Signature Request Thread
 

I've become quite adept at sigscanning. If anyone needs a signature for CS:S, you can request it here :P, and I will try to find it for you. I can also do TF2 but I will need to get the updated .dll and .so file.


Fire away :)

Re: Signature Request Thread
 

can you sacn css zombie mod 2.0 signature?

Re: Signature Request Thread
 

Hmm, good question. I probably could, but what do you need to do? Turn someone into a zombie?

Re: Signature Request Thread
 

1. trun someone to zombie
2. check player is zombie or not.
3. change player move speed

Re: Signature Request Thread
 

I think you misunderstood my intentions. I can find signatures for quite a few functions in the server.dll and server_i486.dll files of CSS and (probably TF2).

I will try to get you signatures for zombiemod, but something tells me that the signatures aren't going to work.

Re: Signature Request Thread
 

Well I'm slowly writing things for tf2, learning as I go, I'd like to know how to get the player_death and teleport functions as a start. I'm sure I can do this too, if you have the time maybe you could explain how to write a sigscan function after you have the address, mask, etc., that's what I'm confused about.

Re: Signature Request Thread
 

player_death is an event which can be captured using IGameEventManager.

Teleport is actually a virtual function which you can use the vtable for but the offsets are liable to change very quickly. So yes, I will grab you a signature for that :D


I'm writing up a nice long tutorial with pictures that explains this, albeit I've had a crazy week so I haven't gotten too much done on it.

If you are using C++, you do not need a mask. Use BAILOPAN's signature scanner from CSS: DM (search for it :D).

Re: Signature Request Thread
 

Please let me know as soon as you finish, in the mean time I'll play around with BAILOPAN's sigscanner and find out how to use the event manager.

Re: Signature Request Thread
 

Well, since you are offering...

I need a new sig for CCSPlayer::SwitchTeam

Any chance you could help?

TIA

robot

Re: Signature Request Thread
 

Sure no problem.

EDIT: Here you are:

The Signature:
Length: 33
Calling Convention: __thiscall
Prototype:

Re: Signature Request Thread
 

Thanks for the fast response there! Unfortunately, for whatever reason - that sig is not working for me.

The plugin certainly finds it, but after loading, the server dies and goes into loop (although I probably need to debug a bit more to confirm exactly what is happening). I will try to debug it further on my end - but was wondering if you have confirmed that this is indeed the correct function and it is callable...?

Basically to explain a bit more, the last Valve update killed my plugin. The sig I was using was:

However now I cannot find the correct one. I should also mention my code is quite old (http://zombiehorde.svn.sourceforge.n...nk/zhplug-1.1/) and may have other issues - although it did was working up until last update :/

robot

Re: Signature Request Thread
 

EDIT: This is a windows signature, not a Linux one :)

Yes. I test every single signature I create. That signature worked for me when I used it (which was right before submitting my post), so I'm sure it's the way you are using the signature. Remember that this signature is a __thiscall, which means you need to pass in a this-pointer as the first parameter in the function. Then, inside the function, you need to do the following with the __asm keyword if you are using windows (if you are using c++):

To use signatures, I use something LDuke taught me, which he was shown by Cybermind.

Essentially, take a look at the declaration of the function. In this case, it has one parameter, int iTeamIndex. It's also a __thiscall which means that you need a pointer to an instance of CCSPlayer. If you take a look at the class heirarchy, CCSPlayer is also an instance of CBaseEntity. So from an edict_t* you do ->GetUnknown()->GetBaseEntity(); Use that as your this-pointer.

Now, create a typedef for the function, inside your code. The syntax works like this:

With the above, if your calling convention is anything other than a __fastcall, you do not need to put a calling convention there :).

So with CCSPlayer::SwitchTeam:
Next, what I do in my code is I have a class which manages my signatures. Inside it, I create an instance of the typedef in my class's private member variables section:

.

Finally, I have a global instance of the signature scanner (I use BAILOPAN's). I have a function called Initialize() in my manager class, which I call when metamod loads. I then do the following for each "function type members" that I showed you above:

Finally, you need to call your newfound function! In my manager class, I have callable functions for each signature. In this case, since we have a __thiscall, you need to move the this pointer into the ecx register, and push all the parameters into the stack left to right. This is why I put the thispointer (the CBaseEntity* instance) first :D. So the code:

And that's it! You can apply the same principles for pretty much any other thiscall (I haven't run into any exceptions. Also, on a side note, I am signature scanning for classes in CS:S. I have written up a page on CCSPlayer if you want to take a look:

http://wiki.alliedmods.net/CCSPlayer

I hope this helped! :D

Re: Signature Request Thread
 

CTFPlayer::TeamFortress_SetSpeed(void)

:)

see you in #sigs on IRC

Re: Signature Request Thread
 

Lol, I had a really hard time with this one. I haven't tested this because I can't run TF2 on this box, so =/, but you can :D

Prototype: Calling Convention: __fastcall
Signature:

Code:

---

\x51\x56\x8B\xF1\x2A\x2A\x2A\x2A\x2A\x2A\xC1\xE8\x03\xA8\x01\x57\x2A\x2A\x2A\x2A\x2A\x2A\x74\x3E\x8B\x16\x2A\x2A\x2A\x2A\x2A\x2A

---

Length: 32

The above is untested so don't blame me if something goes wrong :D. I need LDuke to report back.

