Post: IDC Generator v0.0.3 - Bitwise
Options
03-16-2014, 08:47 PM
#1
Bitwise
Mario!
This is nothing special, just a tool I wiped up for a better interference when creating an IDC Script. I was going to add a-ton more, but want to leave this project on the side-walk for awhile, while I deal with afew other things.
How do I use an IDC Script?
Simple, while in IDA, you click "File->Script File..." (Hotkey = win7: alt+f7 win8: fn+alt+f7) and simply open "filenamehere.idc", and the script can be executed. Very useful for updating offsets quickly upon a new TU aslong as the binary patterns you used didn't change.
Why is the downloaded IDC script empty?
I am still working on it. I don't see why its messing up myself...just doesn't want to do it. I may fix in v0.0.3
Whats in the application?
Now, for everyone who knew this project was construction; I ditched my own syntax highlighting method, It was good and all, but lagged so much and wasn't that good. So I used someone else's method, but personalized alot for this App.
Download: You must login or register to view this content.
Pictures:
v0.0.2
You must login or register to view this content.
You must login or register to view this content.
You must login or register to view this content.
You must login or register to view this content.
You must login or register to view this content.
You must login or register to view this content.
v0.0.3
You must login or register to view this content.
You must login or register to view this content.
You must login or register to view this content.
Virus scan: You must login or register to view this content.
Credits;
B1TW153 Creating the tool and about 95% off inside it
Leumonic Creating the GUI and FTP class
I thought I'd never say anything like this on a thread...but care to donate? Will help me a-ton on everything I do, keeps me motivated too. If you do want to donate, just PM
Update Log
v0.0.2
v0.0.3
Here is an IDC Script I created using my own IDE. It makes it so much easier scripting in it.
Please note, I couldn't care about the things grabbed. I care more on the functions I created to do everything with such easy. (Also, note that those binary patterns are for xbox...
)
Here is the output (on xbox)
How do I use an IDC Script?
Simple, while in IDA, you click "File->Script File..." (Hotkey = win7: alt+f7 win8: fn+alt+f7) and simply open "filenamehere.idc", and the script can be executed. Very useful for updating offsets quickly upon a new TU aslong as the binary patterns you used didn't change.
Why is the downloaded IDC script empty?
I am still working on it. I don't see why its messing up myself...just doesn't want to do it. I may fix in v0.0.3
Whats in the application?
- Open an IDC Script
- Save an IDC Script
- Upload an IDC Script
- Delete current Uploaded IDC Script
- Download IDC Script
- Preset code to start you off on your script
- Syntax highlighting for the IDC language
- Auto updating system
Now, for everyone who knew this project was construction; I ditched my own syntax highlighting method, It was good and all, but lagged so much and wasn't that good. So I used someone else's method, but personalized alot for this App.
Download: You must login or register to view this content.
Pictures:
v0.0.2
You must login or register to view this content.
You must login or register to view this content.
You must login or register to view this content.
You must login or register to view this content.
You must login or register to view this content.
You must login or register to view this content.
v0.0.3
You must login or register to view this content.
You must login or register to view this content.
You must login or register to view this content.
Virus scan: You must login or register to view this content.
Credits;
B1TW153 Creating the tool and about 95% off inside it
Leumonic Creating the GUI and FTP class
I thought I'd never say anything like this on a thread...but care to donate? Will help me a-ton on everything I do, keeps me motivated too. If you do want to donate, just PM
Update Log
v0.0.2
- Open an IDC Script
- Save an IDC Script
- Upload an IDC Script
- Delete current Uploaded IDC Script
- Download IDC Script
- Preset code to start you off on your script
- Syntax highlighting for the IDC language
- Auto updating system
v0.0.3
- Hotkeys (see You must login or register to view this content.)
- Line Counting
- VS-Like Brace Collapsing
- Donate Feature (optional use, would appreciate if you clicked it and sent atleast $5
(Also, if your Geo-IP is located in the UK, you donate in pounds. If not, you pay in dollars))
- Features to modify your experience with the IDE
- Click on "AIM" and it will IM me a message (not custom, one by default) and if I am on I will reply and try to help with whatever is wrong.
- ICON! XD
Here is an IDC Script I created using my own IDE. It makes it so much easier scripting in it.
#include<idc.idc>
extern function, byte, address, value;
static LabelFunction(name,binary,functionname)
{
for(function=0;function != BADADDR;function = function + 0x04)
{
function = FindBinary(function,SEARCH_DOWN,binary);
Message(".:
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@::.\n\nTrying to find function %s with binary ['%s']...\n", name, binary);
Sleep(250);
if(function == BADADDR)
{
Warning("%s could not be found in memory (%08X)\n", name, BADADDR);
Message("%s failed...\n", name);
break;
}
else
{
//Message("%s\n", GetDisasm(function));
auto math = GetFunctionAttr(function, FUNCATTR_START);
MakeUnknown(math, GetFunctionAttr(math, FUNCATTR_END), 0x00);
SetStatus(1);
MakeCode(math);
MakeFunction(math, GetFunctionAttr(math, FUNCATTR_END));
MakeNameEx(math, name, 0x00);
SetStatus(0);
MakeRptCmt(math, sprintf("%s found in memory at %08X #bitwisehax", name, DecodeInstruction(math).ea));
if(GetCharPrm(INF_COMPILER) != COMP_MS) // Thanks to Dwack
{
SetCharPrm(INF_COMPILER, COMP_MS);
}
SetType(math, sprintf("%s;", functionname));
Jump(math);
SetStatus(1);
Message("%s found in memory (%08X)\nDeclariation:\n\t%s\n\n\n", name, math, GetType(math));
SetStatus(0);
break;
}
}
}
#define ADD 1
#define MINUS 2
#define TRUE 1
#define FALSE 0
#define FIRST_OPERAND 0
#define SECOND_OPERAND 1
#define THIRD_OPERAND 2
#define FORTH_OPERAND 3
#define FITH_OPERAND 4
static test()
{
auto test;
for(test=0;test!=BADADDR;test=test+0x04)
{
test = FindBinary(test,SEARCH_DOWN,"%c %i");
Message("crap found at %08X " + atoa(GetCharPrm(INF_XREFS)) + "\n", test);
break;
}
}
static EPTest(start, id, print)
{
auto gay;
for(gay=start;gay!=BADADDR;gay=gay+0x04)
{
Message("Trying to find the ep...");
if(start == BADADDR || gay == BADADDR)
{
Message("EP not found\n");
break;
}
else
{
gay = FindText(gay,SEARCH_DOWN,0,0,id);
if(print == TRUE)
{
Message("EP Found!\n\t0x%08X\n\n", gay);
return gay;
break;
}
else
{
return gay;
break;
}
}
}
}
static GetValue(binary, oper, aom, offset, print)
{
for(value=0;value!=BADADDR;value=value+0x04)
{
value = FindBinary(value,SEARCH_DOWN,binary);
if(value == BADADDR || GetOperandValue((aom == ADD) ? value + offset : value - offset, oper) == BADADDR)
{
Message("Value could not be grabbed!\n");
break;
}
else
{
auto math = (aom == ADD ? value + offset : value - offset);
if(print == TRUE)
{
if(GetOpType(math,oper) == 1) { Message("Operand %i is a GPR! Register is r%i\n", oper + 1, GetOperandValue(math, oper)); }
if(GetOpType(math,oper) == 2) { Message("Operand %i is a Memory Referance! Referance is %08X\n", oper + 1, GetOperandValue(math, oper)); }
if(GetOpType(math,oper) >= 5) { Message("Operand %i is an Immediate! Value is %08X\n", oper + 1, GetOperandValue(math, oper)); }
if(GetOpType(math,oper) == 
{ Message("Operand %i is a FPR! Register is fp%i\n", oper + 1, GetOperandValue(math, oper)); }
return GetOperandValue(math,oper);
break;
}
else
{
return GetOperandValue(math,oper);
