Initiate Mage
- Joined
- Mar 13, 2023
- Messages
- 1
- Reaction score
- 0
Hey'all!
I know, there are a lot of threads that looks like this one, but I'll try to be a little bit different.
So, recently, after years of being a developer, I thought maybe I should do something I've always wanted: Reverse Engineering. And... why not try to RE the MS client? Yes, this is my first RE project. I can read C, C++ and x86 ASM, and I thought that maybe REing an old MS client could help me with the process of learning CS-related stuff (and I've always thought RE looked cool).
I know it is a very long journey, but I'm willing to learn more about RE, so here I am.
So, the first thing I did was ask on the M. Development C. Discord and two friendly guys named JJjzzzz11 and Winrar Executive helped me with the basics. I've unpacked the client with Magicmida and tried analyzing the exe on IDA Pro. I found some imports of ws2_32.dll but no recv nor send references, although I could find them on the memory dump I did with OllyDbg, I'll look at that later. I don't know if Magicmida unpacked the BMS v22 properly. I bet it did, it's probably me, I don't know what should I be searching.
And I know I need to remove the anti-cheat, and I actually found some references to AHNHSUPDA but I don't know where should I go from now on. I think noping the function and returning success could work? Or maybe it's not that simple.
Also, what should I do first? Encrypt/decrypt functions with send/recv or removing hackshield and making the client localhost?
Anyway, thanks y'all for reading!
I know, there are a lot of threads that looks like this one, but I'll try to be a little bit different.
So, recently, after years of being a developer, I thought maybe I should do something I've always wanted: Reverse Engineering. And... why not try to RE the MS client? Yes, this is my first RE project. I can read C, C++ and x86 ASM, and I thought that maybe REing an old MS client could help me with the process of learning CS-related stuff (and I've always thought RE looked cool).
I know it is a very long journey, but I'm willing to learn more about RE, so here I am.
So, the first thing I did was ask on the M. Development C. Discord and two friendly guys named JJjzzzz11 and Winrar Executive helped me with the basics. I've unpacked the client with Magicmida and tried analyzing the exe on IDA Pro. I found some imports of ws2_32.dll but no recv nor send references, although I could find them on the memory dump I did with OllyDbg, I'll look at that later. I don't know if Magicmida unpacked the BMS v22 properly. I bet it did, it's probably me, I don't know what should I be searching.
And I know I need to remove the anti-cheat, and I actually found some references to AHNHSUPDA but I don't know where should I go from now on. I think noping the function and returning success could work? Or maybe it's not that simple.
Also, what should I do first? Encrypt/decrypt functions with send/recv or removing hackshield and making the client localhost?
Anyway, thanks y'all for reading!