KernelBase.dll and Game.Exe

HexPa5 · Post by **HexPa5** » Wed Jan 01, 2020 12:17 am

Hello in last day, I had an idea for unpacking 2 unreal engine package files from game directory to replace some files inside of '.Mesh'/'.SkeletalMesh' files.
I used Notepad to exchange content (Select all in one file, delete, select in second file, copy, and paste in one.)
The reason was test if it work. I wanted put chest of character to one DLC from second.
So it work, I used packer.exe to pack again and put to the game directory.

I launched the game and everything on screen menu work perfectly. But in the character viewer (in game) show the same look for modified skin. Okey, so I launched the game from menu and meanwhile on loading screen after 1min game was freeze. Then I click enter and I seen this message.

I have an example how system Windows 10 and Pro ver. is protected by reverse engineering.
First, I have UDK Editor (non commerce version of UE3)
My goal was to read package and cooked files from steam version game by import button in program (Content browser)
But it doesn't looks easy.
The Steam version game in the
steamapps\common\Batman Arkham City GOTY\BmGame\Config path, has configuration files of game. So first thing is select + copy and paste to C:\UDK\BATMAN\UDKGame\Config
and this same with configuration settings files in the
Batman Arkham City GOTY\engine\config to
C:\UDK\BATMAN\Engine\Config

This is the fast way, because I don't need to learning, modify engine and scripts to run specific UPK files on UDK.

So the last think was add all UPK files into C:\UDK\BATMAN\Engine\Content

It should not only open game files, but (maybe, I'm not sure about this) also whole game via Engine without Udk file (Project/save)

And of course something 'rucked up' I launch shortcut
nothing happen*
then I launch in
C:\UDK\BATMAN\Binaries\Win64
UDK.exe (Built with UDK run)
and
Nothing happen*

So I launch this time Event Viever on windows.

Report error:

