public Inventory(XIVProcess proc) { _process = proc; _scan = new SignatureScan(proc, proc.MainModule); _invPtr = MemTools.ReadProcessMemory <IntPtr>(proc.Handle, _scan.FindRelativeSignature("4C897C2430448D630C4C8B3D")); }
public static void UpdateOffsets() { if ((DateTime.Now - _lastUpdatedOffset).TotalMinutes > 1) { try { Process process = Process.GetProcessesByName("csgo")[0]; SignatureScan.Process = process; SignatureScan.Address = IntPtr.Zero; SignatureScan.Size = MAX_DUMP_SIZE; int clientDll = SignatureScan.GetModuleBaseAddressByName(process, "client.dll").ToInt32(); long clientDllSize = SignatureScan.GetModuleSize(process, "client.dll"); int engineDll = SignatureScan.GetModuleBaseAddressByName(process, "engine.dll").ToInt32(); long engineDllSize = SignatureScan.GetModuleSize(process, "engine.dll"); FindWeaponOffset(clientDll, clientDllSize); FindTeamnumOffset(clientDll, clientDllSize); FindHealthOffset(clientDll, clientDllSize); FindVecOriginOffset(clientDll, clientDllSize); FindBonematrixOffset(clientDll, clientDllSize); FindDormantOffset(clientDll, clientDllSize); FindGameRulesProxyOffset(clientDll, clientDllSize); FindViewAnglesOffset(engineDll, engineDllSize); FindClientstateOffset(engineDll, engineDllSize); FindEntitylistOffset(clientDll, clientDllSize); FindLocalPlayerOffset(clientDll, clientDllSize); _lastUpdatedOffset = DateTime.Now; } catch { if (Program.Settings.UseSounds) { Console.Beep(400, 100); } } } }
public Chat(XIVProcess proc) { _process = proc; _scan = new SignatureScan(proc, proc.MainModule); _chatlogPtr = _scan.FindRelativeSignature("4585C07829488B05"); }
public Player(XIVProcess proc) { _process = proc; _scan = new SignatureScan(proc, proc.MainModule); _playerPtr = _scan.FindRelativeSignature("48894648488D4E60488D15"); }
public Fish(XIVProcess proc) { _process = proc; _scan = new SignatureScan(proc, proc.MainModule); _fishPtr = _scan.FindRelativeSignature("488D8E70FDFFFF4C8B114C8D0D"); }
private static void FindViewAnglesOffset(int engineDll, long engineDllSize) { var pattern = new byte[] { 0xF3, 0x0F, 0x11, 0x80, 0x00, 0x00, 0x00, 0x00, 0xD9, 0x46, 0x04, 0xD9, 0x05 }; var mask = SignatureScan.MaskFromPattern(pattern); var adress = SignatureScan.FindAddress(pattern, 4, mask, engineDll, engineDllSize); signatures.dwClientState_ViewAngles = SignatureScan.ReadInt(adress); }
public Party(int pid) { proc = new PolProcess(pid); SignatureScan ss = new SignatureScan(proc.Process, proc.FFXiMain); partyAddress = ss.FindSignature(Signatures.PARTY_SIGNATURE); }
private static void FindDormantOffset(int clientDll, long clientDllSize) { var pattern = new byte[] { 0x8A, 0x81, 0x00, 0x00, 0x00, 0x00, 0xC3, 0x32, 0xC0 }; var mask = SignatureScan.MaskFromPattern(pattern); var adress = SignatureScan.FindAddress(pattern, 2, mask, clientDll, clientDllSize); signatures.m_bDormant = SignatureScan.ReadInt(adress) + 8; }
public NPC(int pid) { proc = new PolProcess(pid); SignatureScan ss = new SignatureScan(proc.Process, proc.FFXiMain); npcmapAddress = ss.FindSignature(Signatures.NPCMAP_SIGNATURE); }
public Chat(int pid) { FFXi = new PolProcess(pid); SignatureScan ss = new SignatureScan(FFXi.Process, FFXi.FFXiMain); chatLogAddress = ss.FindSignature(Signatures.CHAT_SIGNATURE) + 8; }
public Inventory(int pid) { this._polProcess = new PolProcess(pid); SignatureScan ss = new SignatureScan(_polProcess.Process, _polProcess.FFXiMain); IntPtr temp = ss.FindSignature(Signatures.INVENTORY_SIGNATURE); _inventoryAddress = (IntPtr)MemTools.ReadProcessMemory <int>(_polProcess.Handle, temp); }
