Thread: Push to console

Page 3 of 3 FirstFirst 123
Results 31 to 34 of 34
  1. #31
    Departure's Avatar
    Join Date
    Nov 2010
    Gender
    male
    Posts
    818
    Reputation
    125
    Thanks
    1,785
    My Mood
    Doh
    If you guys need an address logger I have one for you...

    The results are in Delphi format but easy to see... Also has all the Vtable function addresses if need(just need to uncomment that code back in)

    results look like this
    Code:
    =============================
    Fri, 27 May 2011 13:49:39
    =============================
    //[PushToConsole]
    dwRunConsoleCmd: Dword = $46FB90;
    dwPtcUnwrap: Dword = $485F60;
    //[GameStatus]
    dwGameStatus: Dword = $37906D28;
    //[LtClient]
    dwLTClient: Dword = $378F5D90;
    //[SuperBullets]
    CShell.dll, baSuperBullet: Dword = $374FE0B6;
    //[NoRecoil]
    dwNoRecoil1: Dword = $37497B00;
    dwNoRecoil2: Dword = $375AAA69;
    dwNoRecoil3: Dword = $37497B14;
    dwNoRecoil4: Dword = $37497B20;
    //[NameTags]
    dwNameTags1: Dword = $372DB630;
    dwNameTags2: Dword = $372DB6AD;
    //[NoReload]
    dwNoReload:  Dword = $3758CD27;
    //[RapidFire]
    dwRapidFire: Dword = $37504115;
    If you guys want it I can upload it..

  2. The Following User Says Thank You to Departure For This Useful Post:

    flayer669 (05-28-2011)

  3. #32
    flayer669's Avatar
    Join Date
    Mar 2009
    Gender
    male
    Posts
    221
    Reputation
    19
    Thanks
    33
    My Mood
    Dead
    Quote Originally Posted by Departure View Post
    If you guys need an address logger I have one for you...

    The results are in Delphi format but easy to see... Also has all the Vtable function addresses if need(just need to uncomment that code back in)

    results look like this
    Code:
    =============================
    Fri, 27 May 2011 13:49:39
    =============================
    //[PushToConsole]
    dwRunConsoleCmd: Dword = $46FB90;
    dwPtcUnwrap: Dword = $485F60;
    //[GameStatus]
    dwGameStatus: Dword = $37906D28;
    //[LtClient]
    dwLTClient: Dword = $378F5D90;
    //[SuperBullets]
    CShell.dll, baSuperBullet: Dword = $374FE0B6;
    //[NoRecoil]
    dwNoRecoil1: Dword = $37497B00;
    dwNoRecoil2: Dword = $375AAA69;
    dwNoRecoil3: Dword = $37497B14;
    dwNoRecoil4: Dword = $37497B20;
    //[NameTags]
    dwNameTags1: Dword = $372DB630;
    dwNameTags2: Dword = $372DB6AD;
    //[NoReload]
    dwNoReload:  Dword = $3758CD27;
    //[RapidFire]
    dwRapidFire: Dword = $37504115;
    If you guys want it I can upload it..
    Very nice from you Departure i dont personally do game hacking any more but oh well will do some Reverse on this addies to see how CA works
    Subscribe

    www.Youtube.com/XanaxEdits






    :yourock1:

  4. #33
    HellSpider's Avatar
    Join Date
    Jun 2010
    Gender
    male
    Posts
    103
    Reputation
    30
    Thanks
    125
    My Mood
    Asleep
    Quote Originally Posted by SNal2F View Post
    is it like gamegaurd with all the jmp's and random garbage all over?
    Well I don't exactly know what you mean but it's like this way. The virtual machine of Themida used on the Engine.exe is a CISC VM.

    The part that needs to be virtualized is converted to VM opcodes that only the virtual machine understands and executes appropriately.

    Code:
    asm
    asm   // Real code
    asm
    jmp _VM   // The execution jumps to the virtual machine
    junk
    junk   // The real code is overwritten by junk bytes-
    junk   // that wont get executed
    junk
    _realcode:   // The code execution continues here after VM code is executed
    asm
    asm   // Real code again
    asm
    That's like the basics, the stuff is far more advanced. If you're interested, there are some research papers on other sites.

  5. #34
    SNal2F's Avatar
    Join Date
    Jul 2009
    Gender
    male
    Posts
    175
    Reputation
    30
    Thanks
    99
    Quote Originally Posted by HellSpider View Post
    Well I don't exactly know what you mean but it's like this way. The virtual machine of Themida used on the Engine.exe is a CISC VM.

    The part that needs to be virtualized is converted to VM opcodes that only the virtual machine understands and executes appropriately.

    Code:
    asm
    asm   // Real code
    asm
    jmp _VM   // The execution jumps to the virtual machine
    junk
    junk   // The real code is overwritten by junk bytes-
    junk   // that wont get executed
    junk
    _realcode:   // The code execution continues here after VM code is executed
    asm
    asm   // Real code again
    asm
    That's like the basics, the stuff is far more advanced. If you're interested, there are some research papers on other sites.

    exactly what i was talking about

Page 3 of 3 FirstFirst 123