Experienced Elementalist
- Joined
- Oct 11, 2008
- Messages
- 225
- Reaction score
- 423
Hello all, today i'm start little project - auto offset researcher (yes mauro, u can go out :laugh.
My base for it - olly dbg scripts on plugin "Odbg Script".
Of course it open source and etc.
And of course it not for all-all mains, but i try to make it for S3.2 -> S6.3.
Script (Updated: 05.05.2013):
List: (Updated: 05.05.2013):
How use:
0.
1. Copy code from thread, create new text file, paste code and save with format .osc
2.
3. Open u main.exe via Olly
4. Go to menu Plugins -> ODbgScript -> Log Window
5. Run script, Plugins -> ODbgScript -> Run Script...
6. Go to MU.txt and "magic":
-
Tested: 1.04.04 (ENG), 1.03.28 (ENG), 1.03.25 (JPN), 1.03.11 (JPN)
-
Me need help with tests bcz i don't have time for 4+ mains.exe, u can:
- Post your main and needed offsets for auto-researcher
- If you have 100% offsets from list for your main - please check it and post results
Updates: ~every 2-3 days
Bad english and etc ;D
My base for it - olly dbg scripts on plugin "Odbg Script".
Of course it open source and etc.
And of course it not for all-all mains, but i try to make it for S3.2 -> S6.3.
Script (Updated: 05.05.2013):
Code:
var LogFile
var Start
var Version
var VersionConvert
var Serial
var MapNumber
var MainState
var UserObjectStruct
var ObjectPreviewStruct
var MasterLevel
var MasterPoints
var CursorX
var CursorY
var MaxZenWidth1
var MaxZenWidth2
var MaxZenWidth3
var MaxZenWidth4
var MaxZenWidth5
var WinWidth
var WinHeight
var CameraZoom
var CameraRotY
var CameraRotZ
var CameraPosZ
var CameraClipX
var CameraClipY
var CameraClipGL
// ---------------------------------------------------------
mov LogFile, ".\\MU.txt"
mov Start, 401000
// ---------------------------------------------------------
wrt LogFile, "//Auto researcher script"
// ---------------------------------------------------------
//Tested: 1.04.04 (ENG), 1.03.28 (ENG), 1.03.25 (JPN), 1.03.11 (JPN)
find Start, #83BD??????FF10#
cmp [$RESULT + f], 8a, 1
je Except1
mov Serial, [$RESULT + 12]
jmp WriteVersion
Except1:
mov Serial, [$RESULT + 11]
WriteVersion:
mov Version, Serial - 8
atoi [Version]
mov VersionConvert, $RESULT - 22345
eval "//Main: 10{VersionConvert}"
wrta LogFile, $RESULT
eval "#define Version 0x{Version} //-> {[Version]}"
wrta LogFile, $RESULT
log Version
eval "#define Serial 0x{Serial} //-> {[Serial]}"
wrta LogFile, $RESULT
log Serial
// ---------------------------------------------------------
//Tested: 1.04.04 (ENG), 1.03.28 (ENG), 1.03.25 (JPN), 1.03.11 (JPN)
find Start, #83F945#
mov MapNumber, [$RESULT + 7]
eval "#define MapNumber *(int*)0x{MapNumber}"
wrta LogFile, $RESULT
log MapNumber
// ---------------------------------------------------------
//Tested: 1.04.04 (ENG), 1.03.28 (ENG), 1.03.25 (JPN), 1.03.11 (JPN)
find Start, #6A006A006A73#
mov MainState, [$RESULT - 7]
eval "#define MainState *(int*)0x{MainState}"
wrta LogFile, $RESULT
log MainState
// ---------------------------------------------------------
