Post: How To Find Addresses [All COD]
Options
06-22-2014, 05:25 PM
#1
Notorious
Caprisuns Is Back
Today I want to make a good tutorial on how to find addresses for all call of duties! I know that a lot of people would like to know how to find them but they just don't know how! So today I will teach all of the people how to do this. Some of the addresses are plain and simple, others take some time to find. I will also provide a little tutorial on how to update them for a new update easier than finding them over again by using an IDC Script. So let's get started.
Things Needed:
A Brain (not provided
)IDA Pro w/ PS3 Plugins(google it, or skype me: notoriousxhacker)
HxD Editor (google it)
Your cod's .elf (provided a ghost's .elf)
cod4 pdb (provided)
So first off let's open up everything we need to use. So we will need to open up: whatever .elf your using (im using ghosts), cod4 pdb, open both with IDA PRO!
So right now we need to go into the elf we are using (I'm using ghosts) and we need to open up the string's window.
If the string's window is not on your desktop already then this is how you do it:
You must login or register to view this content.
Now, the only window's that we need open are: Strings window, IDA View-A, Hex View-A.
So once you only have those on your desktop, it is a good idea to save your desktop so that every time you load IDA it will have those 3 windows automatically opened. This is how you do it:
You must login or register to view this content.
You must login or register to view this content.
So now when you have everything all set, and you are in the call of duties elf that you chose, you need to go in the strings window. What we are doing now is going to get some basic addresses that we can find in all cod's by searching strings. So now let's search for:
"G_Spawn: no free entities"
Now double click the string and now look:
You must login or register to view this content.
Now it will be a good idea to double click the address so you can view the function like this:
You must login or register to view this content.
So now that you have a good look at the function, you should click on the address and press 'N'. This will bring up a box so that you can rename it to anything. But since this is the G_Spawn Address, we should name it "G_Spawn"!
Like so:
You must login or register to view this content.
Now we have found and labeled G_Spawn. This will now help us find more addresses! You can press X on the address to bring up a list of functions where that address is shown. G_Spawn is in some cool functions such as GScr_SpawnHelicopter and things like that :p but now if we are going to look for GScr_SpawnHelicopter, we should view the full function in the cod4 pdb. This will help us find it in the other call of duty (ghost). We will be able to tell if it is correct by looking at the powerpc instructions and seeing if they are similar to the function in the cod4 pdb. So go into the cod4 pdb ann search for the function "GScr_SpawnHelicopter" and then double click the function and it will
look like this:
You must login or register to view this content.
You must login or register to view this content.
As you can see, G_Spawn is being called at some point in the function GScr_SpawnHelicopter. So now by us knowing the G_Spawn address, we are able to find GScr_SpawnHelicopter! But it is not going to be extremely easy. We will have to comapre each function that has G_Spawn in it to the function we are looking for (GScr_SpawnHelicopter) in the cod4 pdb. So let's get started. We will now go to the G_Spawn address and press X on it. It will look something like this:
You must login or register to view this content.
This is showing all of the cross references to G_Spawn. Now when we double click on the first cross reference mine will look like this:
You must login or register to view this content.
Now scroll up in this tutorial a bit to take a look at the GScr_SpawnHelicopter function in the cod4 pdb, or just look at the cod4pdb you have open in IDA. (I'm not going to keep posting pics of the same function, just keep looking back)
Notice how this first xref to G_Spawn in ghost's does not call as much addresses as in the cod 4 pdb function. And also the ghost one calls G_Spawn first. Those 2 symbols can make us come to a conclusion that this first xref is not GScr_SpawnHelicopter. Also another symbol is that in the cod4 pdb the function loads 0 then 1 then 2 then 3 then 4 into r3. And in the ghosts function that we are in, it does not look anything like that. Problem solved, this function we are in is not GScr_SpawnHelicopter. So let's take a look at the second xref to G_Spawn:
You must login or register to view this content.
Notice how that function looks nothing like the one in the cod4 pdb, therefore this is not the address we are looking for. I will now keep comparing them until I get something that looks really similar to the cod4 pdb function. (I'm not going to keep posting pics I will jump to the correct address now, hopefully you guy's understand on how to compare them.)
So now here is the function that looks most similar to the one in the cod4 pdb:
You must login or register to view this content.