break;
}
}
}
}
static LabelEP(name, binary, aom, offset)
{
for(byte=0;byte != BADADDR;byte = byte + 0x04)
{
byte = FindBinary(byte,SEARCH_DOWN,binary);
if(byte == BADADDR)
{
Warning("%s not found in memory (%08X)\n", name, BADADDR);
Message("%s failed...\n", name);
break;
}
else
{
auto addr = (aom == 1) ? byte + offset : byte - offset;
if(CheckBpt(addr) == -1 || CheckBpt(addr) == 0)
{
AddBptEx(addr, 0x00, BPT_SOFT);
}
Message("%s found in memory. Jump to %08X and %s will be highlighted with a bp!\n", name, addr, name);
Jump(addr);
MakeRptCmt(addr, sprintf("%s EP found at %08X (%s is the dword_address or qword_address ect...) #bitwisehax", name, addr, name));
break;
}
}
}
static getStructureSize(ps)
{
auto test;
for(test=0;test != BADADDR;test = test + 0x04)
{
test = FindBinary(test,SEARCH_DOWN,(ps == "ps") ? "7F A3 EB 78 38 80 00 00 83 6B 00 0C 93 7F 05 34" : "55 07 38 30 38 CB 01 64 7C 67 30 2E 2B 03 00 00");
auto ret = (ps == "ps") ? GetOperandValue(test + 0x60, 2) : atol(sprintf("%X%X0", GetOperandValue(test + 0x8, 2), GetOperandValue(test + 0x12, 2)));
return ret;
}
}
static main()
{
Message("IDC Script created by Bitwise has been executed!\n\nCurrent file that has been disassembled ['%s']\n\n", GetInputFile());
Sleep(1000);
LabelFunction("SV_GameSendServerCommand", " 7D 69 40 2E 7D 43 51 D6 7C 6A 5A 14", "void __cdecl SV_GameSendServerCommand(__int32 clientIndex, unsigned __int32 type, const char*fmt)");
LabelFunction("SV_DropClient", "60 E6 FA 00 7D 69 40 2E 7D 43 31 D6 7C 6A 5A 14", "void __cdecl SV_GameDropClient(__int32 clientIndex, const char*fmt)");
LabelFunction("SV_SendServerCommand", "61 6A 7E 8C 7F FF 8A 14 7D 38 50 2E 7F 13 48 00", "void __cdecl SV_SendServerCommand(__int32 client_s, unsigned int type, const char*fmt)");
LabelFunction("AntiCheat_reportConsoleDetails", "7C 78 1B 78 90 7F 00 F4 7C 94 23 78 7C BD 2B 78", "void __cdecl AntiCheat_reportConsoleDetails(int r3, int r4, int r5, int r6, int r7, int r8, int r9, int r10)");
LabelFunction("AntiCheat_awnserChallenges", "7C 7C 1B 78 90 7F 00 A4 7C 9B 23 78 7C BD 2B 78", "void __cdecl AntiCheat_awnserChallenges(int r3, int r4, int r5, int r6, int r7, int r8, int r9, int r10)");
LabelFunction("AntiCheat_consoleID", "94 21 FF 90 39 60 00 08 7C 7F 1B 78 7C 9E 23 78", "void __cdecl AntiCheat_consoleID(int r3, int r4)");
LabelFunction("GScr_Earthquake", "38 21 00 90 81 81 FF F8 7D 88 03 A6 CB A1 FF D8", "void __cdecl GScr_Earhtquake(float*scale, int duration, float*source, int radius)");
LabelEP("gentity_s", "55 07 38 30 38 CB 01 64 7C 67 30 2E 2B 03 00 00", MINUS, 0x14);
Message("Structure size: 0x280\n");
LabelEP("playerState_s", "7F A3 EB 78 38 80 00 00 83 6B 00 0C 93 7F 05 34", MINUS, 0x1;
Message("Structure size: 0x%04X\n", getStructureSize("ps"));
//Message("playerstate; %08X\n", EPTest(0x832D0000, "+3D8", FALSE));
LabelEP("client_s", "7D 69 40 2E 7D 43 51 D6 7C 6A 5A 14", MINUS, 0x20);
Message("client_s + 0x%02X%04X + (clientIndex * ", GetValue("7D 69 40 2E 7D 43 51 D6 7C 6A 5A 14", SECOND_OPERAND, MINUS, 0x1C, FALSE), GetValue("7D 69 40 2E 7D 43 51 D6 7C 6A 5A 14", THIRD_OPERAND, MINUS, 0x14, FALSE));
Message("/*Structure size: */0x%i%04X)\n", GetValue("7D 69 40 2E 7D 43 51 D6 7C 6A 5A 14", SECOND_OPERAND, MINUS, 0x10, FALSE), GetValue("7D 69 40 2E 7D 43 51 D6 7C 6A 5A 14", THIRD_OPERAND, MINUS, 0x8, FALSE));
LabelEP("Unknown EP", "7D 4B 20 2E 7D 49 07 B4 F9 21 00 50 C9 81 00 50", MINUS, 0x1C);
Message("Structure size: 0x%X%04X\n", GetValue("7D 4B 20 2E 7D 49 07 B4 F9 21 00 50 C9 81 00 50", SECOND_OPERAND, MINUS, 0x68, FALSE), GetValue("7D 4B 20 2E 7D 49 07 B4 F9 21 00 50 C9 81 00 50", THIRD_OPERAND, MINUS, 0x60, FALSE));
//GetValue("7F A3 EB 78 38 80 00 00 83 6B 00 0C 93 7F 05 34",FIRST_OPERAND, MINUS, 0x18, TRUE);
}
Please note, I couldn't care about the things grabbed. I care more on the functions I created to do everything with such easy. (Also, note that those binary patterns are for xbox...
)Here is the output (on xbox)
IDC Script created by Bitwise has been executed!
Current file that has been disassembled ['ghosts_tu10.xex']
.:@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@::.
Trying to find function SV_GameSendServerCommand with binary [' 7D 69 40 2E 7D 43 51 D6 7C 6A 5A 14']...
SV_GameSendServerCommand found in memory (824D149
Declariation:
void __cdecl(__int32 clientIndex, unsigned __int32 type, const char *fmt)
.:@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@::.
Trying to find function SV_DropClient with binary ['60 E6 FA 00 7D 69 40 2E 7D 43 31 D6 7C 6A 5A 14']...
SV_DropClient found in memory (824D14E
Declariation:
void __cdecl(__int32 clientIndex, const char *fmt)
.:@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@::.
Trying to find function SV_SendServerCommand with binary ['61 6A 7E 8C 7F FF 8A 14 7D 38 50 2E 7F 13 48 00']...
SV_SendServerCommand found in memory (824D781
Declariation:
void __cdecl(__int32 client_s, unsigned int type, const char *fmt)
.:@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@::.
Trying to find function AntiCheat_reportConsoleDetails with binary ['7C 78 1B 78 90 7F 00 F4 7C 94 23 78 7C BD 2B 78']...
AntiCheat_reportConsoleDetails found in memory (827B44E0)
Declariation:
void __cdecl(int r3, int r4, int r5, int r6, int r7, int r8, int r9, int r10)
.:@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@::.
Trying to find function AntiCheat_awnserChallenges with binary ['7C 7C 1B 78 90 7F 00 A4 7C 9B 23 78 7C BD 2B 78']...
AntiCheat_awnserChallenges found in memory (827B429
Declariation:
void __cdecl(int r3, int r4, int r5, int r6, int r7, int r8, int r9, int r10)
.:@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@::.
Trying to find function AntiCheat_consoleID with binary ['94 21 FF 90 39 60 00 08 7C 7F 1B 78 7C 9E 23 78']...
AntiCheat_consoleID found in memory (827B9810)
Declariation:
void __cdecl(int r3, int r4)
.:@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@::.
Trying to find function GScr_Earthquake with binary ['38 21 00 90 81 81 FF F8 7D 88 03 A6 CB A1 FF D8']...
GScr_Earthquake found in memory (8240DAF0)
Declariation:
void __cdecl(float *scale, int duration, float *source, int radius)
gentity_s found in memory. Jump to 8215CD30 and gentity_s will be highlighted with a bp!
Structure size: 0x280
playerState_s found in memory. Jump to 823EF3A0 and playerState_s will be highlighted with a bp!
Structure size: 0x3700
client_s found in memory. Jump to 824D14B4 and client_s will be highlighted with a bp!
client_s + 0x207E90 + (clientIndex * /*Structure size: */0x6FA00)
Unknown EP found in memory. Jump to 82137E30 and Unknown EP will be highlighted with a bp!
Structure size: 0xC8880
Last edited by
Bitwise ; 03-16-2014 at 11:42 PM.
The following 5 users say thank you to Bitwise for this useful post:
03-17-2014, 06:13 AM
#11
-SuperMan
Krazy Weed
Threads Theses Days All Hate.
The Moment Someone Criticizes all hell break loose like its just a fucking game, and the fucking neg come on its just a number its not how long your dick is (Im not saying your a rep whore but come on) nor im saying anybodys a rep whore in this thread.
Yes Sometime The Criticism looks like hate but thats why you must not interpret it as hate.
Okay The Community Is Shit we All Know This But For Fuck Sake Come On Please Stop The Hate well i interpreted it as hate not all some posts.
Everybody knows me i do like to review things and give my honest opinion on it even it might hurt the product that the guy is might selling but right now i cant review why because if i dont know the product that is in front of me i cant do anything.
What i would say Why Don't we Make a Big Orgy Like Seriously a Big Ass Orgy, ill be going to the US in the near future i can bring the bitches you just come and bring some dope with you and let the modding community have fun.
