| View previous topic :: View next topic |
| Author |
Message |
7ru3817
Newbie cheater
![]() Reputation: 0
Joined: 21 May 2010
Posts: 14
|
 Posted: Mon Aug 30, 2010 8:21 am Post subject: Finding Functions |
 |
|
| I am trying to find function that prints text in game. First I found address that holds data to be print and then I found out what reads from it. The point is I can't find anything. Some parts realy looks like the good one but when I execute it nothing happens or game crash or something else. Can somebody give me some instructions, tutorials, tips? I tried this already 2 weeks. |
|
| Back to top |
|
 |
justa_dude
Grandmaster Cheater
 Reputation: 23
Joined: 29 Jun 2010
Posts: 891
|
| Posted: Mon Aug 30, 2010 11:06 pm Post subject: |
|
|
| Are you finding the text buffer /prior/ to it being displayed in the game? If only finding it after, you may be looking at a buffer that was dynamically created to hold the text and will be soon freed. Also, what do you mean when you say that you can't find anything? What happens, specifically, when you ask CE to show you what accesses the data to be printed? And what do you mean when you say that you're "executing it?" |
|
| Back to top |
|
|
7ru3817
Newbie cheater
![]() Reputation: 0
Joined: 21 May 2010
Posts: 14
|
| Posted: Tue Aug 31, 2010 4:08 am Post subject: |
|
|
When I found something that access this buffer I follow this back in olly to find text function call and when I get somethink like:
push buffer
call something
I am trying to execute it from my dll and it's not working in many case.
But when I togle breakpoint in olly its break affter i send any message in the game ... |
|
| Back to top |
|
|
XaLeX
Expert Cheater
![]() Reputation: 0
Joined: 19 Aug 2008
Posts: 226
|
| Posted: Tue Aug 31, 2010 4:24 am Post subject: |
|
|
| 7ru3817 wrote: | When I found something that access this buffer I follow this back in olly to find text function call and when I get somethink like:
push buffer
call something
I am trying to execute it from my dll and it's not working in many case.
But when I togle breakpoint in olly its break affter i send any message in the game ... |
If you know your buffer starts at 40CE20, check where in the code and why it is used.
It looks like you know the basics of asm but you're not really good at explaining things. Just to be sure, i shall remember you to analyze the code (both in olly and in ce, and in whatever tool you're using). Then, what you're looking for is:
| Code: | {push ...}
push 40CE20 //or push a register holding 40CE20
{push ...}
call ... |
to identify a function call with this buffer as an argument.
You should also check if the buffer is static (easy, but unlikely), allocated in the current function, or passed as an argument to the current function (worst case: you'll have to check EVERY call to that function and see what arguments it's passed).
You should eventually get a general overview of the function calls: from the one that first references the buffer (by allocating it, usually) to the one that does the actual printing job on the screen. |
|
| Back to top |
|
|
7ru3817
Newbie cheater
![]() Reputation: 0
Joined: 21 May 2010
Posts: 14
|
| Posted: Wed Sep 01, 2010 5:43 am Post subject: |
|
|
Finally! I found it!
push 00 <-player number
push text -< text buffer
call 48D1C0
Thanks man. |
|
| Back to top |
|
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