Code: Select all

Version=1
EventType=APPCRASH
EventTime=132224376041837258
ReportType=2
Consent=1
UploadTime=132224376044665957
ReportStatus=268435456
ReportIdentifier=ffa42cc2-8bfb-4c5d-a912-6c353eeae31b
IntegratorReportIdentifier=b9c35f13-d16b-4e0f-8033-aacf88400003
Wow64Host=34404
NsAppName=UDK.exe
OriginalFilename=UDK.exe
AppSessionGuid=000027fc-0003-0002-fd71-06945ec1d501
TargetAppId=W:000641f2bafa8f73721b5397fc8a6eb6091000000904!0000885a9e065cdc7d95dc9db145485e72258707c2d3!UDK.exe
TargetAppVer=2015//01//30:00:38:02!37926c0!UDK.exe
BootId=4294967295
ServiceSplit=1387000225
TargetAsId=9921
EtwNonCollectReason=1
Response.BucketId=90099176a484598ad90d34c54c485f01
Response.BucketTable=4
Response.LegacyBucketId=1805157047638449921
Response.type=4
Sig[0].Name=Application Name
Sig[0].Value=UDK.exe
Sig[1].Name=Application Version
Sig[1].Value=1.0.12791.0
Sig[2].Name=Application Timestamp
Sig[2].Value=54cad26a
Sig[3].Name=Fault Module Name
Sig[3].Value=KERNELBASE.dll
Sig[4].Name=Fault Module Version
Sig[4].Value=10.0.18362.476
Sig[5].Name=Fault Module Timestamp
Sig[5].Value=83c3d83a
Sig[6].Name=Exception Code
Sig[6].Value=00000001
Sig[7].Name=Exception Offset
Sig[7].Value=000000000003a839
DynamicSig[1].Name=OS Version
DynamicSig[1].Value=10.0.18362.2.0.0.256.48
DynamicSig[2].Name=Locale ID
DynamicSig[2].Value=2057
DynamicSig[22].Name=Additional Information 1
DynamicSig[22].Value=3e3e
DynamicSig[23].Name=Additional Information 2
DynamicSig[23].Value=3e3e206d4ecb9d1e2c10d0820c3fd61b
DynamicSig[24].Name=Additional Information 3
DynamicSig[24].Value=836c
DynamicSig[25].Name=Additional Information 4
DynamicSig[25].Value=836c8309e4ae608bfbbf1955d0353821
UI[2]=C:\UDK\BATMAN\Binaries\Win64\UDK.exe
LoadedModule[0]=C:\UDK\BATMAN\Binaries\Win64\UDK.exe
LoadedModule[1]=C:\WINDOWS\SYSTEM32\ntdll.dll
LoadedModule[2]=C:\WINDOWS\SYSTEM32\MSCOREE.DLL
LoadedModule[3]=C:\WINDOWS\System32\KERNEL32.dll
LoadedModule[4]=C:\WINDOWS\System32\KERNELBASE.dll
LoadedModule[5]=C:\WINDOWS\System32\USER32.dll
LoadedModule[6]=C:\UDK\BATMAN\Binaries\Win64\steam_api64.dll
LoadedModule[7]=C:\UDK\BATMAN\Binaries\Win64\wxmsw28u_core_vc_custom_64.dll
LoadedModule[8]=C:\WINDOWS\System32\win32u.dll
LoadedModule[9]=C:\WINDOWS\System32\ADVAPI32.dll
LoadedModule[10]=C:\WINDOWS\System32\GDI32.dll
LoadedModule[11]=C:\WINDOWS\System32\RPCRT4.dll
LoadedModule[12]=C:\WINDOWS\System32\msvcrt.dll
LoadedModule[13]=C:\WINDOWS\System32\gdi32full.dll
LoadedModule[14]=C:\WINDOWS\System32\msvcp_win.dll
LoadedModule[15]=C:\WINDOWS\System32\COMDLG32.dll
LoadedModule[16]=C:\WINDOWS\System32\sechost.dll
LoadedModule[17]=C:\WINDOWS\System32\ucrtbase.dll
LoadedModule[18]=C:\WINDOWS\System32\combase.dll
LoadedModule[19]=C:\WINDOWS\System32\bcryptPrimitives.dll
LoadedModule[20]=C:\WINDOWS\System32\SHELL32.dll
LoadedModule[21]=C:\WINDOWS\System32\shcore.dll
LoadedModule[22]=C:\WINDOWS\System32\cfgmgr32.dll
LoadedModule[23]=C:\WINDOWS\System32\windows.storage.dll
LoadedModule[24]=C:\WINDOWS\System32\profapi.dll