I went through every single xref to G_Spawn and all the other ones looked nothing like the one from cod 4. And this one looks a lot like it so we can conclude that this is a really high chance that we found the right address. We can't be 100% sure but I am really positive it is correct. Now you can do the same thing for every other address that you want to find. Also it is a better idea to find more basic addresses such as g_entity, and level_locals_t to help you eliminate the bad addresses.
I hope you all enjoyed this tutorial and I hope all of you will be able to find addresses on your own!
Now I am going to make a tutorial to help you easily update addresses when new title updates are released instead of doing this every time for each address!
Let's get started.
Alright. To do this we will be making an IDC Script that will automatically update the addresses that you found for you.
Right now what we need opened is the call of duty .elf of which ever one you are using. As always, I will be using CoD Ghosts. So open up the elf in IDA PRO and HxD Editor. So for example, I wan't to update Key_IsDown for a future update on the game. The address for the current update is: 0x0018E0B8. So what we will do is go to that address in IDA like so:
You must login or register to view this content.
Now what we need to look for is 'unique' bytes. This is a certain sequence of bytes that are semi-close to the address you wan't to update. What is good about these bytes is that if they are the only ones in the whole elf, then the chances of them being the only ones in the next update is high. So I'm going to scroll down a little bit until I spot some unique bytes. Remember not to use common addresses such as li, lis, b, bne, beq. Use more rare ones like ori and things like that. So now I will look for them. Ok I found some good unique bytes. The ppc line that I found is:
sradi r4, r4, 0x3F
I will explain to you about this line of ppc. The first operand is the target register that will hold the result. The second operand is the register that will contain the shift operation. The third operand is the shift value.
This is a really good line that will probaly be the same for a few updates! So now I'm going to click on Hex View-A on IDA and copy the first 8-bytes. Now go in to HxD editor with the elf and press CTRL + F. Put the combo box on Hex Values and set the direction to All. Now search your unique bytes. It will find them but then you want to press F3 to see if they will find it again. If it is found again then it is not unique bytes. But if it does not find it then you have some unique bytes.
So now that we got the unique bytes, we are ready to start coding an IDC script! We will start off with a function to label functions in IDA! Here it is:
static searchBinary(name, binary, offset, length)
{
auto currentAddress, lastAddress;
for(currentAddress=0; currentAddress != BADADDR; currentAddress=currentAddress+4)
{
currentAddress = FindBinary(currentAddress, SEARCH_DOWN, binary);
if(currentAddress == BADADDR)
{
Message("%s not found!\n", name);
break;
}
currentAddress = currentAddress - offset;
MakeUnknown(currentAddress, length, 0);
MakeCode(currentAddress);
MakeFunction(currentAddress, currentAddress + length);
if(MakeNameEx(currentAddress, name, SN_NOCHECK|SN_NOWARN) != 1)
MakeNameEx(currentAddress, name, 0);
Message("\t%s offset: 0x%08X\n", name, currentAddress);
break;
}
}
So put that in Notepad++. Now we need to call this function. The offset is the address where you found the unique bytes, minus the address of the function (Key_IsDown). So it will be like this:
searchBinary("Key_IsDown", "7C 84 FE 76 98 A3 00 01", "0xFFFFFFFFFFFFFD4C", 0x1B
;
So now let's put this all together into a working IDC script:
#include <idc.idc>
static searchBinary(name, binary, offset, length)
{
auto currentAddress, lastAddress;
for(currentAddress=0; currentAddress != BADADDR; currentAddress=currentAddress+4)
{
currentAddress = FindBinary(currentAddress, SEARCH_DOWN, binary);
if(currentAddress == BADADDR)
{
Message("%s not found!\n", name);
break;
}
currentAddress = currentAddress - offset;
MakeUnknown(currentAddress, length, 0);
MakeCode(currentAddress);
MakeFunction(currentAddress, currentAddress + length);
if(MakeNameEx(currentAddress, name, SN_NOCHECK|SN_NOWARN) != 1)
MakeNameEx(currentAddress, name, 0);
Message("\t%s offset: 0x%08X\n", name, currentAddress);
break;
}
}
static find()
{
searchBinary("Key_IsDown", "7C 84 FE 76 98 A3 00 01", "0xFFFFFFFFFFFFFD4C", 0x1B;
}
static main()
{
find();
return 0;
}
So now make a .txt file with you IDC script in it. And then save it to whatever you wan't to call it. Now rename the extension so that it is a .idc file NOT a .txt file. And then load IDA with the NEW update elf and this is how you load an idc file into IDA:
You must login or register to view this content.
