Auto-search offsets for any main.exe
Hello all, today i'm start little project - auto offset researcher (yes mauro, u can go out :laugh:).
My base for it - olly dbg scripts on plugin "Odbg Script".
Of course it open source and etc.
And of course it not for all-all mains, but i try to make it for S3.2 -> S6.3.
Script (Updated: 05.05.2013):
Code:
var LogFile
var Start
var Version
var VersionConvert
var Serial
var MapNumber
var MainState
var UserObjectStruct
var ObjectPreviewStruct
var MasterLevel
var MasterPoints
var CursorX
var CursorY
var MaxZenWidth1
var MaxZenWidth2
var MaxZenWidth3
var MaxZenWidth4
var MaxZenWidth5
var WinWidth
var WinHeight
var CameraZoom
var CameraRotY
var CameraRotZ
var CameraPosZ
var CameraClipX
var CameraClipY
var CameraClipGL
// ---------------------------------------------------------
mov LogFile, ".\\MU.txt"
mov Start, 401000
// ---------------------------------------------------------
wrt LogFile, "//Auto researcher script"
// ---------------------------------------------------------
//Tested: 1.04.04 (ENG), 1.03.28 (ENG), 1.03.25 (JPN), 1.03.11 (JPN)
find Start, #83BD??????FF10#
cmp [$RESULT + f], 8a, 1
je Except1
mov Serial, [$RESULT + 12]
jmp WriteVersion
Except1:
mov Serial, [$RESULT + 11]
WriteVersion:
mov Version, Serial - 8
atoi [Version]
mov VersionConvert, $RESULT - 22345
eval "//Main: 10{VersionConvert}"
wrta LogFile, $RESULT
eval "#define Version 0x{Version} //-> {[Version]}"
wrta LogFile, $RESULT
log Version
eval "#define Serial 0x{Serial} //-> {[Serial]}"
wrta LogFile, $RESULT
log Serial
// ---------------------------------------------------------
//Tested: 1.04.04 (ENG), 1.03.28 (ENG), 1.03.25 (JPN), 1.03.11 (JPN)
find Start, #83F945#
mov MapNumber, [$RESULT + 7]
eval "#define MapNumber *(int*)0x{MapNumber}"
wrta LogFile, $RESULT
log MapNumber
// ---------------------------------------------------------
//Tested: 1.04.04 (ENG), 1.03.28 (ENG), 1.03.25 (JPN), 1.03.11 (JPN)
find Start, #6A006A006A73#
mov MainState, [$RESULT - 7]
eval "#define MainState *(int*)0x{MainState}"
wrta LogFile, $RESULT
log MainState
// ---------------------------------------------------------
//Tested: 1.04.04 (ENG), 1.03.28 (ENG), 1.03.25 (JPN), 1.03.11 (JPN)
find Start, #81F980000000740432C0EB19#
mov UserObjectStruct, [$RESULT + 0e]
eval "#define UserObjectStruct 0x{UserObjectStruct}"
wrta LogFile, $RESULT
log UserObjectStruct
// ---------------------------------------------------------
//1.04.04 (ENG), 1.03.28 (ENG), 1.03.25 (JPN)
find Start, #C745FC0000000068E900000068C1000000#
mov ObjectPreviewStruct, [$RESULT - 21]
eval "#define ObjectPreviewStruct 0x{ObjectPreviewStruct}"
wrta LogFile, $RESULT
log ObjectPreviewStruct
// ---------------------------------------------------------
//Tested: 1.04.04 (ENG), 1.03.28 (ENG), 1.03.25 (JPN)
find Start, #5?68D2060000#
mov MasterLevel, [$RESULT - 4]
eval "#define MasterLevel *(short*)0x{MasterLevel}"
wrta LogFile, $RESULT
log MasterLevel
// ---------------------------------------------------------
//Tested: 1.04.04 (ENG), 1.03.28 (ENG), 1.03.25 (JPN)
find Start, #5?68D3060000#
mov MasterPoints, [$RESULT - 4]
eval "#define MasterPoints *(short*)0x{MasterPoints}"
