Author Topic: Mount and Blade Reversing and Sig thread  (Read 2371 times)

0 Members and 1 Guest are viewing this topic.

MrMedic

  • MasstKer
  • ********
  • Posts: 8900
  • programmer/dev/software engineer
    • View Profile
Re: Mount and Blade Reversing and Sig thread
« Reply #15 on: March 17, 2017, 10:28:53 pm »
Ok will do.
EnCoded Message: i3iy9yl8kr2xf3g2Txs3pr6ye3ya7jg5ty2z

https://www.youtube.com/watch?v=62_7-AYfdkQ
you need a paypal account for the private versions.

Website:
http://bit.ly/medic101

Teamspeak 3: 85.236.101.5:10157

Mercenary_Frank

  • Online Villain
  • ***
  • Posts: 177
    • View Profile
Re: Mount and Blade Reversing and Sig thread
« Reply #16 on: March 25, 2017, 03:49:24 pm »
thanks for info seb, wanna swap your idb file or reverse info for my OO framework menu fully native won't be detected by any anti-cheat because I made it fully with native directx.

reason why I don't have much reverse info for MB is because I have been busy with schoolwork and internships...

MrMedic

  • MasstKer
  • ********
  • Posts: 8900
  • programmer/dev/software engineer
    • View Profile
Re: Mount and Blade Reversing and Sig thread
« Reply #17 on: March 25, 2017, 08:06:59 pm »
you can grab all classes on the fly there is a function that holds them all. iterates before the game shows the loading screen. log them and you can call anything in the game pal.

i never bothered with the game gui as its game specific and mostly i code my guis to work on everything for speed when a new game comes along.

on average it takes me about 5 minutes to make an aimbot for most games, so i don't want to spend another 5 minutes on the gui when i already have a universal method.

nice menu but you might want to change csgo frank to warband  :smile
EnCoded Message: i3iy9yl8kr2xf3g2Txs3pr6ye3ya7jg5ty2z

https://www.youtube.com/watch?v=62_7-AYfdkQ
you need a paypal account for the private versions.

Website:
http://bit.ly/medic101

Teamspeak 3: 85.236.101.5:10157

MrMedic

  • MasstKer
  • ********
  • Posts: 8900
  • programmer/dev/software engineer
    • View Profile
Re: Mount and Blade Reversing and Sig thread
« Reply #18 on: March 25, 2017, 08:15:22 pm »
ps you can use camera , - local pos and it will look at whatever target you feed into it , it looks very obvious though as your player will instantly whip round at the speed of light , i found out over time played that its better to humanise it with a random divide.

also use anim states to copy their moves as the better they are the better you will play while pressing aimbot key.

usually get a your very good comments , and in fact their the ones that are good i merely press a key and win.

they beat them selves but they don't realise it because apparently it isn't possible to do that. :smile
EnCoded Message: i3iy9yl8kr2xf3g2Txs3pr6ye3ya7jg5ty2z

https://www.youtube.com/watch?v=62_7-AYfdkQ
you need a paypal account for the private versions.

Website:
http://bit.ly/medic101

Teamspeak 3: 85.236.101.5:10157

Mercenary_Frank

  • Online Villain
  • ***
  • Posts: 177
    • View Profile
Re: Mount and Blade Reversing and Sig thread
« Reply #19 on: March 25, 2017, 11:56:08 pm »
I think the problem is how to find
you can grab all classes on the fly there is a function that holds them all. iterates before the game shows the loading screen. log them and you can call anything in the game pal.

i never bothered with the game gui as its game specific and mostly i code my guis to work on everything for speed when a new game comes along.

on average it takes me about 5 minutes to make an aimbot for most games, so i don't want to spend another 5 minutes on the gui when i already have a universal method.

nice menu but you might want to change csgo frank to warband  :smile

I think the problem is finding the function, the game has like 300 functions on IDA add the fact you have also reverse the structure to call the function successfully but thankfully Seb released some info :p

MrMedic

  • MasstKer
  • ********
  • Posts: 8900
  • programmer/dev/software engineer
    • View Profile
Re: Mount and Blade Reversing and Sig thread
« Reply #20 on: March 26, 2017, 08:56:16 pm »
frank look at strings and they also left some source code in the exe take a look at it, its a very easy thing to do.
EnCoded Message: i3iy9yl8kr2xf3g2Txs3pr6ye3ya7jg5ty2z

https://www.youtube.com/watch?v=62_7-AYfdkQ
you need a paypal account for the private versions.

