Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


Need some help to understand PE

 
Post new topic   Reply to topic    Cheat Engine Forum Index -> General programming
View previous topic :: View next topic  
Author Message
NoMercy
Master Cheater
Reputation: 1

Joined: 09 Feb 2009
Posts: 289
PostPosted: Tue Dec 01, 2009 12:05 pm    Post subject: Need some help to understand PE Reply with quote
ive got a source from KipeV2, with a few .cpp files in,

I wanna nuderstand how a PE works, ive got a send funtion , its not the problem,

The server send packets to me, and i send packets to the server, how can i recieve the packets i send to the server, since that are the only usefull ones right?

ive got this, i dont know which one could work and how i can update it, or make it easier

Code:
//---------------------------------------------------------------------------

#include <vcl.h>
#pragma hdrstop

#include "Recv.h"
#include "base.h"
#include "PacketInjector.h"
#include "Patcher.h"
#include "Scanner.h"
#include "Packets.h"
#include "Trees.h"
#include "Details.h"
#include "Send.h"
CPacket* pRecv;
bool isAccessed = false;

//---------------------------------------------------------------------------
#pragma package(smart_init)
#pragma resource "*.dfm"
TfrmRecv *frmRecv;
//---------------------------------------------------------------------------
__fastcall TfrmRecv::TfrmRecv(TComponent* Owner)
   : TForm(Owner)
{
}

void OnRecv()
{
   CPacketStruct* CRecv = new CPacketStruct;
   CRecv->P = pRecv;
   CRecv->Type = false;
   CRecv->Process();
   delete CRecv;
}

unsigned FindRecv()
{
   return Scanner->FindPattern("5f5e5bc9c20400b8??????00e8??????0083ec??53565733",1,false);
}

void __declspec(naked) __stdcall Recv()
{
   __asm {
      push eax
      mov eax, ebp
      sub eax, 0ch
      mov pRecv, eax
      pop eax
      pushad
      call OnRecv
      popad
      pop esi
      pop ebx
      leave
      ret 4
   }
}

//---------------------------------------------------------------------------
void __fastcall TfrmRecv::FormCreate(TObject *Sender)
{
   unsigned AddressOfRecv;
   AddressOfRecv = 0x5b1c75;//FindRecv();
   Patcher->Detour(AddressOfRecv,Recv,0,true);
   //CTreeData* thisdata = new CTreeData;
   //thisdata->Command = 0x1337;
   //TreeList->Recvs.push_back(thisdata);
   frmRecv->Left = Screen->Width-frmRecv->Width;
   frmRecv->Top = frmSend->Height;
}
//---------------------------------------------------------------------------

void __fastcall TfrmRecv::TreeView1DblClick(TObject *Sender)
{
   if (TreeView1->Selected->Parent == NULL) {
      Edit2->Text = TreeView1->Selected->Text;
   } else {
      Edit2->Text = TreeView1->Selected->Parent->Text;
      Edit1->Text = TreeView1->Selected->Text;
   }
}
//---------------------------------------------------------------------------

void __fastcall TfrmRecv::PopupMenu1Popup(TObject *Sender)
{
   if (TreeView1->Selected == NULL) {

   } else {

   }
}
//---------------------------------------------------------------------------

void __fastcall TfrmRecv::Viewmodsblocks1Click(TObject *Sender)
{
   Application->CreateForm(__classid(TfrmMods), &frmMods);
   String szTemp;
   if (TreeView1->Selected->Parent == NULL) {
      #ifdef EMS
         szTemp = TreeView1->Selected->Text.SubString(1,2);
      #else
         szTemp = TreeView1->Selected->Text.SubString(1,4);
      #endif
   } else {
      #ifdef EMS
         szTemp = TreeView1->Selected->Parent->Text.SubString(1,2);
      #else
         szTemp = TreeView1->Selected->Parent->Text.SubString(1,4);
      #endif
    }
   frmMods->PopulateLists(szTemp,false);
   frmMods->Show();
}
//---------------------------------------------------------------------------


void __fastcall TfrmRecv::Loggeddata1Click(TObject *Sender)
{
   String szTemp;
   TTreeNode* Tree = TreeView1->Items->GetFirstNode();
   while (Tree != NULL) {
      if (Tree->Parent == NULL) {
         #ifdef EMS
            szTemp = Tree->Text.SubString(1,2);
         #else
            szTemp = Tree->Text.SubString(1,4);
         #endif
         Tree->DeleteChildren();
         CTreeData* thisdata = TreeList->GetTreeData(szTemp.ToInt(),false);
         thisdata->Count = 0;
      }
      Tree = Tree->GetNext();
   }   
}
//---------------------------------------------------------------------------

void __fastcall TfrmRecv::Loggeddata2Click(TObject *Sender)
{
   String szTemp;
   if (TreeView1->Selected->Parent == NULL) {
      #ifdef EMS
         szTemp = TreeView1->Selected->Text.SubString(1,2);
      #else
         szTemp = TreeView1->Selected->Text.SubString(1,4);
      #endif
      TreeView1->Selected->DeleteChildren();
   } else {
      #ifdef EMS
         szTemp = TreeView1->Selected->Parent->Text.SubString(1,2);
      #else
         szTemp = TreeView1->Selected->Parent->Text.SubString(1,4);
      #endif
      TreeView1->Selected->Parent->DeleteChildren();
   }
   CTreeData* thisdata = TreeList->GetTreeData(szTemp.ToInt(),false);
   thisdata->Count = 0;
}
//---------------------------------------------------------------------------