The Moment Someone Criticizes all hell break loose like its just a fucking game, and the fucking neg come on its just a number its not how long your dick is (Im not saying your a rep whore but come on) nor im saying anybodys a rep whore in this thread.
Yes Sometime The Criticism looks like hate but thats why you must not interpret it as hate.
Okay The Community Is Shit we All Know This But For Fuck Sake Come On Please Stop The Hate well i interpreted it as hate not all some posts.
Everybody knows me i do like to review things and give my honest opinion on it even it might hurt the product that the guy is might selling but right now i cant review why because if i dont know the product that is in front of me i cant do anything.
What i would say Why Don't we Make a Big Orgy Like Seriously a Big Ass Orgy, ill be going to the US in the near future i can bring the bitches you just come and bring some dope with you and let the modding community have fun.
Last edited by
-SuperMan ; 03-17-2014 at 06:15 AM.
The following 2 users say thank you to -SuperMan for this useful post:
03-17-2014, 07:30 AM
#12
ErasedDev
Climbing up the ladder
Originally posted by SuperMan
Threads Theses Days All Hate.
The Moment Someone Criticizes all hell break loose like its just a fucking game, and the fucking neg come on its just a number its not how long your dick is (Im not saying your a rep whore but come on) nor im saying anybodys a rep whore in this thread.
Yes Sometime The Criticism looks like hate but thats why you must not interpret it as hate.
Okay The Community Is Shit we All Know This But For Fuck Sake Come On Please Stop The Hate well i interpreted it as hate not all some posts.
Everybody knows me i do like to review things and give my honest opinion on it even it might hurt the product that the guy is might selling but right now i cant review why because if i dont know the product that is in front of me i cant do anything.
What i would say Why Don't we Make a Big Orgy Like Seriously a Big Ass Orgy, ill be going to the US in the near future i can bring the bitches you just come and bring some dope with you and let the modding community have fun.
The Moment Someone Criticizes all hell break loose like its just a fucking game, and the fucking neg come on its just a number its not how long your dick is (Im not saying your a rep whore but come on) nor im saying anybodys a rep whore in this thread.
Yes Sometime The Criticism looks like hate but thats why you must not interpret it as hate.
Okay The Community Is Shit we All Know This But For Fuck Sake Come On Please Stop The Hate well i interpreted it as hate not all some posts.
Everybody knows me i do like to review things and give my honest opinion on it even it might hurt the product that the guy is might selling but right now i cant review why because if i dont know the product that is in front of me i cant do anything.
What i would say Why Don't we Make a Big Orgy Like Seriously a Big Ass Orgy, ill be going to the US in the near future i can bring the bitches you just come and bring some dope with you and let the modding community have fun.
You just went nut but anyways kinda made a point in here
03-17-2014, 08:31 AM
#14
Mango_Knife
In my man cave
Originally posted by B1TW153
This is nothing special, just a tool I wiped up for a better interference when creating an IDC Script. I was going to add a-ton more, but want to leave this project on the side-walk for awhile, while I deal with afew other things.
How do I use an IDC Script?
Simple, while in IDA, you click "File->Script File..." (Hotkey = win7: alt+f7 win8: fn+alt+f7) and simply open "filenamehere.idc", and the script can be executed. Very useful for updating offsets quickly upon a new TU aslong as the binary patterns you used didn't change.
Why is the downloaded IDC script empty?
I am still working on it. I don't see why its messing up myself...just doesn't want to do it. I may fix in v0.0.3
Whats in the application?
Now, for everyone who knew this project was construction; I ditched my own syntax highlighting method, It was good and all, but lagged so much and wasn't that good. So I used someone else's method, but personalized alot for this App.
Download: You must login or register to view this content.
Pictures:
v0.0.2
You must login or register to view this content.
You must login or register to view this content.
You must login or register to view this content.
You must login or register to view this content.
You must login or register to view this content.
You must login or register to view this content.
v0.0.3
You must login or register to view this content.
You must login or register to view this content.
You must login or register to view this content.
Virus scan: You must login or register to view this content.
Credits;
B1TW153 Creating the tool and about 95% off inside it
Leumonic Creating the GUI and FTP class
I thought I'd never say anything like this on a thread...but care to donate? Will help me a-ton on everything I do, keeps me motivated too. If you do want to donate, just PM
Update Log
v0.0.2
v0.0.3
Here is an IDC Script I created using my own IDE. It makes it so much easier scripting in it.
Please note, I couldn't care about the things grabbed. I care more on the functions I created to do everything with such easy. (Also, note that those binary patterns are for xbox...)
Here is the output (on xbox)
How do I use an IDC Script?
Simple, while in IDA, you click "File->Script File..." (Hotkey = win7: alt+f7 win8: fn+alt+f7) and simply open "filenamehere.idc", and the script can be executed. Very useful for updating offsets quickly upon a new TU aslong as the binary patterns you used didn't change.
Why is the downloaded IDC script empty?
I am still working on it. I don't see why its messing up myself...just doesn't want to do it. I may fix in v0.0.3
Whats in the application?
- Open an IDC Script
- Save an IDC Script
- Upload an IDC Script
- Delete current Uploaded IDC Script
- Download IDC Script
- Preset code to start you off on your script
- Syntax highlighting for the IDC language
- Auto updating system
Now, for everyone who knew this project was construction; I ditched my own syntax highlighting method, It was good and all, but lagged so much and wasn't that good. So I used someone else's method, but personalized alot for this App.
Download: You must login or register to view this content.
Pictures:
v0.0.2
You must login or register to view this content.
You must login or register to view this content.
You must login or register to view this content.
You must login or register to view this content.
You must login or register to view this content.
You must login or register to view this content.
v0.0.3
You must login or register to view this content.
You must login or register to view this content.
You must login or register to view this content.
Virus scan: You must login or register to view this content.
Credits;
B1TW153 Creating the tool and about 95% off inside it
Leumonic Creating the GUI and FTP class
I thought I'd never say anything like this on a thread...but care to donate? Will help me a-ton on everything I do, keeps me motivated too. If you do want to donate, just PM
Update Log
v0.0.2
- Open an IDC Script
- Save an IDC Script
- Upload an IDC Script
- Delete current Uploaded IDC Script
- Download IDC Script
- Preset code to start you off on your script
- Syntax highlighting for the IDC language
- Auto updating system
v0.0.3
- Hotkeys (see You must login or register to view this content.)
- Line Counting
- VS-Like Brace Collapsing
- Donate Feature (optional use, would appreciate if you clicked it and sent atleast $5 (Also, if your Geo-IP is located in the UK, you donate in pounds. If not, you pay in dollars))
- Features to modify your experience with the IDE
- Click on "AIM" and it will IM me a message (not custom, one by default) and if I am on I will reply and try to help with whatever is wrong.
- ICON! XD
Here is an IDC Script I created using my own IDE. It makes it so much easier scripting in it.