//Tested: 1.04.04 (ENG), 1.03.28 (ENG), 1.03.25 (JPN), 1.03.11 (JPN)
find Start, #81F980000000740432C0EB19#
mov UserObjectStruct, [$RESULT + 0e]
eval "#define UserObjectStruct 0x{UserObjectStruct}"
wrta LogFile, $RESULT
log UserObjectStruct
// ---------------------------------------------------------
//1.04.04 (ENG), 1.03.28 (ENG), 1.03.25 (JPN)
find Start, #C745FC0000000068E900000068C1000000#
mov ObjectPreviewStruct, [$RESULT - 21]
eval "#define ObjectPreviewStruct 0x{ObjectPreviewStruct}"
wrta LogFile, $RESULT
log ObjectPreviewStruct
// ---------------------------------------------------------
//Tested: 1.04.04 (ENG), 1.03.28 (ENG), 1.03.25 (JPN)
find Start, #5?68D2060000#
mov MasterLevel, [$RESULT - 4]
eval "#define MasterLevel *(short*)0x{MasterLevel}"
wrta LogFile, $RESULT
log MasterLevel
// ---------------------------------------------------------
//Tested: 1.04.04 (ENG), 1.03.28 (ENG), 1.03.25 (JPN)
find Start, #5?68D3060000#
mov MasterPoints, [$RESULT - 4]
eval "#define MasterPoints *(short*)0x{MasterPoints}"
wrta LogFile, $RESULT
log MasterPoints
// ---------------------------------------------------------
//Tested: 1.04.04 (ENG), 1.03.28 (ENG), 1.03.25 (JPN)
find Start, #813D????????2C010000#
mov CursorX, [$RESULT + 2]
wrta LogFile, "#define CursorX *(int*)0x"
wrta LogFile, CursorX, ""
log CursorX
mov CursorY, [$RESULT + 1a]
wrta LogFile, "#define CursorY *(int*)0x"
wrta LogFile, CursorY, ""
log CursorY
// ---------------------------------------------------------
//Tested: 1.04.04 (ENG), 1.03.28 (ENG), 1.03.25 (JPN), 1.03.11 (JPN)
findcmd Start, "push 8;push 0c; push 32"
GREF 0
GREF 1
mov MaxZenWidth1, $RESULT + 1
eval "#define MaxZenWidth1 *(BYTE*)0x{MaxZenWidth1}"
wrta LogFile, $RESULT
log MaxZenWidth1
GREF 2
mov MaxZenWidth2, $RESULT + 1
eval "#define MaxZenWidth2 *(BYTE*)0x{MaxZenWidth2}"
wrta LogFile, $RESULT
log MaxZenWidth2
GREF 3
mov MaxZenWidth3, $RESULT + 1
eval "#define MaxZenWidth3 *(BYTE*)0x{MaxZenWidth3}"
wrta LogFile, $RESULT
log MaxZenWidth3
GREF 4
mov MaxZenWidth4, $RESULT + 1
eval "#define MaxZenWidth4 *(BYTE*)0x{MaxZenWidth4}"
wrta LogFile, $RESULT
log MaxZenWidth4
GREF 5
mov MaxZenWidth5, $RESULT + 1
eval "#define MaxZenWidth5 *(BYTE*)0x{MaxZenWidth5} //-> If 0x0 or 0x1 = not in use"
wrta LogFile, $RESULT
log MaxZenWidth5
// ---------------------------------------------------------
//Tested: 1.04.04 (ENG), 1.03.28 (ENG), 1.03.25 (JPN), 1.03.11 (JPN)
find Start, #C705????????40060000#
mov WinWidth, [$RESULT + 2]
eval "#define WinWidth *(GLsizei*)0x{WinWidth}"
wrta LogFile, $RESULT
log WinWidth
mov WinHeight, WinWidth + 4
eval "#define WinHeight *(GLsizei*)0x{WinHeight}"
wrta LogFile, $RESULT
log WinHeight
// ---------------------------------------------------------
//Tested: 1.04.04 (ENG), 1.03.28 (ENG), 1.03.25 (JPN), 1.03.11 (JPN)
find Start, #C705????????00000C42#
cmp $RESULT, 0
je Season6
mov CameraZoom, $RESULT + 6
// ----
find Start, #5ED8C1#
mov CameraRotY, [$RESULT - 11]
// ----
find Start, #C74424??00C0A845C74424??00007A46C705????????000020C2#
mov CameraRotZ, [$RESULT + 12]