void __fastcall TfrmRecv::Everything2Click(TObject *Sender)
{
   TreeList->Recvs.clear();
   TreeView1->Items->Clear();
}
//---------------------------------------------------------------------------

void __fastcall TfrmRecv::Rename1Click(TObject *Sender)
{
   TTreeNode* thisnode;
   String szName;
   if (InputQuery("Rename","Type the new name",szName)) {
      if (TreeView1->Selected->Parent == NULL) {
         thisnode = TreeView1->Selected;
      } else {
         thisnode = TreeView1->Selected->Parent;
      }
      #ifdef EMS
         String szTemp = thisnode->Text.SubString(1,2);
      #else
         String szTemp = thisnode->Text.SubString(1,4);
      #endif
      //CTreeData* thisdata = TreeList->GetTreeData(szTemp.ToInt(),true);
      //if (thisdata != NULL) {
         //thisdata->Node->Text = szTemp+"("+szName+")";
         thisnode->Text = szTemp+"("+szName+")";
      //}
   }
}
//---------------------------------------------------------------------------





and

Code:
#pragma hdrstop
#include "Scanner.h"

CScanner *Scanner;

CScanner::CScanner()
{

}

CScanner::~CScanner()
{

}

bool CScanner::MaskCheck(const char* pbData, const char* pbMask, const char* szMask)
{
   for(; *szMask; ++szMask, ++pbData, ++pbMask ){
      if( *szMask == 'x' && *pbData != *pbMask ){
         return FALSE;
      }
   }
   return (*szMask) == NULL;
}

unsigned CScanner::FindPatternProcess(char* szPattern, const char* szMask, unsigned min, unsigned max)
{
   char* bBuffer = 0;
   int iLength = (int)strlen( szMask );
   char* bPattern = new char[ iLength+1 ];
   for( int x = 0; x <= iLength; x++ ){
      bPattern[x] = szPattern[x];
   }

   for( unsigned i=min; i<max; i++ ){
      if( MaskCheck( (char*)&bBuffer[i], bPattern, szMask ) ){
         delete[] bPattern;
         return i;
      }
   }

   delete[] bPattern;
   return 0;
}

unsigned CScanner::FindPattern(String szAOB, int Offset, bool Pointer)
{
   String szTemp = StringReplace(szAOB, " ", "",TReplaceFlags() << rfReplaceAll);
   int len = szTemp.Length();
   char* szBuffer = new char[len];
   char* szMask = new char[len];
   int j = 0;
   for (int pos = 1; pos <= len; pos += 2, j++) {
      if ( szTemp.SubString(pos,1) == '?') {
         szBuffer[j] = 0;
         szMask[j] = '?';
      } else {
         String szByte = "0x"+szTemp.SubString(pos,2);
         szBuffer[j] = (unsigned char)szByte.ToInt();
         szMask[j] = 'x';
      }
   }
   unsigned returnval = FindPatternProcess(szBuffer,szMask,0x00400000,0x00800000)+Offset;
   if (returnval != 0) {
      if (Pointer) {
         returnval = *(unsigned*)returnval;
      }
   }
   String szOutput;
   szOutput.sprintf("%x", returnval);
   OutputDebugString(szOutput.c_str());
   return returnval;
}

unsigned CScanner::FindPatternPackets(String szAOB, unsigned StartAddress, unsigned Length)
{
   String szTemp = StringReplace(szAOB, " ", "",TReplaceFlags() << rfReplaceAll);
   int len = szTemp.Length();
   char* szBuffer = new char[len];
   char* szMask = new char[len];
   int j = 0;
   for (int pos = 1; pos <= len; pos += 2, j++) {
      if ( szTemp.SubString(pos,1) == '?') {
         szBuffer[j] = 0;
         szMask[j] = '?';
      } else {
         String szByte = "0x"+szTemp.SubString(pos,2);
         szBuffer[j] = (unsigned char)szByte.ToInt();
         szMask[j] = 'x';
      }
   }
   return FindPatternProcess(szBuffer,szMask,StartAddress,StartAddress+Length);
}

#pragma package(smart_init)
Back to top
View user's profile Send private message
manc
Grandmaster Cheater
Reputation: 1

Joined: 16 Jun 2006
Posts: 551
PostPosted: Tue Dec 01, 2009 9:48 pm    Post subject: Reply with quote
NoMercy wrote:
how can i recieve the packets i send to the server


wat?

Also, side note - this was coded in Borland Builder.
_________________
Back to top
View user's profile Send private message
NoMercy
Master Cheater
Reputation: 1

Joined: 09 Feb 2009
Posts: 289
PostPosted: Wed Dec 02, 2009 11:27 am    Post subject: Reply with quote
i downlaoded boarland c++ 10 , yes it compiles, but i would like to convert it to visual c++, i dont like borland
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> General programming All times are GMT - 6 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites