31.01.2019, 04:45
(
Last edited by SlowARG; 31/01/2019 at 05:13 PM.
)
Yeah... bumping topics.
Few guys asked to me how to update "samp_prot" plugin, actually is quite easy.
Look at this Pseudo code generated by IDA Pro:
We need to update all memory addresses being readed/writed. It can be easily done with IDA Pro or Cheat Engine (yeah, the old-known cheat engine).
Some signatures/patterns for Windows ONLY at the moment:
Some convars such as cookielogging and logqueries can be searched easily with cheat engine (cookielogging 100, and search for 100, cookielogging 999 and search for 999, and so on). Do ur homework 
Few guys asked to me how to update "samp_prot" plugin, actually is quite easy.
Look at this Pseudo code generated by IDA Pro:
Code:
char __stdcall Load(int (__cdecl **a1)(_DWORD))
{
int v1; // eax
DWORD flOldProtect; // [esp+0h] [ebp-8h]
dword_10012164 = *a1;
dword_10012164("### samp_prot by Ubinoob loaded (ver 2)");
dword_10012164("### Professional game hosting: https://LiveServer.pl");
v1 = strcmp((const char *)0x4B5508, "0.3.7-R2");
if ( v1 )
v1 = -(v1 < 0) | 1;
if ( v1 )
{
dword_10012164("### Invalid server version. Please install 0.3.7-R2-1 (linux) 0.3.7-R2-1-1 (windows).");
}
else
{
VirtualProtect((LPVOID)0x497CC8, 1u, 0x40u, &flOldProtect);
VirtualProtect((LPVOID)0x497C74, 1u, 0x40u, &flOldProtect);
dword_10012164("### Memory segments unprotected");
MEMORY[0x497CC8] = -1869574000; // unk1 ---> i query limit
MEMORY[0x497CCC] = -28528; // unk2 ---> +04
MEMORY[0x497C74] = -1869574000; // unk3 ---> p query limit
MEMORY[0x497C78] = -28528; // unk4 ---> +04
dword_10012164("### Query system patched");
MEMORY[0x4E58B8] = 0; // same as "cookielogging 0"
dword_10012164("### Cookie logging disabled");
MEMORY[0x4F5FD4] = 0; // same as "logqueries 0"
dword_10012164("### Query logging disabled");
}
return 1;
}
Some signatures/patterns for Windows ONLY at the moment:
Code:
unk1 0F 85 80 06 00 00 8B 0D BC 5F 4F 00 68 08 97 4B 00 E8 ?? 37 FF FF 89 44 unk2 00 00 8B 0D BC 5F 4F 00 68 ?? ?? 4B 00 E8 ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? unk3 0F 85 D4 06 00 00 83 FF 0F 0F 85 CB 06 00 00 6A 10 68 08 5D 51 00 50 8B unk4 00 00 83 FF 0F 0F 85 CB 06 00 00 6A 10 68 08 5D 51 00 50 8B 44 24 54 57