And then it will label it so you can search it in the functions window :p
I hope you all found this whole tutorial useful and I hope you have learned to find your own addresses. Remember this will work for all addresses! If you need anything else you can add my skype: notoriousxhacker
Provided Downloads:
COD4 PDB: You must login or register to view this content.
Virus Scan: You must login or register to view this content.
~Notorious
Last edited by
Notorious ; 06-22-2014 at 05:46 PM.
The following 49 users say thank you to Notorious for this useful post:
-JM-, {H} | Exception, One, A Friend, ALI ALHILFI, Azus, bhoot-iq, Bigmoneyhustlin, BISOON, Boliberrys, Bradosty, EG6, Geo, HiddenHour, Im Not Boobdidas, ImAzazel, iTпDM, Yenix, Jannik007, kainer wainer, LBK, M4K3VELi7-, Mango_Knife, Mawndo, MegaMister, milky4444, Mx444, Nana, NickBeHaxing, NotALegitPlayer, Red_TOMATO__, RouletteBoi, SHAkA, SnaY, Swaqq, Swifter, SyGnUs, Tipton_Modz, TotalModzHD, uykjtrhgewa, Laser, Fatality, xPAQz, zRayz-
06-25-2014, 02:57 PM
#13
Black Panther
Guest
Originally posted by Prime
Hello NGU,
Today I want to make a good tutorial on how to find addresses for all call of duties! I know that a lot of people would like to know how to find them but they just don't know how! So today I will teach all of the people how to do this. Some of the addresses are plain and simple, others take some time to find. I will also provide a little tutorial on how to update them for a new update easier than finding them over again by using an IDC Script. So let's get started.
Things Needed:
A Brain (not provided )
IDA Pro w/ PS3 Plugins(google it, or skype me: notoriousxhacker)
HxD Editor (google it)
Your cod's .elf (provided a ghost's .elf)
cod4 pdb (provided)
So first off let's open up everything we need to use. So we will need to open up: whatever .elf your using (im using ghosts), cod4 pdb, open both with IDA PRO!
So right now we need to go into the elf we are using (I'm using ghosts) and we need to open up the string's window.
If the string's window is not on your desktop already then this is how you do it:
You must login or register to view this content.
Now, the only window's that we need open are: Strings window, IDA View-A, Hex View-A.
So once you only have those on your desktop, it is a good idea to save your desktop so that every time you load IDA it will have those 3 windows automatically opened. This is how you do it:
You must login or register to view this content.
You must login or register to view this content.
So now when you have everything all set, and you are in the call of duties elf that you chose, you need to go in the strings window. What we are doing now is going to get some basic addresses that we can find in all cod's by searching strings. So now let's search for:
"G_Spawn: no free entities"
Now double click the string and now look:
You must login or register to view this content.
Now it will be a good idea to double click the address so you can view the function like this:
You must login or register to view this content.
So now that you have a good look at the function, you should click on the address and press 'N'. This will bring up a box so that you can rename it to anything. But since this is the G_Spawn Address, we should name it "G_Spawn"!
Like so:
You must login or register to view this content.
Now we have found and labeled G_Spawn. This will now help us find more addresses! You can press X on the address to bring up a list of functions where that address is shown. G_Spawn is in some cool functions such as GScr_SpawnHelicopter and things like that :p but now if we are going to look for GScr_SpawnHelicopter, we should view the full function in the cod4 pdb. This will help us find it in the other call of duty (ghost). We will be able to tell if it is correct by looking at the powerpc instructions and seeing if they are similar to the function in the cod4 pdb. So go into the cod4 pdb ann search for the function "GScr_SpawnHelicopter" and then double click the function and it will
look like this:
You must login or register to view this content.
You must login or register to view this content.
As you can see, G_Spawn is being called at some point in the function GScr_SpawnHelicopter. So now by us knowing the G_Spawn address, we are able to find GScr_SpawnHelicopter! But it is not going to be extremely easy. We will have to comapre each function that has G_Spawn in it to the function we are looking for (GScr_SpawnHelicopter) in the cod4 pdb. So let's get started. We will now go to the G_Spawn address and press X on it. It will look something like this:
You must login or register to view this content.
This is showing all of the cross references to G_Spawn. Now when we double click on the first cross reference mine will look like this:
You must login or register to view this content.
