It seem does not supports the Chinese version,
which named YuanShen from mihoyo offcial website.
which difference to the international version
folder stucture not same
UnityPlayer.dll not same
patch output
/Genshin Impact Game$ bash ../GI-on-Linux/120/patch.sh
Wrong file version or patch is already applied
md5sum: 56e2e96af341db2b9db07c18cee14b08
strictly abide the rules
I have not share this project in official channels
I have not abuse this project for cheating
I just wanna play the game
LINK REMOVED BY KROCK (after download)
↑↑↑ I will delete it after 48 hours.
Regards,
Pekaikon Norckon
come to my house to blow the air conditioner tonight
Thanks for the awesome project,
Its very nice.
It seem does not supports the Chinese version,
which named YuanShen from mihoyo offcial website.
### which difference to the international version
* folder stucture not same
* ```UnityPlayer.dll``` not same
### patch output
```
/Genshin Impact Game$ bash ../GI-on-Linux/120/patch.sh
Wrong file version or patch is already applied
md5sum: 56e2e96af341db2b9db07c18cee14b08
```
### strictly abide the rules
* I have not share this project in official channels
* I have not abuse this project for cheating
* I just wanna play the game
*LINK REMOVED BY KROCK (after download)*
↑↑↑ I will delete it after 48 hours.
Regards,
Pekaikon Norckon
![截图录屏_选择区域_20201224173642.png](https://i.loli.net/2020/12/24/rPxOBLg6sQoJf2k.png)
come to my house to blow the air conditioner tonight
Does it work if you remove the hash check? It could be some error messages different or something. Make sure to use an account you don't mind getting banned though.
Does it work if you remove the hash check? It could be some error messages different or something. Make sure to use an account you don't mind getting banned though.
thanks for the memtion,
i dont mind getting banned :D
i have tried remove the hash check,
but still not working.
$ bash ../GI-on-Linux/120/patch.sh
Wrong file version or patch is already applied
md5sum: 56e2e96af341db2b9db07c18cee14b08
[...]
--- Patching UnityPlayer
xdelta3: target window checksum mismatch: XD3_INVALID_INPUT
xdelta3: normally this indicates that the source file is incorrect
xdelta3: please verify the source file with sha1sum or equivalent
==> Patch applied! Enjoy the game.
xdelta3 report errors here.
thanks for the memtion,
i dont mind getting banned :D
i have tried remove the hash check,
but still not working.
```
$ bash ../GI-on-Linux/120/patch.sh
Wrong file version or patch is already applied
md5sum: 56e2e96af341db2b9db07c18cee14b08
[...]
--- Patching UnityPlayer
xdelta3: target window checksum mismatch: XD3_INVALID_INPUT
xdelta3: normally this indicates that the source file is incorrect
xdelta3: please verify the source file with sha1sum or equivalent
==> Patch applied! Enjoy the game.
```
```xdelta3``` report errors here.
Are you unable to use the international version? It has Chinese as a language option and server select has an Asia server (I'm not sure if the Asia server is the same as the china server though).
RIP.
Are you unable to use the international version? It has Chinese as a language option and server select has an Asia server (I'm not sure if the Asia server is the same as the china server though).
Download link: https://ys-api-os.mihoyo.com/event/download_porter/link/ys_global/genshinimpactpc/default
Direct link if that doesn't work: https://genshinimpact.mihoyo.com/client_app/launcher/20201223_d3fcf5785e92e37a/GenshinImpact_install_20201211165103.exe
unfortunately,
the asian server is for all of asia without china,
due to chinese law and payment.
i can play chinese version in cloud gamming service,
but have a little bit of frame loss
and thanks for your suggestion,
maybe transform to international server is another choice.
thank you for the fast reply,
unfortunately,
the asian server is for all of asia without china,
due to chinese law and payment.
i can play chinese version in cloud gamming service,
but have a little bit of frame loss
and thanks for your suggestion,
maybe transform to international server is another choice.
![HH5OJF95GE`FE__N~_R5L2Y.jpg](https://i.loli.net/2020/12/24/36e1b7jWdKPDwo4.jpg)
Are you sure this is the 1.2.0 binary? Its timestamp is 09 Dec, rather than the official release date of 23 Dec.
Progress (editing gradually)
This is 1.2.0
Largely identical
A few data blobs changed
The changes at binary offset 0x01A7F600 are due to their obfuscation tool (random?)
Changed certificates
Important addresses are the same
CN UnityPlayer is compatible with the international version
We can try to use the globally accepted values, maybe they work on all servers.
EDIT99: need some more time.
Are you sure this is the 1.2.0 binary? Its timestamp is 09 Dec, rather than the official release date of 23 Dec.
**Progress** (editing gradually)
* This is 1.2.0
* Largely identical
* A few data blobs changed
* The changes at binary offset 0x01A7F600 are due to their obfuscation tool (random?)
* Changed certificates
* Important addresses are the same
* CN UnityPlayer is compatible with the international version
We can try to use the globally accepted values, maybe they work on all servers.
