Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - Pride

Pages: 1 ... 11 12 13 14 15 [16] 17 18 19 20
226
Armed Assault 2 / Re: SWEET JESUS I'M SO CLOSE TO DOING IT!
« on: July 19, 2010, 10:32:25 am »
Code: [Select]
CPU Disasm
Address   Hex dump          Command                                  Comments
004412A0  /$ /56            PUSH ESI                                 ; arma2.004412A0(guessed void)
004412A1  |. |8BF1          MOV ESI,ECX
004412A3  |. |8B06          MOV EAX,DWORD PTR DS:[ESI]
004412A5  |. |85C0          TEST EAX,EAX
004412A7  |. |74 0A         JE SHORT 004412B3
004412A9  |. |8D48 10       LEA ECX,[EAX+10]
004412AC  |. |8B01          MOV EAX,DWORD PTR DS:[ECX]
004412AE  |. |8B50 08       MOV EDX,DWORD PTR DS:[EAX+8]
004412B1  |. |FFD2          CALL EDX
004412B3  |> |C706 00000000 MOV DWORD PTR DS:[ESI],0
004412B9  |. |5E            POP ESI
004412BA  \. |C3            RETN

HMMMMMMM... Trace time.

227
Armed Assault 2 / Re: SWEET JESUS I'M SO CLOSE TO DOING IT!
« on: July 17, 2010, 07:24:14 pm »
packets ... nah ... hook the function that says what is in the folder , when it gets to (whateveryourpbofileiscalled.pbo) ... skip it.

simple strstr check will work. + you dont actually need to hook anything , its easier to force a call if !_isloading->mapscreen;.

Hohohoho, thats a good idea if it works :P

228
Either that or get around the kicking.

As for you getting banned for it, I assume it's because tsearch.exe doing writeprocessmemory into random memory locations just looks kinda dodgy from anyone's perspective, let alone Battleye.

229
Armed Assault 2 / Re: SWEET JESUS I'M SO CLOSE TO DOING IT!
« on: July 17, 2010, 09:15:48 am »
Code: [Select]
......)c^... .......].....u......addons\wheeled3.pbo.bi........$..RSA1........{.n....>...........~.V..l:..VM.8.... Z.HH.2!}2..u....I....C....+..Uwa.+.=.....e....Q6r....w-T|....:Qy...&B..z.l....r.r2..Mp..N.....+@.%.t..T.{......>....Ez..*...1.~.9...m.BAp.*h_..../....v1I..Q..'v).....G.!...:U........t.3w.......J[.;..(.....W..\<.Uf.....N.S..1...!.(89$.*'..w]-=...THISISTHEHACK.pbo....THISISANOTHER.pbo.....D...D........
Those hex to ascii conversions aren't the greatest, but that structure kinda looks familiar. Open up the public signed keys in a hex editor and you'll know what I'm talking about.

While I don't think you'll get too far with packet editing it, if you do go down that path, I suppose you're gonna end up hooking winsock and having an external program act as a proxy for the signature stuff. (Proxy pretends to be server, pretends to have signing keys for all your addons, you just produce your self-signed stuff, and then it just acts as a pass-through after the fact.)

230
It's because he's blindly changing stuff since he apparently can't filter them, because it moves on change.

Sadly can't check it out as I don't own OA yet, but I assume it's the same for Chernaus Life.

231
Armed Assault 2 / Re: SWEET JESUS I'M SO CLOSE TO DOING IT!
« on: July 16, 2010, 07:18:49 pm »
Heres a hint: The server dosen't know to stop talking to you after it tells your client it's signatures are wrong.

Ie. Make your client ignore the kick!

232
It just occured to me, shouldn't there be a pointer or some sort of table reference to variable memory locations? (Ie. The money)

If there is, you should be able to cook up a trainer and save yourself some time, instead of writing to random locations and hoping.

233
Bypassing Battleye is trivial though.

You may also want to patch out the advert bit too in there. :P

234
Armed Assault 2 / Re: Zargabad Life Hax pic!!
« on: July 16, 2010, 12:48:42 pm »
Million beggers asking how to bypass sigs and BE coming your way, btw.

235
You're searching for float values yet you tell us to disregard the ones with decimal values. Oh the irony.

Yet it's just the way that the engine holds numbers from mission scripts.

236
Armed Assault 2 / Re: Arma 2 Operation Arrowhead
« on: July 15, 2010, 05:01:52 pm »
Looks like I messed up unpacking the .dll?

Code: [Select]
00380007  B8 48013700               mov eax,370148
2nd import in the IAT table... Supposed to be pointing to kernel32 or ntdll. (370148 is probably something else entirely)

But at least I have the majority of it intact.

237
Armed Assault 2 / Re: Arma 2 Operation Arrowhead
« on: July 14, 2010, 08:21:47 am »
Couldn't you move that loop inside of the parameters of the do_public.sqs call so it works after you leave the server?

lol for fuxake

To put it lightly.

238
Armed Assault 2 / Re: Arma 2 Operation Arrowhead
« on: July 13, 2010, 07:47:32 pm »
*facepalm*

239
Armed Assault 2 / Re: Arma 2 Operation Arrowhead
« on: July 13, 2010, 03:20:37 pm »
Unpack the 1.3 one, which is only packed with PECompact... (the .dll too mind you), fix the imports with imprec, whammo! (Harder than it sounds for most of you...)

240
Armed Assault / Re: Y Axis Lock
« on: July 13, 2010, 11:59:34 am »
Perhaps you should make the 0 adjustable, since I think that some maps don't have a floor set at 0?

Pages: 1 ... 11 12 13 14 15 [16] 17 18 19 20