Raised This Month: $ Target: $400
 0% 

[Solved] How to find pvPrivateData offsets using IDA?


  
 
 
Thread Tools Display Modes
Prev Previous Post   Next Post Next
teh ORiON
Member
Join Date: Sep 2011
Location: Denmark
Old 12-27-2012 , 20:00   Re: [Help] How to find pvPrivateData offsets using IDA?
Reply With Quote #4

Quote:
Originally Posted by Arkshine View Post
It's actually very easy. I wanted to do some tutorial (my sig lol), but it requires you explain the context before and such, and it's a pain.

Fast explanation :

Let's take CBasePlayer class as example. You know that inside members are declared like m_iYokomo. When we're talking about 'offset', it means 'position' from the base. If you see CBasePlayer::Killed() (windows), when you decompile, the first line:

*(this + 300)

this = it's the CBasePlayer object passed.

300 is thefull offset. It's actually what you're looking for. It's the position from the base which points out to something, here member.
'Full' because it includes the size of each members. Most of time it's 4 ( int, float, pointer, etc.), but not always, something you will see in IDA. Here a int.

To get the offset, to be used with [get|set]_pdata_[int|float] natives, you just divide the full offset by it's size : 300 / 4 = 75 = m_LastHitGroup

Just a simple example, it doesn't cover all situations (char/bool/short, etc.), just to show you fastly how you can retrieve them from IDA.
Interesting, looking forward to that tutorial ^^.
teh ORiON is offline
 



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT -4. The time now is 13:25.


Powered by vBulletin®
Copyright ©2000 - 2024, vBulletin Solutions, Inc.
Theme made by Freecode