EDIT99: need some more time.
Please report back whether this results in the error code 31-4302.
@dfc643 With some luck this patch here should work. https://www.privfile.com/download.php?fid=5fe488e5343c3-NDk4NQ==
Please report back whether this results in the error code 31-4302.
@Krock yeh the new patch it works!
but its really reports error 31-4302
i modified laucnher.bat like this
@echo off
REM ============ AVOID CHANGES HERE ============
REM Emulate the games behaviour
copy mhyprot2.sys "%TEMP%\"
regedit mhyprot2_running.reg
REM Disable crash reporting
IF EXIST YuanShen_Data\upload_crash.exe (
move "YuanShen_Data\upload_crash.exe" "YuanShen_Data\upload_crash.exe.bak"
)
REM ============= Launch the game =============
REM Add custom launch params here
REM https://docs.unity3d.com/Manual/CommandLineArguments.html
YuanShen.exe
and there two new domain detected from my router
log-upload.mihoyo.com
ys.mihoyo.com
the china standard time is 10:11 pm now,
if i have no reply, i will test and reply after 8 hours.
and MERRY XMAS !!!!
@Krock yeh the new patch it works!
but its really reports error 31-4302
### i modified laucnher.bat like this
```
@echo off
REM ============ AVOID CHANGES HERE ============
REM Emulate the games behaviour
copy mhyprot2.sys "%TEMP%\"
regedit mhyprot2_running.reg
REM Disable crash reporting
IF EXIST YuanShen_Data\upload_crash.exe (
move "YuanShen_Data\upload_crash.exe" "YuanShen_Data\upload_crash.exe.bak"
)
REM ============= Launch the game =============
REM Add custom launch params here
REM https://docs.unity3d.com/Manual/CommandLineArguments.html
YuanShen.exe
```
### and there two new domain detected from my router
```
log-upload.mihoyo.com
ys.mihoyo.com
```
the china standard time is 10:11 pm now,
if i have no reply, i will test and reply after 8 hours.
### and MERRY XMAS !!!!
![8856eac7gy1ffaq0u9psyg204x04xq54.gif](https://i.loli.net/2020/12/24/JFyT4jQGY5sRkNc.gif)
So to get your version running you'd need to check whether UserAssembly.dll is the same (as in addresses), run the game on a Windows machine, and dump the correct values from memory. If you know how assembly/pointers/Cheat Engine works we could give that a try, otherwise try to use the international version somehow, or play it in the cloud.
Merry Christmas.
So to get your version running you'd need to check whether UserAssembly.dll is the same (as in addresses), run the game on a Windows machine, and dump the correct values from memory. If you know how assembly/pointers/Cheat Engine works we could give that a try, otherwise try to use the international version somehow, or play it in the cloud.
Merry Christmas.
if you dont mind,
i repost this issue to bbs.deepin.org linux forum
to get someone helps?
if you need a account to do the test,
i can provide one.
Merry Christmas
Morning,
thats sorry,
i donot know how to dump from memory.
here is chinese version dl link:
https://ys-api.mihoyo.com/event/download_porter/link/ys_cn/official/pc_default
https://autopatchcn.yuanshen.com/client_app/launcher/20201223_0e73b7176043c3a1/yuanshen_setup_mihoyo_20201211012054.exe
if you dont mind,
i repost this issue to ```bbs.deepin.org``` linux forum
to get someone helps?
if you need a account to do the test,
i can provide one.
Merry Christmas
How many people are interested in this? How bad is the cloud service?
Patching the international version already takes a few hours of work and a good amount of nerves. Thus I am not keen setting up another (Chinese) game variant on my machine. However, only if...
there are multiple people IN NEED for this patch
and the cloud service sucks somewhat
and there's a working Windows setup with Admin access I could use for a few hours
.. then I might set up the patch files for you.
Otherwise decompile your UserAssembly version, read out the hash values on a working Windows machine and complete the patch I sent earlier.
Or tweak your cloud service for better gameplay, if that is possible.
That's all I can offer. Sorry for being so direct, but I cannot find a better way to express myself.
How many people are interested in this? How bad is the cloud service?
Patching the international version already takes a few hours of work and a good amount of nerves. Thus I am not keen setting up another (Chinese) game variant on my machine. However, only if...
1. there are multiple people *IN NEED* for this patch
2. and the cloud service sucks somewhat
3. and there's a working Windows setup with Admin access I could use for a few hours
.. then I might set up the patch files for you.
Otherwise decompile your UserAssembly version, read out the hash values on a working Windows machine and complete the patch I sent earlier.
Or tweak your cloud service for better gameplay, if that is possible.