#include<idc.idc>
extern function, byte, address, value;
static LabelFunction(name,binary,functionname)
{
for(function=0;function != BADADDR;function = function + 0x04)
{
function = FindBinary(function,SEARCH_DOWN,binary);
Message(".:@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@::.\n\nTrying to find function %s with binary ['%s']...\n", name, binary);
Sleep(250);
if(function == BADADDR)
{
Warning("%s could not be found in memory (%08X)\n", name, BADADDR);
Message("%s failed...\n", name);
break;
}
else
{
//Message("%s\n", GetDisasm(function));
auto math = GetFunctionAttr(function, FUNCATTR_START);
MakeUnknown(math, GetFunctionAttr(math, FUNCATTR_END), 0x00);
SetStatus(1);
MakeCode(math);
MakeFunction(math, GetFunctionAttr(math, FUNCATTR_END));
MakeNameEx(math, name, 0x00);
SetStatus(0);
MakeRptCmt(math, sprintf("%s found in memory at %08X #bitwisehax", name, DecodeInstruction(math).ea));
if(GetCharPrm(INF_COMPILER) != COMP_MS) // Thanks to Dwack
{
SetCharPrm(INF_COMPILER, COMP_MS);
}
SetType(math, sprintf("%s;", functionname));
Jump(math);
SetStatus(1);
Message("%s found in memory (%08X)\nDeclariation:\n\t%s\n\n\n", name, math, GetType(math));
SetStatus(0);
break;
}
}
}
#define ADD 1
#define MINUS 2
#define TRUE 1
#define FALSE 0
#define FIRST_OPERAND 0
#define SECOND_OPERAND 1
#define THIRD_OPERAND 2
#define FORTH_OPERAND 3
#define FITH_OPERAND 4
static test()
{
auto test;
for(test=0;test!=BADADDR;test=test+0x04)
{
test = FindBinary(test,SEARCH_DOWN,"%c %i");
Message("crap found at %08X " + atoa(GetCharPrm(INF_XREFS)) + "\n", test);
break;
}
}
static EPTest(start, id, print)
{
auto gay;
for(gay=start;gay!=BADADDR;gay=gay+0x04)
{
Message("Trying to find the ep...");
if(start == BADADDR || gay == BADADDR)
{
Message("EP not found\n");
break;
}
else
{
gay = FindText(gay,SEARCH_DOWN,0,0,id);
if(print == TRUE)
{
Message("EP Found!\n\t0x%08X\n\n", gay);
return gay;
break;
}
else
{
return gay;
break;
}
}
}
}
static GetValue(binary, oper, aom, offset, print)
{
for(value=0;value!=BADADDR;value=value+0x04)
{
value = FindBinary(value,SEARCH_DOWN,binary);
if(value == BADADDR || GetOperandValue((aom == ADD) ? value + offset : value - offset, oper) == BADADDR)
{
Message("Value could not be grabbed!\n");
break;
}
else
{
auto math = (aom == ADD ? value + offset : value - offset);
if(print == TRUE)
{
if(GetOpType(math,oper) == 1) { Message("Operand %i is a GPR! Register is r%i\n", oper + 1, GetOperandValue(math, oper)); }
if(GetOpType(math,oper) == 2) { Message("Operand %i is a Memory Referance! Referance is %08X\n", oper + 1, GetOperandValue(math, oper)); }
if(GetOpType(math,oper) >= 5) { Message("Operand %i is an Immediate! Value is %08X\n", oper + 1, GetOperandValue(math, oper)); }
if(GetOpType(math,oper) == { Message("Operand %i is a FPR! Register is fp%i\n", oper + 1, GetOperandValue(math, oper)); }
return GetOperandValue(math,oper);
break;
}
else
{
return GetOperandValue(math,oper);
break;
}
}
}
}
static LabelEP(name, binary, aom, offset)
{
for(byte=0;byte != BADADDR;byte = byte + 0x04)
{
byte = FindBinary(byte,SEARCH_DOWN,binary);
if(byte == BADADDR)
{
Warning("%s not found in memory (%08X)\n", name, BADADDR);
Message("%s failed...\n", name);
break;
}
else
{
auto addr = (aom == 1) ? byte + offset : byte - offset;
if(CheckBpt(addr) == -1 || CheckBpt(addr) == 0)
{
AddBptEx(addr, 0x00, BPT_SOFT);
}
Message("%s found in memory. Jump to %08X and %s will be highlighted with a bp!\n", name, addr, name);
Jump(addr);
MakeRptCmt(addr, sprintf("%s EP found at %08X (%s is the dword_address or qword_address ect...) #bitwisehax", name, addr, name));
break;
}
}
}
static getStructureSize(ps)
{
auto test;
for(test=0;test != BADADDR;test = test + 0x04)
{
test = FindBinary(test,SEARCH_DOWN,(ps == "ps") ? "7F A3 EB 78 38 80 00 00 83 6B 00 0C 93 7F 05 34" : "55 07 38 30 38 CB 01 64 7C 67 30 2E 2B 03 00 00");
auto ret = (ps == "ps") ? GetOperandValue(test + 0x60, 2) : atol(sprintf("%X%X0", GetOperandValue(test + 0x8, 2), GetOperandValue(test + 0x12, 2)));
return ret;
}
}
static main()
{
Message("IDC Script created by Bitwise has been executed!\n\nCurrent file that has been disassembled ['%s']\n\n", GetInputFile());
Sleep(1000);
LabelFunction("SV_GameSendServerCommand", " 7D 69 40 2E 7D 43 51 D6 7C 6A 5A 14", "void __cdecl SV_GameSendServerCommand(__int32 clientIndex, unsigned __int32 type, const char*fmt)");
LabelFunction("SV_DropClient", "60 E6 FA 00 7D 69 40 2E 7D 43 31 D6 7C 6A 5A 14", "void __cdecl SV_GameDropClient(__int32 clientIndex, const char*fmt)");
LabelFunction("SV_SendServerCommand", "61 6A 7E 8C 7F FF 8A 14 7D 38 50 2E 7F 13 48 00", "void __cdecl SV_SendServerCommand(__int32 client_s, unsigned int type, const char*fmt)");
LabelFunction("AntiCheat_reportConsoleDetails", "7C 78 1B 78 90 7F 00 F4 7C 94 23 78 7C BD 2B 78", "void __cdecl AntiCheat_reportConsoleDetails(int r3, int r4, int r5, int r6, int r7, int r8, int r9, int r10)");
LabelFunction("AntiCheat_awnserChallenges", "7C 7C 1B 78 90 7F 00 A4 7C 9B 23 78 7C BD 2B 78", "void __cdecl AntiCheat_awnserChallenges(int r3, int r4, int r5, int r6, int r7, int r8, int r9, int r10)");
LabelFunction("AntiCheat_consoleID", "94 21 FF 90 39 60 00 08 7C 7F 1B 78 7C 9E 23 78", "void __cdecl AntiCheat_consoleID(int r3, int r4)");
LabelFunction("GScr_Earthquake", "38 21 00 90 81 81 FF F8 7D 88 03 A6 CB A1 FF D8", "void __cdecl GScr_Earhtquake(float*scale, int duration, float*source, int radius)");
LabelEP("gentity_s", "55 07 38 30 38 CB 01 64 7C 67 30 2E 2B 03 00 00", MINUS, 0x14);
Message("Structure size: 0x280\n");
LabelEP("playerState_s", "7F A3 EB 78 38 80 00 00 83 6B 00 0C 93 7F 05 34", MINUS, 0x1;
Message("Structure size: 0x%04X\n", getStructureSize("ps"));
//Message("playerstate; %08X\n", EPTest(0x832D0000, "+3D8", FALSE));
LabelEP("client_s", "7D 69 40 2E 7D 43 51 D6 7C 6A 5A 14", MINUS, 0x20);
Message("client_s + 0x%02X%04X + (clientIndex * ", GetValue("7D 69 40 2E 7D 43 51 D6 7C 6A 5A 14", SECOND_OPERAND, MINUS, 0x1C, FALSE), GetValue("7D 69 40 2E 7D 43 51 D6 7C 6A 5A 14", THIRD_OPERAND, MINUS, 0x14, FALSE));
Message("/*Structure size: */0x%i%04X)\n", GetValue("7D 69 40 2E 7D 43 51 D6 7C 6A 5A 14", SECOND_OPERAND, MINUS, 0x10, FALSE), GetValue("7D 69 40 2E 7D 43 51 D6 7C 6A 5A 14", THIRD_OPERAND, MINUS, 0x8, FALSE));
LabelEP("Unknown EP", "7D 4B 20 2E 7D 49 07 B4 F9 21 00 50 C9 81 00 50", MINUS, 0x1C);
Message("Structure size: 0x%X%04X\n", GetValue("7D 4B 20 2E 7D 49 07 B4 F9 21 00 50 C9 81 00 50", SECOND_OPERAND, MINUS, 0x68, FALSE), GetValue("7D 4B 20 2E 7D 49 07 B4 F9 21 00 50 C9 81 00 50", THIRD_OPERAND, MINUS, 0x60, FALSE));
//GetValue("7F A3 EB 78 38 80 00 00 83 6B 00 0C 93 7F 05 34",FIRST_OPERAND, MINUS, 0x18, TRUE);
}
Please note, I couldn't care about the things grabbed. I care more on the functions I created to do everything with such easy. (Also, note that those binary patterns are for xbox...
)Here is the output (on xbox)
IDC Script created by Bitwise has been executed!
Current file that has been disassembled ['ghosts_tu10.xex']
.:@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@::.
Trying to find function SV_GameSendServerCommand with binary [' 7D 69 40 2E 7D 43 51 D6 7C 6A 5A 14']...
SV_GameSendServerCommand found in memory (824D149
Declariation:
void __cdecl(__int32 clientIndex, unsigned __int32 type, const char *fmt)
.:@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@::.
Trying to find function SV_DropClient with binary ['60 E6 FA 00 7D 69 40 2E 7D 43 31 D6 7C 6A 5A 14']...
SV_DropClient found in memory (824D14E
Declariation:
void __cdecl(__int32 clientIndex, const char *fmt)
.:@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@::.
Trying to find function SV_SendServerCommand with binary ['61 6A 7E 8C 7F FF 8A 14 7D 38 50 2E 7F 13 48 00']...
SV_SendServerCommand found in memory (824D781
Declariation:
void __cdecl(__int32 client_s, unsigned int type, const char *fmt)
.:@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@::.
