Skip to forum content

You are not logged in. Please login or register.


forums.pvpgn.pro → [EN] Diablo → Introducing D2GS Admin

Pages 1

You must login or register to post a reply

RSS topic feed

Posts: 26

1

Topic: Introducing D2GS Admin

Welcome to D2GS Admin, a basic utility to help Windows server admins better manage their server.

Inspired by GecKoTDF's fix to an issue which was found to be an attack by simply sending a packet to crash D2GS, I wanted to make an easy to use Windows solution for those not running Linux or the knowledge to implement their own proxy.

I've also bundled in a simple D2GS.exe watcher that will look for the process and bring it back alive if it dies.

The goal with this software is to add additional tools over time so we can protect our servers, feel free to suggest some ideas or give me some feedback!


-=-=-= v1.0 =-=-=-

-Ability to block the hex crash attack
-Ability to block the overhead text feature in-game, !shall we do den? (this will instant kick the user)
-D2GS.exe watcher, brings it back if dead
-Configuration JSON file to set things up
    -D2GS directory selector
    -Delay in searching for D2GS
    -Set D2GS port
    -Hex strings should be converted to their decimal value
-Logs to file.


-=-=-= Download =-=-=-

Simply download the .msi and install it. If you want to remove it, head to the add/remove programs and delete it there.

Download here


-=-=-= Issues/Working on =-=-=-

-Doesn't like  Windows Server 2008, will investigate and release a new version
-The installers final screen may have a few issues with config and readme opening, maybe best to untick them and open manually
-Will split out the log file with what packets were blocked, perhaps pulling their name from the config json.

Owner of SlashDiablo - One of the oldest and most well known Diablo II servers
Admin of Resurgence - Vanilla++ mod
Co-Founder of Hellforged - Diablo 09 built on 1.13 engine (current work in progress)
Founder of Diablo2.org - Dedicated Discord server for PvPGN/D2GS questions

2

Re: Introducing D2GS Admin

Whoa. This is great. Thanks for putting the work in!

3

Re: Introducing D2GS Admin

#block the overhead text
D2Game.dll 0XD00A0 8B 31C0C208009090909090 1

COPY to d2gs.script

You can try it.

Added: 06.03.2019 11:56

I just tested your tools.

I found that for "ff01" outsourcing, or will run away

Packet Delay Option 200MS

4

Re: Introducing D2GS Admin

MxCen wrote:

#block the overhead text
D2Game.dll 0XD00A0 8B 31C0C208009090909090 1

COPY to d2gs.script

You can try it.

Added: 06.03.2019 11:56

I just tested your tools.

I found that for "ff01" outsourcing, or will run away

Packet Delay Option 200MS

Thanks for testing and providing some feedback. How do you mean by runaway?

For overhead text, yeah multiple ways of blocking this but thought it’d be neat to have it all in one single package.

Owner of SlashDiablo - One of the oldest and most well known Diablo II servers
Admin of Resurgence - Vanilla++ mod
Co-Founder of Hellforged - Diablo 09 built on 1.13 engine (current work in progress)
Founder of Diablo2.org - Dedicated Discord server for PvPGN/D2GS questions

5

Re: Introducing D2GS Admin

Invalid for "FF01"

6

Re: Introducing D2GS Admin

MxCen wrote:

Invalid for "FF01"

I'm confused, it was already setup to block this packet? Did you convert it to the deciminal value?

Owner of SlashDiablo - One of the oldest and most well known Diablo II servers
Admin of Resurgence - Vanilla++ mod
Co-Founder of Hellforged - Diablo 09 built on 1.13 engine (current work in progress)
Founder of Diablo2.org - Dedicated Discord server for PvPGN/D2GS questions

7 (edited by Feofilaktt 07.03.2019 14:22)

Re: Introducing D2GS Admin

"FF01" and "Overflow Text Overhead" are distinct collision crash failures.

Diablo 2 Online

Itens - Armory - Market - Clans - Builds - Chat

8

Re: Introducing D2GS Admin

Meanski, very good thing. I wanted to do make similar using WinPcap, and looks like WinDivert is better suited for this purpose.
Will you publish sources?

Do not ask for support in PM.

9

Re: Introducing D2GS Admin

HarpyWar wrote:

Meanski, very good thing. I wanted to do make similar using WinPcap, and looks like WinDivert is better suited for this purpose.
Will you publish sources?

Thanks Harpy :-)

Yes, I looked at WinPcap but we decided on using WinDivert.

I hope to publish the source soon, maybe when I get back from holiday!

Owner of SlashDiablo - One of the oldest and most well known Diablo II servers
Admin of Resurgence - Vanilla++ mod
Co-Founder of Hellforged - Diablo 09 built on 1.13 engine (current work in progress)
Founder of Diablo2.org - Dedicated Discord server for PvPGN/D2GS questions

10

Re: Introducing D2GS Admin

@Meanski Thank you for sharing

11

Re: Introducing D2GS Admin

Niceeeee!