That's all I can offer. Sorry for being so direct, but I cannot find a better way to express myself.
there so many linux user want play in china,
the cloud service is expensive (2 rmb/hrs) and slowly...
that i am a linux server maintenance staff,
isnt know more things of reverse engineering.
but i think repost the issue to chinese linux forum,
there will have someone can helps to finish the patch of chinese version.
i think that is the best way if you not mind.
hello,
thank you do a lot things of the project
there so many linux user want play in china,
the cloud service is expensive (2 rmb/hrs) and slowly...
that i am a linux server maintenance staff,
isnt know more things of reverse engineering.
but i think repost the issue to chinese linux forum,
there will have someone can helps to finish the patch of chinese version.
i think that is the best way if you not mind.
@dfc643 Feel free to ask for volunteers on the deepin forums. My conditions will remain the same as stated above.
Please keep in mind that each public mention of this repository increases the chances for miHoYo to find it.
EDIT: Interesting domains. I did not capture those in Wireshark, hence I don't know whether they need blocking.
@dfc643 Feel free to ask for volunteers on the deepin forums. My conditions will remain the same as stated above.
Please keep in mind that each public mention of this repository increases the chances for miHoYo to find it.
EDIT: Interesting domains. I did not capture those in Wireshark, hence I don't know whether they need blocking.
the two domains is report from my router traffic list.
@Krock Happy New Year,
Thats looooooong time no see due to my works.
I tried ask for somebody at deepin forum,
https://bbs.deepin.org/post/209242
and using wrong character instead the game name.
the two domains is report from my router traffic list.
@vero I re-uploaded the skeleton patch to the repository just now. <-- contains all basic functions you need.
EDIT: Instructions removed from this post. Please write me an email
If you're successful, the game will crash before showing the 7 element symbols after login. If you got that far, try to apply the anti_logincrash patch or migrate that to the CN version as well.
EDIT3 (I think?): If you found all addresses you can use byte matching to find the functions in the next release -- given they did not add any additional hurdles.
@vero I re-uploaded the skeleton patch [to the repository](https://notabug.org/Krock/GI-on-Linux/src/master/120/patch_files/unityplayer_patch_cn.vcdiff) just now. <-- contains all basic functions you need.
**EDIT: Instructions removed from this post. Please write me an email**
If you're successful, the game will crash before showing the 7 element symbols after login. If you got that far, try to apply the anti_logincrash patch or migrate that to the CN version as well.
EDIT3 (I think?): If you found all addresses you can use byte matching to find the functions in the next release -- given they did not add any additional hurdles.
Maybe it's worth looking at in preparation for global 1.4.0?
(Feel free to delete/edit this message if you think it's dangerous in some way. I think it's not, but your word is last here, @Krock.)
Chinese version 1.4.0 is already available for pre-download:
`https://autopatchcn.yuanshen.com/client_app/pc_mihoyo/20210317_67c8f1002bb26672/YuanShen_1.4.0.zip`
Maybe it's worth looking at in preparation for global 1.4.0?
(Feel free to delete/edit this message if you think it's dangerous in some way. I think it's not, but your word is last here, @Krock.)
@Alex72 Thank you for the input. Whereas this would allow some preparation, it would only cause more effort to partially decompile the international version afterwards. Not worth the hassle IMO.
@Alex72 Thank you for the input. Whereas this would allow some preparation, it would only cause more effort to partially decompile the international version afterwards. Not worth the hassle IMO.
Actually with a bit of magic you can get a global version:
`https://autopatchhk.yuanshen.com/client_app/pc_mihoyo/20210317_67c8f1002bb26672/GenshinImpact_1.4.0.zip`
i have replaced all the modified files,it doesn't work.
but i find you can replace 20527480.blk change to chinese version.
so I uploaded the file to the mega
https://mega.nz/file/6pwwSAYL#-4ssj9vXCYE9hlqfdMnl1OPtMts0rf4vmK64nVrdt6g
The Chinese server uses slightly different binary files which need another patch file in order to join the game.
Simply copying files from the international version won't let you enter the CN game server. Would you mind elaborating what's special about this *.blk file?
The Chinese server uses slightly different binary files which need another patch file in order to join the game.
Simply copying files from the international version won't let you enter the CN game server. Would you mind elaborating what's special about this *.blk file?
20527480.blk contains channel config (dispatch server URL) as well as logging servers URLs and some other stuff.
Technically it may be possible to swap it between CN and global versions to make it connect to the server it's not supposed to, but I can't confirm nor deny this. Probably you'll need to patch asset_index too, because it contains hash of all assets used in the game.
`20527480.blk` contains channel config (dispatch server URL) as well as logging servers URLs and some other stuff.
Technically it may be possible to swap it between CN and global versions to make it connect to the server it's not supposed to, but I can't confirm nor deny this. Probably you'll need to patch `asset_index` too, because it contains hash of all assets used in the game.
Furthermore it would require to modify the client name to match the international version, or the sent login data would be highly suspicious. It it were that simple, an /etc/hosts rule might work too once UnityPlayer.dll is patched.
It could be that the international server domains are blocked in China, unless proven otherwise, it might be only wasted effort.
