[meTaLiCroSS]

May I forgot something, I guess, but if I remember well, retrieving the virtual table of a class it will return all the virtual functions from this one mentioned, not the classes that has extended from it

[meTaLiCroSS]

Just noticed the virtual table of CGameRules changed just on linux OS. In old versions, linux diff was +2, on current version, linux diff is 0, that means windows and linux offsets are the same (just with this)

The CGameRules member offsets are the same, I guess.

[Rivotril]

not working on linux server, windows does

Code:

{
    "name" : "SV_Rcon",
    "library" : "engine",
    "arguments" :
    [
        {
            "type" : "int"
        }
    ],
    "identifiers":
    [
        {
            "os" : "windows",
            "value" : [0x55,0x8B,"*",0x81,"*","*","*","*","*",0x53,0x56,0x57,0xE8,"*","*","*","*",0x8B,"*",0x68,"*","*","*","*",0x89]
        },
        {
            "os" : "linux",
            "value" : "SV_Rcon"
        }
    ]
}

[edon1337]

@OP

You forgot to add the title for SV_Rcon_Validate. Sorry for bumping

[DarthMan]

Can someone tell me if this signature is correct? I mean, if it points to SV_RejectConnection. Thanks!

PHP Code:

{ 
    "name" : "SV_RejectConnection", 
    "library" : "engine", 
    "identifiers" : 
    [ 
        { 
            "os" : "windows", 
            "value" : [0x55,0x8B,"*",0x81,"*","*","*","*","*",0x8B,"*","*",0x56,0x8D,"*","*",0x57,0x50,0x51,0x8D,"*","*","*","*","*"]
        }, 
        { 
            "os" : "linux", 
            "value" : "SV_RejectConnection" 
        } 
    ] 
} 


[edon1337]

Quote:

Originally Posted by DarthMan Can someone tell me if this signature is correct? I mean, if it points to SV_RejectConnection. Thanks! PHP Code: {      "name" : "SV_RejectConnection",      "library" : "engine",      "identifiers" :      [          {              "os" : "windows",              "value" : [0x55,0x8B,"*",0x81,"*","*","*","*","*",0x8B,"*","*",0x56,0x8D,"*","*",0x57,0x50,0x51,0x8D,"*","*","*","*","*"]         },          {              "os" : "linux",              "value" : "SV_RejectConnection"          }      ]  }

Simply test it and see if the signature is being found?

[DarthMan]

Quote:

Originally Posted by edon1337 Simply test it and see if the signature is being found?

The signature is right, it points to a sub_ but I think it doesn't point to the right function. I tested with a LAN server where it displays that reject message about it being restricted to lan clients class c and it crashed right when I joined, so something must be wrong. All I did was a server print with message test. Server was dedicated with sv_lan set to true.

[HamletEagle]

SV_RejectConnection doesn't have any string so you can't find it directly. If you look where it's used you see it's being called from SV_CheckProtocol and we are lucky, this function has 3 strings, should be easy to find.
https://github.com/dreamstalker/rehl...main.cpp#L1756

Now search for:"This server is using a newer protocol" in "Strings window" and you will find SV_CheckProtocol. The simply double click on the function that contains the string we searched for:

PHP Code:

sub_1D8A660(a1, aThisServerIsUs_0, 48, a2); 


The call should look something like this.

If you look here: https://github.com/dreamstalker/rehl...main.cpp#L1679 and in the decompiled output you will notice the functions are looking similar, meaning we found SV_RejectConnection(sub_1D8A660).
Then just take the bytes and make a signature.

[DarthMan]

Quote:

Originally Posted by HamletEagle SV_RejectConnection doesn't have any string so you can't find it directly. If you look where it's used you see it's being called from SV_CheckProtocol and we are lucky, this function has 3 strings, should be easy to find. https://github.com/dreamstalker/rehl...main.cpp#L1756 Now search for:"This server is using a newer protocol" in "Strings window" and you will find SV_CheckProtocol. The simply double click on the function that contains the string we searched for: PHP Code: sub_1D8A660(a1, aThisServerIsUs_0, 48, a2);  The call should look something like this. If you look here: https://github.com/dreamstalker/rehl...main.cpp#L1679 and in the decompiled output you will notice the functions are looking similar, meaning we found SV_RejectConnection(sub_1D8A660). Then just take the bytes and make a signature.

I'm not using ReHLDS, so sub_1D8A660 is not an option for me. I wonder why people on AM believe that everyone is now using ReHLDS. I know that a bunch of people switched to it, but not everyone. Everytime I was asking for question when related to hlds, help was given considering that I was using ReHLDS.

[HamletEagle]

Quote:

Originally Posted by DarthMan I'm not using ReHLDS, so sub_1D8A660 is not an option for me. I wonder why people on AM believe that everyone is now using ReHLDS. I know that a bunch of people switched to it, but not everyone. Everytime I was asking for question when related to hlds, help was given considering that I was using ReHLDS.

Hold your horses, what I gave you is for default hlds. I'm just using rehlds to check how the functions look and work, since it's the same code as hlds. Next time ask or simply try before talking bullshit.