wrta LogFile, $RESULT
log MasterPoints
// ---------------------------------------------------------
//Tested: 1.04.04 (ENG), 1.03.28 (ENG), 1.03.25 (JPN)
find Start, #813D????????2C010000#
mov CursorX, [$RESULT + 2]
wrta LogFile, "#define CursorX *(int*)0x"
wrta LogFile, CursorX, ""
log CursorX
mov CursorY, [$RESULT + 1a]
wrta LogFile, "#define CursorY *(int*)0x"
wrta LogFile, CursorY, ""
log CursorY
// ---------------------------------------------------------
//Tested: 1.04.04 (ENG), 1.03.28 (ENG), 1.03.25 (JPN), 1.03.11 (JPN)
findcmd Start, "push 8;push 0c; push 32"
GREF 0
GREF 1
mov MaxZenWidth1, $RESULT + 1
eval "#define MaxZenWidth1 *(BYTE*)0x{MaxZenWidth1}"
wrta LogFile, $RESULT
log MaxZenWidth1
GREF 2
mov MaxZenWidth2, $RESULT + 1
eval "#define MaxZenWidth2 *(BYTE*)0x{MaxZenWidth2}"
wrta LogFile, $RESULT
log MaxZenWidth2
GREF 3
mov MaxZenWidth3, $RESULT + 1
eval "#define MaxZenWidth3 *(BYTE*)0x{MaxZenWidth3}"
wrta LogFile, $RESULT
log MaxZenWidth3
GREF 4
mov MaxZenWidth4, $RESULT + 1
eval "#define MaxZenWidth4 *(BYTE*)0x{MaxZenWidth4}"
wrta LogFile, $RESULT
log MaxZenWidth4
GREF 5
mov MaxZenWidth5, $RESULT + 1
eval "#define MaxZenWidth5 *(BYTE*)0x{MaxZenWidth5} //-> If 0x0 or 0x1 = not in use"
wrta LogFile, $RESULT
log MaxZenWidth5
// ---------------------------------------------------------
//Tested: 1.04.04 (ENG), 1.03.28 (ENG), 1.03.25 (JPN), 1.03.11 (JPN)
find Start, #C705????????40060000#
mov WinWidth, [$RESULT + 2]
eval "#define WinWidth *(GLsizei*)0x{WinWidth}"
wrta LogFile, $RESULT
log WinWidth
mov WinHeight, WinWidth + 4
eval "#define WinHeight *(GLsizei*)0x{WinHeight}"
wrta LogFile, $RESULT
log WinHeight
// ---------------------------------------------------------
//Tested: 1.04.04 (ENG), 1.03.28 (ENG), 1.03.25 (JPN), 1.03.11 (JPN)
find Start, #C705????????00000C42#
cmp $RESULT, 0
je Season6
mov CameraZoom, $RESULT + 6
// ----
find Start, #5ED8C1#
mov CameraRotY, [$RESULT - 11]
// ----
find Start, #C74424??00C0A845C74424??00007A46C705????????000020C2#
mov CameraRotZ, [$RESULT + 12]
// ----
find Start, #D8C1D91D????????DDD8#
mov CameraPosZ, [$RESULT - 4]
// ----
find Start, #C745??????????C745??00609F46C745??????????#
mov CameraClipX, [$RESULT + 52]
mov CameraClipY, $RESULT - 2a
// ----
find Start, #D99D????????E8????????99B958020000F7F9#
mov CameraClipGL, [$RESULT - 4]
// ----
jmp EndOfCamSearch
Season6:
find Start, #6A006A006889000000#
mov CameraZoom, [$RESULT - 14]
// ----
find Start, #0FB7045?????????2?800000007427#
mov CameraRotY, [$RESULT - 1f]
mov CameraRotZ, [$RESULT - 4b]
// ----
find Start, #6AFF6A006AFF6A006A006A285?D905????????D91C24#
mov CameraPosZ, [$RESULT + 0f]
// ----
find Start, #833D????????2775??D905????????D95D??EB??D905????????D95D??833D????????02#
mov CameraClipX, [$RESULT + 9b]
// ----
find Start, #D905????????D95DE?51D9E?D91C??8D55??5?8D45??5?6878010000#
mov CameraClipY, [$RESULT + 2]
// ----
find Start, #D905????????D95D??8B4???8378??7A#
mov CameraClipGL, [$RESULT + 2]
// ----
EndOfCamSearch:
eval "#define CameraZoom *(float*)0x{CameraZoom}"
wrta LogFile, $RESULT
log CameraZoom
eval "#define CameraRotY *(float*)0x{CameraRotY}"
wrta LogFile, $RESULT
log CameraRotY