Furthermore it would require to modify the client name to match the international version, or the sent login data would be highly suspicious. It it were that simple, an `/etc/hosts` rule might work too once UnityPlayer.dll is patched.
It could be that the international server domains are blocked in China, unless proven otherwise, it might be only wasted effort.
No interest from my side to setup and somehow sign up on the CN server
Nobody has shown interest to take care of this task
Requirements: Basic Assembly knowledge, Dummy game account for testing, Non-VM Windows installation, Linux box for proof-testing.
Even though all information is technically available in this repository, I do not have plans to disclose the patch instructions.
Hopefully the Steam Deck hype is big enough to motivate the developers to make their game Linux compatible in the next few game versions.
If you think that you are capable of writing a patch for a CN installation, please write me an email so that we can have a look at it.
This issue is limited by:
1. No interest from my side to setup and *somehow* sign up on the CN server
2. Nobody has shown interest to take care of this task
* Requirements: Basic Assembly knowledge, Dummy game account for testing, Non-VM Windows installation, Linux box for proof-testing.
3. Even though all information is technically available in this repository, I do not have plans to disclose the patch instructions.
Hopefully the Steam Deck hype is big enough to motivate the developers to make their game Linux compatible in the next few game versions.
If you think that you are capable of writing a patch for a CN installation, please write me an email so that we can have a look at it.
I would like to ask about the level of debugging required. Is a host that can start the game without guaranteeing the smoothness of the screen is sufficient for debugging?
I would like to ask about the level of debugging required. Is a host that can start the game without guaranteeing the smoothness of the screen is sufficient for debugging?
@icecat Yes. Rendering performance (i.e. FPS) does not matter as long it can run the game. The patch procedure is (on my side) well established, hence the actual debugging after a version update + content download is a matter of a few minutes. Most of the effort is required at preparing the assembly modifications and the file organization.
@icecat Yes. Rendering performance (i.e. FPS) does not matter as long it can run the game. The patch procedure is (on my side) well established, hence the actual debugging after a version update + content download is a matter of a few minutes. Most of the effort is required at preparing the assembly modifications and the file organization.
@icecat There are no specific requirements for this patch. Like stated on the official website, Windows 7 or newer is required. Windows 10 AME 2004 does work too after manual GPU driver setup. The GPU must support at least DirectX 11 to not deal with software rendering annoyances.
If you would like to spend your free time on this issue, I would appreciate if we could continue this conversation by email (see git commits, LICENSE.txt).
@icecat There are no specific requirements for this patch. Like stated on the official website, Windows 7 or newer is required. Windows 10 AME 2004 does work too after manual GPU driver setup. The GPU must support at least DirectX 11 to not deal with software rendering annoyances.
If you would like to spend your free time on this issue, I would appreciate if we could continue this conversation by email (see git commits, LICENSE.txt).
Hi, I have managed to partially port the 2.4 patch to CN variant of UnityPlayer.dll.
Log servers for GI CN client found with mitmproxy on Windows:
log-upload.mihoyo.com
uspider.yuanshen.com
The international UnityPlayer.dll and the CN UnityPlayer.dll have same signatures and addresses in .text, .rdata and .data sections, corresponding to patches in https://notabug.org/Krock/dawn/src/master/240/UnityPlayer.md#addresses except the XOR patch. So I just copy&paste patched bytes (including validation bytes) in those areas to CN UnityPlayer.dll.
The XOR patch for international UnityPlayer.dll 2.4:
- 181e5edab 8b 08 MOV
+ 181e5edab 31 c9 XOR
There is no such MOV in CN UnityPlayer.dll at 181e5edab. But I kind of knew the XOR patch is meant to prevent a crash caused by invalid read in MOV. So I just start the game with UnityPlayer.dll only patched on shared addresses and expecting a crash.
The game crashed as expect, and I have found crash logs at C:\Users\<username>\Temp\mihoyocrash_*\error.log:
edit: fix path of log file
原神 [version: Unity 2017.4.30f1 (0)]
UnityPlayer.dll caused an Access Violation (0xc0000005)
in module UnityPlayer.dll at 0033:81e686a9.
Error occurred at 2022-02-01_073408.
C:\Program Files\Genshin Impact\Genshin Impact Game\YuanShen.exe, run by <username>.
32% memory in use.
37721 MB physical memory [25604 MB free].
37721 MB paging file [31237 MB free].
134217728 MB user address space [134217728 MB free].
Read from location 0000003c caused an access violation.
Context:
RDI: 0xfff7796c RSI: 0x81d2c2ad RAX: 0x00000038
RBX: 0x0000003c RCX: 0x00000206 RDX: 0x000000b8
RIP: 0x81e686a9 RBP: 0x000ea3ae SegCs: 0x00000033
EFlags: 0x00010216 RSP: 0x0f70f980 SegSs: 0x0000002b
R8: 0x00bc0417 R9: 0x000438a8 R10: 0x81e686a6
R11: 0x0f70fb94 R12: 0x0b310120 R13: 0x0f70fd20
R14: 0x7bc6ce30 R15: 0x0b310110
Bytes at CS:EIP:
44 8b 0b 49 81 c3 04 00 00 00 66 41 03 da 66 0f
Stack:
......