12

Re: Introducing D2GS Admin

can it's work on windows server 2008 r2 x64. i run it and got microsoft visual c++ runtime library debug error

13

Re: Introducing D2GS Admin

Hyongza wrote:

can it's work on windows server 2008 r2 x64. i run it and got microsoft visual c++ runtime library debug error

Hello,

There is the below entry from Meanski on the main post:

-=-=-= Issues/Working on =-=-=-

-Doesn't like  Windows Server 2008, will investigate and release a new version

I would try installingl the latest C++ Redistributables. I am not entirely sure what version you require or version this program was written in but I would presume 2015.

Check out Diablo09.com and join our Diablo II Private Server!

14

Re: Introducing D2GS Admin

This version only supports 64 bit system, not 32-bit system. If it supports 32-bit system, for example, Win2003, wein2008-32

15

Re: Introducing D2GS Admin

bewyn wrote:

This version only supports 64 bit system, not 32-bit system. If it supports 32-bit system, for example, Win2003, wein2008-32

There’s a better solution to this now. I need to update this program with the latest fixes and some other things but don’t really have the time currently.

If you PM me I’ll send you the working solution

Owner of SlashDiablo - One of the oldest and most well known Diablo II servers
Admin of Resurgence - Vanilla++ mod
Co-Founder of Hellforged - Diablo 09 built on 1.13 engine (current work in progress)
Founder of Diablo2.org - Dedicated Discord server for PvPGN/D2GS questions

16 (edited by tmuhlhausen 09.02.2020 04:05)

Re: Introducing D2GS Admin

Meanski wrote:
bewyn wrote:

This version only supports 64 bit system, not 32-bit system. If it supports 32-bit system, for example, Win2003, wein2008-32

There’s a better solution to this now. I need to update this program with the latest fixes and some other things but don’t really have the time currently.

If you PM me I’ll send you the working solution

Also using x86 any chance you have the solution?

17

Re: Introducing D2GS Admin

anyone block the ff01 attack?

18

Re: Introducing D2GS Admin

lalelus2 wrote:

anyone block the ff01 attack?

Unfortunately so far only with rules in iptables or using the Meanski D2GS Admin.

Diablo 2 Online

Itens - Armory - Market - Clans - Builds - Chat

19

Re: Introducing D2GS Admin

Feofilaktt wrote:
lalelus2 wrote:

anyone block the ff01 attack?

Unfortunately so far only with rules in iptables or using the Meanski D2GS Admin.

sorry, but i dont understand how to use that.

  "patterns": [
    {
      "partial": true,
      "pattern": [ 255, 1, 255, 1, 0 ]
    },
    {
      "partial": false,
      "pattern": [ 20, 0 ]
    }
  ]
}

20 (edited by Feofilaktt 06.05.2020 16:00)

Re: Introducing D2GS Admin

lalelus2 wrote:
Feofilaktt wrote:
lalelus2 wrote:

anyone block the ff01 attack?

Unfortunately so far only with rules in iptables or using the Meanski D2GS Admin.

sorry, but i dont understand how to use that.

  "patterns": [
    {
      "partial": true,
      "pattern": [ 255, 1, 255, 1, 0 ]
    },
    {
      "partial": false,
      "pattern": [ 20, 0 ]
    }
  ]
}

Probably these are the patterns of the packages that Menski crypt into JSON in order to parameterize the D2GS Admin blocking settings.

You shouldn't touch this. Otherwise your players started to take random disconnect for false/positive.

Apparently, logic "255, 1, 255, 1, 0" would represent "FF 01 FF 00".

But I'm not sure how he this JSON uses it in D2GS Admin.

Diablo 2 Online

Itens - Armory - Market - Clans - Builds - Chat

21

Re: Introducing D2GS Admin

What are the conditions for using D2GS admin?still need  VirtualBox?

22

Re: Introducing D2GS Admin

lookdust wrote:

What are the conditions for using D2GS admin?still need  VirtualBox?

No, you can use the D2GS Admin running PvPGN and D2GS on Windows.

Diablo 2 Online

Itens - Armory - Market - Clans - Builds - Chat

23

Re: Introducing D2GS Admin

Feofilaktt wrote:
lookdust wrote:

What are the conditions for using D2GS admin?still need  VirtualBox?

No, you can use the D2GS Admin running PvPGN and D2GS on Windows.

