Module: Orpheu (v2.6.3)
This module aims to give more power to the amxmodx coder by giving facilities to use functions that are not possible to use without it (what includes functions from other metamod plugins). For windows and linux. From the version 2.1 uploaded 29/01/2010 it also supports memory direct access / patch.
The concept is the following: The module handles the conversion between types in C++ and pawn and makes you able to use a function if you can provide it a way to have it's address in memory and tell him the types of data that are involved with it. It includes a generic way of working with C++ structs. For example: let's say you want to use this function: It doesn't return a value, and it receives an argument of type "playermove_s *" and another one of type "qboolean". As long as the types it needs are implemented in the module, you can use it. If one isn't implemented you can try to use it directly and still do operations with the function, particularly hooking it, since when you hook a function you don't necessarily care about all the arguments. The missing thing then is a way of finding it in memory so that the module know where it is. There ways of doing that are:
To make the module aware of a function you have to create a file formatted with the notation JSON and put it in the folder "configs/orpheu/functions". The files format is like the following: For the function: PHP Code:
Code:
{
In this case the method used to refer to the function address is by giving it's name. In the case of a signature, the field value would be an array of bytes or "*" or "?" like Code:
"value" : [0x1,"*","?"] For example: "value" : [0x1,"*"] matches [0x1,0x0] , [0x1,0x1] , ... [0x1,0xFF] "?" is meant to be used when you don't care about the value of the byte and it can even not exist like: "value" : [0x1,"?"] matches the same as above plus [0x1] JSON is an object notation widely used and to make sure your file is correctly formatted you can use a validator. For this project I slightly modified a library to parse JSON to read bytes. That means that when you want to validate a file, do not include a signature. A special case of functions are those that belong to a class like: PHP Code:
Code:
{ You can find there the representation af a struct called "enginefuncs_s". That struct contains addresses of engine functions. The module provides a stock to use them. Let's say you want to hook the function contained in the struct at PHP Code:
Code:
{ PHP Code:
This is a special (hardcode) case of the method of using a function when you have its address in a plugin. The other special case is OrpheuGetDLLFunction to retrieve functions from the struct DLL_FUNCTIONS http://metamod.org/sdk/dox/eiface_8h-source.html - line 384. For generic cases you would use the native: PHP Code:
Its file: Code:
{ PHP Code:
Dealing with the struct data: PHP Code:
The same struct contains addresses for other functions. Here is an example of how to hook one of them: Code:
{ PHP Code:
List of supported data types: Code:
"bool" Code:
"movevars_s *" If the module doesn't run in your linux server, you must have libstdc++ installed. Edit for Orpheu 2.1 - updated 29/01/2010 In the version 2.1 support for virtual functions (based on hamsandwich) and for memory retrieval / patching (based on mem hack) was added. Virtual functions: Virtual functions are functions that represent a concept shared among different classes (like Spawn) and implemented differently accordingly. The way they are implemented by compiler permits to located them in memory by providing a simple numeric offset because references to them are kept in a table that each object of a class carries with it. This is the table for the mod Counter Strike retrieved from it's linux binary of the class CHalfLifeMultiplay that extends CGameRules: (Each line contains a symbolic name that represents a function) PHP Code:
Code:
{ That function description should be placed at the folder "virtualFunctions" in a folder named "CGameRules" and in a file named "GetNextBestWeapon". So that you can use those functions in a plugin some natives are provided like: PHP Code:
For this particular case this is one way of doing it: PHP Code:
PHP Code:
Memory handling The module has now support for retrieving or setting values directly in any portion of the memory where a library lies in. Examples of what can be done are: changing weapons cost, strings replacement that you can use for example to change text that appears in the console. It can be done by using offsets to refer to where the memory you want to mess with is located or with signatures. As for the functions you need to create a file. This file can contain one or several descriptions of how/where is the memory you want to address. Example for changing the awp cost: PHP Code:
PHP Code:
More information in the includes. As note: if you want to replace strings that are directly placed in memory (most are) you should use the type "string" instead of "char *". Credits Arkshine, jim_yang, xpaw, speed, the links of "signature scanning" provided above, hamsandwich http://jsoncpp.sourceforge.net/ http://www.boost.org/ http://forums.alliedmods.net/showpos...47&postcount=2 Original version by Joaquimandrade (v2.3a): https://github.com/Arkshine/Orpheu/tree/master/legacy
Latest version by Arkshine (v2.6.3): https://github.com/Arkshine/Orpheu/releases
Installation
|
Re: Module: Orpheu2
1 Attachment(s)
Here some dumps of functions names and symbolic names (used for the signature) from Counter-Strike and MonsterMod.
Note: About Counter-Strike (windows), you will see that there are less many functions. The windows binary provides only some functions even if the functions list is the same than the linux one. To use the others functions you would need to search the signature into the memory. See the Joaquim's explanations in his post. |
Re: Module: Orpheu2
Its damn good, good job
|
Re: Module: Orpheu2
Great job :up:
|
Re: Module: Orpheu2
Very nice.
|
Re: Module: Orpheu2
1 Attachment(s)
This file includes a specially compiled MonsterMod for windows and linux and it's recommend to use if you want to use orpheu with MonsterMod.
Here a basic example of spawning a CMController, making it always being powering up, and having smoke. Just to show us another example. Use the command "spawnController" in game. PHP Code:
|
Re: Module: Orpheu2
Please donate. :twisted:
|
Re: Module: Orpheu2
I wonder if it's possible now to access global variables.
