Discussion in 'Call of Duty: AW Modding' started by 360aim, Dec 14, 2014 with 1 replies and 1,057 views.

Thread Status:
Not open for further replies.
  1. 360aim

    360aim Enthusiast

    //if you need virus scan for this just tell me i will download and scan admins

    when you open hxd you will see a screen that looks like this if you do not something went wrong.
    we are going to want to go to open in hxd and click file the file that we just dumped with simple dumper++ is the file we will be opening once you have the file loaded it will look some what like this dont be confused this is quiet easy as we are using are pointers from ida.

    once that is loaded we are going to go back to ida where we left are string we are going to highlight the following part of the code in ida and copy it to are clip board to copy it rightclick or press the following keys at the same time "crtl + c".
    it should look like this if you did it correctly
    now that we have that we are going to go back to hxd now that we have copyed are string offset to point us to the byte value stored in the memmory once in hxd click in where in there and press the following keys "crtl + f" at the same time a box should pop open like this.
    you are going to want to click "datatype" and select "hex values" than you are going to want to make sure "all" is selected. once you have that press the following keys in "search for" to paste are offset in the box "crtl + v" it will look like this if done correctly.
    now you are going to press enter and it will take you to a address that may not make much sense to you but i will explain it to you. if you press enter you will be brought to here, it looks like this
    now we are almost done finding are offset for "g_knockback" but i want you to understand how this works if you plan on finding other offsets for strings on this game or another call fo duty. we have just search the memmory for the string from ida the pointer that we used to search in hxd is where the string is stored as a byte to act as a fuction. the offset int eh above picture hxd is calling that string as a refrence and setting the byte that i will show you now.
    For advance warfare the structs how the memmory handles most strings is as follows like that
    16 bytes across is the full function if it gose longer it bleeds in to something else. so for are offset as i said it is 16 bytes we only use the last for in advance warfare so we will go from our pointer to the last 4 bytes that are hightlighted witch are.
    this is are offset we go to the first byte witch in are case is "44" we will only highlight that to get the offset that we are going to use this "44" is the first bytes of "G_knockback" it is a 4 byte integer stored in the memmory i could go in to detail but i am trying to teach you where you will understand how to do it your self pretty much. so now we will highlight "44" it will look like this.
    as you can see we only have 1 byte select witch is the 13 byte in the list i said as the function uses 16 bytes. now that we have find are offset we are not done yet we need to get the address to do this with "44" selected in hxd press the following keys at the same time "crtl + e" a box will pop up that looks like this.
    you are going to want to highlight the start offset and press "crtl + c" to copy it to your clipboard we are not done we have not added are base dump address plus are offset. to do this i included a download of peekpoker for us to use open that. it will look some what like this but the ip will be blank you will need to type in your xbox ip to connect to your console.

    ok it will say you have connected if done properly if not you will be there for about 30secs before it says you have not.
    after that click on search/dump tab it will look like this
    now click on the tab dump and you will be brought here where a hex caculator is that we will add are base and offset + are need g_knokcback offset".
    once on that tab it should look like this.
    now you are going to want to click value to and press "crtl + v" at the same time to paste are address in to the tab it will look like this
    for value one copy this in to it from here or go to simple dumper and copy the base address.
    "0x82000000" put that as value one than you are going to want to hit the "+" plus sign on peek poker and it will added your values it will look like this.
    the "answer" is are offset for "g_knockback" that is are final address for the string pointer to get the offset click the answer box and press "crtl + a" to highlight it than press "crtl + c" to copy the address to paste it somewhere press "crtl + v".
    i hope you enjoyed this tutorial i spend a little bit of time on it to help you guys out tell me what you think :smile:

    spelling errors -me :biggrin:
    lots of spelling errors im sure - me
    who ever made peek poker
    and of course ida
    lets not forget all the people from the pc scene where i got most of my research for this :smile:
    Last edited by a moderator: Dec 14, 2014
  2. Chaos

    Chaos Retired Retired

    360aim, virus scans from Virus Total are required when posting links to a download. Please report this thread with the sufficient virus scans for the string pointer pack and for hxd as needed. Thank you.

    To create a virus scan please use:
    Virus Total
    • Like Like x 1

Share This Page

Thread Status:
Not open for further replies.