Trying to find function AntiCheat_reportConsoleDetails with binary ['7C 78 1B 78 90 7F 00 F4 7C 94 23 78 7C BD 2B 78']...
AntiCheat_reportConsoleDetails found in memory (827B44E0)
Declariation:
void __cdecl(int r3, int r4, int r5, int r6, int r7, int r8, int r9, int r10)
.:@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@::.
Trying to find function AntiCheat_awnserChallenges with binary ['7C 7C 1B 78 90 7F 00 A4 7C 9B 23 78 7C BD 2B 78']...
AntiCheat_awnserChallenges found in memory (827B429
Declariation:
void __cdecl(int r3, int r4, int r5, int r6, int r7, int r8, int r9, int r10)
.:@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@::.
Trying to find function AntiCheat_consoleID with binary ['94 21 FF 90 39 60 00 08 7C 7F 1B 78 7C 9E 23 78']...
AntiCheat_consoleID found in memory (827B9810)
Declariation:
void __cdecl(int r3, int r4)
.:@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@::.
Trying to find function GScr_Earthquake with binary ['38 21 00 90 81 81 FF F8 7D 88 03 A6 CB A1 FF D8']...
GScr_Earthquake found in memory (8240DAF0)
Declariation:
void __cdecl(float *scale, int duration, float *source, int radius)
gentity_s found in memory. Jump to 8215CD30 and gentity_s will be highlighted with a bp!
Structure size: 0x280
playerState_s found in memory. Jump to 823EF3A0 and playerState_s will be highlighted with a bp!
Structure size: 0x3700
client_s found in memory. Jump to 824D14B4 and client_s will be highlighted with a bp!
client_s + 0x207E90 + (clientIndex * /*Structure size: */0x6FA00)
Unknown EP found in memory. Jump to 82137E30 and Unknown EP will be highlighted with a bp!
Structure size: 0xC8880
Great TuT Bud :yes:
05-28-2014, 12:22 AM
#15
Notorious
Caprisuns Is Back
Originally posted by B1TW153
This is nothing special, just a tool I wiped up for a better interference when creating an IDC Script. I was going to add a-ton more, but want to leave this project on the side-walk for awhile, while I deal with afew other things.
How do I use an IDC Script?
Simple, while in IDA, you click "File->Script File..." (Hotkey = win7: alt+f7 win8: fn+alt+f7) and simply open "filenamehere.idc", and the script can be executed. Very useful for updating offsets quickly upon a new TU aslong as the binary patterns you used didn't change.
Why is the downloaded IDC script empty?
I am still working on it. I don't see why its messing up myself...just doesn't want to do it. I may fix in v0.0.3
Whats in the application?
Now, for everyone who knew this project was construction; I ditched my own syntax highlighting method, It was good and all, but lagged so much and wasn't that good. So I used someone else's method, but personalized alot for this App.
Download: You must login or register to view this content.
Pictures:
v0.0.2
You must login or register to view this content.
You must login or register to view this content.
You must login or register to view this content.
You must login or register to view this content.
You must login or register to view this content.
You must login or register to view this content.
v0.0.3
You must login or register to view this content.
You must login or register to view this content.
You must login or register to view this content.
Virus scan: You must login or register to view this content.
Credits;
B1TW153 Creating the tool and about 95% off inside it
Leumonic Creating the GUI and FTP class
I thought I'd never say anything like this on a thread...but care to donate? Will help me a-ton on everything I do, keeps me motivated too. If you do want to donate, just PM
Update Log
v0.0.2
v0.0.3
Here is an IDC Script I created using my own IDE. It makes it so much easier scripting in it.
Please note, I couldn't care about the things grabbed. I care more on the functions I created to do everything with such easy. (Also, note that those binary patterns are for xbox...)
Here is the output (on xbox)
How do I use an IDC Script?
Simple, while in IDA, you click "File->Script File..." (Hotkey = win7: alt+f7 win8: fn+alt+f7) and simply open "filenamehere.idc", and the script can be executed. Very useful for updating offsets quickly upon a new TU aslong as the binary patterns you used didn't change.
Why is the downloaded IDC script empty?
I am still working on it. I don't see why its messing up myself...just doesn't want to do it. I may fix in v0.0.3
Whats in the application?
- Open an IDC Script
- Save an IDC Script
- Upload an IDC Script
- Delete current Uploaded IDC Script
- Download IDC Script
- Preset code to start you off on your script
- Syntax highlighting for the IDC language
- Auto updating system
Now, for everyone who knew this project was construction; I ditched my own syntax highlighting method, It was good and all, but lagged so much and wasn't that good. So I used someone else's method, but personalized alot for this App.
Download: You must login or register to view this content.
Pictures:
v0.0.2
You must login or register to view this content.
You must login or register to view this content.
You must login or register to view this content.
You must login or register to view this content.
You must login or register to view this content.
You must login or register to view this content.
v0.0.3
You must login or register to view this content.
You must login or register to view this content.
You must login or register to view this content.
Virus scan: You must login or register to view this content.
Credits;
B1TW153 Creating the tool and about 95% off inside it
Leumonic Creating the GUI and FTP class
I thought I'd never say anything like this on a thread...but care to donate? Will help me a-ton on everything I do, keeps me motivated too. If you do want to donate, just PM
Update Log
v0.0.2
- Open an IDC Script
- Save an IDC Script
- Upload an IDC Script
- Delete current Uploaded IDC Script
- Download IDC Script
- Preset code to start you off on your script
- Syntax highlighting for the IDC language
- Auto updating system
v0.0.3
- Hotkeys (see You must login or register to view this content.)
- Line Counting
- VS-Like Brace Collapsing
- Donate Feature (optional use, would appreciate if you clicked it and sent atleast $5 (Also, if your Geo-IP is located in the UK, you donate in pounds. If not, you pay in dollars))
- Features to modify your experience with the IDE
- Click on "AIM" and it will IM me a message (not custom, one by default) and if I am on I will reply and try to help with whatever is wrong.
- ICON! XD
Here is an IDC Script I created using my own IDE. It makes it so much easier scripting in it.
#include<idc.idc>
extern function, byte, address, value;
static LabelFunction(name,binary,functionname)
{
for(function=0;function != BADADDR;function = function + 0x04)
{
function = FindBinary(function,SEARCH_DOWN,binary);
Message(".:@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@::.\n\nTrying to find function %s with binary ['%s']...\n", name, binary);
Sleep(250);
if(function == BADADDR)
{
Warning("%s could not be found in memory (%08X)\n", name, BADADDR);
Message("%s failed...\n", name);
break;
}
else
{
//Message("%s\n", GetDisasm(function));
auto math = GetFunctionAttr(function, FUNCATTR_START);
MakeUnknown(math, GetFunctionAttr(math, FUNCATTR_END), 0x00);
SetStatus(1);
MakeCode(math);
MakeFunction(math, GetFunctionAttr(math, FUNCATTR_END));
MakeNameEx(math, name, 0x00);
SetStatus(0);
MakeRptCmt(math, sprintf("%s found in memory at %08X #bitwisehax", name, DecodeInstruction(math).ea));
if(GetCharPrm(INF_COMPILER) != COMP_MS) // Thanks to Dwack
{
SetCharPrm(INF_COMPILER, COMP_MS);
}
SetType(math, sprintf("%s;", functionname));
Jump(math);
SetStatus(1);
Message("%s found in memory (%08X)\nDeclariation:\n\t%s\n\n\n", name, math, GetType(math));
SetStatus(0);
break;
}
}
}
#define ADD 1
#define MINUS 2
#define TRUE 1
#define FALSE 0
#define FIRST_OPERAND 0
#define SECOND_OPERAND 1
#define THIRD_OPERAND 2
#define FORTH_OPERAND 3
#define FITH_OPERAND 4
static test()
{
auto test;
for(test=0;test!=BADADDR;test=test+0x04)
{
test = FindBinary(test,SEARCH_DOWN,"%c %i");
Message("crap found at %08X " + atoa(GetCharPrm(INF_XREFS)) + "\n", test);
break;
}
}
static EPTest(start, id, print)
{
auto gay;
for(gay=start;gay!=BADADDR;gay=gay+0x04)
{
Message("Trying to find the ep...");
if(start == BADADDR || gay == BADADDR)
{
Message("EP not found\n");
break;
}
else
{
gay = FindText(gay,SEARCH_DOWN,0,0,id);
if(print == TRUE)
{
Message("EP Found!\n\t0x%08X\n\n", gay);
return gay;
break;
}
else
{
return gay;
break;
}
}
}
}
static GetValue(binary, oper, aom, offset, print)
{
for(value=0;value!=BADADDR;value=value+0x04)
{
value = FindBinary(value,SEARCH_DOWN,binary);
if(value == BADADDR || GetOperandValue((aom == ADD) ? value + offset : value - offset, oper) == BADADDR)
{
Message("Value could not be grabbed!\n");
break;
}
else
{
auto math = (aom == ADD ? value + offset : value - offset);
if(print == TRUE)
{
if(GetOpType(math,oper) == 1) { Message("Operand %i is a GPR! Register is r%i\n", oper + 1, GetOperandValue(math, oper)); }
if(GetOpType(math,oper) == 2) { Message("Operand %i is a Memory Referance! Referance is %08X\n", oper + 1, GetOperandValue(math, oper)); }
if(GetOpType(math,oper) >= 5) { Message("Operand %i is an Immediate! Value is %08X\n", oper + 1, GetOperandValue(math, oper)); }
if(GetOpType(math,oper) == { Message("Operand %i is a FPR! Register is fp%i\n", oper + 1, GetOperandValue(math, oper)); }
return GetOperandValue(math,oper);
break;
}
else
{
return GetOperandValue(math,oper);
break;
}
}
}
}
static LabelEP(name, binary, aom, offset)
{
for(byte=0;byte != BADADDR;byte = byte + 0x04)
{
byte = FindBinary(byte,SEARCH_DOWN,binary);
if(byte == BADADDR)
{
Warning("%s not found in memory (%08X)\n", name, BADADDR);
Message("%s failed...\n", name);
break;
}
else
{
auto addr = (aom == 1) ? byte + offset : byte - offset;
if(CheckBpt(addr) == -1 || CheckBpt(addr) == 0)
{
AddBptEx(addr, 0x00, BPT_SOFT);
}
Message("%s found in memory. Jump to %08X and %s will be highlighted with a bp!\n", name, addr, name);
Jump(addr);
MakeRptCmt(addr, sprintf("%s EP found at %08X (%s is the dword_address or qword_address ect...) #bitwisehax", name, addr, name));
break;
}
}
}
static getStructureSize(ps)
{
auto test;
for(test=0;test != BADADDR;test = test + 0x04)
{
test = FindBinary(test,SEARCH_DOWN,(ps == "ps") ? "7F A3 EB 78 38 80 00 00 83 6B 00 0C 93 7F 05 34" : "55 07 38 30 38 CB 01 64 7C 67 30 2E 2B 03 00 00");
auto ret = (ps == "ps") ? GetOperandValue(test + 0x60, 2) : atol(sprintf("%X%X0", GetOperandValue(test + 0x8, 2), GetOperandValue(test + 0x12, 2)));
return ret;
}
}
static main()
{
Message("IDC Script created by Bitwise has been executed!\n\nCurrent file that has been disassembled ['%s']\n\n", GetInputFile());
Sleep(1000);
LabelFunction("SV_GameSendServerCommand", " 7D 69 40 2E 7D 43 51 D6 7C 6A 5A 14", "void __cdecl SV_GameSendServerCommand(__int32 clientIndex, unsigned __int32 type, const char*fmt)");
LabelFunction("SV_DropClient", "60 E6 FA 00 7D 69 40 2E 7D 43 31 D6 7C 6A 5A 14", "void __cdecl SV_GameDropClient(__int32 clientIndex, const char*fmt)");
LabelFunction("SV_SendServerCommand", "61 6A 7E 8C 7F FF 8A 14 7D 38 50 2E 7F 13 48 00", "void __cdecl SV_SendServerCommand(__int32 client_s, unsigned int type, const char*fmt)");
LabelFunction("AntiCheat_reportConsoleDetails", "7C 78 1B 78 90 7F 00 F4 7C 94 23 78 7C BD 2B 78", "void __cdecl AntiCheat_reportConsoleDetails(int r3, int r4, int r5, int r6, int r7, int r8, int r9, int r10)");
LabelFunction("AntiCheat_awnserChallenges", "7C 7C 1B 78 90 7F 00 A4 7C 9B 23 78 7C BD 2B 78", "void __cdecl AntiCheat_awnserChallenges(int r3, int r4, int r5, int r6, int r7, int r8, int r9, int r10)");
LabelFunction("AntiCheat_consoleID", "94 21 FF 90 39 60 00 08 7C 7F 1B 78 7C 9E 23 78", "void __cdecl AntiCheat_consoleID(int r3, int r4)");
LabelFunction("GScr_Earthquake", "38 21 00 90 81 81 FF F8 7D 88 03 A6 CB A1 FF D8", "void __cdecl GScr_Earhtquake(float*scale, int duration, float*source, int radius)");
LabelEP("gentity_s", "55 07 38 30 38 CB 01 64 7C 67 30 2E 2B 03 00 00", MINUS, 0x14);
Message("Structure size: 0x280\n");
LabelEP("playerState_s", "7F A3 EB 78 38 80 00 00 83 6B 00 0C 93 7F 05 34", MINUS, 0x1;
Message("Structure size: 0x%04X\n", getStructureSize("ps"));
//Message("playerstate; %08X\n", EPTest(0x832D0000, "+3D8", FALSE));
LabelEP("client_s", "7D 69 40 2E 7D 43 51 D6 7C 6A 5A 14", MINUS, 0x20);
Message("client_s + 0x%02X%04X + (clientIndex * ", GetValue("7D 69 40 2E 7D 43 51 D6 7C 6A 5A 14", SECOND_OPERAND, MINUS, 0x1C, FALSE), GetValue("7D 69 40 2E 7D 43 51 D6 7C 6A 5A 14", THIRD_OPERAND, MINUS, 0x14, FALSE));
Message("/*Structure size: */0x%i%04X)\n", GetValue("7D 69 40 2E 7D 43 51 D6 7C 6A 5A 14", SECOND_OPERAND, MINUS, 0x10, FALSE), GetValue("7D 69 40 2E 7D 43 51 D6 7C 6A 5A 14", THIRD_OPERAND, MINUS, 0x8, FALSE));
LabelEP("Unknown EP", "7D 4B 20 2E 7D 49 07 B4 F9 21 00 50 C9 81 00 50", MINUS, 0x1C);
Message("Structure size: 0x%X%04X\n", GetValue("7D 4B 20 2E 7D 49 07 B4 F9 21 00 50 C9 81 00 50", SECOND_OPERAND, MINUS, 0x68, FALSE), GetValue("7D 4B 20 2E 7D 49 07 B4 F9 21 00 50 C9 81 00 50", THIRD_OPERAND, MINUS, 0x60, FALSE));
//GetValue("7F A3 EB 78 38 80 00 00 83 6B 00 0C 93 7F 05 34",FIRST_OPERAND, MINUS, 0x18, TRUE);
}
Please note, I couldn't care about the things grabbed. I care more on the functions I created to do everything with such easy. (Also, note that those binary patterns are for xbox...
)Here is the output (on xbox)
IDC Script created by Bitwise has been executed!
Current file that has been disassembled ['ghosts_tu10.xex']
.:@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@::.
Trying to find function SV_GameSendServerCommand with binary [' 7D 69 40 2E 7D 43 51 D6 7C 6A 5A 14']...
SV_GameSendServerCommand found in memory (824D149
Declariation:
void __cdecl(__int32 clientIndex, unsigned __int32 type, const char *fmt)
.:@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@::.
Trying to find function SV_DropClient with binary ['60 E6 FA 00 7D 69 40 2E 7D 43 31 D6 7C 6A 5A 14']...
SV_DropClient found in memory (824D14E
Declariation:
void __cdecl(__int32 clientIndex, const char *fmt)
.:@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@::.
Trying to find function SV_SendServerCommand with binary ['61 6A 7E 8C 7F FF 8A 14 7D 38 50 2E 7F 13 48 00']...
SV_SendServerCommand found in memory (824D781
Declariation:
void __cdecl(__int32 client_s, unsigned int type, const char *fmt)
.:@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@::.
Trying to find function AntiCheat_reportConsoleDetails with binary ['7C 78 1B 78 90 7F 00 F4 7C 94 23 78 7C BD 2B 78']...
AntiCheat_reportConsoleDetails found in memory (827B44E0)
Declariation:
void __cdecl(int r3, int r4, int r5, int r6, int r7, int r8, int r9, int r10)
.:@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@::.
Trying to find function AntiCheat_awnserChallenges with binary ['7C 7C 1B 78 90 7F 00 A4 7C 9B 23 78 7C BD 2B 78']...
AntiCheat_awnserChallenges found in memory (827B429
Declariation:
void __cdecl(int r3, int r4, int r5, int r6, int r7, int r8, int r9, int r10)
.:@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@::.
Trying to find function AntiCheat_consoleID with binary ['94 21 FF 90 39 60 00 08 7C 7F 1B 78 7C 9E 23 78']...
AntiCheat_consoleID found in memory (827B9810)
Declariation:
void __cdecl(int r3, int r4)
.:@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@::.