//Scan for the signature pattern and store the addresses so we //can send them off to the DLL for invoking. private void InitializeSignatures() { if (!this._isSignaturesInitialized) { this._isSignaturesInitialized = true; SignatureScan signatureScan = new SignatureScan(this._process, this._process.MainModule); this._printfAddress = signatureScan.FindSignature(_printfSignature, 0, false, false); this._increaseIndexAddress = signatureScan.FindSignature(_increaseIndexSignature, 0, false, false); } }
public Form1() { pol = Process.GetProcessesByName("pol")[0]; sigscan = new SignatureScan(pol, "FFXiMain.dll"); npcmap = sigscan.FindSignature("8B560C8B042A8B0485"); InitializeComponent(); }
static void Main(string[] args) { TestInjector(); TestVulturnus(0x00E94F87); SignatureScan signatureScan = new SignatureScan(Process.GetProcessesByName("Icy.Test")[0], "E8 ?? ? ?? ?? E9 ?? ?? ?? ?? 55 8B EC 6A 00 FF", 0x00e91000, 0x4000, 1); Console.WriteLine("{0:X}", signatureScan.Address()); Console.ReadLine(); }
private static void FindVecOriginOffset(int clientDll, long clientDllSize) { var pattern = new byte[] { 0x8A, 0x0E, 0x80, 0xE1, 0xFC, 0x0A, 0xC8, 0x88, 0x0E, 0xF3, 0x00, 0x00, 0x87 , 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x87, 0x00, 0x00, 0x00, 0x00, 0x9F }; var mask = SignatureScan.MaskFromPattern(pattern); var adress = SignatureScan.FindAddress(pattern, 0, mask, clientDll, clientDllSize); netvars.m_vecOrigin = SignatureScan.ReadInt(adress + 13); }
private static void FindBonematrixOffset(int clientDll, long clientDllSize) { var pattern = new byte[] { 0x75, 0x15, 0x8B, 0x87, 0x00, 0x00, 0x00, 0x00, 0x8B, 0xCF, 0x8B, 0x17, 0x03 , 0x44, 0x24, 0x14, 0x50 }; var mask = SignatureScan.MaskFromPattern(pattern); var adress = SignatureScan.FindAddress(pattern, 4, mask, clientDll, clientDllSize); netvars.m_dwBoneMatrix = SignatureScan.ReadInt(adress); }
private static void FindWeaponOffset(int clientDll, long clientDllSize) { var pattern = new byte[] { 0x0F, 0x45, 0xF7, 0x5F, 0x8B, 0x8E, 0x00, 0x00, 0x00, 0x00, 0x5E, 0x83, 0xF9 , 0xFF }; var mask = SignatureScan.MaskFromPattern(pattern); var adress = SignatureScan.FindAddress(pattern, 0, mask, clientDll, clientDllSize); netvars.m_hActiveWeapon = SignatureScan.ReadInt(adress + 6); }
public Player(int pid) { proc = new PolProcess(pid); SignatureScan ss = new SignatureScan(proc.Process, proc.FFXiMain); playerAddress = ss.FindSignature(Signatures.PLAYER_SIGNATURE); zoneAddress = ss.FindSignature(Signatures.ZONE_SIGNATURE) + 0x5E; selfidAddress = ss.FindSignature(Signatures.SELFID_SIGNATURE); buffAddress = ss.FindSignature(Signatures.BUFF_SIGNATURE); npc = new NPC(pid); }
private static void FindHealthOffset(int clientDll, long clientDllSize) { var pattern = new byte[] { 0x8B, 0x41, 0x00, 0x89, 0x41, 0x00, 0x8B, 0x41, 0x00, 0x89, 0x41, 0x00, 0x8B , 0x41, 0x00, 0x89, 0x41, 0x00, 0x8B, 0x4F, 0x00, 0x83, 0xB9, 0x00, 0x00, 0x00 , 0x00, 0x00, 0x7F, 0x2E }; var mask = SignatureScan.MaskFromPattern(pattern); var adress = SignatureScan.FindAddress(pattern, 0, mask, clientDll, clientDllSize); netvars.m_iHealth = SignatureScan.ReadInt(adress + 23); }
