• Unfortunately, we have experienced significant hard drive damage that requires urgent maintenance and rebuilding. The forum will be a state of read only until we install our new drives and rebuild all the configurations needed. Please follow our Facebook page for updates, we will be back up shortly! (The forum could go offline at any given time due to the nature of the failed drives whilst awaiting the upgrades.) When you see an Incapsula error, you know we are in the process of migration.

how can i hook client-side

L

luminoso845

Newbie Spellweaver
Joined
Apr 27, 2023
Messages
5
Reaction score
2
hi i am new in this business and i am working on a project but i don't understand exactly what should i do, what i want to do is hook the client with IDA Pro, i see functions but when i look at people who are already doing this job, the functions are understandable, so to give an example they have DamageFunction , but I have values like sub_54F1030, do we understand what function it is by decompiling these values, or is it possible to come up with an understandable name directly, from the people who made it and I will give an example as a photo as I did, thanks in advance for a clearer understanding
 

Attachments

You must be registered for see attachments list
The Best DDoS Protected Servers
cyberinferno

cyberinferno

Programmer
500 Posts 10 Happy Years
Joined
Jun 10, 2009
Messages
659
Reaction score
141
luminoso845 said:
hi i am new in this business and i am working on a project but i don't understand exactly what should i do, what i want to do is hook the client with IDA Pro, i see functions but when i look at people who are already doing this job, the functions are understandable, so to give an example they have DamageFunction , but I have values like sub_54F1030, do we understand what function it is by decompiling these values, or is it possible to come up with an understandable name directly, from the people who made it and I will give an example as a photo as I did, thanks in advance for a clearer understanding
Click to expand...
Assuming it is an .exe file, function names can be automatically populated in IDA Pro only if you have the corresponding .pdb file associated with the client you are trying to reverse engineer. If you wanna do static analysis only then start with the main function and trace what functions are called to guess their use to rename then. The other way is dynamic analysis in which you will have to guess what function is what by running it using Ollydbg and adding breakpoints to it.
 
L

luminoso845

Newbie Spellweaver
Joined
Apr 27, 2023
Messages
5
Reaction score
2
cyberinferno said:
Assuming it is an .exe file, function names can be automatically populated in IDA Pro only if you have the corresponding .pdb file associated with the client you are trying to reverse engineer. If you wanna do static analysis only then start with the main function and trace what functions are called to guess their use to rename then. The other way is dynamic analysis in which you will have to guess what function is what by running it using Ollydbg and adding breakpoints to it.
Click to expand...
First of all, thank you very much for taking the time to write and for your valuable reply. Yes, this is an exe file and unfortunately, as you said, I can't add a breakpoint. I don't know why. When I try to add it, it gives an error. It is impossible to guess the names of all the functions one by one because there are close to 10 thousand functions, yes many of them are interconnected, but it is quite difficult to determine which one is what, but I am sure my job would be much easier if I could add a breaking point, thank you very much for your valuable answer again

When I upload the .pdb files, the result is like this, I think I'm doing something wrong
 

Attachments

You must be registered for see attachments list
Last edited:
cyberinferno

cyberinferno

Programmer
500 Posts 10 Happy Years
Joined
Jun 10, 2009
Messages
659
Reaction score
141
luminoso845 said:
First of all, thank you very much for taking the time to write and for your valuable reply. Yes, this is an exe file and unfortunately, as you said, I can't add a breakpoint. I don't know why. When I try to add it, it gives an error. It is impossible to guess the names of all the functions one by one because there are close to 10 thousand functions, yes many of them are interconnected, but it is quite difficult to determine which one is what, but I am sure my job would be much easier if I could add a breaking point, thank you very much for your valuable answer again

When I upload the .pdb files, the result is like this, I think I'm doing something wrong
Click to expand...
I have seen that newer version of IDA Pro actually doesn't load PDB well if there are mismatches. IDA Pro 7.x you should try if you have it handy. It might give better results. If not I have no more suggestions left.
 
Last edited:
L

luminoso845

Newbie Spellweaver
Joined
Apr 27, 2023
Messages
5
Reaction score
2
cyberinferno said:
I have seen that never version of IDA Pro actually doesn't load PDB well if there are mismatches. IDA Pro 7.x you should try if you have it handy. It might give better results. If not I have no more suggestions left.
Click to expand...
thank you very much for your suggestions
 
You must log in or register to reply here.

About Us

RaGEZONE® is a website dedicated to the development of massively multiplayer online role-playing games (MMORPGs).

Online statistics

Members online
137
Guests online
11,909
Total visitors
12,046
Totals may include hidden visitors.

Forum statistics

Threads
429,198
Messages
4,590,913
Members
281,307
Latest member
ismodev
Most visitors online was 12720 , on 2 May 2024

RaGEZONE Sponsor

    HyperFilter
Back
Top