Now scroll up in this tutorial a bit to take a look at the GScr_SpawnHelicopter function in the cod4 pdb, or just look at the cod4pdb you have open in IDA. (I'm not going to keep posting pics of the same function, just keep looking back)
Notice how this first xref to G_Spawn in ghost's does not call as much addresses as in the cod 4 pdb function. And also the ghost one calls G_Spawn first. Those 2 symbols can make us come to a conclusion that this first xref is not GScr_SpawnHelicopter. Also another symbol is that in the cod4 pdb the function loads 0 then 1 then 2 then 3 then 4 into r3. And in the ghosts function that we are in, it does not look anything like that. Problem solved, this function we are in is not GScr_SpawnHelicopter. So let's take a look at the second xref to G_Spawn:
You must login or register to view this content.
Notice how that function looks nothing like the one in the cod4 pdb, therefore this is not the address we are looking for. I will now keep comparing them until I get something that looks really similar to the cod4 pdb function. (I'm not going to keep posting pics I will jump to the correct address now, hopefully you guy's understand on how to compare them.)
So now here is the function that looks most similar to the one in the cod4 pdb:
You must login or register to view this content.
I went through every single xref to G_Spawn and all the other ones looked nothing like the one from cod 4. And this one looks a lot like it so we can conclude that this is a really high chance that we found the right address. We can't be 100% sure but I am really positive it is correct. Now you can do the same thing for every other address that you want to find. Also it is a better idea to find more basic addresses such as g_entity, and level_locals_t to help you eliminate the bad addresses.
I hope you all enjoyed this tutorial and I hope all of you will be able to find addresses on your own!
Now I am going to make a tutorial to help you easily update addresses when new title updates are released instead of doing this every time for each address!
Let's get started.
Alright. To do this we will be making an IDC Script that will automatically update the addresses that you found for you.
Right now what we need opened is the call of duty .elf of which ever one you are using. As always, I will be using CoD Ghosts. So open up the elf in IDA PRO and HxD Editor. So for example, I wan't to update Key_IsDown for a future update on the game. The address for the current update is: 0x0018E0B8. So what we will do is go to that address in IDA like so:
You must login or register to view this content.
Now what we need to look for is 'unique' bytes. This is a certain sequence of bytes that are semi-close to the address you wan't to update. What is good about these bytes is that if they are the only ones in the whole elf, then the chances of them being the only ones in the next update is high. So I'm going to scroll down a little bit until I spot some unique bytes. Remember not to use common addresses such as li, lis, b, bne, beq. Use more rare ones like ori and things like that. So now I will look for them. Ok I found some good unique bytes. The ppc line that I found is:
sradi r4, r4, 0x3F
I will explain to you about this line of ppc. The first operand is the target register that will hold the result. The second operand is the register that will contain the shift operation. The third operand is the shift value.
This is a really good line that will probaly be the same for a few updates! So now I'm going to click on Hex View-A on IDA and copy the first 8-bytes. Now go in to HxD editor with the elf and press CTRL + F. Put the combo box on Hex Values and set the direction to All. Now search your unique bytes. It will find them but then you want to press F3 to see if they will find it again. If it is found again then it is not unique bytes. But if it does not find it then you have some unique bytes.
So now that we got the unique bytes, we are ready to start coding an IDC script! We will start off with a function to label functions in IDA! Here it is:
So put that in Notepad++. Now we need to call this function. The offset is the address where you found the unique bytes, minus the address of the function (Key_IsDown). So it will be like this:
So now let's put this all together into a working IDC script:
So now make a .txt file with you IDC script in it. And then save it to whatever you wan't to call it. Now rename the extension so that it is a .idc file NOT a .txt file. And then load IDA with the NEW update elf and this is how you load an idc file into IDA:
You must login or register to view this content.
And then it will label it so you can search it in the functions window :p
I hope you all found this whole tutorial useful and I hope you have learned to find your own addresses. Remember this will work for all addresses! If you need anything else you can add my skype: notoriousxhacker
Provided Downloads:
COD4 PDB: You must login or register to view this content.
Virus Scan: You must login or register to view this content.
~Notorious
Today I want to make a good tutorial on how to find addresses for all call of duties! I know that a lot of people would like to know how to find them but they just don't know how! So today I will teach all of the people how to do this. Some of the addresses are plain and simple, others take some time to find. I will also provide a little tutorial on how to update them for a new update easier than finding them over again by using an IDC Script. So let's get started.
