Raised This Month: $7 Target: $400
 1% 

[IDA/DHooks]How to get vtable offsets


Post New Thread Reply   
 
Thread Tools Display Modes
berni
SourceMod Plugin Approver
Join Date: May 2007
Location: Austria
Old 04-13-2015 , 16:24   Re: [IDA/DHooks]How to get vtable offsets
Reply With Quote #21

Well, at first you need a Disassembler like IDA, to analyze the binary.

Every compiled function has a signature. You can think of a signature as a unique byte pattern after the binary executable file is loaded into memory. But signatures are a bit trickier to create, because the function signature alone is most times not enough (I think), so you need some bytes from the function body too or the surrounding, and those bytes can vary, so you need to replace them with placeholders, that needs some basic assembler knowledge, more info: https://wiki.alliedmods.net/Signature_scanning

Offsets on the other side are much easier, because all you need to know to identify a unique function is the class of the object (in C++ mangled format, like _ZTV13CTerrorPlayer) and the virtual function index. _ZTV13CTerrorPlayer is encoded name and means "Virtual table of class CTerrorPlayer".
Offsets are much easier to find because you can just read the Vtable index of a class, but they also often break very fast because new functions are added, or functions are removed, and then the offsets is not correct anymore... more info: https://forums.alliedmods.net/showthread.php?t=191171
https://forums.alliedmods.net/showthread.php?t=191328

As a beginner, you will most times want to use the offset because it's easier to find.
__________________
Why reinvent the wheel ? Download smlib with over 350 useful functions.

When people ask me "Plz" just because it's shorter than "Please" I feel perfectly justified to answer "No" because it's shorter than "Yes"
powered by Core i7 3770k | 32GB DDR3 1886Mhz | 2x Vertex4 SSD Raid0
berni is offline
Chdata
Veteran Member
Join Date: Aug 2012
Location: Computer Chair, Illinois
Old 04-13-2015 , 18:15   Re: [IDA/DHooks]How to get vtable offsets
Reply With Quote #22

Ah so the /#FF stuff in gamedata were unique opcodes from functions.
__________________
Chdata is offline
Spirit_12
Veteran Member
Join Date: Dec 2012
Location: Toronto, CA
Old 02-27-2016 , 17:45   Re: [IDA/DHooks]How to get vtable offsets
Reply With Quote #23

I'm trying to find the offset value for CTerrorGameRules::CalculateSurvivalMultiplier in L4D2, but failed every time. This is what I was able to extract from the vtable. Can anyone help me here?

