Page 1 of 1

[MSN] how to use older version when there is forced update

Posted: Fri Nov 06, 2009 12:43 pm
by Sethioz
/////////////////////////////////////////////////////////////////////////
NOTE >>> proxocket does not work anymore !! do not try to use proxocket to bypass this check ! using reshacker is only way right now
/////////////////////////////////////////////////////////////////////////



Patch for 2008 build 8.5.1302.xxxx > > MSN messenger patch <

This is basic tutorial which shows you how you can still use your favorite msn messenger, if there is a forced update upon login.
it means that when you try to login, it will tell you that in order to use msn messenger (windows live) you need to downoad the latest version.

Tools needed:
WPE pro
proxocket(optional)



1. open WPE pro
2. in wpe pro, open msnmsgr.exe as process
3. press that play arrow in order to start capture
4. log into msn (it fails probably if you have old version)
5. now click stop button in wpe pro. (window appears with packets)
6. find the version information sent and recieved by msn

/////////////////////////////////////////////////////////////////////////

NOTE - it is easier to do this using proxocket only. so follow this part
put the following code into a file and call it "myproxocket.c"
use this file, instead of original "myproxocket.c"

Code: Select all

#include "proxocket_defines.h"



    /* code which adds Winsock support to your hook, so you can use the original functions everytime you want! */

static HMODULE wsock = NULL;
static int (*connect)(SOCKET s, const struct sockaddr *name, int namelen) = NULL;
static SOCKET (*accept)(SOCKET s, const struct sockaddr *name, int namelen) = NULL;
static int (*bind)(SOCKET s, const struct sockaddr *name, int namelen) = NULL;
static int (*close)(SOCKET s) = NULL;
static int (*recv)(SOCKET s, char *buf, int len, int flags) = NULL;
static int (*recvfrom)(SOCKET s, char *buf, int len, int flags, struct sockaddr *from, int *fromlen) = NULL;
static int (*send)(SOCKET s, char *buf, int len, int flags) = NULL;
static int (*sendto)(SOCKET s, char *tbuf, int len, int flags, const struct sockaddr *to, int tolen) = NULL;



void init_myproxocket(void) {   // in this example I use this function for loading the real sockets function in case we want to use them
    char    winpath[MAX_PATH];

    if(wsock) return;

    GetSystemDirectory(winpath, sizeof(winpath));
    strcat(winpath, "\\ws2_32.dll");

    wsock = LoadLibrary(winpath);
    if(!wsock) return;

    connect   = (void *)GetProcAddress(wsock, "connect");
    accept    = (void *)GetProcAddress(wsock, "accept");
    bind      = (void *)GetProcAddress(wsock, "bind");
    close     = (void *)GetProcAddress(wsock, "close");
    recv      = (void *)GetProcAddress(wsock, "recv");
    recvfrom  = (void *)GetProcAddress(wsock, "recvfrom");
    send      = (void *)GetProcAddress(wsock, "send");
    sendto    = (void *)GetProcAddress(wsock, "sendto");
}



void free_myproxocket(void) {
    if(wsock) {
        FreeLibrary(wsock);
        wsock = NULL;
    }
}



    // this function can be used also to know only if a string exists or not, it's enough to use NULL instead of new like in the example in myrecv
u8 *find_replace_string(u8 *buf, int *len, u8 *old, u8 *new) {
    int     i,
            tlen,
            oldlen,
            newlen,
            found;
    u8      *nbuf,
            *p;

    found  = 0;
    oldlen = strlen(old);
    tlen   = *len - oldlen;

    for(i = 0; i <= tlen; i++) {
        if(!strnicmp(buf + i, old, oldlen)) found++;
    }
    if(!found) return(buf); // nothing to change

    if(!new) return(NULL);  // if we want to know only if the searched string has been found, we will get NULL if yes
    newlen = strlen(new);

    if(newlen <= oldlen) {  // if the length of new string is equal/minor than the old one don't waste space for another buffer
        nbuf = buf;
    } else {                // allocate the new size
        nbuf = malloc(*len + ((newlen - oldlen) * found));
    }

    p = nbuf;
    for(i = 0; i <= tlen;) {
        if(!strnicmp(buf + i, old, oldlen)) {
            memcpy(p, new, newlen);
            p += newlen;
            i += oldlen;
        } else {
            *p++ = buf[i];
            i++;
        }
    }
    while(i < *len) {
        *p++ = buf[i];
        i++;
    }
    *len = p - nbuf;
    return(nbuf);
}



uint32_t str2ip(uint8_t *data) {
    unsigned    a, b, c, d;

    if(!data[0]) return(0);
    sscanf(data, "%u.%u.%u.%u", &a, &b, &c, &d);
    return((a & 0xff) | ((b & 0xff) << 8) | ((c & 0xff) << 16) | ((d & 0xff) << 24));
}



uint8_t *ip2str(uint32_t ip) {
    static uint8_t  data[16];

    sprintf(data, "%hhu.%hhu.%hhu.%hhu",
        (ip & 0xff), ((ip >> 8) & 0xff), ((ip >> 16) & 0xff), ((ip >> 24) & 0xff));
    return(data);
}


uint16_t net16(uint16_t num) {
    int         endian = 1; // big endian

    if(!*(char *)&endian) return(num);
    return((num << 8) | (num >> 8));
}



uint32_t net32(uint32_t num) {
    int         endian = 1; // big endian

    if(!*(char *)&endian) return(num);
    return(((num & 0xff000000) >> 24) |
           ((num & 0x00ff0000) >>  8) |
           ((num & 0x0000ff00) <<  8) |
           ((num & 0x000000ff) << 24));
}