private static void FindTeamnumOffset(int clientDll, long clientDllSize) { var pattern = new byte[] { 0xCC, 0xCC, 0xCC, 0x8B, 0x89, 0x00, 0x00, 0x00, 0x00, 0xE9, 0x00, 0x00, 0x00 , 0x00, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0x8B, 0x81, 0x00, 0x00, 0x00, 0x00, 0xC3 , 0xCC, 0xCC }; var mask = SignatureScan.MaskFromPattern(pattern); var adress = SignatureScan.FindAddress(pattern, 0, mask, clientDll, clientDllSize); netvars.m_iTeamNum = SignatureScan.ReadInt(adress + 5); }
private static void FindEntitylistOffset(int clientDll, long clientDllSize) { var pattern = new byte[] { 0xBB, 0x00, 0x00, 0x00, 0x00, 0x83, 0xFF, 0x01, 0x0F, 0x8C, 0x00, 0x00, 0x00 , 0x00, 0x3B, 0xF8 }; var mask = SignatureScan.MaskFromPattern(pattern); var adress = SignatureScan.FindAddress(pattern, 1, mask, clientDll, clientDllSize); var val1 = SignatureScan.ReadInt(adress); signatures.dwEntityList = val1 - clientDll; }
private static void FindClientstateOffset(int engineDll, long engineDllSize) { var pattern = new byte[] { 0xA1, 0x00, 0x00, 0x00, 0x00, 0x33, 0xD2, 0x6A, 0x00, 0x6A, 0x00, 0x33, 0xC9 , 0x89, 0xB0 }; var mask = SignatureScan.MaskFromPattern(pattern); var adress = SignatureScan.FindAddress(pattern, 1, mask, engineDll, engineDllSize); var val1 = SignatureScan.ReadInt(adress); signatures.dwClientState = val1 - engineDll; }
private static void FindGameRulesProxyOffset(int clientDll, long clientDllSize) { var pattern = new byte[] { 0xA1, 0x00, 0x00, 0x00, 0x00, 0x85, 0xC0, 0x0F, 0x84, 0x00, 0x00, 0x00, 0x00 , 0x80, 0xB8, 0x00, 0x00, 0x00, 0x00, 0x00, 0x0F, 0x84, 0x00, 0x00, 0x00, 0x00 , 0x0F, 0x10, 0x05 }; var mask = SignatureScan.MaskFromPattern(pattern); var adress = SignatureScan.FindAddress(pattern, 1, mask, clientDll, clientDllSize); var val1 = SignatureScan.ReadInt(adress); signatures.dwGameRulesProxy = val1 - clientDll; }
private void FindButton_Click(object sender, RoutedEventArgs e) { if (String.IsNullOrEmpty(SearchTextBox.Text) || ByteViewer.ByteProvider == null) { return; } if (SearchBytesRadioButton.IsChecked == true && SearchOptionCheckBox.IsChecked == true) { SignatureSearchResult = 1; SignatureScan scan = new SignatureScan(SearchTextBox.Text, ByteViewer.ByteProvider, SignatureSearchResult); long address = scan.Address(); if (address >= 0) { ByteViewer.SelectionStart = address; ByteViewer.SelectionLength = scan.PatternSize; } else { MessageBox.Show("The following specified hexadecimal bytes was not found: \n\n" + SearchTextBox.Text, "Binary Engine", MessageBoxButton.OK, MessageBoxImage.Information); } return; } else { try { ByteViewer.SelectionStart = 0; ByteViewFindOptions.MatchCase = (bool)SearchOptionCheckBox.IsChecked; ByteViewFindOptions.Type = (bool)SearchBytesRadioButton.IsChecked ? FindType.Hex : FindType.Text; if (ByteViewFindOptions.Type == FindType.Hex) { ByteViewFindOptions.Hex = BytesConverter.StringToBytes(SearchTextBox.Text); } else { ByteViewFindOptions.Text = SearchTextBox.Text; } ByteViewFindOptions.IsValid = true; } catch { } } FindNextButton_Click(this, e); }
private void FindNextButton_Click(object sender, RoutedEventArgs e) { if (String.IsNullOrEmpty(SearchTextBox.Text) || ByteViewer.ByteProvider == null) { return; } if (SearchBytesRadioButton.IsChecked == true && SearchOptionCheckBox.IsChecked == true) { SignatureSearchResult++; SignatureScan scan = new SignatureScan(SearchTextBox.Text, ByteViewer.ByteProvider, SignatureSearchResult); long address = scan.Address(); if (address >= 0) { ByteViewer.SelectionStart = address; ByteViewer.SelectionLength = scan.PatternSize; } else { MessageBox.Show("The following specified