Things Needed:
A Brain (not provided
)IDA Pro w/ PS3 Plugins(google it, or skype me: notoriousxhacker)
HxD Editor (google it)
Your cod's .elf (provided a ghost's .elf)
cod4 pdb (provided)
So first off let's open up everything we need to use. So we will need to open up: whatever .elf your using (im using ghosts), cod4 pdb, open both with IDA PRO!
So right now we need to go into the elf we are using (I'm using ghosts) and we need to open up the string's window.
If the string's window is not on your desktop already then this is how you do it:
You must login or register to view this content.
Now, the only window's that we need open are: Strings window, IDA View-A, Hex View-A.
So once you only have those on your desktop, it is a good idea to save your desktop so that every time you load IDA it will have those 3 windows automatically opened. This is how you do it:
You must login or register to view this content.
You must login or register to view this content.
So now when you have everything all set, and you are in the call of duties elf that you chose, you need to go in the strings window. What we are doing now is going to get some basic addresses that we can find in all cod's by searching strings. So now let's search for:
"G_Spawn: no free entities"
Now double click the string and now look:
You must login or register to view this content.
Now it will be a good idea to double click the address so you can view the function like this:
You must login or register to view this content.
So now that you have a good look at the function, you should click on the address and press 'N'. This will bring up a box so that you can rename it to anything. But since this is the G_Spawn Address, we should name it "G_Spawn"!
Like so:
You must login or register to view this content.
Now we have found and labeled G_Spawn. This will now help us find more addresses! You can press X on the address to bring up a list of functions where that address is shown. G_Spawn is in some cool functions such as GScr_SpawnHelicopter and things like that :p but now if we are going to look for GScr_SpawnHelicopter, we should view the full function in the cod4 pdb. This will help us find it in the other call of duty (ghost). We will be able to tell if it is correct by looking at the powerpc instructions and seeing if they are similar to the function in the cod4 pdb. So go into the cod4 pdb ann search for the function "GScr_SpawnHelicopter" and then double click the function and it will
look like this:
You must login or register to view this content.
You must login or register to view this content.
As you can see, G_Spawn is being called at some point in the function GScr_SpawnHelicopter. So now by us knowing the G_Spawn address, we are able to find GScr_SpawnHelicopter! But it is not going to be extremely easy. We will have to comapre each function that has G_Spawn in it to the function we are looking for (GScr_SpawnHelicopter) in the cod4 pdb. So let's get started. We will now go to the G_Spawn address and press X on it. It will look something like this:
You must login or register to view this content.
This is showing all of the cross references to G_Spawn. Now when we double click on the first cross reference mine will look like this:
You must login or register to view this content.
Now scroll up in this tutorial a bit to take a look at the GScr_SpawnHelicopter function in the cod4 pdb, or just look at the cod4pdb you have open in IDA. (I'm not going to keep posting pics of the same function, just keep looking back)
Notice how this first xref to G_Spawn in ghost's does not call as much addresses as in the cod 4 pdb function. And also the ghost one calls G_Spawn first. Those 2 symbols can make us come to a conclusion that this first xref is not GScr_SpawnHelicopter. Also another symbol is that in the cod4 pdb the function loads 0 then 1 then 2 then 3 then 4 into r3. And in the ghosts function that we are in, it does not look anything like that. Problem solved, this function we are in is not GScr_SpawnHelicopter. So let's take a look at the second xref to G_Spawn:
You must login or register to view this content.
Notice how that function looks nothing like the one in the cod4 pdb, therefore this is not the address we are looking for. I will now keep comparing them until I get something that looks really similar to the cod4 pdb function. (I'm not going to keep posting pics I will jump to the correct address now, hopefully you guy's understand on how to compare them.)
So now here is the function that looks most similar to the one in the cod4 pdb:
You must login or register to view this content.
I went through every single xref to G_Spawn and all the other ones looked nothing like the one from cod 4. And this one looks a lot like it so we can conclude that this is a really high chance that we found the right address. We can't be 100% sure but I am really positive it is correct. Now you can do the same thing for every other address that you want to find. Also it is a better idea to find more basic addresses such as g_entity, and level_locals_t to help you eliminate the bad addresses.
I hope you all enjoyed this tutorial and I hope all of you will be able to find addresses on your own!
Now I am going to make a tutorial to help you easily update addresses when new title updates are released instead of doing this every time for each address!
Let's get started.
Alright. To do this we will be making an IDC Script that will automatically update the addresses that you found for you.