D2GS Admin has installed, reboot service, players can't create game,or ,your connection has been interrupted

24

Re: Introducing D2GS Admin

Hi i tryed your program but it didnt work, didnt block the full package, only the first 2bytes of the code, i did another one
it autostarts the process of D2GS defined the location inside the source code, so i share it compiled and the source code

Copy and paste in your browser
prnt.sc/mu6JzZGmKJ-_

Cannot post 2 links, so
https://www.mediafire.com/file/zpexqsw1 … l.zip/file
Source Code:

import pydivert
import threading
import subprocess
import time
import psutil
import ctypes
import json

log_file = "blocked_packets.log"  # Specify the log file path
ban_duration = 300  # Ban duration in seconds
banned_ips_file = "banned_ips.json"  # File to store banned IPs

# Set the window title
ctypes.windll.kernel32.SetConsoleTitleW("Revenge Firewall")

# Load banned IPs from file
def load_banned_ips():
    try:
        with open(banned_ips_file, "r") as f:
            return json.load(f)
    except (FileNotFoundError, json.JSONDecodeError):
        return {}

# Save banned IPs to file
def save_banned_ips(banned_ips):
    with open(banned_ips_file, "w") as f:
        json.dump(banned_ips, f)

# Initialize banned IPs dictionary
banned_ips = load_banned_ips()

def block_packet(packet, w):
    payload = bytes(packet.tcp.payload)
    if packet.tcp.dst_port == 4000 and payload.startswith(b'\xff\x01'):
        source_ip = packet.src_addr
        if source_ip in banned_ips:
            ban_start_time = banned_ips[source_ip]
            ban_elapsed_time = time.time() - ban_start_time
            if ban_elapsed_time < ban_duration:
                # IP is still banned, don't send the packet
                print(f"IP {source_ip} is banned. Packet dropped.", flush=True)
                return
            else:
                # Ban duration has elapsed, remove the IP from the banned list
                del banned_ips[source_ip]
                save_banned_ips(banned_ips)

        # Log blocked packet and source IP
        log_message = f"Blocked packet: {payload}\nSource IP: {source_ip}\n"
        with open(log_file, "a") as f:
            f.write(log_message)

        # Display blocked packet and source IP
        print(log_message, flush=True)

        # Ban the source IP
        banned_ips[source_ip] = time.time()
        save_banned_ips(banned_ips)

        # Do not send the packet to effectively block it

    else:
        # Allow the packet to pass through
        w.send(packet)

def packet_capture():
    print("Starting packet capture...")
    with pydivert.WinDivert("tcp.DstPort == 4000") as w:
        for packet in w:
            block_packet(packet, w)

# Start packet capture in a separate thread
packet_capture_thread = threading.Thread(target=packet_capture)
packet_capture_thread.start()

print("Scanning packets on port 4000...")

# Continuously check if the process is running and restart if necessary
while True:
    process_name = "D2GS.exe"

    # Check if the process is running
    process_running = any(
        proc.name() == process_name for proc in psutil.process_iter()
    )

    if not process_running:
        # Restart the process
        process_path = r"C:\Users\Mantenimiento\Desktop\Server\D2GS\D2GS.exe"
        try:
            subprocess.Popen(
                process_path,
                shell=True,
                stdout=subprocess.PIPE,
                stderr=subprocess.PIPE,
                creationflags=subprocess.CREATE_NEW_CONSOLE,
            )
            print(f"Process '{process_name}' restarted.")
        except subprocess.CalledProcessError:
            print(f"Failed to restart process '{process_name}'.")

    # Wait for a few seconds before checking again
    time.sleep(5)

25

Re: Introducing D2GS Admin

Yeah my implementation is poor, at best big_smile I have been meaning to shut down the project for a long time as there are better ways of doing this now.

I'll take a look at your one - Perhaps we could make it more of an official release? If you were interested in me/you/us doing that

Owner of SlashDiablo - One of the oldest and most well known Diablo II servers
Admin of Resurgence - Vanilla++ mod
Co-Founder of Hellforged - Diablo 09 built on 1.13 engine (current work in progress)
Founder of Diablo2.org - Dedicated Discord server for PvPGN/D2GS questions

26 (edited by MayhemARG 23.05.2023 00:13)

Re: Introducing D2GS Admin

Meanski wrote:

Yeah my implementation is poor, at best big_smile I have been meaning to shut down the project for a long time as there are better ways of doing this now.

I'll take a look at your one - Perhaps we could make it more of an official release? If you were interested in me/you/us doing that

i know the best way is to use linux, but some people doesn't know how to set it up first time i used iptables i nthe year of 2013 when i found a the exact packets to block, using RedVex on a local server, my idea is to make a new firewall, maybe i can use your logic to reinjet packets, this is another packet to block the owner of a server is using it to attack, somehow some firewalls doesn't recognize it like a typical FF 01 so it gets to the d2gs process,
"FF 01 FF 01 AA A1 B1 00 AA A1 B1 00 AA A1 B1 00 AA A1 B1 00 AA A1 B1 00 AA A1 B1 00 AA A1 B1 00 AA A1 B1 00"

just now i updated it with an ipbanning feature and removing the flood on the screen, im running it in a cmd windows,

these are the dependencies to install:
with "pip install"
pydivert
threading
subprocess
time
psutil
ctypes
json
some of those are already preinstalled with python.
added github: https://github.com/jcerutti/PythonFirewallD2GS

Posts: 26

Pages 1

You must login or register to post a reply

Who now at forum

Currently view post: 0 guests, 0 registered users

forums.pvpgn.pro → [EN] Diablo → Introducing D2GS Admin