It indicates process crashed in UnityPlayer.dll at 81e686a9 -> 0x181e686a9 because of invalid memory access in 44 8b 0b MOV. So I applied the XOR patch below and the game no longer crashes.
During copy&paste patched bytes in shared areas, I have noticed there are hardcoded hash-like bytes referenced in validation calls mentioned in https://notabug.org/Krock/dawn/src/master/240/UnityPlayer.md#addresses. So I would expect a error since CN UnityPlayer.dll has a different hash with international UnityPlayer.dll and I have only copy&pasted those hash-like bytes without any adaption.
As expect, It failed at integrity checks with error code 31-4302 after logging in.
I guess the next step is to figure out how the validation calls works and how to calculate those encrypted hash values for CN UnityPlayer.dll. @Krock Would you like to give me some hints or disclose some details?
My email address: y0soro@protonmail.com (in case you want to continue the conversation privately)
I am a person who just want to play the game and have some CS/SE knowledge, I know little about reverse engineering and have only limited knowledge about ASM, so don't expect too much on me.
Hi, I have managed to partially port the 2.4 patch to CN variant of UnityPlayer.dll.
Log servers for GI CN client found with mitmproxy on Windows:
* log-upload.mihoyo.com
* uspider.yuanshen.com
The international UnityPlayer.dll and the CN UnityPlayer.dll have same signatures and addresses in .text, .rdata and .data sections, corresponding to patches in https://notabug.org/Krock/dawn/src/master/240/UnityPlayer.md#addresses except the XOR patch. So I just copy&paste patched bytes (including validation bytes) in those areas to CN UnityPlayer.dll.
```
The XOR patch for international UnityPlayer.dll 2.4:
- 181e5edab 8b 08 MOV
+ 181e5edab 31 c9 XOR
```
There is no such MOV in CN UnityPlayer.dll at 181e5edab. But I kind of knew the XOR patch is meant to prevent a crash caused by invalid read in MOV. So I just start the game with UnityPlayer.dll only patched on shared addresses and expecting a crash.
The game crashed as expect, and I have found crash logs at `C:\Users\<username>\Temp\mihoyocrash_*\error.log`:
edit: fix path of log file
```
原神 [version: Unity 2017.4.30f1 (0)]
UnityPlayer.dll caused an Access Violation (0xc0000005)
in module UnityPlayer.dll at 0033:81e686a9.
Error occurred at 2022-02-01_073408.
C:\Program Files\Genshin Impact\Genshin Impact Game\YuanShen.exe, run by <username>.
32% memory in use.
37721 MB physical memory [25604 MB free].
37721 MB paging file [31237 MB free].
134217728 MB user address space [134217728 MB free].
Read from location 0000003c caused an access violation.
Context:
RDI: 0xfff7796c RSI: 0x81d2c2ad RAX: 0x00000038
RBX: 0x0000003c RCX: 0x00000206 RDX: 0x000000b8
RIP: 0x81e686a9 RBP: 0x000ea3ae SegCs: 0x00000033
EFlags: 0x00010216 RSP: 0x0f70f980 SegSs: 0x0000002b
R8: 0x00bc0417 R9: 0x000438a8 R10: 0x81e686a6
R11: 0x0f70fb94 R12: 0x0b310120 R13: 0x0f70fd20
R14: 0x7bc6ce30 R15: 0x0b310110
Bytes at CS:EIP:
44 8b 0b 49 81 c3 04 00 00 00 66 41 03 da 66 0f
Stack:
......
```
It indicates process crashed in UnityPlayer.dll at 81e686a9 -> 0x181e686a9 because of invalid memory access in 44 8b 0b MOV. So I applied the XOR patch below and the game no longer crashes.
```
The XOR patch for CN UnityPlayer.dll 2.4:
- 181e686a9 44 8b 08 MOV
+ 181e686a9 90 NOP
+ 181e686aa 31 c9 XOR ECX, ECX # ECX:=0
```
During copy&paste patched bytes in shared areas, I have noticed there are hardcoded hash-like bytes referenced in validation calls mentioned in https://notabug.org/Krock/dawn/src/master/240/UnityPlayer.md#addresses. So I would expect a error since CN UnityPlayer.dll has a different hash with international UnityPlayer.dll and I have only copy&pasted those hash-like bytes without any adaption.
As expect, It failed at integrity checks with error code 31-4302 after logging in.
I guess the next step is to figure out how the validation calls works and how to calculate those encrypted hash values for CN UnityPlayer.dll. @Krock Would you like to give me some hints or disclose some details?
Regarding UserAssembly.dll, it's possible to export symbols using mihoyo plugin of
Il2CppInspector with https://github.com/djkaty/Il2CppInspectorPlugins/pull/4/commits/02c8483c396d61dabe680aa2ccadfd704797fde1 patch applied, no matter which UnityPlayer.dll being used for decrypting global-metadata.dat.
