Hi all in JJ2 forum

I really don't know if this is the right place to post this, but it's jazz2 who had got me in to all this programming stuff so whatever.

I've finally succeded to inject code and dll's into programs, but i still can't figure out how I find the functions inside jj2 that i want to execute or trace?

If there are any programmers out there who could explain how I would find or capture those functions, such as sending a chat message, it would be appreciated!!!

It's called reverse engineering. A number of people here (including myself) will continuously trace through the assembly code and comment/document what it does. This wouldn't be necessary, should we have the original C source code as we could simply modify that instead and recompile it. But since we don't, we have to do it the hard way - trace through assembly, modify the code and redirect some calls/jumps to a DLL code. You sould probably learn how to use a debugger. A good free debugger and a favorite of many is Ollydbg, a more professional one would be IDA Pro, but it's not free.

I know both those debuggers, but isn't there a easyier way to find the function calls?
When looking at assembly it's hard to tell and find what call that does the thing you're looking for.

An easier way would be to have someone do it for you instead. Please note that poking through assembly it's exactly what people have been doing to locate the desired functions. As a result, a lot of programmers made their own function address databases.

While I used to do assembly work like this a few years ago, I made myself a nice tool to help me out along. You might find useful as it allows you to execute a given function and pass up to four parameters to it, assuming you know what you're doing.

Okay, I mean isn't there a single tool there can capture when a program does a call, or do you really have to look the whole assembly through and just try them all?

What exactly do you mean by a "when a program does a call"? If you're talking about assembly-level calls then I have some good news and some bad news. The good news is you can put a breakpoint on every call. The bad news is there are hundreds of thousands of calls, which is a bit of a pain to break on every possible call. In practice it's best to set a memory breakpoint i.e. when you know that a function accesses (read or write) some variable, you can put a memory breakpoint on that variable. That will stop the execution at the exact assembly instruction (EIP) that tried to access the variable in question, thus locating your function.

EDIT: to help you out a bit, here's the address for the chat function. It takes one parameter, I think it's a pointer to a null-terminated string.

SendChat - 1.23: 0x483DE0, TSF: 0x4833A0

hmm... thank you a lot!
I guess there aren't such a easy solution that i hoped, but I will try some of the methods you mentioned!