izstas Posted December 31, 2010 Share Posted December 31, 2010 Never did it... I understand that it isn't simple, but... please explain if you can. I tried to use OllyDbg, looked for some function adresses from MTA source - I understand that there is a function, but nothing more... I am bad with Assembler. Link to comment
ryden Posted December 31, 2010 Share Posted December 31, 2010 First, you should get IDA Pro Advanced. It's an application to dissasemble a binary file that lets you rename all the symbols found, as well as making all kinds of annotations. All these annotations and changes that you do will be saved to a file with the idb extension. You could try to find some gtasa.idb in google, there are some that have a lot of reversed stuff. Now, let's say that you want to detect what piece of code is changing your vehicle health to, for example, find what's the memory address of the code processing the bullet hits. You should first take your vehicle memory address, which you can find placing a breakpoint at the vehicles class constructor (you can find this address in the game_sa module). Now, as GTASA is compiled using Visual studio and its ABI for thiscall is passing the this pointer into ecx, the pointer to your vehicle will probably be at the ecx register. Annotate it and continue with the application. Now that you got the base address of the vehicle, you can also get the address of the vehicle memory field containing its health (you can get the offset from game_sa module as well). Place a hardware memory breakpoint for Write at that address and you will get what instructions are changing it. The fun just began: guess what the heck is every of those pieces of code doing. This was just an example. There are lots of other methods to find memory addresses. Link to comment
izstas Posted December 31, 2010 Author Share Posted December 31, 2010 Thanks. But can you help me with my case, please? I am trying to add anti-aliasing setting to MTA (http://bugs.mtasa.com/view.php?id=5727) Here what I am did: http://pastebin.com/0HqTqMe1 But the setting doesn't applied. I think I need to call some function to apply it, but I don't know how to find it... EDIT: The report assigned to sebassje now, I'll look what I am doing wrong. Link to comment
ryden Posted January 1, 2011 Share Posted January 1, 2011 Okay, I just reversed this for you. You are right in that the offset 0xCC contains the current antialiasing value, but it contains the value for the menu frontend. You must change this value and also the value at offset 0xC8, which is the actual offset containing the currently set and accepted antialiasing value. By the way, both the values at 0xCC and 0xC8 are DWORDs, not BYTEs. After changing both values (I think that changing the value at 0xC8 is enough though), you need to call the function at 0x7F8A90 and call the function at 0x57D16E passing the setting at offset 0xD4 (dwVideoMode) as parameter. Remember to clear this parameter from the stack after the call. For more information, refer to the code that is updating the antialiasing value at 0x57D149. Link to comment
Recommended Posts