My email address: y0soro@protonmail.com (in case you want to continue the conversation privately)
I am a person who just want to play the game and have some CS/SE knowledge, I know little about reverse engineering and have only limited knowledge about ASM, so don't expect too much on me.
If you want a full script, @Krock is planning to integrate the patch into this repo, so stay tuned.
Hi,
With the help of @Krock, I have successfully created a working patch for UnityPlayer.dll of YuanShen (Genshin Chinese version) 2.4:
https://notabug.org/y0soro/dawn-cn/raw/75cf813c40dd4b9d752e0c93601022f6e2308494/240/patch_files/UnityPlayer.dll.vcdiff
md5sum of UnityPlayer.dll.vcdiff: 3f8c1b8988d23928efff3c43afed1b09
I have played the game for several hours with my test account, no crash or error has been observed so far.
Manually patching:
```sh
cd '<YuanShen root dir>/Genshin Impact game'
# backup UnityPlayer.dll
# md5sum of the file should be 67db43b7c2c2a1d09093ea54cd3cf7b8
mv UnityPlayer.dll UnityPlayer.dll.bak
# patch UnityPlayer.dll
xdelta3 -d -s UnityPlayer.dll.bak "<patch dir>/UnityPlayer.dll.vcdiff" UnityPlayer.dll
# rename upload_crash.exe
mv YuanShen_Data/upload_crash.exe YuanShen_Data/upload_crash.exe.bak
```
Also add following lines to /etc/hosts for blocking accesses to CN log servers.
```
0.0.0.0 log-upload.mihoyo.com
0.0.0.0 uspider.yuanshen.com
```
edit: fix hash and path
You might also want to apply https://notabug.org/Krock/dawn/src/9e175bbff3dd71f66f285613068e5c5afdd249f6/240/patch_files/launcher.bat#L39-L41 in WINEPREFIX of YuanShen game.
If you want a full script, @Krock is planning to integrate the patch into this repo, so stay tuned.
Thank you very much for this contribution. The submitted patch does correspond do the current patching process.
Added in 47888a9b04. The patch and patch_revert scripts will work for both versions now.
PS: There's a mismatch between your UnityPlayer.dll md5sum in the code above and the one I obtained from the official servers. Also the game paths are slightly different (YuanShen). I assume my version is correct, otherwise please let me know.
Thank you very much for this contribution. The submitted patch does correspond do the current patching process.
Added in 47888a9b04. The patch and patch_revert scripts will work for both versions now.
PS: There's a mismatch between your UnityPlayer.dll md5sum in the code above and the one I obtained from the official servers. Also the game paths are slightly different (YuanShen). I assume my version is correct, otherwise please let me know.
This should be "log-upload.mihoyo.com" instead of "log-upload-os.mihoyo.com". @Krock
https://notabug.org/Krock/dawn/commit/47888a9b04082d8122464de33887e06f40f153c7#diff-092aa07a63f022c3aec906662904f049a40a44aR94
This should be "log-upload.mihoyo.com" instead of "log-upload-os.mihoyo.com". @Krock
Thanks for the awesome project,
Its very nice.
It seem does not supports the Chinese version,
which named YuanShen from mihoyo offcial website.
which difference to the international version
UnityPlayer.dll
not samepatch output
strictly abide the rules
LINK REMOVED BY KROCK (after download)
↑↑↑ I will delete it after 48 hours.
Regards,
Pekaikon Norckon
come to my house to blow the air conditioner tonight
Does it work if you remove the hash check? It could be some error messages different or something. Make sure to use an account you don't mind getting banned though.
thanks for the memtion,
i dont mind getting banned :D
i have tried remove the hash check,
but still not working.
xdelta3
report errors here.RIP.
Are you unable to use the international version? It has Chinese as a language option and server select has an Asia server (I'm not sure if the Asia server is the same as the china server though).
Download link: https://ys-api-os.mihoyo.com/event/download_porter/link/ys_global/genshinimpactpc/default
Direct link if that doesn't work: https://genshinimpact.mihoyo.com/client_app/launcher/20201223_d3fcf5785e92e37a/GenshinImpact_install_20201211165103.exe
thank you for the fast reply,
unfortunately,
the asian server is for all of asia without china,
due to chinese law and payment.
i can play chinese version in cloud gamming service,
but have a little bit of frame loss
and thanks for your suggestion,
maybe transform to international server is another choice.
Are you sure this is the 1.2.0 binary? Its timestamp is 09 Dec, rather than the official release date of 23 Dec.
Progress (editing gradually)
We can try to use the globally accepted values, maybe they work on all servers.
EDIT99: need some more time.
@dfc643 With some luck this patch here should work. https://www.privfile.com/download.php?fid=5fe488e5343c3-NDk4NQ==
Please report back whether this results in the error code 31-4302.