Trying to find function GScr_Earthquake with binary ['38 21 00 90 81 81 FF F8 7D 88 03 A6 CB A1 FF D8']...
GScr_Earthquake found in memory (8240DAF0)
Declariation:
void __cdecl(float *scale, int duration, float *source, int radius)
gentity_s found in memory. Jump to 8215CD30 and gentity_s will be highlighted with a bp!
Structure size: 0x280
playerState_s found in memory. Jump to 823EF3A0 and playerState_s will be highlighted with a bp!
Structure size: 0x3700
client_s found in memory. Jump to 824D14B4 and client_s will be highlighted with a bp!
client_s + 0x207E90 + (clientIndex * /*Structure size: */0x6FA00)
Unknown EP found in memory. Jump to 82137E30 and Unknown EP will be highlighted with a bp!
Structure size: 0xC8880
I like your predictive text on this :yes: nice job!
The following user thanked Notorious for this useful post:
05-23-2016, 12:04 AM
#18
S63
Space Ninja
Originally posted by Bitwise
This is nothing special, just a tool I wiped up for a better interference when creating an IDC Script. I was going to add a-ton more, but want to leave this project on the side-walk for awhile, while I deal with afew other things.
How do I use an IDC Script?
Simple, while in IDA, you click "File->Script File..." (Hotkey = win7: alt+f7 win8: fn+alt+f7) and simply open "filenamehere.idc", and the script can be executed. Very useful for updating offsets quickly upon a new TU aslong as the binary patterns you used didn't change.
Why is the downloaded IDC script empty?
I am still working on it. I don't see why its messing up myself...just doesn't want to do it. I may fix in v0.0.3
Whats in the application?
Now, for everyone who knew this project was construction; I ditched my own syntax highlighting method, It was good and all, but lagged so much and wasn't that good. So I used someone else's method, but personalized alot for this App.
Download: You must login or register to view this content.
Pictures:
v0.0.2
You must login or register to view this content.
You must login or register to view this content.
You must login or register to view this content.
You must login or register to view this content.
You must login or register to view this content.
You must login or register to view this content.
v0.0.3
You must login or register to view this content.
You must login or register to view this content.
You must login or register to view this content.
Virus scan: You must login or register to view this content.
Credits;
B1TW153 Creating the tool and about 95% off inside it
Leumonic Creating the GUI and FTP class
I thought I'd never say anything like this on a thread...but care to donate? Will help me a-ton on everything I do, keeps me motivated too. If you do want to donate, just PM
Update Log
v0.0.2
v0.0.3
Here is an IDC Script I created using my own IDE. It makes it so much easier scripting in it.
Please note, I couldn't care about the things grabbed. I care more on the functions I created to do everything with such easy. (Also, note that those binary patterns are for xbox...)
Here is the output (on xbox)
How do I use an IDC Script?
Simple, while in IDA, you click "File->Script File..." (Hotkey = win7: alt+f7 win8: fn+alt+f7) and simply open "filenamehere.idc", and the script can be executed. Very useful for updating offsets quickly upon a new TU aslong as the binary patterns you used didn't change.
Why is the downloaded IDC script empty?
I am still working on it. I don't see why its messing up myself...just doesn't want to do it. I may fix in v0.0.3
Whats in the application?
- Open an IDC Script
- Save an IDC Script
- Upload an IDC Script
- Delete current Uploaded IDC Script
- Download IDC Script
- Preset code to start you off on your script
- Syntax highlighting for the IDC language
- Auto updating system
Now, for everyone who knew this project was construction; I ditched my own syntax highlighting method, It was good and all, but lagged so much and wasn't that good. So I used someone else's method, but personalized alot for this App.
Download: You must login or register to view this content.
Pictures:
v0.0.2
You must login or register to view this content.
You must login or register to view this content.
You must login or register to view this content.
You must login or register to view this content.
You must login or register to view this content.
You must login or register to view this content.
v0.0.3
You must login or register to view this content.
You must login or register to view this content.
You must login or register to view this content.
Virus scan: You must login or register to view this content.
Credits;
B1TW153 Creating the tool and about 95% off inside it
Leumonic Creating the GUI and FTP class
I thought I'd never say anything like this on a thread...but care to donate? Will help me a-ton on everything I do, keeps me motivated too. If you do want to donate, just PM
Update Log
v0.0.2
- Open an IDC Script
- Save an IDC Script
- Upload an IDC Script
- Delete current Uploaded IDC Script
- Download IDC Script
- Preset code to start you off on your script
- Syntax highlighting for the IDC language
- Auto updating system
v0.0.3
- Hotkeys (see You must login or register to view this content.)
- Line Counting
- VS-Like Brace Collapsing
- Donate Feature (optional use, would appreciate if you clicked it and sent atleast $5 (Also, if your Geo-IP is located in the UK, you donate in pounds. If not, you pay in dollars))
- Features to modify your experience with the IDE
- Click on "AIM" and it will IM me a message (not custom, one by default) and if I am on I will reply and try to help with whatever is wrong.
- ICON! XD
Here is an IDC Script I created using my own IDE. It makes it so much easier scripting in it.
#include<idc.idc>
extern function, byte, address, value;
static LabelFunction(name,binary,functionname)
{
for(function=0;function != BADADDR;function = function + 0x04)
{
function = FindBinary(function,SEARCH_DOWN,binary);
Message(".:@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@::.\n\nTrying to find function %s with binary ['%s']...\n", name, binary);
Sleep(250);
if(function == BADADDR)
{
Warning("%s could not be found in memory (%08X)\n", name, BADADDR);
Message("%s failed...\n", name);
break;
}
else
{
//Message("%s\n", GetDisasm(function));
auto math = GetFunctionAttr(function, FUNCATTR_START);
MakeUnknown(math, GetFunctionAttr(math, FUNCATTR_END), 0x00);
SetStatus(1);
MakeCode(math);
MakeFunction(math, GetFunctionAttr(math, FUNCATTR_END));
MakeNameEx(math, name, 0x00);
SetStatus(0);
MakeRptCmt(math, sprintf("%s found in memory at %08X #bitwisehax", name, DecodeInstruction(math).ea));
if(GetCharPrm(INF_COMPILER) != COMP_MS) // Thanks to Dwack
{
SetCharPrm(INF_COMPILER, COMP_MS);
}
SetType(math, sprintf("%s;", functionname));
Jump(math);
SetStatus(1);
Message("%s found in memory (%08X)\nDeclariation:\n\t%s\n\n\n", name, math, GetType(math));
SetStatus(0);
break;
}
}
}
#define ADD 1
#define MINUS 2
#define TRUE 1
#define FALSE 0
#define FIRST_OPERAND 0
#define SECOND_OPERAND 1
#define THIRD_OPERAND 2
#define FORTH_OPERAND 3
#define FITH_OPERAND 4
static test()
{
auto test;
for(test=0;test!=BADADDR;test=test+0x04)
{
test = FindBinary(test,SEARCH_DOWN,"%c %i");
Message("crap found at %08X " + atoa(GetCharPrm(INF_XREFS)) + "\n", test);
break;
}
}
static EPTest(start, id, print)
{
auto gay;
for(gay=start;gay!=BADADDR;gay=gay+0x04)
{
Message("Trying to find the ep...");
if(start == BADADDR || gay == BADADDR)
{
Message("EP not found\n");
break;
}
else
{
gay = FindText(gay,SEARCH_DOWN,0,0,id);
if(print == TRUE)
{
Message("EP Found!\n\t0x%08X\n\n", gay);
return gay;
break;
}
else
{
return gay;
break;
}
}
}
}
static GetValue(binary, oper, aom, offset, print)
