SA-MP Forums Archive
[Tutorial] Update memory hacking plugins - Printable Version

+- SA-MP Forums Archive (https://sampforum.blast.hk)
+-- Forum: SA-MP Scripting and Plugins (https://sampforum.blast.hk/forumdisplay.php?fid=8)
+--- Forum: Plugin Development (https://sampforum.blast.hk/forumdisplay.php?fid=18)
+--- Thread: [Tutorial] Update memory hacking plugins (/showthread.php?tid=599574)

Pages: 1 2 3

Re: Update memory hacking plugins - davve95 - 09.03.2016

I don't know memory adresses etc.

But does this means it's possible to do more things? Such as functions/callbacks?
Btw nice work!

Re: Update memory hacking plugins - Crayder - 09.03.2016

Quote:
Originally Posted by davve95
Посмотреть сообщение
I don't know memory adresses etc.

But does this means it's possible to do more things? Such as functions/callbacks?
Btw nice work!
No... This is basically just what you need to know to make memory hacking plugins work on new SA-MP releases.

Like YSF for example, it has to be updated with each SA-MP version. This tutorial shows you how to get the addresses you need to do so.

Re: Update memory hacking plugins - codectile - 10.03.2016

Kurta999, I used your method of getting pRakServer. But it always points to zero.

Re: Update memory hacking plugins - DRIFT_HUNTER - 10.03.2016

Get pNetGame, and use https://github.com/kurta999/YSF/blob...Structs.h#L734
or use offset pNetGame + 60 -> if im not wrong

Re: Update memory hacking plugins - codectile - 10.03.2016

Quote:
Originally Posted by DRIFT_HUNTER
Посмотреть сообщение
Get pNetGame, and use https://github.com/kurta999/YSF/blob...Structs.h#L734
or use offset pNetGame + 60 -> if im not wrong
It's pNetGame + 64, because the very first member of the class is indexed at zero.
I have already tried, pRakServer = (CRakServer*)(*(void**)(pNetGame address + 64)). The server crashes when RPC is sent.

EDIT: Problem solved a silly mistake on my side.

Re: Update memory hacking plugins - RaeF - 15.03.2016

Kurta999, could you tell me short definition of what FindPattern does in YSF or another memory hacking plugin?,
I just know what if "\x00" then the mask is "?", else "x". I've tried ****** it but i don't know the keyword for that hehe .

AFAIK it is something like FindPattern(Pattern, mask), where i can get the address?

Re: Update memory hacking plugins - codectile - 15.03.2016

FindPattern scans the opcodes and bytes of a certain function and returns the function address. Note that the opcodes or bytes must be a unique one, that is, you must find opcodes or bytes that does not match with the bytes of any other function. The thing, you see in the first parameter are the opcodes and bytes("\xE4\x90...") and the second parameter contains the mask. '?' Means that the opcode has a potential of getting changed after samp update, so FindPattern ignores it while scanning, opposite happens with 'x'.

Re: Update memory hacking plugins - RaeF - 19.03.2016

Could you tell me to how find opcodes or bytes in ida? (Something that inside first FindPattern parameter, ex: i want the opcodes and bytes for OnPlayerCommandText).

Re: Update memory hacking plugins - codectile - 20.03.2016

Open IDA->Options->General->Disassembly Tab->Number of opcode bytes(set it to 8)->click on ok
...and that's it

Re: Update memory hacking plugins - RaeF - 20.03.2016

Wuih, finally, thanks codectile!

Re: Update memory hacking plugins - kurta999 - 20.03.2016

Quote:
Originally Posted by RaeF
Посмотреть сообщение
Kurta999, could you tell me short definition of what FindPattern does in YSF or another memory hacking plugin?,
I just know what if "\x00" then the mask is "?", else "x". I've tried ****** it but i don't know the keyword for that hehe .

AFAIK it is something like FindPattern(Pattern, mask), where i can get the address?
http://forum.sa-mp.com/showthread.ph...82#post3063582


Quote:
Originally Posted by codectile
Посмотреть сообщение
Open IDA->Options->General->Disassembly Tab->Number of opcode bytes(set it to ->click on ok
...and that's it
I love you :3

Re: Update memory hacking plugins - codectile - 20.03.2016

Quote:
Originally Posted by kurta999
Посмотреть сообщение
Love you too...

Re: Update memory hacking plugins - kurta999 - 30.01.2018

BUMP!

Everybody who's wanna help porting plugins from 0.3.7 to 0.3.DL, let's try to understand this tutorial. I think it's not as that hard as it looks like, just use your head and logic. When I first upgraded YSF, I even didn't unsterstood totaly how function pointers works in C.

Re: Update memory hacking plugins - narwn - 30.01.2018

Quote:
Originally Posted by kurta999
View Post
BUMP!

Everybody who's wanna help porting plugins from 0.3.7 to 0.3.DL, let's try to understand this tutorial. I think it's not as that hard as it looks like, just use your head and logic. When I first upgraded YSF, I even didn't unsterstood totaly how function pointers works in C.
will yu update this topic?

Re: Update memory hacking plugins - kurta999 - 31.01.2018

This topic doesn't really needs to be updated, you can use the same pattern for 0.3.DL which described for 0.3.7.

Re: Update memory hacking plugins - Astralis - 08.03.2018

Someone should update SKY to 0.3DL and post a link for everyone since many were requesting but got ignored.

https://sampforum.blast.hk/showthread.php?tid=563442