(adsbygoogle = window.adsbygoogle || []).push({}); You must login or register to view this content.

After noticing that not to many people know how to inject GSC without RPC I figured I would make this thread on it.

This is nothing new, but I rather do it this way then using RPC for something so simple. The first thing you need is to get the address of where the ScriptParseTree begins in the assets pool.

This is the basic structure of the ScriptParseTree -

    

struct ScriptParseTree

{

  const char *name;

  int len;

  char *buffer;

};

The first thing in the structure is the pointer to the name, then the size of the GSC, lastly is the pointer to the buffer which is basically the data of the GSC itself. What you are looking to change is the pointer to the buffer to the location of your injected GSC.

I have not really bothered changing the len to the new size of the injected GSC, but on Advanced Warfare I noticed that if it wasn't updated then the changes wouldn't take place for some reason, but that doesn't appear happen on BOII so your choice really.

So once you have injected your GSC to a empty address. Here is the typical address I have been seeing people use to inject a GSC to is - 0x10040000 .

After you have injected it you want to change the old pointer to the buffer to the location of where yours is, in this case it would be - 0x10040000 .

Keep in mind this should all be done outside of a game like in the pre-game lobby, as if you are in-game you are going to freeze.

Since many of you won't know where to find the location of the ScriptParseTree I just made a app to get the info for all the files in the ScriptParseTree.

You must login or register to view this content.

Download:

You must login or register to view this content.

Virus-Scan:

You must login or register to view this content.

In any case if you don't want to use the app here are the address's I dumped with it. Also if anyone can dump the XBOX ones for MP and Zombies and post it here I would appreciate it.

Here are the addresses for PS3:

You must login or register to view this content.

You must login or register to view this content.

Here are the addresses for XBOX:

You must login or register to view this content.

You must login or register to view this content.

I was originally going to post a sample app for injecting the GSC and compiling it, but the original one I did was in C++ and most of the people on here are programming in C# so no point, but I may add one written in C# if I get around to it.

Since I didn't write and app for you guys I'll show how you can change the original pointer to the buffer to yours -

    

In your app, your going to want to do something like this to replace the original pointer to the buffer - 



PS3.SetMemory(0x140C2D0, new byte[] { 0x10, 0x04, 0x00, 0x00 }); //maps/mp/_development_dvars.gsc pointer



or for XBOX



Jtag.SetMemory(0x831EBC80, new byte[] { 0x40, 0x30, 0x00, 0x00 }); //maps/mp/_development_dvars.gsc pointer



To inject the GSC you can do something like this - 



OpenFileDialog OpenFileDialog = new OpenFileDialog();

OpenFileDialog.Filter = "GSC Files (*.gsc)|*.gsc";

if (OpenFileDialog.ShowDialog() == DialogResult.OK)

{

    FileStream fs = new FileStream(OpenFileDialog.FileName, FileMode.Open);

    BinaryReader br = new BinaryReader(fs);



    byte[] buffer = br.ReadBytes((int)fs.Length);

    PS3.SetMemory(0x10040000, buffer); //Location of your injected GSC.

   

    //XBOX

    Jtag.SetMemory(0x40300000, buffer);



    fs.Close();

    br.Close();

}



Then in-case you want to reset it to the original GSC you just replace the pointer with the original address of the buffer like this - 



PS3.SetMemory(0x140C2D0, new byte[] { 0x30, 0x45, 0xE8, 0x20 });

The code is tested by me and works fine.

Note I meant to post this sometime back but I got bored of BO2 so I didn't get a chance to, so I am doing it now.

Credits:

codresearch.com
dxt12

So does the tool work on xbox? If it does can you post the files you get from it when you dump zombies or mp?

You must login or register to view this content.

You must login or register to view this content.

Both work.

You must login or register to view this content.

You must login or register to view this content.

Has anyone got a retriever like the console one just for pc?