Website:
http://bit.ly/medic101

Teamspeak 3: 85.236.101.5:10157

Mercenary_Frank

  • Online Villain
  • ***
  • Posts: 177
    • View Profile
Re: Mount and Blade Reversing and Sig thread
« Reply #21 on: March 27, 2017, 12:04:20 am »


you mean library functions? give us a good hint mrmedic you seen my work just give a good hint to push me further we all know you are the best one on this forum :p

MrMedic

  • MasstKer
  • ********
  • Posts: 8900
  • programmer/dev/software engineer
    • View Profile
Re: Mount and Blade Reversing and Sig thread
« Reply #22 on: March 27, 2017, 12:13:35 am »
come into teamspeak frank
EnCoded Message: i3iy9yl8kr2xf3g2Txs3pr6ye3ya7jg5ty2z

https://www.youtube.com/watch?v=62_7-AYfdkQ
you need a paypal account for the private versions.

Website:
http://bit.ly/medic101

Teamspeak 3: 85.236.101.5:10157

Mercenary_Frank

  • Online Villain
  • ***
  • Posts: 177
    • View Profile
Re: Mount and Blade Reversing and Sig thread
« Reply #23 on: March 27, 2017, 11:59:46 pm »
Sorry, was a bit late because of work will see to join another time

what I have reversed so far



EDIT: might aswell contribute to this thread how to formatText using a method in mount and blade + free Direct3D hook

« Last Edit: March 28, 2017, 04:52:58 pm by Mercenary_Frank »

MrMedic

  • MasstKer
  • ********
  • Posts: 8900
  • programmer/dev/software engineer
    • View Profile
Re: Mount and Blade Reversing and Sig thread
« Reply #24 on: March 28, 2017, 10:18:03 pm »
Code: [Select]
__thiscall sub_DataHandles(char *this)
{
  char *v1; // esi@1
  char *v2; // edi@1
  char *v3; // eax@1
  signed int v4; // ecx@1
  int v5; // eax@3
  signed int v6; // esi@3

  v1 = this;
  v2 = this + 844;
  v3 = this + 844;
  v4 = 50;
  do
  {
    *(_DWORD *)v3 = 0;
    *((_DWORD *)v3 + 1) = 0;
    v3 += 8;
    --v4;
  }
  while ( v4 );
  v5 = dword_8EB510;
  *(_DWORD *)(dword_8EB510 + 12) = 0;
  *(_DWORD *)(v5 + 16) = 0;
  memset((void *)(v5 + 20), 0, 0x40u);
  *(_DWORD *)v2 = (*(int (__stdcall **)(int, _DWORD, const char *))(*(_DWORD *)dword_8EB50C + 36))(
                    dword_8EB50C,
                    0,
                    "vMaterialColor");
  *((_DWORD *)v1 + 281) = (*(int (__stdcall **)(_DWORD, _DWORD, const char *))(*(_DWORD *)dword_8EB50C + 36))(
                            dword_8EB50C,
                            0,
                            "matWorldViewProj");
  *((_DWORD *)v1 + 282) = "matWorldViewProj";
  *((_DWORD *)v1 + 283) = (*(int (__stdcall **)(_DWORD, _DWORD, const char *))(*(_DWORD *)dword_8EB50C + 36))(
                            dword_8EB50C,
                            0,
                            "matWorldView");
  *((_DWORD *)v1 + 284) = "matWorldView";
  *((_DWORD *)v1 + 285) = (*(int (__stdcall **)(_DWORD, _DWORD, const char *))(*(_DWORD *)dword_8EB50C + 36))(
                            dword_8EB50C,
                            0,
                            "matViewProj");
  *((_DWORD *)v1 + 286) = "matViewProj";
  *((_DWORD *)v1 + 287) = (*(int (__stdcall **)(_DWORD, _DWORD, const char *))(*(_DWORD *)dword_8EB50C + 36))(
                            dword_8EB50C,
                            0,
                            "matWorld");
  *((_DWORD *)v1 + 288) = "matWorld";
  *((_DWORD *)v1 + 289) = (*(int (__stdcall **)(_DWORD, _DWORD, const char *))(*(_DWORD *)dword_8EB50C + 36))(
                            dword_8EB50C,
                            0,
                            "matView");
  *((_DWORD *)v1 + 290) = "matView";
  *((_DWORD *)v1 + 291) = (*(int (__stdcall **)(_DWORD, _DWORD, const char *))(*(_DWORD *)dword_8EB50C + 36))(
                            dword_8EB50C,
                            0,
                            "matSunViewProj");
  *((_DWORD *)v1 + 292) = "matSunViewProj";
  *((_DWORD *)v1 + 293) = (*(int (__stdcall **)(_DWORD, _DWORD, const char *))(*(_DWORD *)dword_8EB50C + 36))(
                            dword_8EB50C,
                            0,
                            "matWaterViewProj");
  *((_DWORD *)v1 + 294) = "matWaterViewProj";
  *((_DWORD *)v1 + 295) = (*(int (__stdcall **)(_DWORD, _DWORD, const char *))(*(_DWORD *)dword_8EB50C + 36))(
                            dword_8EB50C,
                            0,
                            "matWaterWorldViewProj");
  *((_DWORD *)v1 + 296) = "matWaterWorldViewProj";
  *((_DWORD *)v1 + 297) = (*(int (__stdcall **)(_DWORD, _DWORD, const char *))(*(_DWORD *)dword_8EB50C + 36))(
                            dword_8EB50C,
                            0,
                            "matWorldArray");
 


..search strings.. you will get something like this ^.
etc etc..