hexadecimal bytes was not found: \n\n" + SearchTextBox.Text, "Binary Engine", MessageBoxButton.OK, MessageBoxImage.Information); } } try { const long NO_MATCH = -1; const long OPERATION_ABORTED = -2; switch (ByteViewer.Find(ByteViewFindOptions)) { case NO_MATCH: MessageBox.Show("The following specified text or hexadecimal bytes was not found: \n\n" + SearchTextBox.Text, "Binary Engine", MessageBoxButton.OK, MessageBoxImage.Information); break; case OPERATION_ABORTED: break; default: //success if (!ByteViewer.Focused) { ByteViewer.Focus(); } break; } } catch { } }
private static void FindLocalPlayerOffset(int clientDll, long clientDllSize) { byte[] pattern = { 0x8D, 0x34, 0x85, 0x00, 0x00, 0x00, 0x00, 0x89, 0x15, 0x00, 0x00, 0x00, 0x00, 0x8B , 0x41, 0x08, 0x8B, 0x48, 0x04, 0x83, 0xF9, 0xFF }; string mask = SignatureScan.MaskFromPattern(pattern); var adress = SignatureScan.FindAddress(pattern, 3, mask, clientDll, clientDllSize); var localplayer = SignatureScan.ReadInt(adress); adress = SignatureScan.FindAddress(pattern, 18, mask, clientDll, clientDllSize); var val2 = SignatureScan.ReadByte(adress); localplayer += val2; localplayer -= clientDll; signatures.dwLocalPlayer = localplayer; }
private void FindAllButton_Click(object sender, RoutedEventArgs e) { FindAllReferencesGroupBox.Visibility = Visibility.Visible; ByteViewerHost.Margin = new Thickness(0, 20, 250, 105); FindAllListBox.Items.Clear(); if (String.IsNullOrEmpty(SearchTextBox.Text) || ByteViewer.ByteProvider == null) { return; } if (SearchBytesRadioButton.IsChecked == true && SearchOptionCheckBox.IsChecked == true) { SignatureSearchResult = 1; SignatureScan scan = new SignatureScan(SearchTextBox.Text, ByteViewer.ByteProvider, SignatureSearchResult); for (long address = scan.Address(); address >= 0; scan.Result++, address = scan.Address()) { byte[] data = new byte[scan.PatternSize]; for (int i = 0; i < scan.PatternSize; ++i) { data[i] = ByteViewer.ByteProvider.ReadByte(address + i); } string content = $"{address.ToString("X8")} ({scan.PatternSize}): {new BytesConverter(data).ToHexadecimalString()} [\"{Encoding.ASCII.GetString(data)}\"]"; FindAllListBox.Items.Add(new ListBoxItem() { Content = content, Tag = new KeyValuePair <long, long>(address, scan.PatternSize), ToolTip = new ToolTip() { Content = content } }); } return; } else { try { ByteViewer.SelectionStart = 0; ByteViewFindOptions.MatchCase = (bool)SearchOptionCheckBox.IsChecked; ByteViewFindOptions.Type = (bool)SearchBytesRadioButton.IsChecked ? FindType.Hex : FindType.Text; if (ByteViewFindOptions.Type == FindType.Hex) { ByteViewFindOptions.Hex = BytesConverter.StringToBytes(SearchTextBox.Text); } else { ByteViewFindOptions.Text = SearchTextBox.Text; } ByteViewFindOptions.IsValid = true; const long NO_MATCH = -1; while (ByteViewer.Find(ByteViewFindOptions) != NO_MATCH) { byte[] data = new byte[ByteViewer.SelectionLength]; for (int i = 0; i < ByteViewer.SelectionLength; ++i) { data[i] = ByteViewer.ByteProvider.ReadByte(ByteViewer.SelectionStart + i); } string content = $"{ByteViewer.SelectionStart.ToString("X8")} ({ByteViewer.SelectionLength}): {new BytesConverter(data).ToHexadecimalString()} [\"{Encoding.ASCII.GetString(data)}\"]"; FindAllListBox.Items.Add(new ListBoxItem() { Content = content, Tag = new KeyValuePair <long, long>(ByteViewer.SelectionStart, ByteViewer.SelectionLength), ToolTip = new ToolTip() { Content = content } }); } } catch { } } }