Raised This Month: $ Target: $400
 0% 

Future and more on sig scanning


Post New Thread Reply   
AlliedModders Forum Index > SourceMod > Metamod: Source > Coding MM:S Plugins & SM Extensions
 
Thread Tools Display Modes
Author Message
Tryclyde
Junior Member
Tryclyde's Avatar
Join Date: Sep 2008
Old 10-16-2008 , 14:27   Future and more on sig scanning
Reply With Quote #1
Is this in the near future?
Quote:
The Future

While Metamod:Source is a stable/production product, more features are on the horizon. There are distant plans for a detouring library and a library for efficiently automated signature scanning.
I'm still lost on sigscanning, I'm using BAILOPAN's sigscanner and I don't get a few things.

1. I can call csigmngr.resolvesig() but what is the first parameter?
Code:
void *ResolveSig(void *memInBase, const char *pattern, size_t siglen);
I have the pattern and size of the address I want (Teleport) but I don't understand what the first parameter is.

2. I'm seeing that global hooks have been added, I'm guessing I can use this to get an instance of all the CBaseEntity or CBasePlayers in the server? I don't understand how to get a hold of CBaseEntity and how to use it.

3. How would I create a function after I actually do csigmngr.ResolveSig() so I can actually CALL CBaseEntity::Teleport?
Tryclyde is offline
Send a message via AIM to Tryclyde
BAILOPAN
Developer
BAILOPAN's Avatar
Join Date: Jan 2004
Old 10-16-2008 , 21:20   Re: Future and more on sig scanning
Reply With Quote #2
0. I don't think anyone is actively working on it.

1. First parameter is a memory address in the DLL the pattern resides. Should be a code address. ismm->serverFactory(X) will work where X is the parameter that gives you the "real" address and not the fake one.

2. Global hooks affect a vtable, which represents a point in the inheritance chain. If you specify a global hook on, for example, a CCSPlayer - it will not affect CCSBots because they are derived and have a different vtable. Thus there is no way to hook "every" CBaseEntity without tracking down and globally hooking each derived class. This isn't a limitation of SourceHook - it's how C++ works.

But to answer your question, you need to get an instance before you start using it (for example, a player connecting). Or, you need the vtable by sniffing it out of the DLL through signature scanning or whatnot.

3. You need to construct the assembly in an executable buffer.
  • You can bit-bang.
  • You can use SourceHook, which has x86_macros.h and sh_pagealloc.h, respectively they are macros for jitting runtime functions and helpers for allocating executable memory.
  • If you're using SourceMod extensions, you can use the BinTools extension (IBinTools.h API) which lets you construct arbitrary function calls.
__________________
egg
BAILOPAN is offline
Tryclyde
Junior Member
Tryclyde's Avatar
Join Date: Sep 2008
Old 10-19-2008 , 13:55   Re: Future and more on sig scanning
Reply With Quote #3
Thanks, that does explain a lot, I'm still going to try browsing for examples on re-constructing a signature call
Tryclyde is offline
Send a message via AIM to Tryclyde
Reply
AlliedModders Forum Index > SourceMod > Metamod: Source > Coding MM:S Plugins & SM Extensions

« Previous Thread | Next Thread »


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT -4. The time now is 12:47.

DMCA - Archive - Top

Powered by vBulletin®
Copyright ©2000 - 2024, vBulletin Solutions, Inc.
Theme made by Freecode