LoadedModule[25]=C:\WINDOWS\SYSTEM32\XINPUT1_3.dll
LoadedModule[26]=C:\WINDOWS\SYSTEM32\DINPUT8.dll
LoadedModule[27]=C:\WINDOWS\System32\powrprof.dll
LoadedModule[28]=C:\WINDOWS\System32\SETUPAPI.dll
LoadedModule[29]=C:\WINDOWS\System32\UMPDC.dll
LoadedModule[30]=C:\WINDOWS\System32\bcrypt.dll
LoadedModule[31]=C:\WINDOWS\System32\shlwapi.dll
LoadedModule[32]=C:\WINDOWS\SYSTEM32\WININET.dll
LoadedModule[33]=C:\WINDOWS\System32\kernel.appcore.dll
LoadedModule[34]=C:\WINDOWS\SYSTEM32\d3d9.dll
LoadedModule[35]=C:\WINDOWS\System32\cryptsp.dll
LoadedModule[36]=C:\WINDOWS\SYSTEM32\D3DCOMPILER_43.dll
LoadedModule[37]=C:\WINDOWS\System32\ole32.dll
LoadedModule[38]=C:\WINDOWS\System32\OLEAUT32.dll
LoadedModule[39]=C:\WINDOWS\SYSTEM32\d3dx11_43.dll
LoadedModule[40]=C:\WINDOWS\SYSTEM32\d3dx9_43.dll
LoadedModule[41]=C:\WINDOWS\System32\CRYPT32.dll
LoadedModule[42]=C:\WINDOWS\SYSTEM32\X3DAudio1_7.dll
LoadedModule[43]=C:\WINDOWS\SYSTEM32\XAPOFX1_5.dll
LoadedModule[44]=C:\WINDOWS\System32\MSASN1.dll
LoadedModule[45]=C:\UDK\BATMAN\Binaries\Win64\nvtt_64.dll
LoadedModule[46]=C:\WINDOWS\System32\IMM32.dll
LoadedModule[47]=C:\UDK\BATMAN\Binaries\Win64\substance_sse2_blend.dll
LoadedModule[48]=C:\WINDOWS\System32\PSAPI.DLL
LoadedModule[49]=C:\UDK\BATMAN\Binaries\Win64\substance_linker.dll
LoadedModule[50]=C:\UDK\BATMAN\Binaries\Win64\atc_api.dll
LoadedModule[51]=C:\UDK\BATMAN\Binaries\Win64\libvorbis_64.dll
LoadedModule[52]=C:\UDK\BATMAN\Binaries\Win64\libvorbisfile_64.dll
LoadedModule[53]=C:\UDK\BATMAN\Binaries\Win64\libogg_64.dll
LoadedModule[54]=C:\WINDOWS\SYSTEM32\WSOCK32.dll
LoadedModule[55]=C:\WINDOWS\SYSTEM32\dbghelp.dll
LoadedModule[56]=C:\WINDOWS\System32\WS2_32.dll
LoadedModule[57]=C:\WINDOWS\SYSTEM32\WINMM.dll
LoadedModule[58]=C:\WINDOWS\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.476_none_e6c4b11b130f2595\COMCTL32.dll
LoadedModule[59]=C:\WINDOWS\SYSTEM32\dwmapi.dll
LoadedModule[60]=C:\WINDOWS\SYSTEM32\MSVCP100.dll
LoadedModule[61]=C:\WINDOWS\SYSTEM32\DSOUND.dll
LoadedModule[62]=C:\WINDOWS\SYSTEM32\IPHLPAPI.DLL
LoadedModule[63]=C:\UDK\BATMAN\Binaries\Win64\ApexFrameworkCHECKED_x64.dll
LoadedModule[64]=C:\UDK\BATMAN\Binaries\Win64\EasyHook64.dll
LoadedModule[65]=C:\UDK\BATMAN\Binaries\Win64\tbbmalloc.dll
LoadedModule[66]=C:\WINDOWS\SYSTEM32\faultrep.dll
LoadedModule[67]=C:\WINDOWS\SYSTEM32\MSVCR100.dll
LoadedModule[68]=C:\WINDOWS\SYSTEM32\winmmbase.dll
LoadedModule[69]=C:\WINDOWS\SYSTEM32\dxcore.dll
LoadedModule[70]=C:\WINDOWS\SYSTEM32\dbgcore.DLL
LoadedModule[71]=C:\UDK\BATMAN\Binaries\Win64\wxmsw28u_aui_vc_custom_64.dll
LoadedModule[72]=C:\UDK\BATMAN\Binaries\Win64\wxmsw28u_xrc_vc_custom_64.dll
LoadedModule[73]=C:\UDK\BATMAN\Binaries\Win64\wxmsw28u_richtext_vc_custom_64.dll
LoadedModule[74]=C:\UDK\BATMAN\Binaries\Win64\wxmsw28u_html_vc_custom_64.dll
LoadedModule[75]=C:\UDK\BATMAN\Binaries\Win64\wxmsw28u_vc_custom_64.dll
LoadedModule[76]=C:\UDK\BATMAN\Binaries\Win64\wxmsw28u_adv_vc_custom_64.dll
LoadedModule[77]=C:\UDK\BATMAN\Binaries\Win64\PhysXExtensions64.dll
