Stuff Needed for Doing Offsets / Hacking in General

Thought i would add a couple links i found helpful.

[ame="http://www.showeq.net/forums/showthread.php?t=4480"]DEVS: Locating offsets - part 2 - ShowEQ Open Source Project Message Forums[/ame]

Kinda old but still found it useable.

http://pinkfloydx33.tripod.com/

Anyone else have any to add please do i would love to read them.
 
There is an alternative to idapro...ollydbg. I honestly like olly better than IDA for most things. Loads quicker, is easier to use and has most of the features of IDA and is free.

http://www.ollydbg.de/

W32dasm is also a nice tool. It is an decompiler/debugger. You can find the full version from google searches (found the full version on the second link). It might also be available at some of the links below. The trial version is here: http://www.softpedia.com/get/Programming/Debuggers-Decompilers-Dissasemblers/WDASM.shtml

If you are still in need of ida pro....you might find someone here that can help. http://www.forumw.org/

If you need help with assembly or the art of disassembly or some tools, you might want to check out http://www.exetools.com/ or http://www.reverse-engineering.net/
 
Assembly operator's

As im going threw the IDA, as a first time looker, I am completely lost looking at the Assembly operator codes. Is there any instruction / manual that someone might have a link too so i can do some reading on it, i google for hours and came up with a bunch of crap Lol..
 
You came up with crap? Really??

What were you looking for? Within the first five hits on google I came up with:

1. A Winipedia entry, that although light, gives a reasonable overview,
2. The two volume Intel manual in PDF format.

The "magic" words are IA-32 instruction set.

What were you looking for?
 
You came up with crap? Really??

What were you looking for? Within the first five hits on google I came up with:

1. A Winipedia entry, that although light, gives a reasonable overview,
2. The two volume Intel manual in PDF format.

The "magic" words are IA-32 instruction set.

What were you looking for?



Thank you for the Binary/Hex understanding, that helped TONS. And i was looking for something that would explain, jz, push, short loc, Jumps, (assembly operators) things like that, i am going to google the intel manual see if that helps my understanding.
 
Last edited:
Reversing Secrets of Reverse Engineering is a great PDF that has just about everything you ever wanted to know about reverse engineering.

It takes you through the functions of assembly, it tells you about hex editing, it tells you of the different protection schemes that software uses, it tells you about all the tools needed and much more.

I found a link for the file but I am not sure how long it will last.

http://rapidshare.com/files/43102337/Reverse_Engineering.rar.html
 
Link was corrupted or no longer found, i forget which one it was... here is another link.

Freeware Download IDA Pro Freeware version 4.3

Freeware Ftw.

used this link to DL a copy of ida-pro today


ShowEQ Open Source Project Message Forums - DEVS: Locating offsets - part 2

Kinda old but still found it useable.

Updating Offsets using IDA Pro

Anyone else have any to add please do i would love to read them.


Rub Checked out Both sites.. Links work and lots of good info on them



There is an alternative to idapro...ollydbg.
I honestly like olly better than IDA for most things. Loads quicker,
is easier to use and has most of the features of IDA and is free.

OllyDbg v1.10

W32dasm is also a nice tool. It is an decompiler/debugger. You can find
the full version from google searches (found the full version on the second link).
It might also be available at some of the links below. The trial version is here:
Download W32DASM 8.94 Free Trial - W32DASM - The Ideal Tool To Learn How Windows Programs Operate - Softpedia

If you are still in need of ida pro....you might find someone here that
can help. ForumW.org :: Index

If you need help with assembly or the art of disassembly or some tools,
you might want to check out Aaron's Homepage or
The Reverse Engineering Community :: Index

Blue .. Downloaded from OLLY .. link still good... I am still reading on the site though .. :cool:
The Softpedia link... well while other sites DL at 4kbs .. I could not get this site to go above 48bs..
So I canceled the DL...

EXETOOLS.com .. link is broken or blocked from here...

Reverse ENG.. has some interesting reads also.


Rub .. the codeproj site has alot if interesting stuff to read .. :cool:



ARMY
 
Last edited:
Ok, sadly.....I haven't understood one blasted thing any of you have said! LOL! But, it did help me to understand the crazyness that you guys go thru trying to get a compile out. So, THANK YOU! for everything you do. You guys are so smart and really could make a ton of money in the computer programming business!

On a side note, what is "bianary" and "bianary codeing"? I probably spelled it wrong, but it's something I've been hearing a lot about here lately.
 
[ame="http://en.wikipedia.org/wiki/Binary_code"]binary [/ame]

Binary code
From Wikipedia, the free encyclopedia
• Have questions? Find out how to ask questions and get answers. •Jump to: navigation, search
The term binary code can mean several different things:

There are a variety of different methods of coding numbers or symbols into strings of, including fixed-length binary numbers, prefix codes such as Huffman code, and other arithmetic coding.
Made up of only zeros and ones(zeros standing for off and ones standing for on), and used in computers to stand for letters and digits.
For example, computers using western languages often use 8-bit binary codes for characters. The ISO 8859-1 character code uses 8 bits for one letter e.g. "R" is "01010010" and "b" is "01100010"; the block of 8 bits is called a byte. The ASCII code uses 7 bits to represent 128 characters (0–127).





its the ONES and ZEROS that we use to talk to a computer.



ARMY
 
Jump Calculator

I've found this program useful for calculating jumps. It's also somewhat hard to come by now, so I've uploaded it here for your use.
 

Attachments

  • JumpCalc.zip
    2.2 KB · Views: 35
thank you for your post. ive been at a loss.
 
I am stuck on a few things here.


While you are waiting, goto the EQ directory and open up eqstr_us.txt (there are some that look similar, so be careful -- also never write anything to this file, it has a checksum). This file is basically a good place to start, and contains strings that EQ sends to you like this one :

12693 %1 is too far away, canceling auto-follow.

Guess what that is? That is Farfollow. However, we need to first convert the DECIMAL to HEX. So, using CALC, and making sure you have VIEW set to SCIENTIFIC. Put in 12693 in decimal, then click HEX. You should get 3195. That is what we are going to look up first. Lets look at it in the 3/15 version first. Since we know that :

Where does the below data come from? Did you create this or is it from the compile?

Code:
[FarFollow]
Description="/follow someone from any distance"
Version="2006.03.15"
address0=4E56A4
normal0="0F 85 82 00 00 00"
crack0="E9 83 00 00 00 90"

Ok we are going to be looking for a PUSH C32 (HEX of the DECIMAL number 3122), but we need to adjust for the spacing that is VERY WEIRD to say the least between "PUSH" and "XYX"

What spacing is being talked about here? and what is XYX? How do I find this information?

now count how many spaces there are in between H and X,
Not sure about this either, I think this would be answered from the above question.