All TUTORIAL STRING POINTERS (USEFUL ) by 360aim

Discussion in 'Call of Duty: AW Modding' started by 360aim, Dec 14, 2014 with 1 replies and 1,057 views.

Thread Status:
Not open for further replies.
  1. 360aim

    360aim Enthusiast

    Messages:
    205
    Ratings:
    55
    *removed*​
    //if you need virus scan for this just tell me i will download and scan admins

    when you open hxd you will see a screen that looks like this if you do not something went wrong.
    http://gyazo.com/2381c6b0438c5809da3b4ec118b6f11f
    we are going to want to go to open in hxd and click file the file that we just dumped with simple dumper++ is the file we will be opening once you have the file loaded it will look some what like this dont be confused this is quiet easy as we are using are pointers from ida.
    http://gyazo.com/0b3e324e2d1cb890b4c0b6750d53e1c8

    once that is loaded we are going to go back to ida where we left are string we are going to highlight the following part of the code in ida and copy it to are clip board to copy it rightclick or press the following keys at the same time "crtl + c".
    it should look like this if you did it correctly
    http://gyazo.com/e9e8d4779466d9b2464c53a5e9afbd8b
    now that we have that we are going to go back to hxd now that we have copyed are string offset to point us to the byte value stored in the memmory once in hxd click in where in there and press the following keys "crtl + f" at the same time a box should pop open like this.
    http://gyazo.com/72ca9ace1514c551aa6ee0bc0008af54
    you are going to want to click "datatype" and select "hex values" than you are going to want to make sure "all" is selected. once you have that press the following keys in "search for" to paste are offset in the box "crtl + v" it will look like this if done correctly.
    http://gyazo.com/8b2021f07107095899284ca881c499c4
    now you are going to press enter and it will take you to a address that may not make much sense to you but i will explain it to you. if you press enter you will be brought to here, it looks like this
    http://gyazo.com/70335886fe18f3ba8c68fd8d1029ed1b
    now we are almost done finding are offset for "g_knockback" but i want you to understand how this works if you plan on finding other offsets for strings on this game or another call fo duty. we have just search the memmory for the string from ida the pointer that we used to search in hxd is where the string is stored as a byte to act as a fuction. the offset int eh above picture hxd is calling that string as a refrence and setting the byte that i will show you now.
    http://gyazo.com/8734a99eb65be1c3bff078b6acf7c3b2
    For advance warfare the structs how the memmory handles most strings is as follows like that
    16 bytes across is the full function if it gose longer it bleeds in to something else. so for are offset as i said it is 16 bytes we only use the last for in advance warfare so we will go from our pointer to the last 4 bytes that are hightlighted witch are.
    http://gyazo.com/4e2c51e078b3dfb72fb53dd4d9d1447f
    this is are offset we go to the first byte witch in are case is "44" we will only highlight that to get the offset that we are going to use this "44" is the first bytes of "G_knockback" it is a 4 byte integer stored in the memmory i could go in to detail but i am trying to teach you where you will understand how to do it your self pretty much. so now we will highlight "44" it will look like this.
    http://gyazo.com/ffec5702633b96cc1aa6b1589a95ca6e
    as you can see we only have 1 byte select witch is the 13 byte in the list i said as the function uses 16 bytes. now that we have find are offset we are not done yet we need to get the address to do this with "44" selected in hxd press the following keys at the same time "crtl + e" a box will pop up that looks like this.
    http://gyazo.com/6ecbb7818aab1de0aaee513cdf8e28a5
    you are going to want to highlight the start offset and press "crtl + c" to copy it to your clipboard we are not done we have not added are base dump address plus are offset. to do this i included a download of peekpoker for us to use open that. it will look some what like this but the ip will be blank you will need to type in your xbox ip to connect to your console.
    http://gyazo.com/faa179c58c2a17ea4b4e52c9b82527b4

    ok it will say you have connected if done properly if not you will be there for about 30secs before it says you have not.
    after that click on search/dump tab it will look like this
    http://gyazo.com/cfa84fa093b15bdefee946e7c7d00361
    now click on the tab dump and you will be brought here where a hex caculator is that we will add are base and offset + are need g_knokcback offset".
    once on that tab it should look like this.
    http://gyazo.com/57c5ea0d4ca8d8fc73b69dfb94fff9a8
    now you are going to want to click value to and press "crtl + v" at the same time to paste are address in to the tab it will look like this
    http://gyazo.com/2eb6a0363288c14aad877312bb0e0cd8
    for value one copy this in to it from here or go to simple dumper and copy the base address.
    "0x82000000" put that as value one than you are going to want to hit the "+" plus sign on peek poker and it will added your values it will look like this.
    http://gyazo.com/95b97ac17a0f7e837634437e7d895d2e
    the "answer" is are offset for "g_knockback" that is are final address for the string pointer to get the offset click the answer box and press "crtl + a" to highlight it than press "crtl + c" to copy the address to paste it somewhere press "crtl + v".
    i hope you enjoyed this tutorial i spend a little bit of time on it to help you guys out tell me what you think :smile:

    //credits
    me
    spelling errors -me :biggrin:
    lots of spelling errors im sure - me
    who ever made peek poker
    and of course ida
    lets not forget all the people from the pc scene where i got most of my research for this :smile:
     
    Last edited by a moderator: Dec 14, 2014
  2. Chaos

    Chaos Retired Retired

    Messages:
    4,871
    Ratings:
    2,908
    360aim, virus scans from Virus Total are required when posting links to a download. Please report this thread with the sufficient virus scans for the string pointer pack and for hxd as needed. Thank you.

    To create a virus scan please use:
    Virus Total
     
    • Like Like x 1

Share This Page

Thread Status:
Not open for further replies.