Raised This Month: $7 Target: $400
 1% 

A vtable dumper that even you can use!


Post New Thread Reply   
 
Thread Tools Display Modes
asherkin
SourceMod Developer
Join Date: Aug 2009
Location: OnGameFrame()
Old 06-18-2016 , 18:18   Re: A vtable dumper that even you can use!
Reply With Quote #11

Done some work on this over the last couple days to fix the 2 reported issues.
  • Binaries compiled with older compilers / strange linkage options are now supported (CS 1.6)
  • Binaries compiled with newer compilers are now supported (Insurgency)
__________________
asherkin is offline
Chdata
Veteran Member
Join Date: Aug 2012
Location: Computer Chair, Illinois
Old 06-25-2016 , 18:29   Re: A vtable dumper that even you can use!
Reply With Quote #12

Any plans to support finding those sigs like @_ZN9CTFPlayer10GetMaxAmmoEii from CTFPlayer::GetMaxAmmo

They're easy to find but it's even easier if it can be automated ;p
__________________

Last edited by Chdata; 06-25-2016 at 18:30.
Chdata is offline
Powerlord
AlliedModders Donor
Join Date: Jun 2008
Location: Seduce Me!
Old 06-25-2016 , 19:15   Re: A vtable dumper that even you can use!
Reply With Quote #13

Quote:
Originally Posted by Chdata View Post
Any plans to support finding those sigs like @_ZN9CTFPlayer10GetMaxAmmoEii from CTFPlayer::GetMaxAmmo

They're easy to find but it's even easier if it can be automated ;p
Signatures aren't vtables...
__________________
Not currently working on SourceMod plugin development.
Powerlord is offline
asherkin
SourceMod Developer
Join Date: Aug 2009
Location: OnGameFrame()
Old 06-25-2016 , 19:26   Re: A vtable dumper that even you can use!
Reply With Quote #14

Quote:
Originally Posted by Chdata View Post
Any plans to support finding those sigs like @_ZN9CTFPlayer10GetMaxAmmoEii from CTFPlayer::GetMaxAmmo
No, while it has the information internally, transferring all the symbols (rather than just the virtual ones) from the worker to the main thread would massively increase the processing time for something that is generally useless and quite far outside the scope.

If you have shell access to a Linux or macOS environment and a copy of server_srv.so, it's as simple as:
Code:
nm server_srv.so | grep GetMaxAmmo
__________________
asherkin is offline
xXDeathreusXx
Veteran Member
Join Date: Mar 2013
Location: pPlayer->GetOrigin();
Old 07-03-2016 , 17:07   Re: A vtable dumper that even you can use!
Reply With Quote #15

Quote:
Originally Posted by Potato Uno View Post
The irony is that finding signatures is easier than finding offsets, especially for windows.

Great work as always asherkin.
But but but.... Finding offsets was very easy for me, signatures are witchcraft
__________________
Plugins|Profile
Requests closed

I'm a smartass by nature, get used to it
xXDeathreusXx is offline
micapat
Veteran Member
Join Date: Feb 2010
Location: Nyuu, nyuu (France).
Old 12-03-2016 , 19:00   Re: A vtable dumper that even you can use!
Reply With Quote #16

Hi asherkin,

VTable Dumper doesn't seem to work anymore for CS:GO (I'm writing 'CCSPlayer', 'player', 'RemoveAllItems'... nothing appears).
It should be because of the last CS:GO update (Thx Valve).

Are you working on a fix?
__________________
micapat is offline
asherkin
SourceMod Developer
Join Date: Aug 2009
Location: OnGameFrame()
Old 12-03-2016 , 19:01   Re: A vtable dumper that even you can use!
Reply With Quote #17

There is no fix, you cannot extract data that does not exist.

Valve have removed symbols from the shipped CS:GO binaries.
__________________
asherkin is offline
xXDeathreusXx
Veteran Member
Join Date: Mar 2013
Location: pPlayer->GetOrigin();
Old 12-05-2016 , 15:18   Re: A vtable dumper that even you can use!
Reply With Quote #18

Quote:
Originally Posted by asherkin View Post
There is no fix, you cannot extract data that does not exist.

Valve have removed symbols from the shipped CS:GO binaries.
Which I can only assume they did in an attempt to slow down hackers developing cheats
__________________
Plugins|Profile
Requests closed

I'm a smartass by nature, get used to it
xXDeathreusXx is offline
klippy
AlliedModders Donor
Join Date: May 2013
Location: Serbia
Old 12-07-2016 , 06:32   Re: A vtable dumper that even you can use!
Reply With Quote #19

Quote:
Originally Posted by xXDeathreusXx View Post
Which I can only assume they did in an attempt to slow down hackers developing cheats
More like attempts to avoid server bans by changing skins etc. Cheat developers need the client binary more than the server one.

Last edited by klippy; 12-07-2016 at 06:32.
klippy is offline
Mitchell
~lick~
Join Date: Mar 2010
Old 12-09-2016 , 17:40   Re: A vtable dumper that even you can use!
Reply With Quote #20

Quote:
Originally Posted by asherkin View Post
There is no fix, you cannot extract data that does not exist.

Valve have removed symbols from the shipped CS:GO binaries.
So we're SOL if any of the offsets change?
Mitchell is offline
Reply


Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT -4. The time now is 01:17.


Powered by vBulletin®
Copyright ©2000 - 2024, vBulletin Solutions, Inc.
Theme made by Freecode