| View previous topic :: View next topic |
| Author |
Message |
Barlad
How do I cheat?
![]() Reputation: 0
Joined: 01 May 2008
Posts: 9
|
 Posted: Wed Jul 23, 2008 10:50 am Post subject: Find out function calls made by pressing a key |
 |
|
Hey everyone,
I am currently reversing a windows game completely written in C++. My main tool is IDA. I would like to figure out which function is called by the game when I press a certain key.
For example, when I press "W" in the game, it moves forward the character. My objective is to figure out the "move forward" function called when pressing "W" (and any other function pressed by any other key).
Could anyone please give me some hint as to how I could achieve this? I guess I could BP on function like GetKeyState but I am not sure that would bring me very far.
Thanks a lot!
B.
|
|
| Back to top |
|
 |
oib111
I post too much
 Reputation: 0
Joined: 02 Apr 2007
Posts: 2947
Location: you wanna know why?
|
| Posted: Wed Jul 23, 2008 12:33 pm Post subject: |
|
|
You could search for RegisterHotKey or GetAsyncKeyState in the disassembly. Although I doubt they would use the latter. You could also look for virtual keys and scan codes and references to the the character 'w' (you could try searching the hex dump for the byte 0x57).
_________________
| 8D wrote: |
cigs dont make people high, which weed does, which causes them to do bad stuff. like killing |
|
|
| Back to top |
|
|
Symbol
I'm a spammer
![]() Reputation: 0
Joined: 18 Apr 2007
Posts: 5094
Location: Israel.
|
| Posted: Wed Jul 23, 2008 1:20 pm Post subject: |
|
|
It would probably set a boolean array[KEY] to true on WM_KEYDOWN and to false on WM_KEYUP, then on the window procedure or some drawing function it'll do whatever it gotta do.
I suggest you for searching for X,Y coordinations and then find out what writes to that, then you'll find the function that moves your character.
|
|
| Back to top |
|
|
Barlad
How do I cheat?
![]() Reputation: 0
Joined: 01 May 2008
Posts: 9
|
| Posted: Wed Jul 23, 2008 6:20 pm Post subject: |
|
|
Hey there,
I cannot really scan for the 'w' byte because my program is 15 MB so it would just return ten of thousands of results which I could not use. As for looking directly for the "move character" function, it is not really what I am aiming to do. In this case, I already know the "move character" function. What I am trying to do is just to find a "generic" way to figure out all the functions which are called when I press keys (not just the "move character" function).
Since I already know the "move character" function I guess I'll just BP on it and try to move back up the chain until I reach something which looks like a key handling function. I am not sure I'll reach it though, I'm afraid the "move character" function is actually called by another thread after a message generated by the key being pressed is pushed.
Anyway, thanks for the hints!
|
|
| Back to top |
|
|
sponge
I'm a spammer
 Reputation: 1
Joined: 07 Nov 2006
Posts: 6009
|
| Posted: Wed Jul 23, 2008 7:50 pm Post subject: |
|
|
trace through the wndproc if the message recieved is W.
_________________
|
|
| Back to top |
|
|
Barlad
How do I cheat?
![]() Reputation: 0
Joined: 01 May 2008
Posts: 9
|
| Posted: Fri Jul 25, 2008 11:57 am Post subject: |
|
|
Hey,
Thanks for the replies. I solved this by starting from a function I knew was called after a key pres and I traced it back to a function that does look like a WNDPROC function.
Guess that would have been much harder to figure out if I had not had the function I used at the beginning in the first place.
What's cool is that I can now detour the WNDPROC function and do whatever I want depending on the messages 
|
|
| Back to top |
|
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
