Results 1 to 2 of 2
  1. #1
    Sirmabus
    Sirmabus is offline
    New member
    Join Date
    2010 Jul
    Posts
    20
    Thanks Thanks Given 
    2
    Thanks Thanks Received 
    10
    Thanked in
    4 Posts
    Rep Power
    0

    My IDA Pro tools for reversing games

    In case you have been living under a rock, my IDA Pro plug-ins: MacroMonkey - View forum - Sirmabus plug-ins

    And I'm so humble, but honestly everyone I know that uses IDA Pro for game hacking uses my plug-ins
    If nothing else "Class Informer" when their target is typically binary MS/Intel C++ made (like 90% at least) and has RTTI in it.

    I have sort of a tool chain I run on game clients in a specific order once I have unpacked or dumped if they encrypted:
    1) ExtraPass - MacroMonkey - View topic - ExtraPass
    My plug-in to clean and fix Win32 binary clients.
    Mainly it finds incorrect data in code sections that IDA gets confused about and turns it back into code and functions.
    If the IDB is pretty clean it does nothing, in some cases even making things worse.
    But for rough clients, like ones that have 1000's of little disconnected script bind stubs, etc., it can do miracles. It can find tens of thousands of missing/lost functions making an IDB more whole and complete.

    Depending on the client I usually run it several times.
    If I see it recovered many functions then I'll keep running it until I get down to a handful or so.

    Note for rough unpacked clients (by "client" I refer to the typical game executable) or dumps you have to be careful. In particular if you couldn't straighten out the segments where there is data mixed in with the ".text" segments, etc.
    You might have to experiment and turn some options off like "fix code". Always save and back up your IDB first before using.

    2) Class informer - MacroMonkey - View topic - Class Informer 1.04
    Finds, parses, places comments and lists RTTI class/struct info.
    Knowing all or at least some of a targets key objects, etc., explanation enough.

    3) Function String Associate - MacroMonkey - View topic - Function String Associate
    Shows at a glance the strings (at least partially if there is a lot) contained within a function body.

    4) Mark reference counts- MacroMonkey - View topic - Mark reference counts
    Adds function and data reference counts as comments.
    So at a glance you can infer some things such as parent/child function relationships, some use significance for data and functions, etc.

    In short form:
    1) One or more passes of "ExtraPass"
    2) Class informer
    3) Function String Associate
    4) Mark reference counts

    Plus a few others, probably not that significant, that I haven't released yet.

    Then run some like my "IDA Signsrch" plug-in to glean some idea of possible cyphers used.


    Use these to make your IDA game (and other similar targets) reversing life easier and more productive.


    Then another I use a lot for once I've done a lot of reversing is my "IDA2PAT Reloaded" version of the "unique functions to pattern" file
    tool plug-in. For all your hard work with the functions you laboriously RE'ed called "DoLootItem", "TargetEntity", and what not you can make a custom sig file to possibly carry on some of this to updated target(s).


    If you reverse game or similar binary Win32 clients, check my all free plug-ins out (and feel free to exchange by donating to help pay for my add free web hosting too).

  2. The Following 2 Users Say Thank You to Sirmabus For This Useful Post:


  3. #2
    alloy25
    alloy25 is offline
    Guest
    Join Date
    2012 Nov
    Location
    Near Ulm
    Posts
    1
    Thanks Thanks Given 
    1
    Thanks Thanks Received 
    0
    Thanked in
    0 Posts
    Rep Power
    0
    Thanks for this guy. It helps me a lot. Maybe it should help me more than i decide atm.

Similar Threads

  1. [Tutorial] Mafia DTA files format. Reversing encryption and packing algorithm
    By Dwar in forum Game Researching Tutorials
    Replies: 4
    Last Post: 2017-06-09, 06:20 PM
  2. Replies: 10
    Last Post: 2013-03-10, 02:10 PM
  3. [Tutorial] Packet Hacking and Reversing MMO
    By Dwar in forum Game Researching Tutorials
    Replies: 2
    Last Post: 2012-10-23, 05:42 AM
  4. [Guide] Reversing SoulMaster NPK encryption algorithm
    By Dwar in forum Game Researching Tutorials
    Replies: 5
    Last Post: 2010-11-29, 04:09 PM
  5. Ollydbg for newbies (Reversing with Lena)
    By Dwar in forum Programming Tutorials
    Replies: 1
    Last Post: 2010-11-29, 03:43 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •