[Orpheu] Memory hack
Hi,
Is it possible to remove a function call inside an other function? Basically like this, where the purpose is to stop Function B() from being called, rest of the function will execute as normal: PHP Code:
|
Re: [Orpheu] Memory hack
Just NOP the related bytes.
|
Re: [Orpheu] Memory hack
How would I go about doing it in more detail, have a signature for the function and then displace down to the bytes where the function is called or?
|
Re: [Orpheu] Memory hack
So, you only have .amxx file, and you can't edit the plugin?
If so, you have to decompress .amxx file, change the corresponding bytes (parameter pushes, function call) to NOP instruction, and compress it back. I've written decompresser, but I couldn't manage to write a program to compress it back. Maybe I will give it another try in a few days. :) EDIT: I feel dumb here... Are you trying to "hack" a plugin or a module/game DLL? Because all that I written before is to not a run-time hack, and only works for plugins. |
Re: [Orpheu] Memory hack
Quote:
|
Re: [Orpheu] Memory hack
You answer yourself already. You can either use a signature which points to the related bytes start or getting a function address and adding n bytes to points where you want.
Once you get your address, just a matter to NOP all related bytes with 0x90. I don't know the context and don't know much about assembly, so for a simple call in linux you will have E8 X X X X where X X X X is the function address. So you need to NOP these 5 bytes. There are probably tips to not necessary replace all to 90's but don't know. You may have to care about function with arguments, you will have some bytes before and you could corrupt the stack easily depending what you do/how is called the function. |
Re: [Orpheu] Memory hack
Well, it is probably easier to modify a .so than a .dll.
But run-time patching with Orpheu is probably easier than doing so. Do you have a source code of that module? If you do, I can try to recompile it, omitting that function call. |
Re: [Orpheu] Memory hack
Something like this i want to do, To crack the dll engine and change the value of ENTITY LIMIT TO UNLIMITED ENTITIES!!! Reverse engineering, assembly language, this need a cracker to be done!!!
|
Re: [Orpheu] Memory hack
Quote:
|
Re: [Orpheu] Memory hack
Yeah but now that I think about it, would probably be better to patch the library for what I need it for.
I'll give a bit of context now, so you know what it's about. I want to change is PM_PlayerMove in tfc.so (Team fortress classic library).
PM_PlayerMove
What I want removed is the VectorScale call in this bit: PHP Code:
|
All times are GMT -4. The time now is 13:37. |
Powered by vBulletin®
Copyright ©2000 - 2024, vBulletin Solutions, Inc.