Latest RS 2014 patch breaks the latest release

[nsanta]

Announcement: https://www.reddit.com/r/rocksmith/comments/5as6gx/patch_notes_rocksmith_2014_edition_remastered/

I tried to run RSInjector and nothing happens. HELP! 😃

Thanks in advance.

[haxnyc]

Same here. Just happened to me today 10.4.16

[danielyoshizawa]

Same here, RSInjector runs but doesn't open the RS, the script just stop.

[isaacfi]

Is there any workaround?

[Firekorn]

The app changed and the signature isn't correct anymore and none of the dev that worked on it for the remastered update seems to be here so it's a bit more complicated for other user to come in and inspect the code of the new app.

@0x0L or @fabianosan Any help would be appreciated here!

[0x0L]

I had a quick look unfortunately I don't own any professional tools for code analysis. It seems they decided to screw us a bit: can't attach a debugger anymore, can't use naive dylib injection, etc...

If anyone has the old binary I would be great to share it somewhere

[Firekorn]

The old binary are available here : https://www.dropbox.com/sh/uvm9ws9x833rj8q/AACFsCC7z8kdZu7tf12TQUP2a?dl=0

[0x0L]

@Firekorn Thanks mate

[0x0L]

They updated lib_steam too

The file is too big for Hopper Disassembler to parse over demo time (half an hour). They did actively seek to prevent us from debugging or injecting code.

I really don't have time to spend on this right now, sorry guys

[haxnyc]

https://thepiratebay.org/search/Hopper%20Disassembler/0/99/0

just sayin'

[0x0L]

@haxnyc I certainly won't support stealing other's people work

[Firekorn]

@0x0L here's a dump of the memory from the new version of the app if you wanna do your own search and also update the project (i am nowhere near knowing how to manage all of that) https://drive.google.com/file/d/0B1ZKYtpB0vu2bUFOamhDM3FlWXM/view?usp=sharing

[benneh]

Hopper for what it does seems very reasonably priced, I just bought a copy so like I said I can try and learn a thing or two about reversing OS X apps.

Likewise for Rocksmith, I've already bought tonnes of DLC, but I only discovered CDLC a few weeks ago, only to now find it's possibly no longer a thing. Guess I was late to the party :(

[Firekorn]

@benneh it's far from too late i've shared the dump with someone that worked on the dll for PC and even though he is using a VM to compile the code, a somewhat decent result can be expected sooner rather than later. The more people are knowledgeable of those app the easier it will be to react to any new update.

[Firekorn]

I'm not sure what's going on on my end as i never tried to play Rocksmith with CDLC on my mac but i can't get the RSinjector to launch Rocksmith after compiling the code to bypass what's at the address 0x1ccb85 anyone with actual knowledge of this code could come by and share his light would be greatly appreciated as i'm really not sure what the hell am i doing!

[benneh]

Likewise, fumbling my way through this :)

Where did you get the address 0x1ccb85?

Looking at the previous version it was overwriting the check by looking for the opcodes: \x84\xdb\x0f\x84\xde\x0a\x00\x00

This can be found at 0x1cbed5 and was the following instructions 001cbed5 test bl, bl 001cbed7 je 0x1cc9bb

This was just replaced with 0x90, (NO OPs) to skip over the code segment.

How we go about locating the same code segment in the new one is where I am struggling?

[Firekorn]

That address was shared by a dev that worked on the dll after he analyzed the dump of the app, i'm not sure how he analyzed it and thought this address was worth testing but apparently it just makes RS crash when the RSinjector is launching the game anyway.

[0x0L]

@Firekorn dylib injection simply does not work anymore. Even if you comment everything in rsbypass::load the game won't launch

0x1ccb85 is correct though

[Firekorn]

Someone over CF suggested that the app crash because the game was launch via the app directly instead of going through steam which would be the reason of the crash and he also inserted the dylib directly into the app with this project : https://github.com/Tyilo/insert_dylib

I'm gonna investigate a bit more how each suggestion work separately and see if any "simple" workaround can be found.

[0x0L]

@Firekorn I hope that works, but the next logical move for Ubi will be to check MachO headers haven't been altered... Encrypting the app and securing the loading of external lib was no accident

[Firekorn]

Indeed but looking at the fact they did no encryption on PC and i have heavy reason to believe they didn't do anything that actively try to break CDLC i have doubt about how far they've gone to "secure" this.

