:02 PM »
Actually getting the costume editor working without a server would be a considerable amount of work, since the main loop does things like send keepalive messages over the network so that you don't time out while you're making your costume.
I logged into the costume creator shortly before the servers terminated and it's still up and running just fine.  It's been more than a week since they pulled the plug and I'm still making new costumes and can load all my locally saved ones.  It doesn't seem to matter that the server no longer exists. 

Of course, I'll eventually lose access when I have to reboot my computer or the power goes out or I accidentally close the program or whatever. so I really hope someone does find a work-around.

Arachnion

  • Elite Boss
  • *****
  • Posts: 642
  • Professional Cynic
Re: So, I was thinking... costume creator might be possible...
« Reply #13 on: December 10, 2012, 08:27:27 PM »
I logged into the costume creator shortly before the servers terminated and it's still up and running just fine.  It's been more than a week since they pulled the plug and I'm still making new costumes and can load all my locally saved ones.  It doesn't seem to matter that the server no longer exists. 

Of course, I'll eventually lose access when I have to reboot my computer or the power goes out or I accidentally close the program or whatever. so I really hope someone does find a work-around.

....Oh wow.
I'm all dressed up with nowhere to go
Walkin' with a dead man over my shoulder

Waiting for an invitation to arrive
Goin' to a party where no one's still alive

Codewalker

  • Hero of the City
  • Titan Network Admin
  • Elite Boss
  • *****
  • Posts: 2,740
  • Moar Dots!
Re: So, I was thinking... costume creator might be possible...
« Reply #14 on: December 10, 2012, 09:02:48 PM »
I logged into the costume creator shortly before the servers terminated and it's still up and running just fine.  It's been more than a week since they pulled the plug and I'm still making new costumes and can load all my locally saved ones.  It doesn't seem to matter that the server no longer exists.

Huh, I assumed the netlink code would bail out eventually. I guess it doesn't actually check the return values when it's on that screen.

*goes to try something*

Well hot damn, that was easier than I thought. I just got into the character creator.

Give me a few hours to dot some i's and I'll post how to do it. Would like to unlock costume parts and stuff -- it defaults to non-VIP with nothing unlocked.

Electric-Knight

  • Elite Boss
  • *****
  • Posts: 297
  • E-K and Malfaz taking a break, drinking tea
    • www.pauldamonthomas.com
Re: So, I was thinking... costume creator might be possible...
« Reply #15 on: December 10, 2012, 09:13:04 PM »
I'm preparing the dancing elephants, but I'll hold them off just yet... still... you're making me rather excited and happy! Carry on!  ;D
--
"Your reality, sir, is lies and balderdash and I'm delighted to say that I have no grasp of it whatsoever."
- Baron Munchausen

http://www.pauldamonthomas.com/

Arachnion

  • Elite Boss
  • *****
  • Posts: 642
  • Professional Cynic
Re: So, I was thinking... costume creator might be possible...
« Reply #16 on: December 10, 2012, 09:19:00 PM »
Codewalker, YOU THA MAN!

 ;D ;D
I'm all dressed up with nowhere to go
Walkin' with a dead man over my shoulder

Waiting for an invitation to arrive
Goin' to a party where no one's still alive

sl701

  • Minion
  • **
  • Posts: 42
Re: So, I was thinking... costume creator might be possible...
« Reply #17 on: December 10, 2012, 09:39:37 PM »
I logged into the costume creator shortly before the servers terminated and it's still up and running just fine.  It's been more than a week since they pulled the plug and I'm still making new costumes and can load all my locally saved ones.  It doesn't seem to matter that the server no longer exists. 

Of course, I'll eventually lose access when I have to reboot my computer or the power goes out or I accidentally close the program or whatever. so I really hope someone does find a work-around.

You're my hero, really. Staying in the editor for so long... That's what I call dedication!  8)

Arachnion

  • Elite Boss
  • *****
  • Posts: 642
  • Professional Cynic
Re: So, I was thinking... costume creator might be possible...
« Reply #18 on: December 10, 2012, 10:00:05 PM »
You're my hero, really. Staying in the editor for so long... That's what I call dedication!  8)

That's nothing.

Did you not see Codewalker's post above!?

"Well hot damn, that was easier than I thought. I just got into the character creator."
"Give me a few hours and i'll tell you how to"
I'm all dressed up with nowhere to go
Walkin' with a dead man over my shoulder

Waiting for an invitation to arrive
Goin' to a party where no one's still alive

sl701

  • Minion
  • **
  • Posts: 42
Re: So, I was thinking... costume creator might be possible...
« Reply #19 on: December 10, 2012, 10:14:25 PM »
That's nothing.

Did you not see Codewalker's post above!?

"Well hot damn, that was easier than I thought. I just got into the character creator."
"Give me a few hours and i'll tell you how to"

Yes, I saw Codewalker's post. Actually, I'm giddy to see what he can do and if we can, too. So yes, he's "THA MAN", as you have so nicely put it  :)

But, c'mon.... 10days;D