Messages

226

Armed Assault 2 / Re: SWEET JESUS I'M SO CLOSE TO DOING IT!

« on: July 19, 2010, 10:32:25 am »

Code: [Select]

CPU Disasm
Address   Hex dump          Command                                  Comments
004412A0  /$ /56            PUSH ESI                                 ; arma2.004412A0(guessed void)
004412A1  |. |8BF1          MOV ESI,ECX
004412A3  |. |8B06          MOV EAX,DWORD PTR DS:[ESI]
004412A5  |. |85C0          TEST EAX,EAX
004412A7  |. |74 0A         JE SHORT 004412B3
004412A9  |. |8D48 10       LEA ECX,[EAX+10]
004412AC  |. |8B01          MOV EAX,DWORD PTR DS:[ECX]
004412AE  |. |8B50 08       MOV EDX,DWORD PTR DS:[EAX+8]
004412B1  |. |FFD2          CALL EDX
004412B3  |> |C706 00000000 MOV DWORD PTR DS:[ESI],0
004412B9  |. |5E            POP ESI
004412BA  \. |C3            RETN

HMMMMMMM... Trace time.

227

Armed Assault 2 / Re: SWEET JESUS I'M SO CLOSE TO DOING IT!

« on: July 17, 2010, 07:24:14 pm »

packets ... nah ... hook the function that says what is in the folder , when it gets to (whateveryourpbofileiscalled.pbo) ... skip it.

simple strstr check will work. + you dont actually need to hook anything , its easier to force a call if !_isloading->mapscreen;.

Hohohoho, thats a good idea if it works

228

Armed Assault 2 / Re: Super61bhd's Guide to Hacking Zargabad Life (with pics)

« on: July 17, 2010, 09:19:29 am »

Either that or get around the kicking.

As for you getting banned for it, I assume it's because tsearch.exe doing writeprocessmemory into random memory locations just looks kinda dodgy from anyone's perspective, let alone Battleye.

229

Armed Assault 2 / Re: SWEET JESUS I'M SO CLOSE TO DOING IT!

« on: July 17, 2010, 09:15:48 am »

Code: [Select]

......)c^... .......].....u......addons\wheeled3.pbo.bi........$..RSA1........{.n....>...........~.V..l:..VM.8.... Z.HH.2!}2..u....I....C....+..Uwa.+.=.....e....Q6r....w-T|....:Qy...&B..z.l....r.r2..Mp..N.....+@.%.t..T.{......>....Ez..*...1.~.9...m.BAp.*h_..../....v1I..Q..'v).....G.!...:U........t.3w.......J[.;..(.....W..\<.Uf.....N.S..1...!.(89$.*'..w]-=...THISISTHEHACK.pbo....THISISANOTHER.pbo.....D...D........
Those hex to ascii conversions aren't the greatest, but that structure kinda looks familiar. Open up the public signed keys in a hex editor and you'll know what I'm talking about.

While I don't think you'll get too far with packet editing it, if you do go down that path, I suppose you're gonna end up hooking winsock and having an external program act as a proxy for the signature stuff. (Proxy pretends to be server, pretends to have signing keys for all your addons, you just produce your self-signed stuff, and then it just acts as a pass-through after the fact.)

230

Armed Assault 2 / Re: Super61bhd's Guide to Hacking Zargabad Life (with pics)

« on: July 16, 2010, 11:05:00 pm »

It's because he's blindly changing stuff since he apparently can't filter them, because it moves on change.

Sadly can't check it out as I don't own OA yet, but I assume it's the same for Chernaus Life.

231

Armed Assault 2 / Re: SWEET JESUS I'M SO CLOSE TO DOING IT!

« on: July 16, 2010, 07:18:49 pm »

Heres a hint: The server dosen't know to stop talking to you after it tells your client it's signatures are wrong.

Ie. Make your client ignore the kick!

232

Armed Assault 2 / Re: Super61bhd's Guide to Hacking Zargabad Life (with pics)

« on: July 16, 2010, 06:47:15 pm »

It just occured to me, shouldn't there be a pointer or some sort of table reference to variable memory locations? (Ie. The money)

If there is, you should be able to cook up a trainer and save yourself some time, instead of writing to random locations and hoping.

233

Armed Assault 2 / Re: Super61bhd's Guide to Hacking Zargabad Life (with pics)

« on: July 16, 2010, 03:13:39 pm »

Bypassing Battleye is trivial though.

You may also want to patch out the advert bit too in there.

234

Armed Assault 2 / Re: Zargabad Life Hax pic!!

« on: July 16, 2010, 12:48:42 pm »

Million beggers asking how to bypass sigs and BE coming your way, btw.

235

Armed Assault 2 / Re: Super61bhd's Guide to Hacking Zargabad Life (with pics)

« on: July 16, 2010, 12:46:00 pm »

You're searching for float values yet you tell us to disregard the ones with decimal values. Oh the irony.

Yet it's just the way that the engine holds numbers from mission scripts.

236

Armed Assault 2 / Re: Arma 2 Operation Arrowhead

« on: July 15, 2010, 05:01:52 pm »

Looks like I messed up unpacking the .dll?

Code: [Select]

00380007  B8 48013700               mov eax,370148
2nd import in the IAT table... Supposed to be pointing to kernel32 or ntdll. (370148 is probably something else entirely)

But at least I have the majority of it intact.

237

Armed Assault 2 / Re: Arma 2 Operation Arrowhead

« on: July 14, 2010, 08:21:47 am »

Couldn't you move that loop inside of the parameters of the do_public.sqs call so it works after you leave the server?

lol for fuxake

To put it lightly.

238

Armed Assault 2 / Re: Arma 2 Operation Arrowhead

« on: July 13, 2010, 07:47:32 pm »

*facepalm*

239

Armed Assault 2 / Re: Arma 2 Operation Arrowhead

« on: July 13, 2010, 03:20:37 pm »

Unpack the 1.3 one, which is only packed with PECompact... (the .dll too mind you), fix the imports with imprec, whammo! (Harder than it sounds for most of you...)

240

Armed Assault / Re: Y Axis Lock

« on: July 13, 2010, 11:59:34 am »

Perhaps you should make the 0 adjustable, since I think that some maps don't have a floor set at 0?