Raised This Month: $51 Target: $400
 12% 

Signature Scanning Help


Post New Thread Reply   
AlliedModders Forum Index > SourceMod > Scripting
 
Thread Tools Display Modes
Author Message
Russianeer
SourceMod Donor
Russianeer's Avatar
Join Date: Feb 2011
Old 07-08-2012 , 21:26   Signature Scanning Help
Reply With Quote #1
I am trying to get the windows signature of a function by searching through the function names in the linux binary file and associating a string with it. But the function that I am looking for does not have any string associated with it. So how would I get the windows signature of that function?

Please explain.
Last edited by Russianeer; 07-08-2012 at 22:13. Reason: I was wrong.
Russianeer is offline
Afronanny
Veteran Member
Afronanny's Avatar
Join Date: Aug 2009
Old 07-08-2012 , 22:00   Re: Signature Scanning Help
Reply With Quote #2
Nono no no no non no no no nono no no no.
Who told you that? They are very mistaken.

Instructions between the Linux and Windows binaries will be different. Different compilers produce different results. What you want to do is find a string reference somewhere in that function on the linux binary, and search for a function with the same reference in the Windows binary. I would explain more, but I'm horrible at explaining things.

Edit:
Search for a function that is calls your function and has a string in it. Or if it's a virtual function, use ClassInformer to find the vtable in the windows binary and just select the function located at the offset you want.

Additionally, if you want me to find the sig for that function, I'd be more than happy to.
Last edited by Afronanny; 07-08-2012 at 22:02.
Afronanny is offline
Russianeer
SourceMod Donor
Russianeer's Avatar
Join Date: Feb 2011
Old 07-08-2012 , 22:19   Re: Signature Scanning Help
Reply With Quote #3
Quote:
Originally Posted by Afronanny View Post
Nono no no no non no no no nono no no no.
Who told you that? They are very mistaken.

Instructions between the Linux and Windows binaries will be different. Different compilers produce different results. What you want to do is find a string reference somewhere in that function on the linux binary, and search for a function with the same reference in the Windows binary. I would explain more, but I'm horrible at explaining things.

Edit:
Search for a function that is calls your function and has a string in it. Or if it's a virtual function, use ClassInformer to find the vtable in the windows binary and just select the function located at the offset you want.

Additionally, if you want me to find the sig for that function, I'd be more than happy to.
Do I use IDA's "Graph View" to find the function that calls the function that I am trying to find? If so, what if all the functions that I find that call the function that I am looking for do not have any strings?

Function that I am looking for is "CleanUpMap", but I would still like to know how to do this.
Last edited by Russianeer; 07-08-2012 at 22:20.
Russianeer is offline
Reply
AlliedModders Forum Index > SourceMod > Scripting

« Previous Thread | Next Thread »


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT -4. The time now is 06:11.

DMCA - Archive - Top

Powered by vBulletin®
Copyright ©2000 - 2024, vBulletin Solutions, Inc.
Theme made by Freecode