eval "#define CameraRotZ *(float*)0x{CameraRotZ}"
wrta LogFile, $RESULT
log CameraRotZ
eval "#define CameraPosZ *(float*)0x{CameraPosZ}"
wrta LogFile, $RESULT
log CameraPosZ
eval "#define CameraClipX *(float*)0x{CameraClipX} //-> if Season 6+ == *(double*)"
wrta LogFile, $RESULT
log CameraClipX
eval "#define CameraClipY *(float*)0x{CameraClipY}"
wrta LogFile, $RESULT
log CameraClipY
eval "#define CameraClipGL *(float*)0x{CameraClipGL}"
wrta LogFile, $RESULT
log CameraClipGL
// ---------------------------------------------------------
List: (Updated: 05.05.2013):
How use:
0. Download oldschool Olly 1.10
1. Copy code from thread, create new text file, paste code and save with format .osc
2. Download plugin, Install it in Olly
3. Open u main.exe via Olly
4. Go to menu Plugins -> ODbgScript -> Log Window
http://img163.imageshack.us/img163/2...895a7bf7c1.png
5. Run script, Plugins -> ODbgScript -> Run Script...
6. Go to MU.txt and "magic":
http://img542.imageshack.us/img542/2...77f9635f87.png
-
Tested: 1.04.04 (ENG), 1.03.28 (ENG), 1.03.25 (JPN), 1.03.11 (JPN)
-
Me need help with tests bcz i don't have time for 4+ mains.exe, u can:
- Post your main and needed offsets for auto-researcher
- If you have 100% offsets from list for your main - please check it and post results
Updates: ~every 2-3 days
Bad english and etc ;D
Re: Auto-search offsets for any main.exe
1 Attachment(s)
Re: Auto-search offsets for any main.exe
I have Problems =/
Attachment 129208
Re: Auto-search offsets for any main.exe
hey how i can make folder to images in main.exe ollydbg please help me
Re: Auto-search offsets for any main.exe
VeltonD
- It not problem, one version for old 2k windows and one universal, use only ODbgScript.dll
Re: Auto-search offsets for any main.exe
great job as always!!!!!!!!!
Re: Auto-search offsets for any main.exe
- DarkSim
Already decided, could spend the offsets of Fruints?
Re: Auto-search offsets for any main.exe
VeltonD
- What is Fruints?
1 Attachment(s)
Re: Auto-search offsets for any main.exe
DarkSim
Msg Fruint Main
It is referring to this message appears when you use the command /add.
Main 1.03K
But if have 1.03.28 to use as a reference thanks. thx
Attachment 129216
Re: Auto-search offsets for any main.exe
VeltonD
- You can send it message box by server)
Re: Auto-search offsets for any main.exe
and how to take this message box to not appear in the MAIN?
Re: Auto-search offsets for any main.exe
UP:
- Added offset write to file (.\\MU.txt)
http://i.imgur.com/xuSYN19.png
- Added version & serial search (need test-test-test, bcz i test it only on mains from list)
--
powerranger
- U can send point add packet from fruits =/
Re: Auto-search offsets for any main.exe
Darksim, can u add to search for 3D camera and MuError.log crypt offsets ? would be verry nice if that have it :)
Re: Auto-search offsets for any main.exe
Stifi
- I add 3D Cam after weekend maybe, if u have offset for MuError enc - post main and offset)
Re: Auto-search offsets for any main.exe
Quote:
Originally Posted by
-=DarkSim=-
Hello all, today i'm start little project - auto offset researcher (yes mauro, u can go out :laugh:).
OMG! Epic! OMG! Thats really rocks! LOL
Good Luck ;)