{
for(value=0;value!=BADADDR;value=value+0x04)
{
value = FindBinary(value,SEARCH_DOWN,binary);
if(value == BADADDR || GetOperandValue((aom == ADD) ? value + offset : value - offset, oper) == BADADDR)
{
Message("Value could not be grabbed!\n");
break;
}
else
{
auto math = (aom == ADD ? value + offset : value - offset);
if(print == TRUE)
{
if(GetOpType(math,oper) == 1) { Message("Operand %i is a GPR! Register is r%i\n", oper + 1, GetOperandValue(math, oper)); }
if(GetOpType(math,oper) == 2) { Message("Operand %i is a Memory Referance! Referance is %08X\n", oper + 1, GetOperandValue(math, oper)); }
if(GetOpType(math,oper) >= 5) { Message("Operand %i is an Immediate! Value is %08X\n", oper + 1, GetOperandValue(math, oper)); }
if(GetOpType(math,oper) == { Message("Operand %i is a FPR! Register is fp%i\n", oper + 1, GetOperandValue(math, oper)); }
return GetOperandValue(math,oper);
break;
}
else
{
return GetOperandValue(math,oper);
break;
}
}
}
}
static LabelEP(name, binary, aom, offset)
{
for(byte=0;byte != BADADDR;byte = byte + 0x04)
{
byte = FindBinary(byte,SEARCH_DOWN,binary);
if(byte == BADADDR)
{
Warning("%s not found in memory (%08X)\n", name, BADADDR);
Message("%s failed...\n", name);
break;
}
else
{
auto addr = (aom == 1) ? byte + offset : byte - offset;
if(CheckBpt(addr) == -1 || CheckBpt(addr) == 0)
{
AddBptEx(addr, 0x00, BPT_SOFT);
}
Message("%s found in memory. Jump to %08X and %s will be highlighted with a bp!\n", name, addr, name);
Jump(addr);
MakeRptCmt(addr, sprintf("%s EP found at %08X (%s is the dword_address or qword_address ect...) #bitwisehax", name, addr, name));
break;
}
}
}
static getStructureSize(ps)
{
auto test;
for(test=0;test != BADADDR;test = test + 0x04)
{
test = FindBinary(test,SEARCH_DOWN,(ps == "ps") ? "7F A3 EB 78 38 80 00 00 83 6B 00 0C 93 7F 05 34" : "55 07 38 30 38 CB 01 64 7C 67 30 2E 2B 03 00 00");
auto ret = (ps == "ps") ? GetOperandValue(test + 0x60, 2) : atol(sprintf("%X%X0", GetOperandValue(test + 0x8, 2), GetOperandValue(test + 0x12, 2)));
return ret;
}
}
static main()
{
Message("IDC Script created by Bitwise has been executed!\n\nCurrent file that has been disassembled ['%s']\n\n", GetInputFile());
Sleep(1000);
LabelFunction("SV_GameSendServerCommand", " 7D 69 40 2E 7D 43 51 D6 7C 6A 5A 14", "void __cdecl SV_GameSendServerCommand(__int32 clientIndex, unsigned __int32 type, const char*fmt)");
LabelFunction("SV_DropClient", "60 E6 FA 00 7D 69 40 2E 7D 43 31 D6 7C 6A 5A 14", "void __cdecl SV_GameDropClient(__int32 clientIndex, const char*fmt)");
LabelFunction("SV_SendServerCommand", "61 6A 7E 8C 7F FF 8A 14 7D 38 50 2E 7F 13 48 00", "void __cdecl SV_SendServerCommand(__int32 client_s, unsigned int type, const char*fmt)");
LabelFunction("AntiCheat_reportConsoleDetails", "7C 78 1B 78 90 7F 00 F4 7C 94 23 78 7C BD 2B 78", "void __cdecl AntiCheat_reportConsoleDetails(int r3, int r4, int r5, int r6, int r7, int r8, int r9, int r10)");
LabelFunction("AntiCheat_awnserChallenges", "7C 7C 1B 78 90 7F 00 A4 7C 9B 23 78 7C BD 2B 78", "void __cdecl AntiCheat_awnserChallenges(int r3, int r4, int r5, int r6, int r7, int r8, int r9, int r10)");
LabelFunction("AntiCheat_*********", "94 21 FF 90 39 60 00 08 7C 7F 1B 78 7C 9E 23 78", "void __cdecl AntiCheat_*********(int r3, int r4)");
LabelFunction("GScr_Earthquake", "38 21 00 90 81 81 FF F8 7D 88 03 A6 CB A1 FF D8", "void __cdecl GScr_Earhtquake(float*scale, int duration, float*source, int radius)");
LabelEP("gentity_s", "55 07 38 30 38 CB 01 64 7C 67 30 2E 2B 03 00 00", MINUS, 0x14);
Message("Structure size: 0x280\n");
LabelEP("playerState_s", "7F A3 EB 78 38 80 00 00 83 6B 00 0C 93 7F 05 34", MINUS, 0x1;
Message("Structure size: 0x%04X\n", getStructureSize("ps"));
//Message("playerstate; %08X\n", EPTest(0x832D0000, "+3D8", FALSE));
LabelEP("client_s", "7D 69 40 2E 7D 43 51 D6 7C 6A 5A 14", MINUS, 0x20);
Message("client_s + 0x%02X%04X + (clientIndex * ", GetValue("7D 69 40 2E 7D 43 51 D6 7C 6A 5A 14", SECOND_OPERAND, MINUS, 0x1C, FALSE), GetValue("7D 69 40 2E 7D 43 51 D6 7C 6A 5A 14", THIRD_OPERAND, MINUS, 0x14, FALSE));
Message("/*Structure size: */0x%i%04X)\n", GetValue("7D 69 40 2E 7D 43 51 D6 7C 6A 5A 14", SECOND_OPERAND, MINUS, 0x10, FALSE), GetValue("7D 69 40 2E 7D 43 51 D6 7C 6A 5A 14", THIRD_OPERAND, MINUS, 0x8, FALSE));
LabelEP("Unknown EP", "7D 4B 20 2E 7D 49 07 B4 F9 21 00 50 C9 81 00 50", MINUS, 0x1C);
Message("Structure size: 0x%X%04X\n", GetValue("7D 4B 20 2E 7D 49 07 B4 F9 21 00 50 C9 81 00 50", SECOND_OPERAND, MINUS, 0x68, FALSE), GetValue("7D 4B 20 2E 7D 49 07 B4 F9 21 00 50 C9 81 00 50", THIRD_OPERAND, MINUS, 0x60, FALSE));
//GetValue("7F A3 EB 78 38 80 00 00 83 6B 00 0C 93 7F 05 34",FIRST_OPERAND, MINUS, 0x18, TRUE);
}
Please note, I couldn't care about the things grabbed. I care more on the functions I created to do everything with such easy. (Also, note that those binary patterns are for xbox...
)Here is the output (on xbox)
IDC Script created by Bitwise has been executed!
Current file that has been disassembled ['ghosts_tu10.xex']
.:@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@::.
Trying to find function SV_GameSendServerCommand with binary [' 7D 69 40 2E 7D 43 51 D6 7C 6A 5A 14']...
SV_GameSendServerCommand found in memory (824D149
Declariation:
void __cdecl(__int32 clientIndex, unsigned __int32 type, const char *fmt)
.:@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@::.
Trying to find function SV_DropClient with binary ['60 E6 FA 00 7D 69 40 2E 7D 43 31 D6 7C 6A 5A 14']...
SV_DropClient found in memory (824D14E
Declariation:
void __cdecl(__int32 clientIndex, const char *fmt)
.:@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@::.
Trying to find function SV_SendServerCommand with binary ['61 6A 7E 8C 7F FF 8A 14 7D 38 50 2E 7F 13 48 00']...
SV_SendServerCommand found in memory (824D781
Declariation:
void __cdecl(__int32 client_s, unsigned int type, const char *fmt)
.:@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@::.
Trying to find function AntiCheat_reportConsoleDetails with binary ['7C 78 1B 78 90 7F 00 F4 7C 94 23 78 7C BD 2B 78']...
AntiCheat_reportConsoleDetails found in memory (827B44E0)
Declariation:
void __cdecl(int r3, int r4, int r5, int r6, int r7, int r8, int r9, int r10)
.:@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@::.
Trying to find function AntiCheat_awnserChallenges with binary ['7C 7C 1B 78 90 7F 00 A4 7C 9B 23 78 7C BD 2B 78']...
AntiCheat_awnserChallenges found in memory (827B429
Declariation:
void __cdecl(int r3, int r4, int r5, int r6, int r7, int r8, int r9, int r10)
.:@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@::.
Trying to find function AntiCheat_********* with binary ['94 21 FF 90 39 60 00 08 7C 7F 1B 78 7C 9E 23 78']...
AntiCheat_********* found in memory (827B9810)
Declariation:
void __cdecl(int r3, int r4)
.:@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@::.
Trying to find function GScr_Earthquake with binary ['38 21 00 90 81 81 FF F8 7D 88 03 A6 CB A1 FF D8']...
GScr_Earthquake found in memory (8240DAF0)
Declariation:
void __cdecl(float *scale, int duration, float *source, int radius)
gentity_s found in memory. Jump to 8215CD30 and gentity_s will be highlighted with a bp!
Structure size: 0x280
playerState_s found in memory. Jump to 823EF3A0 and playerState_s will be highlighted with a bp!
Structure size: 0x3700
client_s found in memory. Jump to 824D14B4 and client_s will be highlighted with a bp!
client_s + 0x207E90 + (clientIndex * /*Structure size: */0x6FA00)
Unknown EP found in memory. Jump to 82137E30 and Unknown EP will be highlighted with a bp!
Structure size: 0xC8880
Download down?
Copyright © 2024, NextGenUpdate.
All Rights Reserved.
