Difference between revisions of "Reversing Structs"
From SWGANH Wiki
(New page: How to reverse packet structures via live debugging in ollydbg: 1. Set a break point at location: 0118B064, it should read POP EBX 2. Send your packet 3. Olly should break, the client i...) |
|||
Line 1: | Line 1: | ||
How to reverse packet structures via live debugging in ollydbg: | How to reverse packet structures via live debugging in ollydbg: | ||
− | 1. Set a break point at location: | + | 1. Set a break point at location: 0x0118B064, it should read POP EBX |
2. Send your packet | 2. Send your packet | ||
Line 7: | Line 7: | ||
3. Olly should break, the client is now reading your packet, the number of bytes it is reading is in register ESI, | 3. Olly should break, the client is now reading your packet, the number of bytes it is reading is in register ESI, | ||
− | you must first let it read the header, so you should go through a sequence of two bytes then four bytes, three times, | + | you must first let it read the header, so you should go through a sequence of two bytes then four bytes, three times, eg: |
ESI reads: | ESI reads: |
Latest revision as of 23:48, 4 June 2007
How to reverse packet structures via live debugging in ollydbg:
1. Set a break point at location: 0x0118B064, it should read POP EBX
2. Send your packet
3. Olly should break, the client is now reading your packet, the number of bytes it is reading is in register ESI,
you must first let it read the header, so you should go through a sequence of two bytes then four bytes, three times, eg:
ESI reads:
2
4
2
4
2
4
4. Hit play every time you want the next value, after going through the header you are in the data! Write down ESI and hit play continually until the client stops breaking at that location