Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - Risal

Pages: [1]
1
Exactly what I was looking for. Keep it up! Don't spoon feed but explain stuff  :icon_thumbsup

EDIT:
Just looked into it but for some reason IDA Pro does not show any real function names for me:
https://imgur.com/vP45RpS Using the latest freeware version. Am I doing something wrong?

EDIT 2:
Looks like this is caused by not using the ClassInformer plugin, however I am unable to find a version for the 5.0 IDA version. Neither for 7.0. Any idea?

You don't see the names because I named them myself. Ive gone through almost 100 different functions, analyzing them and naming them as I discover what they do within the game.

I use IDA 6.8, you can find the program for free if you really try.

Oh interesting. Well you said:"By throwing the game into IDA and letting it generate, we can tell after a quick browse that the game has left a lot of named functions in and it also uses some sort of scripting language." which confused me and I thought the functions actually have names. I know that this is normally not the case but I thought maybe it actually is in this case.
Did you also name the classes yourself? I am unable to find a working class informer for my 7.0 version (which is free btw.)

2
Exactly what I was looking for. Keep it up! Don't spoon feed but explain stuff  :icon_thumbsup

EDIT:
Just looked into it but for some reason IDA Pro does not show any real function names for me:
https://imgur.com/vP45RpS Using the latest freeware version. Am I doing something wrong?

EDIT 2:
Looks like this is caused by not using the ClassInformer plugin, however I am unable to find a version for the 5.0 IDA version. Neither for 7.0. Any idea?

3
Mount and Blade / Re: Coding Help needed for ESP and Aimbot
« on: August 20, 2018, 05:55:43 pm »
I use IDA for all of my static disassembly, and then you can use CE or ollydbg for runtime debugging

Thanks. As I already said I am new to all the assembler stuff and I saw the functions that MrMedic posted however I am not able to find them inside any decompiler or debugger. I tried adding them with the base offset of mb_warband resulting it 08xxxxx but they only go up to 07xxxx in the debuggers. And strangely stuff like x64dbg or ollydebug don't show any functions but some uninteresting imports. Inside IDA pro all functions are called subxxx which is understandable because usually function names are not sustained when compiled (afaik) however I am unable to find the offsets provided by MrMedic there either.
 I can understand if you guys don't want to spend all your time explaining everything but it would be helpful if I could maybe get a video reference explaining all of this stuff.

Thanks in advance.

4
Mount and Blade / Re: Coding Help needed for ESP and Aimbot
« on: August 19, 2018, 05:02:17 pm »
What am I even looking at.

First of all, I really wouldn't use C# for any sort of memory modification. Look into using C++ load your own library into the game so that way you can interface with the game/engines functions and use them to your advantage. There are functions which only pass the localplayer and there is a static variable which holds it, but either way you will need to iterate through the entity loop. (Hint: The game uses a deque to store and sort entities)

You are looking at:
http://tkc-community.net/forum/index.php/topic,15224.0.html

C++ is really annoying though. To load my own library into the game I have to read the assembler code though, right? So you are saying that I shouldn't use the memory at all?

What are you talking about?
No, you dont need to read the assembler code, I only use inline assembly for one thing in my cheat and you are nowhere near that point. I'm saying make a library which you can inject/load into the game at runtime.

Oh so there is a good way to read the program code in anyhting but Assembler to find out about functions and their behaviour? I always thought there is no  real Decompiler for c++ yet.

5
Mount and Blade / Re: Coding Help needed for ESP and Aimbot
« on: August 19, 2018, 02:24:16 am »
What am I even looking at.

First of all, I really wouldn't use C# for any sort of memory modification. Look into using C++ load your own library into the game so that way you can interface with the game/engines functions and use them to your advantage. There are functions which only pass the localplayer and there is a static variable which holds it, but either way you will need to iterate through the entity loop. (Hint: The game uses a deque to store and sort entities)

You are looking at:
http://tkc-community.net/forum/index.php/topic,15224.0.html

C++ is really annoying though. To load my own library into the game I have to read the assembler code though, right? So you are saying that I shouldn't use the memory at all?

6
Mount and Blade / Coding Help needed for ESP and Aimbot
« on: August 18, 2018, 08:36:58 pm »
Could need some help from MrMedic or someone other experienced. I am currently looking into updating the C# ESP by Frank. I know how to program (5 Years of Java Experience, 2 Years of C#) but I am new to C++ and especially assembler and RAM stuff. Right now I am reading tutorials and I guess I understand everything related to pointers etc.
However in his code he injects something into the assembler code of warband:
Code: [Select]


            decimal number = Convert.ToDecimal(0x02C85AE4);
            decimal sum = Convert.ToDecimal(0x14124);
            IntPtr address = (IntPtr)(0x49E45A);
            IntPtr address2 = (IntPtr)(0x6082F2);

            try
            {
                mem.WriteInt((int)sum, 0);
                MemorySharp sharp = new MemorySharp(Process.GetProcessesByName("mb_warband")[0]);

                #region ----ASM----
                sharp.Assembly.Inject(new[] { "JMP " + Convert.ToString(address2), }, address);

                sharp.Assembly.Inject(
                    new[]{
                    "mov ["+number+"],esi",
                    "PUSHFD",
                    "PUSHAD",
                    "PUSH EAX",
                    "mov EAX,["+sum+"]",
                    "CMP EAX,3200",
                    "JE "+Convert.ToDecimal(0x608323),
                    "add EAX,16",
                    "mov EDX,["+number+"]",
                    "mov ["+pointer+"+EAX],EDX",
                    "mov ["+sum+"],EAX",
                    "POP EAX",
                    "POPAD",
                    "POPFD",
                    "JMP "+Convert.ToString(address+0x06),
                    "mov ebp,0",
                    "mov ["+sum+"],ebp",
                    "mov eax,["+sum+"]",
                    "JMP "+Convert.ToDecimal(0x608307),
                },
                        address2);
                #endregion
            }
            catch (Exception e)
            {
                mem.CloseHandle();
                MessageBox.Show("Memory injection failed exiting programming please consult the programer, yes me Frank. Also I am going to print out the error message not like I am going to understand it");
                MessageBox.Show(e.Message);
                Environment.Exit(0);
            }

I don't quite understand why he does it and where it is injected (I guess assembler offsets changed)?
And I will be watching some more tutorials and reading stuff however I would be pleased if you could tell me how to easily find the start of the list of all players

Oh and I also have the static address for the main player team: mb_warband.exe+9E800C however when I subtract the old offset of 0x7b4 I do not end up at the main player base, at least structure dissect does not show it. What am I doing wrong?

Pages: [1]