Today we are going to get a little dirty. Modifying binary files is not just time consuming, it is also very very easy to do something wrong. For this part you are going to need a standard hex editor, I use AXE. Use your program to open up the binary server dll.
Note: This article’s purpose is to find the right address in a windows binary file, not the linux file. Thanks to the symbols were already have the right location in linux, this is how to find the correct location in windows.
Note:
A little note about C++, assembly, and hex.
In this file you are going to see a lot of hex bytes, like EB, these are known as byte codes and correspond to an assembly instruction. For instance, EB is the start of a ‘jmp’ instruction, the next five bytes are the address to jump to. You see, when you compile a C++ program, after a little compiler magic you end up with an obj file. Which is basically your C++ program written in assembly. The linker then takes all those obj files and merges them together to form correct jump addresses and function calls.
Now, inside the hex editor you will hopefully see a column with addresses, if not, edit your editors settings or get a new one.
Tab over to IDA and memorize the address you found the first ‘push 3F8000000′ candidate. Go into the hex editor and scroll or jump to the address, you should see ’680000803F68000080BF’ now edit those two push values to read ’68000000006800000000′
What this does is change the code to push two 0′s instead of a -1 and 1, in effect, making the shot distribution flat on one axis. So what you do now is run day of defeat source with your modded binaries. In order to see any difference you will have to use the “sv_showimpacts 1″ command. Now when you shoot the game will show you where your client bullet landed and where the server bullet landed. If you edited the server correctly the blue dots will form a line and the red dots will form a circle. If not, undo that last edit and move onto the next location.
After you find the correct location its just a simple matter of creating a detour. Which takes us to part 3.
Tags: disassemble, Games, hacking, series, tutorial