// ----
find Start, #D8C1D91D????????DDD8#
mov CameraPosZ, [$RESULT - 4]
// ----
find Start, #C745??????????C745??00609F46C745??????????#
mov CameraClipX, [$RESULT + 52]
mov CameraClipY, $RESULT - 2a
// ----
find Start, #D99D????????E8????????99B958020000F7F9#
mov CameraClipGL, [$RESULT - 4]
// ----
jmp EndOfCamSearch
Season6:
find Start, #6A006A006889000000#
mov CameraZoom, [$RESULT - 14]
// ----
find Start, #0FB7045?????????2?800000007427#
mov CameraRotY, [$RESULT - 1f]
mov CameraRotZ, [$RESULT - 4b]
// ----
find Start, #6AFF6A006AFF6A006A006A285?D905????????D91C24#
mov CameraPosZ, [$RESULT + 0f]
// ----
find Start, #833D????????2775??D905????????D95D??EB??D905????????D95D??833D????????02#
mov CameraClipX, [$RESULT + 9b]
// ----
find Start, #D905????????D95DE?51D9E?D91C??8D55??5?8D45??5?6878010000#
mov CameraClipY, [$RESULT + 2]
// ----
find Start, #D905????????D95D??8B4???8378??7A#
mov CameraClipGL, [$RESULT + 2]
// ----
EndOfCamSearch:
eval "#define CameraZoom *(float*)0x{CameraZoom}"
wrta LogFile, $RESULT
log CameraZoom
eval "#define CameraRotY *(float*)0x{CameraRotY}"
wrta LogFile, $RESULT
log CameraRotY
eval "#define CameraRotZ *(float*)0x{CameraRotZ}"
wrta LogFile, $RESULT
log CameraRotZ
eval "#define CameraPosZ *(float*)0x{CameraPosZ}"
wrta LogFile, $RESULT
log CameraPosZ
eval "#define CameraClipX *(float*)0x{CameraClipX} //-> if Season 6+ == *(double*)"
wrta LogFile, $RESULT
log CameraClipX
eval "#define CameraClipY *(float*)0x{CameraClipY}"
wrta LogFile, $RESULT
log CameraClipY
eval "#define CameraClipGL *(float*)0x{CameraClipGL}"
wrta LogFile, $RESULT
log CameraClipGL
// ---------------------------------------------------------
List: (Updated: 05.05.2013):
- char Version
- char Serial
- int MapNumber
- int MainState
- SelectServer = 2, SwitchCharacter = 4, Playing = 5 - struct UserObjectStruct
- struct ObjectPreviewStruct (like MakePreviewCharSet, but it global)
- short MasterLevel
- short MasterPoints
- int CursorX
- int CursorY
- BYTE MaxZenWidth[1-5] (
You must be registered to see links)
- It is direct offset, like *(BYTE*)0xXXXXXXXX = 9;, not +1; - GLsizei WinWidth
- GLsizei WinHeight
- float CameraZoom
- float CameraRotY
- float CameraRotZ
- float CameraPosZ
- float CameraClipX
- In Season 6+ clients it can be double (8 byte) - float CameraClipY
- float CameraClipGL
How use:
0.
You must be registered to see links
1. Copy code from thread, create new text file, paste code and save with format .osc
2.
You must be registered to see links
,
You must be registered to see links
in Olly3. Open u main.exe via Olly
4. Go to menu Plugins -> ODbgScript -> Log Window
5. Run script, Plugins -> ODbgScript -> Run Script...
6. Go to MU.txt and "magic":
-
Tested: 1.04.04 (ENG), 1.03.28 (ENG), 1.03.25 (JPN), 1.03.11 (JPN)
-
Me need help with tests bcz i don't have time for 4+ mains.exe, u can:
- Post your main and needed offsets for auto-researcher
- If you have 100% offsets from list for your main - please check it and post results
Updates: ~every 2-3 days
Bad english and etc ;D
Last edited: