Red Dead Redemption 2

[SunBeam]

Hello folks,

Been hearing about this game that there's some anti-cheat in place and decided to create this topic for free discussions on the matter. STN has been kind enough to let me try out the game (112 GB?!?!? dafuq). So here's my several observations after 10-20 minutes of game run:

a) while riding that horse in the beginning through the storm I can say the textures weren't properly loaded in some places, whereas moon rays were solid instead of transparent and blocks of white shit were up across the map, which you could walk into; later on, it all got clear; not to mention the default settings were set to Ultra, which basically reduced my resolution to compensate for the GFX RAM.. seriously, Rockstar..

b) the EP and some functions in the game are using something similar to what I've experienced with Blizzard's Battle.net.dll a few years ago; they use the same method for mutating jumps that I've seen with Blizzard:

Code: Select all

00007FF61B4BC509 | 8B05 BE9FB6FF                          | MOV EAX,DWORD PTR DS:[7FF61B0264CD]                               |
00007FF61B4BC50F | 8B15 2681ECFF                          | MOV EDX,DWORD PTR DS:[7FF61B38463B]                               |
00007FF61B4BC515 | 3BC2                                   | CMP EAX,EDX                                                       |

Code: Select all

00007FF61B4BC550 | 48:0F46D8                              | CMOVBE RBX,RAX                                                    |

The CMOVBE above with the 2 addresses in RBX and RAX replaces a JBE:



Whereas one or the other destination is hit based on the result of the CMOVBE. Pretty much in the form of "if rbx>=rax, then hit dest_1; else hit dest_2".

In short:

Code: Select all

mov [RDR2_dumped.exe+61064CD],edx
mov eax,[RDR2_dumped.exe+61064CD]
mov edx,[RDR2_dumped.exe+646463B]
cmp eax,edx
jbe RDR2_dumped.exe+67968C4
jmp RDR2_dumped.exe+6CEA788

c) the game suddenly crashed when loading a map, saying this:



I had previously dumped the .exe to disk. To my surprise, it seems like they check for the folder integrity Stupid check, seriously. But that's their way of stopping proxy DLLs

d) apparently, you can't name horses or whatever.. cuss.. in-game:



More to follow. Add your own shit to the discussion

BR,
Sun

[SunBeam]

As far as the anti-breakpoint mechanism, it's identical to the one used by Blizzard in their early days: INT3, UD2, etc. + regular anti-attach. Will post a script later that deals with this so you can trace with CE

[sebastianyyz]

112GB? WTF. That's a lot. Thank you SunBeam. I will buy the game when it is released on Steam, and don't worry, if the game gets updates by that time, I will not be bitching about it like other people.

[SunBeam]

Tested this out with Dark Byte: make sure you "attach debugger to process" instead of open process + F5. That way the game won't crash, even with F5 tracing/stepping through code Yes, VEH.

[The Mogician]

I heard somewhere that this game has some similar stuff compared to GTAV when it comes to data structures, not sure how true it is though.

[SunBeam]

Yeaps, there's a topic on UC where you can read more. Google it up. If you can't find it, I'll PM it to you (UC links are prohibited here).

[jj4756]

Would game clock modification ( Speed hack down to 0.4 ) cause any unwarranted issues with game input/memory ? Seems like everytime I slow down the game and returning to normal speed really jams the control making the player unable to walk forward as if blocked by an invisible barrier.

[SunBeam]

Would game clock modification ( Speed hack down to 0.4 ) cause any unwarranted issues with game input/memory ? Seems like everytime I slow down the game and returning to normal speed really jams the control making the player unable to walk forward as if blocked by an invisible barrier.

^ If you've already detected such a behavior, why not stop doing it? We won't assist with "bypassing" this, considering all the anti-debug implemented in the game's protection. And no, don't really care why you need that speed-hack for. You'll have to manage. Kindly stop spamming this nuisance everywhere you can. I read it once in the game's topic, no need to post in another topic to attract attention; you'll get the exact opposite reaction. Yeah, I know I'm rude - just to cover all possible replies from you. Anything else?

[Csimbi]

(112 GB?!?!? dafuq)

waaat?
Also waiting for a seriously discounted Steam release.

[The Mogician]

(112 GB?!?!? dafuq)

waaat?
Also waiting for a seriously discounted Steam release.

There is a 25% discount, 2 weeks after release.

[Csimbi]

On Epic, right?
Is the game that bad?

[kay0]

On Epic, right?
Is the game that bad?

no

[Csimbi]

Why'd they devalue it 25% after two weeks then?

[kay0]

Why'd they devalue it 25% after two weeks then?

No idea. The game is over a year old, mind you.

[STN]

A little late but i know the reason why the game isn't doing so well.

Bugs, lack of substantial content online and lacking in quality that R* is usually known for.

I personally enjoyed the game and got my moneys worth especially with single player. But many people who bought it for multiplayer experience are extremely disappointed as they should be.

Apparently, the console version lacked even more content than PC and was plain boring.