[Tutorial] Update memory hacking plugins
#21

I just want community to help with memory hacking plugins at server side, to improve SA-MP features.

I don't want to say anything about how to reverse engineering samp.dll.
Reply
#22

Yes, I understand you, but why Kalcor doesn't put SA:MP Server Open Source? No Open Source and allowing RE? Maybe a race for IDAers , it's ridiculous, isn't it?
Reply
#23

Quote:
Originally Posted by Aliassassin123456
View Post
No, this can be done in client, it must be impossible to Kalcor make something that attaches every element types on another, if he does it he create a function for that (or RPC to call this function in client), but there's nothing for this.

Hope you don't create a tutorial to reverse SA:MP client kurta999, i'm wondering how Kalcor doesn't get mad with this tutorial but i'm sure when you put a idb from samp.dll Kalcor will come front of your house door ( or maybe he release 0.4a =) with extra Anti RE and debugging ), but funny tutorial ever! How to reverse SA:MP Server on SA:MP Forums, lol!
Not sure if you went full retarded or just trolling
Reply
#24

I guess some of the structures in YSF are from samp.dll. Specially the ids such as ID_PLAYER_SYNC, ID_VEHICLE_SYNC etc.
Reply
#25

Nothing from samp.dll, you can get all of them from server.
Reply
#26

Quote:
Originally Posted by Wizzard2H
View Post
Not sure if you went full retarded or just trolling
Clever one, learn how to identify a joke, however, it's not the right way. (Seeing this tutorial and no warning or remove was weird for me)

Good luck with that. (Please stop sending spam and replies to my post like Wizzard2H, I just said my opinion)
Reply
#27

Kurta999, how did you construct the pool structures?
Reply
#28

These are very easy.

Eg. Search for SetVehicleColor, PutPlayerInVehicle - there will be the structure offset of vehicle pool, which is pNetGame + 12 byte. You need to do the same with 3d text pool, actor pool, etc, etc..

So result will be:

pawn Code:
struct CPlayerPool
{
    BYTE padding[154012];
    CPlayer *pPlayer[MAX_PLAYERS];
};

struct CVehiclePool
{
// members here
}

struct CNetGame
{
    BYTE padding[8]; // offsets starts from 0
    CPlayerPool *pPlayerPool; // stars from 8, ends at 12
    CVehiclePool *pVehiclePool; // 12
};
for complete struct: https://github.com/kurta999/YSF/blob...Structs.h#L516
Reply
#29

I know about that. Actually that's not the answer I am looking for. I meant how you get to know about the members of the pool structures such as CPlayerPool, CActorPool etc.

For example:
Code:
struct CPlayerPool
{
	DWORD			dwVirtualWorld[MAX_PLAYERS];
	DWORD			dwPlayersCount;
	DWORD			dwlastMarkerUpdate;
        ....		
        //how do you get the above members of a pool structure in IDA?
};
I hope I made myself more clear than before.

By the way what does this statement mean in IDA?
Code:
*(_DWORD *)(v2 + 4 * v3 + 150012)
v2, is the playerpool pointer, v3 is player id
...and why are we multiplying 4 with playerid, is it because the size of playerids are 4 byte?
Reply
#30

Because int, uint, dword, void, float is a 4 byte. And all pointers also 4byte.
Reply
#31

is with memory hacking possible to add rcon command or remove rcon command?
Reply
#32

Kurta999, how can I get the offset of CNetGame?
Reply
#33

Quote:
Originally Posted by codectile
Посмотреть сообщение
Kurta999, how can I get the offset of CNetGame?
You are looking for pNetGame. Pointet to NetGame (pNetGame for short)
CNetGame only means its a class (structure).
Reply
#34

Find for SetPlayerHealth, SetPlayerAnimation.. It will be here. It's the main pointer in samp.
Go back to first thread and look at this section: "Click on dword_4F6CC8, "

Or get it from ppData: https://github.com/kurta999/YSF/blob...ctions.cpp#L57

Quote:
Originally Posted by RaeF
Посмотреть сообщение
is with memory hacking possible to add rcon command or remove rcon command?
That's possible without memory hacking, use OnRCONCommand.
Reply
#35

And how do u hack the samp client? i'd like to reterive a data from samp the info what shows up when you press the f5 button in the game.

i guess with cheat engine, but first you have to calculate the base address and idk how.
Reply
#36

Quote:
Originally Posted by kadaradam
Посмотреть сообщение
And how do u hack the samp client? i'd like to reterive a data from samp the info what shows up when you press the f5 button in the game.

i guess with cheat engine, but first you have to calculate the base address and idk how.
Thats net stats... https://sampwiki.blast.hk/wiki/Category:NetStats_Functions

And about rcon command https://sampwiki.blast.hk/wiki/OnRconCommand
Please pay attention to:
pawn Код:
You will need to include this callback in a loaded filterscript for it to work in the gamemode!

@kurta999 PLUGIN_DATA_NETGAME, that offset is always the same...right? I mean in every version....If it is, how did you find it? (You know memory address from memory hacking then exported and compared it to each itel inside pData?)

Also is there any easy way to know what changed in structure with new versions? Because if we know new addresses but not new structure's than half the info can be right and other will probably be wrong (depending where Kalcor decided to insert new var )
Reply
#37

No, not in pawn. I'd like to use that information in a c++ program.
Reply
#38

Quote:
Originally Posted by kadaradam
Посмотреть сообщение
No, not in pawn. I'd like to use that information in a c++ program.
Use zeex's sampGDK (https://github.com/Zeex/sampgdk) and hook onto OnRconCommand...
Reply
#39

Nah, the remove one i want to remove the gmx.

Quote:
Originally Posted by kurta999
Посмотреть сообщение
Find for SetPlayerHealth, SetPlayerAnimation.. It will be here. It's the main pointer in samp.
Go back to first thread and look at this section: "Click on dword_4F6CC8, "

Or get it from ppData: https://github.com/kurta999/YSF/blob...ctions.cpp#L57



That's possible without memory hacking, use OnRCONCommand.
Reply
#40

Quote:
Originally Posted by DRIFT_HUNTER
Посмотреть сообщение
Thats net stats... https://sampwiki.blast.hk/wiki/Category:NetStats_Functions

And about rcon command https://sampwiki.blast.hk/wiki/OnRconCommand
Please pay attention to:
pawn Код:
You will need to include this callback in a loaded filterscript for it to work in the gamemode!

@kurta999 PLUGIN_DATA_NETGAME, that offset is always the same...right? I mean in every version....If it is, how did you find it? (You know memory address from memory hacking then exported and compared it to each itel inside pData?)

Also is there any easy way to know what changed in structure with new versions? Because if we know new addresses but not new structure's than half the info can be right and other will probably be wrong (depending where Kalcor decided to insert new var )
Yes, the offset is same, looks like since SA-MP exists.

"Also is there any easy way to know what changed in structure with new versions?" - Yes, reverse it. No other way, but that's not hard just very time consuming.

Quote:
Originally Posted by RaeF
Посмотреть сообщение
Nah, the remove one i want to remove the gmx.
Patch "gmx" in rcon commands array to different command
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)