Join 149,540 C++ Programmers for FREE! Get instant access to thousands of C++ experts, tutorials, code snippets, and more! There are 1,511 people online right now. Registration is fast and FREE... Join Now!
I have been getting pretty interested in Reverse Engineering at the moment, and I would like to use this in order to create a fake player bot for a game I am associated with, in the community and such. I already have a solid foundation of the C++ language and I'd like to learn how to hook a function from another program.
The developers of the game have challenged the community to create it themselves as they are pretty darn lazy.
Any sort of tutorials, snippets, links and any sort of other help would be greatly appreciated. Also, some more practical information on finding the function's addresses would be appreciated also.
I have been getting pretty interested in Reverse Engineering at the moment, and I would like to use this in order to create a fake player bot for a game I am associated with, in the community and such. I already have a solid foundation of the C++ language and I'd like to learn how to hook a function from another program.
The developers of the game have challenged the community to create it themselves as they are pretty darn lazy.
Any sort of tutorials, snippets, links and any sort of other help would be greatly appreciated. Also, some more practical information on finding the function's addresses would be appreciated also.
Thanks in advance.
Not sure if this is what you're looking for, but on Linux you can override dynamic library functions using LD_PRELOAD, and similarly on Mac OS X there's DYLD_INSERT_LIBRARIES (also on Mac OS X there's this neat package called mach-override and mach-inject). Not sure about Windows.
I am unsure of what I am actually searching for, I'd like to be able to hook a function (a client connect function) by address to change the arguments and redirect the playerid, or alter the playerid. I'd like to be able to do this on Linux and Windows, as that is the platform the dedicated server is mostly used on.
I'm not looking for detouring the DLL Injection, rather modify the way the injected Dll Functions (its a multiplayer mod for Grand Theft Auto: San Andreas).
I'd like to be able to do this on Linux and Windows, as that is the platform the dedicated server is mostly used on.
You need to get the Process ID, & then intercept all calls(communication) from the Windows API to & from that Process. You'll return the API communication, but with your edited API instructions.
born2code, I'd like to modify the connection function that the server uses to connect a player, store a playerid etc, so It would recognize it as a player, running from server-sided plugins (a feature of the server application). I'd also like to detour the ping function or re-route it to another playerid, so I don't have to waste my time having it accept them. This can't be made client side as the game uses a secret protocol for connections, as there were numerous DoS bots made in the past.
Rather than hook the process, why don't you setup a dumby server on your network (even in VMware if you know how) & point your hosts file to that local ip. Then when Windows resolves the domain name, it'll resolve to your local server & interact with it that way.
Rather than hook the process, why don't you setup a dumby server on your network (even in VMware if you know how) & point your hosts file to that local ip. Then when Windows resolves the domain name, it'll resolve to your local server & interact with it that way.
I am not running a server. I am part of a major development project called PartyServer (http://www.partyserver.net) in the SA-MP community, which I generally code (well, scripting) and play on. I'd like to be able to hook the function server-sided, so I'd be able to create fake players. I don't have enough money to run a server of my own.
And no, I don't have the ability to access the host or even remotely change the infrastructure of the server. All I wanted to do was give back to the community.
Rather than hook the process, why don't you setup a dumby server on your network (even in VMware if you know how) & point your hosts file to that local ip. Then when Windows resolves the domain name, it'll resolve to your local server & interact with it that way.
I am not running a server. I am part of a major development project called PartyServer (http://www.partyserver.net) in the SA-MP community, which I generally code (well, scripting) and play on. I'd like to be able to hook the function server-sided, so I'd be able to create fake players. I don't have enough money to run a server of my own.
And no, I don't have the ability to access the host or even remotely change the infrastructure of the server. All I wanted to do was give back to the community.
Thanks.
No no no no... not hardware. You can launch the server (software) inside of a VMware sesson. Then that "server" will have an ip on your lan, & you can ping it & communicate with it. Then on your windows system, edit the host file (C:\windows\system32\drivers\etc\hosts if you use XP) & point the domain name to the local non-routable ip. Then your client can communicate with the server, even though it's on the same machine.
I would think this would be easier than hooking the process.
No no no no... not hardware. You can launch the server (software) inside of a VMware sesson. Then that "server" will have an ip on your lan, & you can ping it & communicate with it. Then on your windows system, edit the host file (C:\windows\system32\drivers\etc\hosts if you use XP) & point the domain name to the local non-routable ip. Then your client can communicate with the server, even though it's on the same machine.
I would think this would be easier than hooking the process.
I think I understand what you're trying to say now. I could already use the server software and the client software at the same time on the same machine. The problem being, you can only have one Grand Theft Auto: SA process running at the same time (on the same machine), and I wouldn't want to have more than one open anyhow (client), as it would lag the server beyond belief, and even more if it's in VMware.
I'm not looking for an easier alternative, I am looking for a challenge in which I can increment my knowledge in this area, whether it be RE or API hooking they'd be both good to know.
20 Nov, 2007 - 01:27 AM
| 