LoadedModule[78]=C:\UDK\BATMAN\Binaries\Win64\libresample_x64.dll
LoadedModule[79]=C:\UDK\BATMAN\Binaries\Win64\wxmsw28u_xml_vc_custom_64.dll
LoadedModule[80]=C:\WINDOWS\SYSTEM32\inputhost.dll
LoadedModule[81]=C:\WINDOWS\SYSTEM32\CoreMessaging.dll
LoadedModule[82]=C:\WINDOWS\SYSTEM32\PROPSYS.dll
LoadedModule[83]=C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
LoadedModule[84]=C:\WINDOWS\SYSTEM32\wintypes.dll
LoadedModule[85]=C:\WINDOWS\SYSTEM32\ntmarta.dll
LoadedModule[86]=C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll
LoadedModule[87]=C:\WINDOWS\SYSTEM32\VERSION.dll
LoadedModule[88]=C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clr.dll
LoadedModule[89]=C:\WINDOWS\SYSTEM32\ucrtbase_clr0400.dll
LoadedModule[90]=C:\WINDOWS\SYSTEM32\VCRUNTIME140_CLR0400.dll
LoadedModule[91]=C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\mscorlib\751e7a2112cfed0181618c0251f98ece\mscorlib.ni.dll
LoadedModule[92]=C:\WINDOWS\system32\uxtheme.dll
LoadedModule[93]=C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clrjit.dll
State[0].Key=Transport.DoneStage1
State[0].Value=1
OsInfo[0].Key=vermaj
OsInfo[0].Value=10
OsInfo[1].Key=vermin
OsInfo[1].Value=0
OsInfo[2].Key=verbld
OsInfo[2].Value=18362
OsInfo[3].Key=ubr
OsInfo[3].Value=476
OsInfo[4].Key=versp
OsInfo[4].Value=0
OsInfo[5].Key=arch
OsInfo[5].Value=9
OsInfo[6].Key=lcid
OsInfo[6].Value=1045
OsInfo[7].Key=geoid
OsInfo[7].Value=191
OsInfo[8].Key=sku
OsInfo[8].Value=48
OsInfo[9].Key=domain
OsInfo[9].Value=0
OsInfo[10].Key=prodsuite
OsInfo[10].Value=256
OsInfo[11].Key=ntprodtype
OsInfo[11].Value=1
OsInfo[12].Key=platid
OsInfo[12].Value=10
OsInfo[13].Key=sr
OsInfo[13].Value=0
OsInfo[14].Key=tmsi
OsInfo[14].Value=2799
OsInfo[15].Key=osinsty
OsInfo[15].Value=3
OsInfo[16].Key=iever
OsInfo[16].Value=11.476.18362.0-11.0.160
OsInfo[17].Key=portos
OsInfo[17].Value=0
OsInfo[18].Key=ram
OsInfo[18].Value=8095
OsInfo[19].Key=svolsz
OsInfo[19].Value=237
OsInfo[20].Key=wimbt
OsInfo[20].Value=0
OsInfo[21].Key=blddt
OsInfo[21].Value=190318
OsInfo[22].Key=bldtm
OsInfo[22].Value=1202
OsInfo[23].Key=bldbrch
OsInfo[23].Value=19h1_release
OsInfo[24].Key=bldchk
OsInfo[24].Value=0
OsInfo[25].Key=wpvermaj
OsInfo[25].Value=0
OsInfo[26].Key=wpvermin
OsInfo[26].Value=0
OsInfo[27].Key=wpbuildmaj
OsInfo[27].Value=0
OsInfo[28].Key=wpbuildmin
OsInfo[28].Value=0
OsInfo[29].Key=osver
OsInfo[29].Value=10.0.18362.476.amd64fre.19h1_release.190318-1202
OsInfo[30].Key=buildflightid
OsInfo[31].Key=edition
OsInfo[31].Value=Professional
OsInfo[32].Key=ring
OsInfo[32].Value=Retail
OsInfo[33].Key=expid
OsInfo[34].Key=containerid
OsInfo[35].Key=containertype
OsInfo[36].Key=edu
OsInfo[36].Value=0
FriendlyEventName=Stopped working
ConsentKey=APPCRASH
AppName=BUILT WITH UDK
AppPath=C:\UDK\BATMAN\Binaries\Win64\UDK.exe
NsPartner=windows
NsGroup=windows8
ApplicationIdentity=19260F7BBDAD86DE1EE539BB5BC823AA
MetadataHash=1141199051

This is still system fault and editor should run.
Any Solution?