#define htons       net16
#define ntohs       net16
#define htonl       net32
#define ntohl       net32
#define inet_ntoa   ip2str
#define inet_addr   str2ip




int mysend(SOCKET s, u_char **retbuf, int len, int flags) {
u_char *buf = *retbuf; // do NOT touch this

buf = find_replace_string(buf, &len, "replace this", "with this");

*retbuf = buf; // do NOT touch this
return(len);
}



BOOL WINAPI DllMain(HINSTANCE hinstDLL, DWORD fdwReason, LPVOID lpReserved) {
    switch(fdwReason) {
        case DLL_PROCESS_ATTACH: {
            DisableThreadLibraryCalls(hinstDLL);
            init_myproxocket(); // put your init here
            break;
        }
        case DLL_PROCESS_DETACH: {
            free_myproxocket(); // put anything to free here
            break;
        }
        default: break;
    }
    return(TRUE);
}

> "replace this" - put your current version info here
> "with this" - this is the version info you want to show, put some ridiculously big version

for example, i have this in there:

Code: Select all

buf = find_replace_string(buf, &len, "14.0.8089", "55.4.2012");
so it replaces 14.0.8089 with this 55.4.2012

NOTE - make sure that both are same lenght. if yours have 9 digits, then replacement must be 9 digits too !

/////////////////////////////////////////////////////////////////////////

- now we fool the client to think that there are no new versions available
- i will take my own msn version as example and the current newest (06.nov.2009)
7. now once you have found the version it recieves (14.0.8089) you make filter.
8. in wpe click on the filter and click on edit button (that pen like button)
9. click on advanced
10. into SEARCH you type the version it recieves which is 14.0.8089.
- from the packet you found before, you will take the HEX conversion of it, which is:

Code: Select all

31 34 2e 30 2e 38 30 38 39 20
- 20 < you need this too. its SPACE after the version

and into MODIFY you put your current version, which your messenger sends (you can get it from packet again. mine would be:

Code: Select all

38 2e 35 2e 31 33 30 32 20 00
- 00 < why is this here, is because my current version is shorter than new one. msn will not work if packet's lenght is not same (it will if you modifiy the packet lenght too), but its easier to add NULL string behind it, which is 00 in hex.

11. now in "filter edit" window you will go down and disable "send" and "sendto".
- it is located where it says "search in". do this for both, winsock 1.1 and winsock 2.0 or it will not work.
- keep it "the beginning of the packet"

12. now click apply
13. check the checkbox in front of the filter you just edited
14. now enable filters with the button which has small "on" on it (it is 3rd button from right)

you are done, now simply log into msn again and it will log you in. it will still give you the popup that you need to download new version, but it doesn't matter, because it logs you into msn too. you just click no.

NOTE - make sure you disable capture when enabling filters. (stop capture, do not keep it on play or it wont work)


///////////////////////////////////////////////////////////////////////////////////////////////////////////

i will work on it lil bit more soon and disable the annoying popup too. don't worry i will update this thread when im done with it.
i most likely will write a permanent filter using proxocket, so you wont have to run wpe pro each time.

Re: [MSN] how to use older version when there is forced update

Posted: Fri Nov 06, 2009 4:42 pm
by TeamRetox
I used reshacker to change the version info, works fine too :)
attached the patched exe
edit: Since the version number is patched it also doesnt give the 'theres a newer version message' =D
edit2: fixed msn+ issues

Re: [MSN] how to use older version when there is forced update

Posted: Fri Nov 06, 2009 5:09 pm
by Sethioz
i tried that some time ago and it fucked up everything for me. msn said that its invalid and wanted to install and then it corrupted itself and didnt even install. i had to spend next few hours to clean this shit out. like ALL msn files (msn, messenger, wlm, live, wlmessenger blablabla), then after cleaning like 100 folders from program files and documents ..etc. i repeated that step in registry. after that i managed to install it again.

i will give it a shot in vbox and update this thread.


UPDATE:
works now, it was my fucked up msn installation from last time. i just replaced my msn folder with new installation (8.5) and now it works fine.

Re: [MSN] how to use older version when there is forced update

Posted: Sat Nov 07, 2009 12:44 pm
by Sethioz
added into downloads > MSN messenger patch <

Re: [MSN] how to use older version when there is forced upda

Posted: Sat Dec 18, 2010 11:04 pm
by Sethioz
@TeamRetox: i still don't know how you managed to do this. i checked the msnmsgr.exe with reshacker, i saw the places where you changed the info. I changed it from 14.0.8089 (this is what you put in there) to 55.2.2012 or something like it.
as soon as i start msn, it wants to INSTALL, instead of just starting. it will start eventually, but it fucks around too much.

i couldn't think of anything else than using proxocket to make permanent filter to change from 14.0.8089 to 55.2.2012. now it works fine and if i monitor the packets, it really says 55.2.2012
i was thinking about it, that its only the specific check they do. if version is something that they wont reconize, it doesn't say anything.
so put some ridiculously high info and it should never ask to update ever again.

DETAILS on how to use proxocket is in FIRST post ! i updated it.

Re: [MSN] how to use older version when there is forced upda

Posted: Fri Jan 21, 2011 1:39 am
by Sethioz
i think microsoft is following this thread or something. it is now impossible to do this using proxocket, msn added some https in it. it now performs the version check twice, one of them being https connection.
so only way is to use reshacker and patch it yourself.