[CS:GO] Need some help with signature scanning
 

So, I am currently trying to SDKCall (and later Detour) the function int CCSGameRules::MaxNumPlayersOnCTTeam() (later on int CCSGameRules::MaxNumPlayersOnTerrorTeam() as well), but am having trouble getting the SDKCalls to work.
The plugin always fails to load with "Signature not found" which, according to the documentation, means it can't find the key in the gamedata file - even though it's there (file was copied from some other plugin, and modified).

Code:
Gamedata:
Raw signature: 55 89 E5 53 83 EC 14 A1 7C A1 41 01 8B 5D 08 (taken until the last cmp before jump, no changing memory addresses as far as I can see).

Does PrepSDKCall_SetFromConf actually already resolve the address or did I do something else wrong?
Thanks in advance!

Re: [CS:GO] Need some help with signature scanning
 

PrepSDKCall_SetFromConf does ensure that the signature scan resolves.

7C A1 41 01 is a far memory address that will be relocated at runtime and thus needs wildcarding - you really should use the makesig.idc script, it'll generate the shortest valid signature.

Don't forget that you need to restart the server after changing gamedata files.

Re: [CS:GO] Need some help with signature scanning
 

Can't we just change the signature inside the .txt file and reload the plugin? Maybe it's just me who can't recall correctly, but I remember being able to change the signature inside the text file and reloading the plugin, and everything worked fine.

Re: [CS:GO] Need some help with signature scanning
 

No, you can't, which is why I said it.

Re: [CS:GO] Need some help with signature scanning
 

To be honest, I actually remembered about a script which could create sigs, but couldn't remember the name of it..
Now, when I try to run the script, I get the following error:
makesig.idc,23: Syntax error near: auto

Using the search function, I suspect that my IDA version is too old (using IDA Pro Free 5.0).
Is there no way of getting the script running without buying a full license of IDA? (don't really want to spend 529€)

Re: [CS:GO] Need some help with signature scanning
 

That auto error happened to me too in IDA free, it worked in IDA Pro...

Re: [CS:GO] Need some help with signature scanning
 

Got the script working, generated the following for CCSGameRules::MaxNumPlayersOnCTTeam():
\x55\x89\xE5\x53\x83\xEC\x14\xA1\x2A\x2A\x2A\ x2A\x8B\x5D\x08\x3D\x2A\x2A\x2A\x2A\x74\x2A\x 8B\x10\x89\x04\x24\xFF\x52\x40\x83\xF8\x01

And for T:
\x55\x89\xE5\x53\x83\xEC\x14\x8B\x5D\x08\x89\ x1C\x24\xE8\x2A\x2A\x2A\x2A\x84\xC0\x75\x2A\x A1\x2A\x2A\x2A\x2A\x3D\x2A\x2A\x2A\x2A\x74\x2 A\x8B\x10\x89\x04\x24\xFF\x52\x40\x83\xF8\x01

Although the one for T seems a bit long (most likely due to the function being bigger interestingly), both seem to work fine - after changing the SDKCallType to SDKCall_GameRules, getting 4 as a result for each team on a empty retakes server).

Re: [CS:GO] Need some help with signature scanning
 

The actual signatures can get a little shorter, its still unique if you remove ending 0xF8, 0x01.
I'm guessing makesig.idc doesn't always produce shortest unique signatures.

Re: [CS:GO] Need some help with signature scanning
 

It avoids splitting individual opcodes.

More because IDA it per-opcode than anything else, a 2nd pass could be done after building the unique sig to trim it byte by byte.

Re-writing it in IDA Python with some fancy other features is on my todo list, sadly some of the stuff I'd like to add could do with a research team and 5 years.

Also been looking at porting some of the stuff like makesig to Radere2, but I get pretty lost every time I try and use that thing.