Right now what we need opened is the call of duty .elf of which ever one you are using. As always, I will be using CoD Ghosts. So open up the elf in IDA PRO and HxD Editor. So for example, I wan't to update Key_IsDown for a future update on the game. The address for the current update is: 0x0018E0B8. So what we will do is go to that address in IDA like so:
You must login or register to view this content.
Now what we need to look for is 'unique' bytes. This is a certain sequence of bytes that are semi-close to the address you wan't to update. What is good about these bytes is that if they are the only ones in the whole elf, then the chances of them being the only ones in the next update is high. So I'm going to scroll down a little bit until I spot some unique bytes. Remember not to use common addresses such as li, lis, b, bne, beq. Use more rare ones like ori and things like that. So now I will look for them. Ok I found some good unique bytes. The ppc line that I found is:
sradi r4, r4, 0x3F
I will explain to you about this line of ppc. The first operand is the target register that will hold the result. The second operand is the register that will contain the shift operation. The third operand is the shift value.
This is a really good line that will probaly be the same for a few updates! So now I'm going to click on Hex View-A on IDA and copy the first 8-bytes. Now go in to HxD editor with the elf and press CTRL + F. Put the combo box on Hex Values and set the direction to All. Now search your unique bytes. It will find them but then you want to press F3 to see if they will find it again. If it is found again then it is not unique bytes. But if it does not find it then you have some unique bytes.
So now that we got the unique bytes, we are ready to start coding an IDC script! We will start off with a function to label functions in IDA! Here it is:
static searchBinary(name, binary, offset, length)
{
auto currentAddress, lastAddress;
for(currentAddress=0; currentAddress != BADADDR; currentAddress=currentAddress+4)
{
currentAddress = FindBinary(currentAddress, SEARCH_DOWN, binary);
if(currentAddress == BADADDR)
{
Message("%s not found!\n", name);
break;
}
currentAddress = currentAddress - offset;
MakeUnknown(currentAddress, length, 0);
MakeCode(currentAddress);
MakeFunction(currentAddress, currentAddress + length);
if(MakeNameEx(currentAddress, name, SN_NOCHECK|SN_NOWARN) != 1)
MakeNameEx(currentAddress, name, 0);
Message("\t%s offset: 0x%08X\n", name, currentAddress);
break;
}
}
So put that in Notepad++. Now we need to call this function. The offset is the address where you found the unique bytes, minus the address of the function (Key_IsDown). So it will be like this:
searchBinary("Key_IsDown", "7C 84 FE 76 98 A3 00 01", "0xFFFFFFFFFFFFFD4C", 0x1B;
So now let's put this all together into a working IDC script:
#include <idc.idc>
static searchBinary(name, binary, offset, length)
{
auto currentAddress, lastAddress;
for(currentAddress=0; currentAddress != BADADDR; currentAddress=currentAddress+4)
{
currentAddress = FindBinary(currentAddress, SEARCH_DOWN, binary);
if(currentAddress == BADADDR)
{
Message("%s not found!\n", name);
break;
}
currentAddress = currentAddress - offset;
MakeUnknown(currentAddress, length, 0);
MakeCode(currentAddress);
MakeFunction(currentAddress, currentAddress + length);
if(MakeNameEx(currentAddress, name, SN_NOCHECK|SN_NOWARN) != 1)
MakeNameEx(currentAddress, name, 0);
Message("\t%s offset: 0x%08X\n", name, currentAddress);
break;
}
}
static find()
{
searchBinary("Key_IsDown", "7C 84 FE 76 98 A3 00 01", "0xFFFFFFFFFFFFFD4C", 0x1B;
}
static main()
{
find();
return 0;
}
So now make a .txt file with you IDC script in it. And then save it to whatever you wan't to call it. Now rename the extension so that it is a .idc file NOT a .txt file. And then load IDA with the NEW update elf and this is how you load an idc file into IDA:
You must login or register to view this content.
And then it will label it so you can search it in the functions window :p
I hope you all found this whole tutorial useful and I hope you have learned to find your own addresses. Remember this will work for all addresses! If you need anything else you can add my skype: notoriousxhacker
Provided Downloads:
COD4 PDB: You must login or register to view this content.
Virus Scan: You must login or register to view this content.
~Notorious
This shouldn't be in this section. Lol but nuice threaad
Copyright © 2024, NextGenUpdate.
All Rights Reserved.
