==================================================================================== # # this file has been created for the Lame patcher program available for both *nix # and Windows platforms. # You need this program for continuing the patching of your files: # # http://aluigi.org/mytoolz.htm#lpatch # # Quick step-by-step for Windows: # - launch lpatch.exe # - select this haloloopfix.lpatch file # - read the message windows and click yes # - select the file halo.exe or haloded.exe to patch # - read the message windows to know if everything has been patched correctly # - test your game TITLE Halo 1.04 haloloop fix 0.1 by Luigi Auriemma e-mail: aluigi@autistici.org web: aluigi.org INTRO This unofficial patch is referred to the bug described here: . . http://aluigi.org/adv/haloloop-adv.txt . Although the patch 1.07 fixes this and other bugs seems that many people still use the bugged 1.04 version, that's why I have created this fix. Do NOT apply this patch to versions major than 1.04! . If you are unsure if your server is vulnerable please use the proof-of-concept provided there. . The solution I have adopted for fixing this bug is the most simple on the earth: I have just taken the patched function of version 1.07 and I have placed it in the 1.04 executable. . This patch has been created only for the 1.04 version of the game and dedicated server, older versions will be NOT supported by me so don't ask. FILE halo*.exe // 0x5109c0 -> 0x510b19 BYTES_ORIGINAL 83 ec 20 53 55 8b 6c 24 2c 8b 55 0c 56 33 f6 32 db 3b d6 0f 84 2d 01 00 00 8b 42 0c 2b 42 08 79 03 03 42 10 3b c6 0f 8e 1a 01 00 00 56 8d 44 24 34 6a 02 50 89 74 24 18 e8 63 ba fe ff 83 c4 0c 84 c0 0f 84 fe 00 00 00 57 8b 3d 7c b8 69 00 8d 4c 24 34 8d 54 24 14 89 4c 24 18 52 8b c7 8d 4c 24 14 89 74 24 28 89 74 24 24 c7 44 24 18 01 00 00 00 89 74 24 20 c7 44 24 2c 0f 00 00 00 c7 44 24 30 10 00 00 00 e8 55 ae fe ff 83 c4 04 3b c7 0f 94 c0 84 c0 0f 84 b4 00 00 00 8b 44 24 3c 8b c8 81 e1 07 00 00 80 79 05 49 83 c9 f8 41 8b 5c 24 10 f7 d9 1b c9 99 83 e2 07 03 c2 f7 d9 c1 f8 03 03 c8 3b d9 7f 6c 8b 54 24 38 6a 01 53 52 8b 55 0c e8 c9 b9 fe ff 8b 44 24 54 83 c4 0c 3b c6 74 32 8b 7d 00 8b f0 e8 c4 b4 f4 ff 66 85 c0 8b 3d 7c b8 69 00 74 1d 33 c9 8b c6 8b d0 89 0a 89 4a 04 89 4a 08 89 4a 0c 89 4a 10 89 4a 14 66 c7 40 10 04 00 8b 44 24 40 8b 54 24 44 8d 0c dd 00 00 00 00 89 38 2b cf 5f 5e 5d 89 0a b0 01 5b 83 c4 20 c3 8b 6d 0c 5f 89 75 0c 89 75 08 5e 5d 32 c0 5b 83 c4 20 c3 5e 5d 8a c3 5b 83 c4 20 c3 5f 5e 5d 8a c3 5b 83 c4 20 c3 // 0x510aa0 -> 0x510bff BYTES_PATCH 83 ec 24 53 55 8b 6c 24 38 56 8b 74 24 34 8b 56 0c 33 db 3b d3 0f 84 3b 01 00 00 8b 42 0c 2b 42 08 79 03 03 42 10 3b c3 0f 8e 28 01 00 00 53 8d 44 24 10 6a 02 50 89 5c 24 1c e8 61 ba fe ff 83 c4 0c 3a c3 0f 84 0c 01 00 00 57 8b 3d 7c b8 69 00 8d 4c 24 10 8d 54 24 18 89 4c 24 1c 52 8b c7 8d 4c 24 18 89 5c 24 2c 89 5c 24 28 c7 44 24 1c 01 00 00 00 89 5c 24 24 c7 44 24 30 0f 00 00 00 c7 44 24 34 10 00 00 00 e8 53 ae fe ff 83 c4 04 3b c7 0f 94 c0 3a c3 0f 84 af 00 00 00 8b cd 81 e1 07 00 00 80 79 05 49 83 c9 f8 41 f7 d9 1b c9 8b c5 8b 6c 24 14 99 83 e2 07 03 c2 f7 d9 c1 f8 03 03 c8 3b e9 7f 7c 8b 56 0c 8b 42 0c 2b 42 08 79 03 03 42 10 3b e8 7f 6a 8b 44 24 3c 6a 01 55 50 e8 ba b9 fe ff 8b 74 24 58 83 c4 0c 3b f3 74 33 8b 4c 24 38 8b 39 e8 b4 b4 f4 ff 66 85 c0 8b 3d 7c b8 69 00 74 1d 33 d2 8b c6 8b c8 89 11 89 51 04 89 51 08 89 51 0c 89 51 10 89 51 14 66 c7 40 10 04 00 8b 54 24 44 8b 4c 24 48 8d 04 ed 00 00 00 00 2b c7 89 3a 5f 5e 5d 89 01 b0 01 5b 83 c4 24 c3 8b 46 0c 89 58 0c 89 58 08 5f 5e 5d 8a c3 5b 83 c4 24 c3 5e 5d 8a c3 5b 83 c4 24 c3 // mov bl, 1... yes it's the SAME done by 1.07!!! BYTES_ORIGINAL f6 40 0c 01 74 14 8b 4c 24 14 56 51 e8 41 00 00 00 8a d8 // mov bl, al 83 c4 08 84 db 75 0a 6a 00 e8 a1 d5 ff ff BYTES_PATCH f6 40 0c 01 74 14 8b 4c 24 14 56 51 e8 41 00 00 00 b3 01 // mov bl, 1 83 c4 08 84 db 75 0a 6a 00 e8 a1 d5 ff ff ====================================================================================