« Last Edit: March 29, 2017, 12:08:43 am by MrMedic »
EnCoded Message: i3iy9yl8kr2xf3g2Txs3pr6ye3ya7jg5ty2z

https://www.youtube.com/watch?v=62_7-AYfdkQ
you need a paypal account for the private versions.

Website:
http://bit.ly/medic101

Teamspeak 3: 85.236.101.5:10157

MrMedic

  • MasstKer
  • ********
  • Posts: 8900
  • programmer/dev/software engineer
    • View Profile
Re: Mount and Blade Reversing and Sig thread
« Reply #25 on: March 29, 2017, 12:06:40 am »


EnCoded Message: i3iy9yl8kr2xf3g2Txs3pr6ye3ya7jg5ty2z

https://www.youtube.com/watch?v=62_7-AYfdkQ
you need a paypal account for the private versions.

Website:
http://bit.ly/medic101

Teamspeak 3: 85.236.101.5:10157

Mercenary_Frank

  • Online Villain
  • ***
  • Posts: 177
    • View Profile
Re: Mount and Blade Reversing and Sig thread
« Reply #26 on: March 29, 2017, 04:31:24 pm »
I remember looking at this code 2 years ago having no clue what it did. I understand it a little more now by learning c++ properly.

Code: [Select]
(*(int (__stdcall **)(int, _DWORD, const char *))(*(_DWORD *)dword_8EB50C + 36))(
                    dword_8EB50C,
                    0,
                    "vMaterialColor");

But here is something that I still don't understand. it's casting dword_8EB50C + 36 (0x3646CCC) to a function but nothing is present? Where is the function that the game is calling? Okay let me go over it again.



I think I have the wrong thing selected, dword_8EB50C =  0x3646CA8? So 0x3646CA8 + 0x24 = 0x3646CCC? So  *(_DWORD *)0x3646CCC = D4D5308?

*(int (__stdcall **)(int, _DWORD, const char *) D4D5308? D4D5308 points to 0, argh... I think I need to read bit more reversing is hard stuff would appreciate any tips on what I am doing wrong...

EDIT: found it I think this is dxd9 dll? how is this suppose to hold all the game it's information?

« Last Edit: March 29, 2017, 05:00:28 pm by Mercenary_Frank »

MrMedic

  • MasstKer
  • ********
  • Posts: 8900
  • programmer/dev/software engineer
    • View Profile
Re: Mount and Blade Reversing and Sig thread
« Reply #27 on: March 29, 2017, 11:52:32 pm »
It's an example of how to find any function using strings.

The same applies to Bone , Server etc , search the strings and eventually you will see a function that reads them all that is the one you should be interested in.

If I give you it you will not learn anything, however if you look for it yourself now I have given you a starting point , you will know how to do it for the next game without having to ask. :smile
EnCoded Message: i3iy9yl8kr2xf3g2Txs3pr6ye3ya7jg5ty2z

https://www.youtube.com/watch?v=62_7-AYfdkQ
you need a paypal account for the private versions.

Website:
http://bit.ly/medic101

Teamspeak 3: 85.236.101.5:10157

Mercenary_Frank

  • Online Villain
  • ***
  • Posts: 177
    • View Profile
Re: Mount and Blade Reversing and Sig thread
« Reply #28 on: March 30, 2017, 12:11:38 am »
I am not asking for solutions mate more on what you want me to do with this information, reverse this? debug it? does it actually do anything? ty for info tho

MrMedic

  • MasstKer
  • ********
  • Posts: 8900
  • programmer/dev/software engineer
    • View Profile
Re: Mount and Blade Reversing and Sig thread
« Reply #29 on: March 30, 2017, 12:13:00 am »
It's an example of using strings to locate a function. and if you look at it more closely it is useful if you have the correct function as it holds vCamera ( basic aimbot ) ps I have just sent you a pm.
EnCoded Message: i3iy9yl8kr2xf3g2Txs3pr6ye3ya7jg5ty2z

https://www.youtube.com/watch?v=62_7-AYfdkQ
you need a paypal account for the private versions.

Website:
http://bit.ly/medic101

Teamspeak 3: 85.236.101.5:10157