finding the "map ping" function in SC

thetempest · December 11, 2003, 07:27 PM

Hi,

I know there must be a function that creats a mapping at X,Y and color that sets in motion...

does anyone know how to do this? or any info on how to find it?

Thanks

Skywing · December 12, 2003, 01:34 AM

Quote from: thetempest on December 11, 2003, 07:27 PM
Hi,

I know there must be a function that creats a mapping at X,Y and color that sets in motion...

does anyone know how to do this? or any info on how to find it?

Thanks

Perhaps you might look at the trigger processing - isn't it possible to ping the minimap with a trigger? At least this way, you can create well-defined points in time when such would occur.

thetempest · December 12, 2003, 06:01 PM

been there, done that...no avail...

thetempest · December 12, 2003, 06:36 PM

however,

i dont know what to set a bpx on or what to mem search...i tried setting trig's last night, but no avil

thx

Skywing · December 12, 2003, 07:06 PM

Perhaps you could start with something you do know - like, maybe you could breakpoint on the output-text function and use a trigger that outputs text to find the trigger processor, and from there look for the minimap ping trigger.

thetempest · December 12, 2003, 09:04 PM

k,

thanks

thetempest · December 12, 2003, 10:08 PM

no use,

i've been tracing for about 3 hours and still can't find the damned cmp agasint my minerals (which is the post condition)...

thetempest · July 08, 2004, 09:51 AM

lol,

like a year later...i got back into reversing SC except this time i was far better versed in ASM and i got a copy of IDA (God that helped)...

anyways, i found the function and wrote a hack and a small client/server network to send an XY packet across the network.

Just a small update =)

I found it by setting a bpm on the # of units you have...because each time it's increased, you built a unit, and that unit was pinged =) So i F12'd a few times and started NOP'ing functions intill i found one, that when NOP'd, the map wansn't pinged. (i'm sure there was a better way to track it down, if you find any ideas, lemme know) so anyways, eventually i found it and i was correct as to parameters, X,Y,Color =)

Code Select


push 0x10 //green 0x11 red ping
mov edx,DWORD y
mov ecx,DWORD x
call <function>

Banana fanna fo fanna · July 08, 2004, 11:22 AM

ah! that's a good idea.

could you possibly send me a copy of xp softice and ida?

iago · July 08, 2004, 12:24 PM

Quote from: $t0rm on July 08, 2004, 11:22 AM
ah! that's a good idea.

could you possibly send me a copy of xp softice and ida?

I can get you a new version of IDA, just send me a message on icq or msn or whatever ( <-- ). I wish I could get you softice, but I don't have installation files. Maybe I'll get them eventually.

Newby · July 08, 2004, 02:34 PM

Quote from: iago on July 08, 2004, 12:24 PM
Quote from: $t0rm on July 08, 2004, 11:22 AM
ah! that's a good idea.

could you possibly send me a copy of xp softice and ida?

I can get you a new version of IDA, just send me a message on icq or msn or whatever ( <-- ). I wish I could get you softice, but I don't have installation files. Maybe I'll get them eventually.

You need to get me them still! I mean SoftICE. I need lots of neat stuff when my new computer gets in!

Zeller · July 11, 2004, 04:59 PM

Quote from: thetempest on July 08, 2004, 09:51 AM
lol,

like a year later...i got back into reversing SC except this time i was far better versed in ASM and i got a copy of IDA (God that helped)...

anyways, i found the function and wrote a hack and a small client/server network to send an XY packet across the network.

Just a small update =)

I found it by setting a bpm on the # of units you have...because each time it's increased, you built a unit, and that unit was pinged =) So i F12'd a few times and started NOP'ing functions intill i found one, that when NOP'd, the map wansn't pinged. (i'm sure there was a better way to track it down, if you find any ideas, lemme know) so anyways, eventually i found it and i was correct as to parameters, X,Y,Color =)

Code Select Expand
push 0x10 //green 0x11 red ping mov edx,DWORD y mov ecx,DWORD x call <function>

How do you nop a function and what program do you use to do it?

Adron · July 11, 2004, 05:06 PM

Quote from: Zeller on July 11, 2004, 04:59 PM
How do you nop a function and what program do you use to do it?

The literal way is to replace all the contents of the function except the return statement with nops. You'd probably do it using whatever debugger you're using on the program.

An easier way to "nop" a function is to insert a ret at the start.

indulgence · July 12, 2004, 06:43 AM

mov BYTE PTR [FunctionAddr], 0C3h
; Assume the code segment area you write to has been protected w/ VirtualProtect
; Also assume you are in the processes address space...

Newby · July 19, 2004, 04:44 PM

Quote from: Adron on July 11, 2004, 05:06 PM
Quote from: Zeller on July 11, 2004, 04:59 PM
How do you nop a function and what program do you use to do it?

The literal way is to replace all the contents of the function except the return statement with nops. You'd probably do it using whatever debugger you're using on the program.

An easier way to "nop" a function is to insert a ret at the start.

Heh, never thought of inserting a ret at the start. I'd just assume start typing out 90's