BnS Buddy (at least) implements multi-client support by adding Evengard's anti-GameGuard bypass into clients, since even though GameGuard is no longer being used, it still has the functionality of preventing clients from detecting each other. Evengard never shipped source, and I would like to not ship mystery binaries (or run them as admin myself, for that matter) if at all possible.

A quick analysis of the bnsnogg binaries show that it's a winmm.dll proxy generated through Dll_Wrapper_Gen. I expect the majority of the binary deals with spoofing GameGuard, but they mention IAT hooking in their thread so I suppose that's what's being employed here.

If I'm right, the functions being hooked are GetCurrentProcessId, CreateFileW, and CreateMutexW... I'm not immediately sure what GetCurrentProcessId would be useful for, but the CreateFileW hook I suspect is for redirecting config lookups to get past the launcher verification, which leaves CreateMutexW for bypassing the client check -- which makes sense, since named mutexes would be a good fit for this task.

So, I think that stripping the name from all mutexes as they're being created would prevent the clients from looking themselves up. Something like:

HANDLE WINAPI MyCreateMutex(
	_In_opt_ LPSECURITY_ATTRIBUTES lpMutexAttributes,
	_In_     BOOL                  bInitialOwner,
	_In_opt_ LPCTSTR               lpName
) {
	return CreateMutex(lpMutexAttributes, bInitialOwner, NULL);
}

However, a test using Dll_Wrapper_Gen proxying version.dll and the IAT patching from agent.c did not yield anything promising... the DLL got loaded, but received no CreateMutexW calls. Perhaps I'm doing something wrong.

after pressing "launch" nothing happens, the ncsoft launcher does not seem to start, it does start without using bnsboost. Maybe its better to intergrate Log4net for better error handling.

DLL or xml or any valable option for translation menus, button labels etc. without compiling anything.

Im not a coder, so when I edited Form.Designer.cs and compile project, .dat extraction section gave me error. I have vague conception why, but Im not gonna learn C for this corrections. Other than that my lang correctly applied.

So if you do separate file for that purpose and add drop-box for lang preferences (copypaste .xml or w\e -> translate -> rename with prefix RU for example -> RU appears on dropdown menu), it will be nice.

Hey, just did a fresh Win7 install and I'm getting this after pressing 'launch' (tried1.2.2 and 1.30)

details.txt

Worked fine before.

edit: OK I just noticed the other thread -_- I tried everything posted there, nothing works.

It'd be a good idea to have an option for launching the game in file repair mode directly, to fix broken installs.

I'm thinking a Repair! button next to the current launch button, which would destroy BNSBoost's unpatched directories and start the launcher. The launcher would then repair files, and we can hook CreateProcessW to kill the launcher and redirect back to BNSBoost once the repair is complete.

The current bypass is suboptimal, since it requires shipping mystery binaries found on Reddit. It also doesn't work for 64-bit clients, since the x3.xem was compiled for x86.

It should be possible to repurpose https://github.com/VirtualPuppet/XignCode3-bypass to build alongside BNSBoost, and generate both x86 and x64 binaries on build.

Hey @Xyene long time! :)

Just wanted to add here, since you've implemented a XIGNCODE bypass you should probably remove or modify the phrasing on this line in the README:

BNSBoost never touches the game client (Client.exe), only its launcher.

Also it would probably be good to give attribution to who originally made the bypass. Dunno where you got this x3.xem from since it appears to be (slightly) modified, but the code originally came from VirtualPuppet/XignCode3-bypass.

The game takes way too long to exit. There's an exit-game-waiting-time option in the XML, but it doesn't seem to do anything. Perhaps it would be possible to detect some winapi call sequence the client performs only on exit, and just kill all open sockets + exit(0) there. This would probably need a lot of testing to ensure the conditions for the auto-kill aren't fulfilled anytime during regular gameplay 😅

As title.

Hi again @Xyene,

I ported your code to use a fake steam_api.dll as an entry point, so that it gets automatically loaded into NCLauncher's address space. This is nice because it doesn't require the use of an injector, or a UI for configuration. Also by the very nature of the entry point, it is no longer necessary to programatically search for NCLauncherR.exe's location.

I also tried to make it as game-agnostic as possible by giving the user the option to specify their own custom command line arguments in an init.ini file. This is assuming that it is used with a launcher that also imports steam_api.dll, is vulnerable to IAT manipulation and uses the same APIs, etc., though with a little work it could be made compatible with a wide variety of game launchers.

All of the changes I've made have been documented in the README.

You can find it here https://github.com/zeffy/bnsboost-steam_api.dll

If you want to use it as a base for future updates to BNSBoost, or want to use any of the source code I added, by all means feel free. Right now it doesn't make use of any secure string functions, so that will probably be what I work on next.

Just thought I would let you know what I did with your already awesome project. :)

Peace. ✌️

As I see you guys making somewhat similar to Buddy (I prefer BNSBoost for simplicity and making the job), can you also add then function to replace xml strings with direct swapping full string or\and regExp, like they did in Buddy. Its good you got some cool options and not only DPS-meter, but I have some customs that Im doing thru xml-editing each major patch that adding strings to xmls.

Still nothing about localization. Well. And they changed system so xigncode bypass (updated 11 months yeah) not working for some time already. Pointless to build it alongside if its old.

Since BNS is gonna update their anti cheat system to Xigncode3, my question is,
is it still possible to use BNSboost after the update?

I don't want anything particularly fancy since I don't want to be responsible if e.g. my DNS gets hacked, so I'd like to keep this simple -- load up https://api.github.com/repos/Xyene/BNSBoost/releases on boot, and see if the latest version release date is newer than the executable's last modified time. If so, prompt the user to go update (open in browser button).

Auto-updating is entirely out of the scope of this issue.