Also so far, i've confirmed that the RS app crash if you just launch it with the app instead of going through steam launch which could easily explain why the game don't work with the actual RSinjector with or without the dylib injection.

[0x0L]

@Firekorn Using insert_dylib and the current version of libRSBypass works fine. The simplest way to go would be to package a small shell script with libRSBypass and insert_dylib that user would run once

[Firekorn]

@0x0L yeah that's what i was going for after i failed miserably on trying to launch RS via the steam://run/221680 inside the RSinjector which just leads to the same error as if i open the RS app directly in the finder (which i find really odd). Note that if you are willing to create an app that will "patch" RS, i'm fine with letting you go for it, i'm not familiar enough with xcode or confident enough with my expertise to get this done in a reasonable amount of time...

[0x0L]

you don't need to use xcode for that, a bash script is what we need. It will:

1. copy libRSBypass.dylib into the Contents/MacOS folder of the rocksmith app
2. run insert_dylib --inplace libRSBypass.dylib Rocksmith2014 in that folder

[Firekorn]

my biggest concern is about how easy it is for any user to make this run without trouble overall and that's why an app seems like a simple suggestion (though it's surely more work).

I don't care how it's done, it's just that i and other mod/admin at CF will have to deal with the user complaining that it don't work so the more "idiot proof" it is (even if it's more work) will make me happier overall :)

(i'm already dealing with user having trouble with the dll for PC and it's impressive how hard it is for some user to get it right)

[0x0L]

Yeah... that's always the most time consuming part: packaging it so that's it's easy to use... There are always users with non standard install path, etc... I know it's a pain in the a\ to deal with.

IMO just make a zip containing the bash script, a compiled rsbypass and insert_dylib. Normal users who just double click on the script and voilà... The path to the rocksmith app would be easily editable in the bash script for users with special needs.

[Firekorn]

well the code in the RSinjector to find the path seems practical enough but i'm not sure how easy it would integrate into a bash script... As i said, my knowledge here is very limited, i jumped on that project without any knowledge about dylib injection or xcode programming and i try to keep up as much as possible but it's not easy for me.

[0x0L]

Quick and dirty: https://drive.google.com/file/d/0BxaFLvfGYdQwWF9rOWtId2ZnNTA/view?usp=sharing

It should make a copy before patching, it should also use a version of librsbypass and insert_dylib compiled against an older framework so that people with old osx version be able to use it. it should test the user is not trying to patch the thing twice, etc... A python script might be a better solution actually

Run patch.sh once and then launch rocksmith from steam

[Firekorn]

i've slightly adjusted the script for it work from wherever and changed it in a command file for it to launch directly.

The only thing that i see that could be the more common issue is the RS path and i've also seen some permission denied when sharing with others user but i think i've covered my basis the best i could. Anyway a thank you is worth it 👍

I and a dev at CF are still trying to make something more fool proof that we could also use for the dll (yeah copy and paste is really hard...)

For the others here are the post containing anything that i could think off over CF : http://customsforge.com/topic/33838-rsinjector-not-loading-just-crashes/page-3#entry236219

[0x0L]

@Firekorn Thanks for taking the matter into your own hands

[danielyoshizawa]

@Firekorn and @0x0L thanks for the solution guys, is working fine here, I really appreciate the effort. OS X 10.10.5 here.

[JustinAiken]

If someone ones try a beta drag-n-drop, try this wrapper I created with platypus:

It wraps this script:

#!/bin/bash

DEFAULT_PATH="/Users/$USER/Library/Application Support/Steam/steamapps/common/Rocksmith2014/Rocksmith2014.app"

RS_PATH=$1
RS_PATH="${RS_PATH:-DEFAULT_PATH}"
FULL_RS_PATH="$RS_PATH/Contents/MacOS"

chmod +x ./insert_dylib
cp ./libRSBypass.dylib "$FULL_RS_PATH/"
./insert_dylib --inplace "$FULL_RS_PATH/libRSBypass.dylib" "$FULL_RS_PATH/Rocksmith2014"

echo "Successfully patched!"

Just dropping your Rocksmith.app on top of it should do the trick, even if you have it in a weird location

[idoo]

Can I upload this .app file to dropbox for example? is there some kind of private info?

[JustinAiken]

Can I upload this .app file to dropbox for example?