Re: Signature Request Thread
 

i found this, then use detours. but how to set the speed next?

Re: Signature Request Thread
 

Could anyone find me the sig for this:

CBaseEntityList * g_pEntityList

(TF2)

Thanks :)

Re: Signature Request Thread
 

The entitylist is an offset, not a pointer, and you can find it in sdktools extention or lduke's extention.

Re: Signature Request Thread
 

I know youve been busy lately, but heres one if you get time :)

CTFPlayer::CanAttack(void)

Re: Signature Request Thread
 

EDIT: Disregard that function :S Dunno what I was thinking there lol.
What did you want to do?

Secondly, I don't think you can search for signatures in other binaries outside of server.dll / server_i486.so because you need to have a pointer that's stored internally in those (to get the membase of the DLL). Try using a CS function for what you want.

Ninja Edit: I'm searching for your signature Crimson :D

EDIT2: I think I found it, but you'll need to test it (I wasn't able to, so no guarantees lol):
EDIT3: The above is TESTED and working as of 2/7/09! The above is CTFPlayer::CanAttack(void).

Re: Signature Request Thread
 

Just to throw it out there, even though I cant get it to work (it just doesnt seem to be called) heres the sig for CBaseCombatWeapon::UsesPrimaryAmmo()

your-name-here: I was actually able to find a few with the method you showed me last night :) However, theres one that I cant find a string in anywhere. If you get a chance to take a look, its CBaseEntity::CreatePredictedEntityByName(char const*, char const *, int, bool). I did see that CreateEntityByName was called inside of it, and has a string in it, but was not able to find it based off that.

Re: Signature Request Thread
 

Hi.
I'm searching the sig and the mask for CBasePlayer::FireBullets currently.

Thanks,
- Chris

Re: Signature Request Thread
 

What game?

@CrimsonGT: I couldn't find that sig lol, it's one of those ones that are "unsiggable" unless you tried patchdiff'ing between hl2dm and tf2 :/

Re: Signature Request Thread
 

Hi.
For Counterstrike: Source.

Thanks,
- Chris

Re: Signature Request Thread
 

Can't you just hook that function?

Virtual offset 101...

http://wiki.alliedmods.net/CBasePlayer_Offset_List_(Counter-Strike:_Source)

Re: Signature Request Thread
 

How I should do this? I can't lay a hook about all player instances, that not possible. For that, I need the sig and mask, do I!?

~ Chris

Re: Signature Request Thread
 

You can hook when a player connects, then unhook when they leave. I do this for FireBullets, TraceAttack...

Works fine.

Re: Signature Request Thread
 

Nice!
Very cool idea, and yep, it works.
Thank you so much :)

Thanks,
- Chris

Re: Signature Request Thread
 

haha damnit, ah well. I was hoping :P

Re: Signature Request Thread
 

Anyone have any ideas on how I could go about finding CTFGameStats::IncrementStat(CTFPlayer *, TFStatType_t, int) ???

Re: Signature Request Thread
 

I think this is another unsiggable function because each time I get to a function that references it, I get:

It doesn't look like it's being directly called :S

What you can probably do is use this:
Which is the (untested) signature for CTFGameStats_Event_PlayerFiredWeapon which calls CTFGameStats::IncrementStats. From there....

This should rip the pointer to CTFGameStats__IncStats directly from eax (assuming I did the hex right :P)

Let me know if it works for you.

Re: Signature Request Thread
 

This really nice what you doing for everyone, very helpful :)

Can you maybe find CBasePlayer:: DisableButtons(int) if you have time? It not emergency, and not bad if not.

Re: Signature Request Thread
 

Heh thanks. Unlike others, I find searching for sigs to be a nice challenge.

What game is it for?

Re: Signature Request Thread
 

It is for TF2

Re: Signature Request Thread
 

EDIT: Unfortunately, your function is not directly called by anything in the windows binary :S
It's fallen under the unsiggable category, unless you want to hardcode some offsets and rip the address out (which I'm waiting for LDuke to get back to me about).

Re: Signature Request Thread
 

Me and bl4nk both gave a try at finding the proper sig for CTFPlayer::OnTakeDamage_Alive and neither one worked. Been at it for 2 days, so if you have time to give it a shot it would be appreciated <3

Re: Signature Request Thread
 

Scratch this, I think im good now. The end of the sig hunt will be a marvelous day indeed!

Re: Signature Request Thread
 

can find "GetNumHumanPlayers" in L4d engine.dll?

i try many times, but fail...

Re: Signature Request Thread
 

It works now, but will probably break on the next update... if it does, let me know and I'll make a new one wildcarding the changed bytes.

Re: Signature Request Thread
 

Could anyone find a sig to disable first blood in TF2 Arena mode?

Re: Signature Request Thread
 

there's gotta be a cvar for that.