reversing samp.dll

R

real_fl1k

Active member
Joined
Apr 23, 2020
Messages
72
Reaction score
8
Location
Belgrade
Hi, samp.dll is packed so how would I go on my adventure of reversing it? Is there a method of dumping it out of memory once it's unpacked in gta_sa? Or is there a better more practical way
 
monday

monday

Expert
Joined
Jun 23, 2014
Messages
1,127
Solutions
1
Reaction score
158
Hi, you could check this out (which will give you idea of what kind of things you'll be looking for in memory):
http://ugbase.eu/index.php?threads/sa-mp-0-3-7-source-code-leaked.20312/

Title is misleading because it's older version.

You could also check this (which is a mod created by people who reverse engineered substantial part of it, if not all):
https://github.com/BlastHackNet/mod_s0beit_sa-1/tree/master/src

Especially "samp.h" and "samp.cpp".

You could also use a program called Ghidra which has neat "pseudocode" feature, it analyses the executable/dll and shows how particular function would look in C-like language.

This is also useful:
http://ugbase.eu/index.php?threads/tutorial-find-sa-mp-pointers.19980/

"Practical Video Game Bots" book by Ilya Shpigor:
http://www.101books.ru/carte/descarca-ilya-shpigor-practical-video-game-bots-pdf

"Pratical Malware Analysis" by M. Sikorski and A. Honing:
http://venom630.free.fr/pdf/Practical_Malware_Analysis.pdf

Especially "Static analysis" and "Dynamic analysis" chapters
 
R

real_fl1k

Active member
Joined
Apr 23, 2020
Messages
72
Reaction score
8
Location
Belgrade
monday said:
Hi, you could check this out (which will give you idea of what kind of things you'll be looking for in memory):
http://ugbase.eu/index.php?threads/sa-mp-0-3-7-source-code-leaked.20312/

Title is misleading because it's older version.

You could also check this (which is a mod created by people who reverse engineered substantial part of it, if not all):
https://github.com/BlastHackNet/mod_s0beit_sa-1/tree/master/src

Especially "samp.h" and "samp.cpp".

You could also use a program called Ghidra which has neat "pseudocode" feature, it analyses the executable/dll and shows how particular function would look in C-like language.

This is also useful:
http://ugbase.eu/index.php?threads/tutorial-find-sa-mp-pointers.19980/

"Practical Video Game Bots" book by Ilya Shpigor:
http://www.101books.ru/carte/descarca-ilya-shpigor-practical-video-game-bots-pdf

"Pratical Malware Analysis" by M. Sikorski and A. Honing:
http://venom630.free.fr/pdf/Practical_Malware_Analysis.pdf

Especially "Static analysis" and "Dynamic analysis" chapters
Click to expand...
thanks
 
You must log in or register to reply here.
Top