Is it? |
Re: Module: Orpheu2
Quote:
|
Re: Module: Orpheu2
Quote:
Cool module :) |
Re: Module: Orpheu2
Nice!:up:
|
Re: Module: Orpheu2
Buen trabajo boludo !
|
Re: Module: Orpheu2
-clap- -clap-
Bravo ! |
Re: Module: Orpheu2
I would donate, if I would learn Pawn lol :|
Much scripter's and server owner like your plugins and modules, great work! :wink: |
Re: Module: Orpheu2
First, good job my boludo friend D-:
Someone can help me hooking SetAnimation func? |
Re: Module: Orpheu2
1 Attachment(s)
Here the signatures for windows and linux.
Overwrite the contents in configs/orpheu/. Note: It probably won't work on non-steam server. Fast example : Code:
|
Re: Module: Orpheu2
Joaquim, this is fantastic! I'm very impressed. :up:
|
Re: Module: Orpheu2
Quote:
I inform that I will add virtual function hooking support soon. Like what exist in hamsandwich but for all kind of objects and not only entities. If anyone wants any feature please tell me. |
Re: Module: Orpheu2
All I would want to to be able to block auto-rescopting and auto-reshouldering (the bazooka). I can still do this like I did before right, for the scope?
|
Re: Module: Orpheu2
Quote:
|
Re: Module: Orpheu2
Maybe isn't the best place to ask this, but how i can get the origin of the player's weapon first attachment?
|
Re: Module: Orpheu2
Now work in Windows? WoW!!
|
Re: Module: Orpheu2
Quote:
|
Re: Module: Orpheu2
This is really cool, good job :D
|
Re: Module: Orpheu2
Thank you Joa and everyone involved. I'll surely look into this.
|
Re: Module: Orpheu2
Quote:
|
Re: Module: Orpheu2
You're right. You need to do what exactly with the weapon attachment ?
|
Re: Module: Orpheu2
Quote:
Code:
void CEgon::CreateEffect( void ) |
Re: Module: Orpheu2
This is what it does
PHP Code:
|
Re: Module: Orpheu2
It attaches the entity on the weapon attachment 1 I guess, something like. But you can do that probably because it a custom entity (FL_CUSTOMENTITY).
I remember you can use too the weapon attachment with the player id and TE_BEAMENTS for example. ( eg : id | 0x2000 ) Anyway I'm going to do some research on it, long time i wanted to do this weapon. [edit] Btw, you can do it without orpheu. |
Re: Module: Orpheu2
Quote:
I'm going to test the SetEndAttachment func :crab: |
Re: Module: Orpheu2
This probably isn't the best place to post this, so somebody tell me other wise. But I'm new to reverse engineering and stuff, but I read BAILOPAN's blog about sigscanning, and the articles on the SourceMM wiki.
I'm using IDA to get the memory location, my goal is to hook the function "CTSEmitter:InitThink" in The Specialist. Which is found here: http://img210.**************/img210/3631/sadfu.jpg Can anyone enlighten me on how to take this information I've got, and turn it into something Orpheu can use? Sorry if this is asking for alot. |
Re: Module: Orpheu2
It looks like it would be this for the Windows support of the Orpheu module:
?InitThink@CTSEmitter@@QAEXXZ You would have to do a different thing for Linux. |
Re: Module: Orpheu2
Quote:
Create a folder named "CTSEmitter" on the functions folder and create a file on it named "InitThink". The file should look like: Code:
{ Look, me and Arkshine are updating the module to support virtual functions including support for derivates of CHalfLifeMultiplay and also to support easy adding of new aliases without editing files. If you don't manage to make it work or if it doesn't work (because the type CBaseEntity was not tested in your mod) just wait some time for the new version that will work for sure on your mod because it will use the hamsandwich way of handling CBaseEntity. |
Re: Module: Orpheu2
linux, it seems to be : InitThink__10CTSEmitter
|
Re: Module: Orpheu2
Updated to version 2.1 that includes virtual functions and memory hacking.
Credits to hamsandwich for the concept and the handling of the class CBaseEntity and to memhack. Me and or Arkshine will provide more examples and code later. Cheers. The module should work now without any problem in any mod. The only change that affects old files for function definition is the change of the field "mods" that supported an array of mods, to "mod" that support a string with one. |
Re: Module: Orpheu2.1 (added memory hacking and virtual functions support)
I will have a fun day of memory-crashes :evil:
|
Re: Module: Orpheu2.1 (added memory hacking and virtual functions support)
I wonder if someone could do something with orpheu and this call
(this is the prototype on CS:S but this call exists on engine dll/so so I guess it's the same) PHP Code:
This is called from SV_ConnectClient and returns the next available slot allowing the user connect to the server... Of course it's necessary to allocate more slots/memory before. Yes, my point is to make a 32+ slots I also found this PHP Code:
|
Re: Module: Orpheu2.1 (added memory hacking and virtual functions support)
Let me see if I can find something, I'm still noob in this lol
PD: I remember one time they made this stuff of 32+ players, but it was laggy like hell and buggy, anyway I'm interested in trying lol. |
Re: Module: Orpheu2.1 (added memory hacking and virtual functions support)
Maybe hooking this will be better
PHP Code:
The problem is MAX_CLIENTS is a constant and it's used along the program... damn!! |
All times are GMT -4. The time now is 13:54. |
Powered by vBulletin®
Copyright ©2000 - 2024, vBulletin Solutions, Inc.