@Krock Thanks for your soooo quickly reply!
i am make sure thats 1.2.0 (in downloader title shows)
i will try this patch and reply soon :D
@Krock yeh the new patch it works!
but its really reports error 31-4302
i modified laucnher.bat like this
and there two new domain detected from my router
the china standard time is 10:11 pm now,
if i have no reply, i will test and reply after 8 hours.
and MERRY XMAS !!!!
So to get your version running you'd need to check whether UserAssembly.dll is the same (as in addresses), run the game on a Windows machine, and dump the correct values from memory. If you know how assembly/pointers/Cheat Engine works we could give that a try, otherwise try to use the international version somehow, or play it in the cloud.
Merry Christmas.
Morning,
thats sorry,
i donot know how to dump from memory.
here is chinese version dl link:
https://ys-api.mihoyo.com/event/download_porter/link/ys_cn/official/pc_default
https://autopatchcn.yuanshen.com/client_app/launcher/20201223_0e73b7176043c3a1/yuanshen_setup_mihoyo_20201211012054.exe
if you dont mind,
i repost this issue to
bbs.deepin.org
linux forumto get someone helps?
if you need a account to do the test,
i can provide one.
Merry Christmas
How many people are interested in this? How bad is the cloud service?
Patching the international version already takes a few hours of work and a good amount of nerves. Thus I am not keen setting up another (Chinese) game variant on my machine. However, only if...
.. then I might set up the patch files for you.
Otherwise decompile your UserAssembly version, read out the hash values on a working Windows machine and complete the patch I sent earlier.
Or tweak your cloud service for better gameplay, if that is possible.
That's all I can offer. Sorry for being so direct, but I cannot find a better way to express myself.
hello,
thank you do a lot things of the project
there so many linux user want play in china,
the cloud service is expensive (2 rmb/hrs) and slowly...
that i am a linux server maintenance staff,
isnt know more things of reverse engineering.
but i think repost the issue to chinese linux forum,
there will have someone can helps to finish the patch of chinese version.
i think that is the best way if you not mind.
@dfc643 Feel free to ask for volunteers on the deepin forums. My conditions will remain the same as stated above.
Please keep in mind that each public mention of this repository increases the chances for miHoYo to find it.
EDIT: Interesting domains. I did not capture those in Wireshark, hence I don't know whether they need blocking.
@Krock Happy New Year,
Thats looooooong time no see due to my works.
I tried ask for somebody at deepin forum,
https://bbs.deepin.org/post/209242
and using wrong character instead the game name.
the two domains is report from my router traffic list.
How do you find addresses for patching? I managed to find first function, but can't figure out location for second one. Any tips?
@vero I re-uploaded the skeleton patch to the repository just now. <-- contains all basic functions you need.
EDIT: Instructions removed from this post. Please write me an email
If you're successful, the game will crash before showing the 7 element symbols after login. If you got that far, try to apply the anti_logincrash patch or migrate that to the CN version as well.
EDIT3 (I think?): If you found all addresses you can use byte matching to find the functions in the next release -- given they did not add any additional hurdles.
Chinese version 1.4.0 is already available for pre-download:
https://autopatchcn.yuanshen.com/client_app/pc_mihoyo/20210317_67c8f1002bb26672/YuanShen_1.4.0.zip
Maybe it's worth looking at in preparation for global 1.4.0?
(Feel free to delete/edit this message if you think it's dangerous in some way. I think it's not, but your word is last here, @Krock.)
@Alex72 Thank you for the input. Whereas this would allow some preparation, it would only cause more effort to partially decompile the international version afterwards. Not worth the hassle IMO.
Actually with a bit of magic you can get a global version:
https://autopatchhk.yuanshen.com/client_app/pc_mihoyo/20210317_67c8f1002bb26672/GenshinImpact_1.4.0.zip
i have replaced all the modified files,it doesn't work.
but i find you can replace 20527480.blk change to chinese version.
so I uploaded the file to the mega
https://mega.nz/file/6pwwSAYL#-4ssj9vXCYE9hlqfdMnl1OPtMts0rf4vmK64nVrdt6g
The Chinese server uses slightly different binary files which need another patch file in order to join the game.
Simply copying files from the international version won't let you enter the CN game server. Would you mind elaborating what's special about this *.blk file?
20527480.blk
contains channel config (dispatch server URL) as well as logging servers URLs and some other stuff.Technically it may be possible to swap it between CN and global versions to make it connect to the server it's not supposed to, but I can't confirm nor deny this. Probably you'll need to patch
asset_index
too, because it contains hash of all assets used in the game.Furthermore it would require to modify the client name to match the international version, or the sent login data would be highly suspicious. It it were that simple, an
/etc/hosts
rule might work too once UnityPlayer.dll is patched.It could be that the international server domains are blocked in China, unless proven otherwise, it might be only wasted effort.
Hello, if you want to continue the purpose of the work order, what else needs to be done now?
