Coding
  |
Can someone help me to understand this
 Jan 24 2013, 03:44 PM Post #1 | |
The New Guy! Posts: 11 Joined: 9-January 13  | Hello all I'm still a beginner with IDA and try to reverse engineer a GTA function to understand what it does, here it is: CODE char __stdcall CUpsideDownCarCheck__isCarUpsideDown(int a1) { int v1; // eax@1 unsigned int v2; // edx@1 int v3; // esi@5 v1 = *(_DWORD *)(a1 + 1424); // vehicle type v2 = 0; if ( v1 ) // if type != 0 { if ( v1 == 9 ) // if type is bike v2 = *(_BYTE *)(a1 + 2052); } else // else, type is car/plane { v2 = *(_BYTE *)(a1 + 2400); } v3 = *(_DWORD *)(a1 + 20); // vehicle rotation matrix return (*(float *)(v3 + 40) < 0.30000001 && v2 < 4 || *(float *)(v3 + 40) < 0.0) && (unsigned __int8)(*(int (__stdcall **)(_DWORD))(*(_DWORD *)a1 + 228))(0); } My questions are 1) How, and with which tools, do I find out what is "v2" equal to? For v1 it was easy to find out that it was the vehicle type, because it was documented already  I suppose I can find with CheatEngine but, still to find v2, how do I locate a1 in CheatEngine so then I can add to it, offset 2052 for bike or 2400 for cars? 2) What is this on the last line: (unsigned __int8)(*(int (__stdcall **)(_DWORD))(*(_DWORD *)a1 + 228))(0) Thanks you in advance for any help! And sorry for my bad english. Edit: ok I found how to find v1 (the vehicle type) in CheatEngine , I must add an address manually, set it as a pointer, give it value BA18FC (pointer to current vehicle) and offset 590 (hex of 1424). Same process for v2! Now to find out what this value is xDOk I think I found what v2 is: the number of wheels currently touching ground. Always between 0 and 4, even if bikes only have 2 wheels and trucks have more wheels xD This post has been edited by powernoob: Jan 24 2013, 04:49 PM |
 |  |
| Jan 24 2013, 04:06 PM Post #2 | |
 The master of cut retort  Posts: 239 From: Warsaw, PL Joined: 21-July 10 | Since you seem to use listener's IDB, set a1 type to CAutomobile*. That should sort stuff. Also, this function is a __thiscall. Therefore, its correct definition is: CODE char __thiscall CUpsideDownCarCheck__IsCarUpsideDown(CUpsideDownCarCheck *this, CAutomobile *carHandle) Oddly, my CAutomobile seems to be a bit broken, but I'm pretty sure that v3 is something like m_nNumContactWheels. |
| |
| Jan 24 2013, 05:54 PM Post #3 | |
The New Guy! Posts: 11 Joined: 9-January 13 | QUOTE Since you seem to use listener's IDB, set a1 type to CAutomobile*. That should sort stuff. Thanks, it resolved some names QUOTE Also, this function is a __thiscall. Therefore, its correct definition is: CODE char __thiscall CUpsideDownCarCheck__IsCarUpsideDown(CUpsideDownCarCheck *this, CAutomobile *carHandle) If I do this I get a Bad declaration error. QUOTE Oddly, my CAutomobile seems to be a bit broken, but I'm pretty sure that v3 is something like m_nNumContactWheels. (You mean v2?) I can't find this name, also it is stored in different place for bikes than for cars, so it can't have the same name for both, correct? Thanks! This post has been edited by powernoob: Jan 24 2013, 05:55 PM |
| |
| Jan 24 2013, 08:28 PM Post #4 | |
The master of cut retort Posts: 239 From: Warsaw, PL Joined: 21-July 10 | v2 should become v3 when you declare the function as __thiscall. So yeah, we're referring to the same var. |
| |
| Nov 1 2013, 06:58 AM Post #5 | |
The New Guy! Posts: 2 Joined: 30-October 13 | Do you guys have a link to the most used codes for beginners? -------------------- |
| |
|
1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)
0 Members: