[Arkshine]

Quote:

Search it by yourself and stop asking.

[AntiBots]

I have IDA Pro Advance 5.6 if someone want to decompiler something

[Seta00]

Quote:

Originally Posted by AntiBots I have IDA Pro Advance 5.6 if someone want to decompiler something

Yeah, you and everyone else who knows how to use ThePirateBay...

Code:

The application has been completely decompiled.

By the way, I've got Host_ServerShutdown, anyone can confirm this is valid?

[Arkshine]

if nothing is returned, you don't need to specify it, you should remove it.

[Lt.RAT]

Quote:

Originally Posted by Seta00 By the way, I've got Host_ServerShutdown, anyone can confirm this is valid?

Quote:

Know there is a thing. This offset is guaranteed to be always the same each time the library loads but that can easily not be true if the library gets updated. That's the reason that motivated the creation of a technique called signature scanning. Signature scanning basically means: instead of provide an offset, provide a set of bytes that you can find at that offset (that represent the function). That set of bytes can easily have its location changed but as long as it exists as a block you can still search for it.

If you want to use it somewhere, you should provide signature. Also, not sure about your offset.

Also, as i understand, if we have args and ret with void type, we should remove it from our file.

ADD: oh ye, there is no tutorial about writing signatures atm

[Arkshine]

For me, Host_ShutdownServer is : 0x50050

and the sig would be :

Code:

{
    "name"        : "Host_ShutdownServer",
    "library"     : "engine",
    "identifiers" :
    [
        {
            "os"    : "windows",
            "mod"   : "cstrike",
            "value" : [0x55,0x8B,0xEC,0xA1,"*","*","*","*",0x85,0xC0,0x0F,"*","*","*","*","*",0x56,"*","*","*","*",0x6A,0x01]
        },
        {
            "os"    : "linux",
            "mod"   : "cstrike",
            "value" : "Host_ShutdownServer"
        }
    ]
}

If I'm motivated I will do a tutorial, it's not that hard.

[Seta00]

Quote:

Originally Posted by Arkshine For me, Host_ShutdownServer is : 0x50050 and the sig would be : Code: { "name" : "Host_ShutdownServer", "library" : "engine", "identifiers" : [ { "os" : "windows", "mod" : "cstrike", "value" : [0x55,0x8B,0xEC,0xA1,"*","*","*","*",0x85,0xC0,0x0F,"*","*","*","*","*",0x56,"*","*","*","*",0x6A,0x01] }, { "os" : "linux", "mod" : "cstrike", "value" : "Host_ShutdownServer" } ] } If I'm motivated I will do a tutorial, it's not that hard.

Thanks. Guess hacking Orpheu's source won't help me to use it

[atomen]

It might be better for me to do this in a separate topic but I'll let that rest for now.

Detecting shoot event properly requires a bit to much code for my taste therefore
I've been looking for an alternative (orpheu). Now I need some help.

I've found the shoot event offset (EV_HLDM_FireBullets) function name in windows.

PHP Code:

Source Code Location: "cl_cll.proj / ev_hldm.cpp (Ln 353)"
Library & Location: mp.dll ("cstrike/dlls")
Function name: sub_19024C0
Hex Location: 0x24C0 (correct me please) 


Now my question is; do I have enough data to provide myself with an orpheu function, and if so, I would be very pleased with some assistance.

EDIT: If someone wants the EV_HLDM_FireBullets declaration header:

PHP Code:

void EV_HLDM_FireBullets(int idx, float *forward, float *right, float *up, int cShots, float *vecSrc, float *vecDirShooting, float flDistance, int iBulletType, int iTracerFreq, int *tracerCount, float flSpreadX, float flSpreadY) 


EDIT 2: In my bold attempt creating a JSON file for the firebullets function I've might come up with something usable. Inspect and give judgement!

PHP Code:

{
    "name" : "EV_HLDM_FireBullets",
    "library" : "mod",
    "arguments" :
    [
        {
            "type" : "int"
        },
        {
            "type" : "float *"
        },
        {
            "type" : "float *"
        },
        {
            "type" : "float *"
        },
        {
            "type" : "int"
        },
        {
            "type" : "float *"
        },
        {
            "type" : "float *"
        },
        {
            "type" : "float"
        },
        {
            "type" : "int"
        },
        {
            "type" : "int"
        },
        {
            "type" : "int *"
        },
        {
            "type" : "float"
        },
        {
            "type" : "float"
        }
    ],
    "identifiers" :
    [
        {
            "os" : "windows",
            "mod" : "cstrike",
            "value" : 0x24C0
        },
    ]
} 


[Arkshine]

Forget, you can't hook it because Orpheu doesn't support some type like int * or float *.

By the way, there is already an accurate method to hook properly shot event. Look at the VEN tutorial. It hooks the events. The example est for CS but it's just a matter to change the event name you can find on your server.

[atomen]

I see. Though with further research I've discovered this function:

PHP Code:

Vector CBaseEntity::FireBulletsPlayer ( ULONG cShots, Vector vecSrc, Vector vecDirShooting, Vector vecSpread, float flDistance, int iBulletType, int iTracerFreq, int iDamage, entvars_t *pevAttacker, int shared_rand ) 


It is located in "dlls/combat.cpp". Is it possible to hook this function with Orpheu?

And yes, I am aware of VEN's tutorial.

EDIT: About my previous post, is it possible to hook the function without the parameters, if that is the problem? Just to use the event