This issue is limited by:
Hopefully the Steam Deck hype is big enough to motivate the developers to make their game Linux compatible in the next few game versions.
If you think that you are capable of writing a patch for a CN installation, please write me an email so that we can have a look at it.
I would like to ask about the level of debugging required. Is a host that can start the game without guaranteeing the smoothness of the screen is sufficient for debugging?
@icecat Yes. Rendering performance (i.e. FPS) does not matter as long it can run the game. The patch procedure is (on my side) well established, hence the actual debugging after a version update + content download is a matter of a few minutes. Most of the effort is required at preparing the assembly modifications and the file organization.
Are there specific system requirements? (system version?) I may try my best to accomplish this in my free time, although it may be very long
@icecat There are no specific requirements for this patch. Like stated on the official website, Windows 7 or newer is required. Windows 10 AME 2004 does work too after manual GPU driver setup. The GPU must support at least DirectX 11 to not deal with software rendering annoyances.
If you would like to spend your free time on this issue, I would appreciate if we could continue this conversation by email (see git commits, LICENSE.txt).
Hi, I have managed to partially port the 2.4 patch to CN variant of UnityPlayer.dll.
Log servers for GI CN client found with mitmproxy on Windows:
The international UnityPlayer.dll and the CN UnityPlayer.dll have same signatures and addresses in .text, .rdata and .data sections, corresponding to patches in https://notabug.org/Krock/dawn/src/master/240/UnityPlayer.md#addresses except the XOR patch. So I just copy&paste patched bytes (including validation bytes) in those areas to CN UnityPlayer.dll.
There is no such MOV in CN UnityPlayer.dll at 181e5edab. But I kind of knew the XOR patch is meant to prevent a crash caused by invalid read in MOV. So I just start the game with UnityPlayer.dll only patched on shared addresses and expecting a crash.
The game crashed as expect, and I have found crash logs at
C:\Users\<username>\Temp\mihoyocrash_*\error.log
:edit: fix path of log file
It indicates process crashed in UnityPlayer.dll at 81e686a9 -> 0x181e686a9 because of invalid memory access in 44 8b 0b MOV. So I applied the XOR patch below and the game no longer crashes.
During copy&paste patched bytes in shared areas, I have noticed there are hardcoded hash-like bytes referenced in validation calls mentioned in https://notabug.org/Krock/dawn/src/master/240/UnityPlayer.md#addresses. So I would expect a error since CN UnityPlayer.dll has a different hash with international UnityPlayer.dll and I have only copy&pasted those hash-like bytes without any adaption.
As expect, It failed at integrity checks with error code 31-4302 after logging in.
I guess the next step is to figure out how the validation calls works and how to calculate those encrypted hash values for CN UnityPlayer.dll. @Krock Would you like to give me some hints or disclose some details?
Regarding UserAssembly.dll, it's possible to export symbols using mihoyo plugin of Il2CppInspector with https://github.com/djkaty/Il2CppInspectorPlugins/pull/4/commits/02c8483c396d61dabe680aa2ccadfd704797fde1 patch applied, no matter which UnityPlayer.dll being used for decrypting global-metadata.dat.
My email address: y0soro@protonmail.com (in case you want to continue the conversation privately)
I am a person who just want to play the game and have some CS/SE knowledge, I know little about reverse engineering and have only limited knowledge about ASM, so don't expect too much on me.
You're doing great so far. I continued this discussion by email to avoid spreading details to the wrong people.
Hi,
With the help of @Krock, I have successfully created a working patch for UnityPlayer.dll of YuanShen (Genshin Chinese version) 2.4:
https://notabug.org/y0soro/dawn-cn/raw/75cf813c40dd4b9d752e0c93601022f6e2308494/240/patch_files/UnityPlayer.dll.vcdiff
md5sum of UnityPlayer.dll.vcdiff: 3f8c1b8988d23928efff3c43afed1b09
I have played the game for several hours with my test account, no crash or error has been observed so far.
Manually patching:
Also add following lines to /etc/hosts for blocking accesses to CN log servers.
edit: fix hash and path
You might also want to apply https://notabug.org/Krock/dawn/src/9e175bbff3dd71f66f285613068e5c5afdd249f6/240/patch_files/launcher.bat#L39-L41 in WINEPREFIX of YuanShen game.
If you want a full script, @Krock is planning to integrate the patch into this repo, so stay tuned.
Thank you very much for this contribution. The submitted patch does correspond do the current patching process.
Added in 47888a9b04. The patch and patch_revert scripts will work for both versions now.
PS: There's a mismatch between your UnityPlayer.dll md5sum in the code above and the one I obtained from the official servers. Also the game paths are slightly different (YuanShen). I assume my version is correct, otherwise please let me know.
Yeah, the md5sum should be 67db43b7c2c2a1d09093ea54cd3cf7b8. Just a miss operation.
47888a9b04
This should be "log-upload.mihoyo.com" instead of "log-upload-os.mihoyo.com". @Krock