Feel free!

is there some kind of private info?

Just the same files from the other patch, packaged up.

Hold up though, I missed a $ sign on DEFAULT_PATH, I need to repackage it... (Dropping should still work, but if you just double click it, it fails to use the default Steam location.

@0x0L @Firekorn - Do you guys know if there's a command that can check if the app is already patched? If so, I'll make the script make sure it doesn't doublepatch

[0x0L]

@JustinAiken Check the output of otool or just check for the presence the copied bypass lib

[JustinAiken]

Alright, here's a better script:

#!/bin/bash

DEFAULT_PATH="/Users/$USER/Library/Application Support/Steam/steamapps/common/Rocksmith2014/Rocksmith2014.app"

RS_PATH=$1
RS_PATH="${RS_PATH:-$DEFAULT_PATH}"
FULL_RS_PATH="$RS_PATH/Contents/MacOS"

echo "Looking for RS2014 at: $FULL_RS_PATH"

if [ ! -d "$FULL_RS_PATH" ]
then
  echo "Rocksmith 2014 not found!"
  exit 1
fi

if [ -e "$FULL_RS_PATH/libRSBypass.dylib" ]
then
  echo "Rocksmith is already patched!"
  exit 1
fi

echo "RS2014 found... starting patching..."

chmod +x ./insert_dylib
cp ./libRSBypass.dylib "$FULL_RS_PATH/"
./insert_dylib --inplace "$FULL_RS_PATH/libRSBypass.dylib" "$FULL_RS_PATH/Rocksmith2014"

echo "Successfully patched!"

• Download: The revised patcher
• Download: The playpus project (in case anyone wants to tweak it)

[DonSchado]

you guys (+ girls) are amazing! :)

[benneh]

Here is a python script that should handle non default steam library locations. I've run a few tests on default library path, and a custom library path and it worked well. Feel free to incorporate this into the bundle. It should also handle an already patched version gracefully and not attempt to repatch.

import os
import re

def patchRS():
    libfile = os.path.expanduser("~") + '/Library/Application Support/Steam/steamapps/libraryfolders.vdf'
    libregex = re.compile('(^\t"[1-9]").*(".*")')
    libdirs = []
    print 'Attempting to read libraries from %s' % libfile
    with open(libfile) as file:
        for line in file:
            dir = libregex.search(line)
            if dir:
                ndir = os.path.normpath(dir.group(2))
                print 'Library found at custom location %s' % ndir
                libdirs.append(ndir.strip('"'))
        if not libdirs:
            print 'Library found at default location %s' % os.path.expanduser("~") + '/Library/Application Support/Steam'
            defaultDir = os.path.expanduser("~") + '/Library/Application Support/Steam/'
            libdirs.append(defaultDir)

    for dir in libdirs:
        dirpath = os.path.join(dir, 'steamapps')
        print 'dirpath %s' % dirpath
        files = os.listdir(dirpath)
        for file in files:
            if 'appmanifest_221680.acf' in file:
                print 'Found RockSmith acf file %s' % file
                dylib = os.path.join(dirpath, 'common/Rocksmith2014/Rocksmith2014.app/Contents/MacOS/libRSBypass.dylib')
                if os.path.isfile(dylib):
                    print 'Rocksmith is already patched! %s' % dylib
                else:
                    print 'Patching dylib %s' % dylib
                    os.system('chmod +x ./insert_dylib')
                    os.system('cp ./libRSBypass.dylib ' + '"' + os.path.join(dirpath, 'common/Rocksmith2014/Rocksmith2014.app/Contents/MacOS/') + '"')
                    os.system('./insert_dylib --inplace '+ '"' + dylib + '"' + ' ' + '"' +  os.path.join(dirpath, 'common/Rocksmith2014/Rocksmith2014.app/Contents/MacOS/Rocksmith2014')+ '"')

patchRS()

and +1, great work @Firekorn and @0x0L on doing the hard parts here.

[boskiv]

Where I can find libRSBypass.dylib, because when I build or archive this project, there is only RSBybass.dylib file, i have tried to rename it, but my Rocksmith still does not see CDLC content.

[Firekorn]

The content won't show up if you don't own Cherub Rock on steam.

For the full package to get CDLC to work, i suggest to look over our global tutorial on CF : http://customsforge.com/topic/901-how-to-use-custom-dlcs-in-rs2014/