Add dumping data tutorial
This commit is contained in:
SPT-dev
parent
db005b2aef
commit
b768722aad
160
docs/md/development/dump_data.md
Normal file
160
docs/md/development/dump_data.md
Normal file
@ -0,0 +1,160 @@
|
||||
# Dumping game data from Escape From Tarkov
|
||||
|
||||
## Preface
|
||||
|
||||
This guide covers everything you need to know to dump all the data you need from Escape From Tarkov.
|
||||
It is highly recommended that you read the guide at least once before executing what's written here.
|
||||
For dumping server data, see 1-3.
|
||||
For dumping asset data, see 4.
|
||||
|
||||
## Theory
|
||||
|
||||
The game uses HTTP-secured (TLS 1.2) protocol to obtain data (mostly not related to a match) from the server.
|
||||
While the game's security is lacking, it does block conventional tools to obtain this data.
|
||||
Of course, we cannot just simply run with altered assembly either, because the launcher does an integrity check.
|
||||
The game however does not check for integrity.
|
||||
|
||||
We write a specialized assembly to bypass the security mechanisms in place to dump our data.
|
||||
The way we do this is by injecting custom logic into the assembly.
|
||||
To be specific, we make the checks of battleye and certificate checking always return successfully.
|
||||
We also add logic for saving received data from the server so we won't require addional tools for packet capturing.
|
||||
We use the "swap exploit" by quickly replacing the assembly when the game starts.
|
||||
|
||||
## Requirements
|
||||
|
||||
- Escape From Tarkov (Live)
|
||||
- [dnSpy-net472](https://github.com/dnSpy/dnSpy/releases/latest)
|
||||
- [de4dot](https://dev.offline-tarkov.com/innohurrytocode/de4dot/releases)
|
||||
- [AssetStudio](https://github.com/Perfare/AssetStudio/releases/latest)
|
||||
|
||||
## 1. Assembly deobfuscation
|
||||
|
||||
1. Go to `<gamedir>/EscapeFromTarkov_Data/Managed/`
|
||||
2. Copy-paste `Assembly-CSharp.dll` to your de4dot folder
|
||||
3. Drag `Assembly-CSharp.dll` on top of `de4ot-x64.exe`
|
||||
4. Open `Assembly-CSharp-cleaned.dll` from the de4dot folder in dnSpy
|
||||
5. Find the deobfuscation method (see appendix 1.1)
|
||||
6. Run the specialized cleaning command using the token from the deobfuscation method (see appendix 1.2)
|
||||
7. Cut-paste `Assembly-CSharp-cleaned-cleaned.dll` into `<gamedir>/EscapeFromTarkov_Data/Managed/`
|
||||
8. Open `Assembly-CSharp-cleaned-cleaned.dll` from Managed in dnSpy
|
||||
9. dnSpy > File > Save Module
|
||||
|
||||
## 2. Create dumper
|
||||
|
||||
1. Create `<gamedir>/EscapeFromTarkov_Data/Managed/backup/`
|
||||
2. Copy-paste `Assembly-CSharp.dll` to `<gamedir>/EscapeFromTarkov_Data/Managed/backup/`
|
||||
3. Rename `Assembly-CSharp.dll` in backup to `Assembly-CSharp.dll.bak`
|
||||
4. Open `Assembly-CSharp-cleaned-cleaned.dll` from Managed in dnSpy
|
||||
5. Apply dumper patch (see appendix 1.3)
|
||||
6. Apply ssl patch (see appendix 1.4)
|
||||
7. Apply battleye patch (see appendix 1.5)
|
||||
8. dnSpy > File > Save Module
|
||||
9. Cut-paste `Assembly-CSharp-cleaned-cleaned.dll` to `<gamedir>/EscapeFromTarkov_Data/Managed/backup/`
|
||||
10. Rename `Assembly-CSharp-cleaned-cleaned.dll` in backup to `Assembly-CSharp.dll`
|
||||
|
||||
## 3. Dumping server data
|
||||
|
||||
1. Open Battlestate Games Launcher
|
||||
2. Battlestate Games Launcher > settings > close launcher when game starts
|
||||
3. Copy-paste (wait when prompted to override) `Assembly-CSharp.dll` from backup into `<gamedir>/EscapeFromTarkov_Data/Managed/`
|
||||
4. Start the game
|
||||
5. As soon as the launcher closes, override the file
|
||||
6. When you reached the main menu, the folder `<gamedir>/HTTP_DATA/` will appear
|
||||
7. Dump the data you need (see appendix)
|
||||
8. When the game closed, replace `Assembly-CSharp.dll` with `Assembly-CSharp.dll.bak`
|
||||
|
||||
## 4. Dumping asset data
|
||||
|
||||
1. Open AssetStudio
|
||||
2. AssetStudio > File > Load File > `<gamedir>/EscapeFromTarkov_Data/sharedassets2.assets`
|
||||
3. Switch from Scene Hierarchy to Asset List
|
||||
4. AssetStudio > Filter Type > what you look for (example: `TextAsset`)
|
||||
5. Select the map files you want (example: `bigmap2`, `RezervBase6`)
|
||||
6. AssetStudio > Export > Selected Assets
|
||||
|
||||
## Conclusion
|
||||
|
||||
Congratulations, you've succesfully dumped Escape From Tarkov's data.
