[CS:GO] Need some help with signature scanning
So, I am currently trying to SDKCall (and later Detour) the function int CCSGameRules::MaxNumPlayersOnCTTeam() (later on int CCSGameRules::MaxNumPlayersOnTerrorTeam() as well), but am having trouble getting the SDKCalls to work.
The plugin always fails to load with "Signature not found" which, according to the documentation, means it can't find the key in the gamedata file - even though it's there (file was copied from some other plugin, and modified). Code: PHP Code:
PHP Code:
Does PrepSDKCall_SetFromConf actually already resolve the address or did I do something else wrong? Thanks in advance! |
Re: [CS:GO] Need some help with signature scanning
PrepSDKCall_SetFromConf does ensure that the signature scan resolves.
7C A1 41 01 is a far memory address that will be relocated at runtime and thus needs wildcarding - you really should use the makesig.idc script, it'll generate the shortest valid signature. Don't forget that you need to restart the server after changing gamedata files. |
Re: [CS:GO] Need some help with signature scanning
Quote:
|
Re: [CS:GO] Need some help with signature scanning
No, you can't, which is why I said it.
|
Re: [CS:GO] Need some help with signature scanning
To be honest, I actually remembered about a script which could create sigs, but couldn't remember the name of it..
Now, when I try to run the script, I get the following error: makesig.idc,23: Syntax error near: auto Using the search function, I suspect that my IDA version is too old (using IDA Pro Free 5.0). Is there no way of getting the script running without buying a full license of IDA? (don't really want to spend 529€) |
Re: [CS:GO] Need some help with signature scanning
That auto error happened to me too in IDA free, it worked in IDA Pro...
|
Re: [CS:GO] Need some help with signature scanning
Got the script working, generated the following for CCSGameRules::MaxNumPlayersOnCTTeam():
\x55\x89\xE5\x53\x83\xEC\x14\xA1\x2A\x2A\x2A\ x2A\x8B\x5D\x08\x3D\x2A\x2A\x2A\x2A\x74\x2A\x 8B\x10\x89\x04\x24\xFF\x52\x40\x83\xF8\x01 And for T: \x55\x89\xE5\x53\x83\xEC\x14\x8B\x5D\x08\x89\ x1C\x24\xE8\x2A\x2A\x2A\x2A\x84\xC0\x75\x2A\x A1\x2A\x2A\x2A\x2A\x3D\x2A\x2A\x2A\x2A\x74\x2 A\x8B\x10\x89\x04\x24\xFF\x52\x40\x83\xF8\x01 Although the one for T seems a bit long (most likely due to the function being bigger interestingly), both seem to work fine - after changing the SDKCallType to SDKCall_GameRules, getting 4 as a result for each team on a empty retakes server). |
Re: [CS:GO] Need some help with signature scanning
Quote:
I'm guessing makesig.idc doesn't always produce shortest unique signatures. |
Re: [CS:GO] Need some help with signature scanning
Quote:
More because IDA it per-opcode than anything else, a 2nd pass could be done after building the unique sig to trim it byte by byte. Re-writing it in IDA Python with some fancy other features is on my todo list, sadly some of the stuff I'd like to add could do with a research team and 5 years. Also been looking at porting some of the stuff like makesig to Radere2, but I get pretty lost every time I try and use that thing. |
All times are GMT -4. The time now is 09:26. |
Powered by vBulletin®
Copyright ©2000 - 2024, vBulletin Solutions, Inc.