|
||||
In order to use it in Aki's database, you have 2 options:
|
||||
|
||||
- Manually convert the data
|
||||
- Use a tool like `aki-analyzer` to convert the data into the format the server accepts
|
||||
|
||||
The data does contain sensitive information such as you account id, so be careful whom you share it with.
|
||||
`aki-analyzer` strips out the sensitive information when it converts the data to the right format.
|
||||
And no, the data dumped from the game server cannot be uploaded back to the game server.
|
||||
|
||||
## Appendix 1: code
|
||||
|
||||
All code is based on Escape From Tarkov 0.12.8.9819
|
||||
|
||||
### 1. Deobfuscation method in assembly
|
||||
|
||||
```csharp
|
||||
// Token: 0x0600C93A RID: 51514 RVA: 0x0012038D File Offset: 0x0011E58D
|
||||
Class2019.smethod_0()
|
||||
{
|
||||
return (string)((Hashtable)AppDomain.CurrentDomain.GetData(Class2019.string_0))[int_0];
|
||||
}
|
||||
```
|
||||
|
||||
### 2. Specialized deobfuscation command
|
||||
|
||||
```powershell
|
||||
de4dot-x64.exe --un-name "!^<>[a-z0-9]$&!^<>[a-z0-9]__.$&![A-Z][A-Z]\$<>.$&^[a-zA-Z_<{$][a-zA-Z_0-9<>{}$.`-]*$" "Assembly-CSharp-cleaned.dll" --strtyp delegate --strtok 0x0600C93A
|
||||
```
|
||||
|
||||
### 3. Dumper patch
|
||||
|
||||
```csharp
|
||||
Class157.method_10()
|
||||
{
|
||||
// add this at the end, before the method returns
|
||||
Uri urlUri = new Uri(url);
|
||||
string path = (System.IO.Directory.GetCurrentDirectory() + "\\HTTP_DATA\\").Replace("\\\\", "\\");
|
||||
if (System.IO.Directory.CreateDirectory(path).Exists)
|
||||
{
|
||||
System.IO.File.WriteAllText(path + urlUri.LocalPath.Replace('/', '.') + ".json", value);
|
||||
}
|
||||
}
|
||||
```
|
||||
|
||||
### 4. Ssl cert patch
|
||||
|
||||
```csharp
|
||||
Class505.ValidateCertificate()
|
||||
{
|
||||
// replace the method body content with this
|
||||
return true;
|
||||
}
|
||||
```
|
||||
|
||||
### 5. Battleye patch
|
||||
|
||||
```csharp
|
||||
Class784.RunValidation()
|
||||
{
|
||||
// replace the method body content with this
|
||||
this.Succeed = true;
|
||||
}
|
||||
```
|
||||
|
||||
## Appendix 2: Obtaining specific data
|
||||
|
||||
This discusses how you can obtain certain data with the dumper installed.
|
||||
|
||||
```markdown
|
||||
**Type** | **How**
|
||||
--------------- | ----------------------------------------------------------------------------------------------------
|
||||
Startup locales | Start the game in the locale you want to dump
|
||||
Game locales | Select the locale in game settings
|
||||
Common data | Start the game
|
||||
Assort | Open the trader you want to dump from
|
||||
Bots | Do an offline raid on a map containing that bot
|
||||
Item events | Do the specifiic item event
|
||||
Images | Open the menu containing the image, it's dumped to `%TEMP%\Battlestate Games\EscapeFromTarkov\files`
|
||||
Location (loot) | Rip from game files
|
||||
Models | Rip from game files
|
||||
Textures | Rip from game files
|
||||
Audio | Rip from game files
|
||||
```
|
||||
Loading…
x
Reference in New Issue
Block a user