PHP Code:
// Auto reconstructed from vtable block @ 0x00BB8BE0
// from "server_srv.so", by ida_vtables.idc
0    CGameRules::Name(void)
1    CMultiplayRules::Init(void)
2    CBaseGameSystemPerFrame::PostInit(void)
3    CBaseGameSystemPerFrame::Shutdown(void)
4    CTerrorGameRules::LevelInitPreEntity(void)
5    CTerrorGameRules::LevelInitPostEntity(void)
6    CBaseGameSystemPerFrame::LevelShutdownPreEntity(void)
7    CBaseGameSystemPerFrame::LevelShutdownPostEntity(void)
8    CBaseGameSystemPerFrame::OnSave(void)
9    CBaseGameSystemPerFrame::OnRestore(void)
10    CBaseGameSystemPerFrame::SafeRemoveIfDesired(void)
11    CBaseGameSystemPerFrame::IsPerFrame(void)
12    CTerrorGameRules::~CTerrorGameRules()
13    CTerrorGameRules::~CTerrorGameRules()
14    CBaseGameSystemPerFrame::FrameUpdatePreEntityThink(void)
15    CGameRules::FrameUpdatePostEntityThink(void)
16    CBaseGameSystemPerFrame::PreClientUpdate(void)
17    CMultiplayRules::Damage_IsTimeBased(int)
18    CMultiplayRules::Damage_ShouldGibCorpse(int)
19    CMultiplayRules::Damage_ShowOnHUD(int)
20    CMultiplayRules::Damage_NoPhysicsForce(int)
21    CMultiplayRules::Damage_ShouldNotBleed(int)
22    CTerrorGameRules::Damage_GetTimeBased(void)
23    CMultiplayRules::Damage_GetShouldGibCorpse(void)
24    CTerrorGameRules::Damage_GetShowOnHud(void)
25    CTerrorGameRules::Damage_GetNoPhysicsForce(void)
26    CMultiplayRules::Damage_GetShouldNotBleed(void)
27    CMultiplayRules::SwitchToNextBestWeapon(CBaseCombatCharacter *,CBaseCombatWeapon *)
28    CCSGameRules::GetNextBestWeapon(CBaseCombatCharacter *,CBaseCombatWeapon *)
29    CCSGameRules::ShouldCollide(int,int)
30    CCSGameRules::DefaultFOV(void)
31    CTerrorGameRules::GetViewVectors(void)const
32    CTerrorGameRules::GetAmmoDamage(CBaseEntity *,CBaseEntity *,int)
33    CGameRules::GetDamageMultiplier(void)
34    CMultiplayRules::IsMultiplayer(void)
35    CTerrorGameRules::GetEncryptionKey(void)
36    CTerrorGameRules::InRoundRestart(void)
37    CTerrorGameRules::CheckAchievementsEnabled(int)
38    CMultiplayRules::GetTaggedConVarList(KeyValues *)
39    CTerrorGameRules::OnBeginChangeLevel(char const*)
40    CCSGameRules::LevelShutdown(void)
41    CTeamplayRules::Precache(void)
42    CMultiplayRules::RefreshSkillData(bool)
43    CTerrorGameRules::Think(void)
44    CMultiplayRules::IsAllowedToSpawn(CBaseEntity *)
45    CCSGameRules::EndGameFrame(void)
46    CGameRules::IsSkillLevel(int)
47    CGameRules::GetSkillLevel(void)
48    CGameRules::OnSkillLevelChanged(int)
49    CGameRules::SetSkillLevel(int)
50    CMultiplayRules::FAllowFlashlight(void)
51    CTerrorGameRules::FShouldSwitchWeapon(CBasePlayer *,CBaseCombatWeapon *)
52    CMultiplayRules::IsDeathmatch(void)
53    CTeamplayRules::IsTeamplay(void)
54    CMultiplayRules::IsCoOp(void)
55    CTerrorGameRules::GetGameDescription(void)
56    CTerrorGameRules::ClientConnected(edict_t *,char const*,char const*,char *,int)
57    CTeamplayRules::InitHUD(CBasePlayer *)
58    CTerrorGameRules::ClientDisconnected(edict_t *)
59    CTerrorGameRules::FlPlayerFallDamage(CBasePlayer *)
60    CTeamplayRules::FPlayerCanTakeDamage(CBasePlayer *,CBaseEntity *)
61    CTeamplayRules::ShouldAutoAim(CBasePlayer *,edict_t *)
62    CGameRules::GetAutoAimScale(CBasePlayer *)
63    CTerrorGameRules::GetAutoAimMode(void)
64    CGameRules::ShouldUseRobustRadiusDamage(CBaseEntity *)
65    CCSGameRules::RadiusDamage(CTakeDamageInfo const&,Vector const&,float,int,CBaseEntity *)
66    CCSGameRules::FlPlayerFallDeathDoesScreenFade(CBasePlayer *)
67    CMultiplayRules::AllowDamage(CBaseEntity *,CTakeDamageInfo const&)
68    CTerrorGameRules::PlayerSpawn(CBasePlayer *)
69    CMultiplayRules::PlayerThink(CBasePlayer *)
70    CTerrorGameRules::FPlayerCanRespawn(CBasePlayer *)
71    CMultiplayRules::FlPlayerSpawnTime(CBasePlayer *)
72    CTerrorGameRules::GetPlayerSpawnSpot(CBasePlayer *)
73    CCSGameRules::IsSpawnPointValid(CBaseEntity *,CBasePlayer *)
74    CMultiplayRules::AllowAutoTargetCrosshair(void)
75    CCSGameRules::ClientCommand(CBaseEntity *,CCommand const&)
76    CTerrorGameRules::ClientSettingsChanged(CBasePlayer *)
77    CTeamplayRules::IPointsForKill(CBasePlayer *,CBasePlayer *)
78    CTerrorGameRules::PlayerKilled(CBasePlayer *,CTakeDamageInfo const&)
79    CCSGameRules::DeathNotice(CBasePlayer *,CTakeDamageInfo const&)
80    CGameRules::GetDamageCustomString(CTakeDamageInfo const&)
81    CGameRules::AdjustPlayerDamageInflicted(float)
82    CGameRules::AdjustPlayerDamageTaken(CTakeDamageInfo *)
83    CMultiplayRules::CanHavePlayerItem(CBasePlayer *,CBaseCombatWeapon *)
84    CMultiplayRules::WeaponShouldRespawn(CBaseCombatWeapon *)
85    CMultiplayRules::FlWeaponRespawnTime(CBaseCombatWeapon *)
86    CMultiplayRules::FlWeaponTryRespawn(CBaseCombatWeapon *)
87    CMultiplayRules::VecWeaponRespawnSpot(CBaseCombatWeapon *)
88    CMultiplayRules::CanHaveItem(CBasePlayer *,CItem *)
89    CMultiplayRules::PlayerGotItem(CBasePlayer *,CItem *)
90    CMultiplayRules::ItemShouldRespawn(CItem *)
91    CMultiplayRules::FlItemRespawnTime(CItem *)
92    CMultiplayRules::VecItemRespawnSpot(CItem *)
93    CMultiplayRules::VecItemRespawnAngles(CItem *)
94    CGameRules::CanHaveAmmo(CBaseCombatCharacter *,int)
95    CGameRules::CanHaveAmmo(CBaseCombatCharacter *,char const*)
96    CMultiplayRules::PlayerGotAmmo(CBaseCombatCharacter *,char *,int)
97    CGameRules::GetAmmoQuantityScale(int)
98    CCSGameRules::InitDefaultAIRelationships(void)
99    CCSGameRules::AIClassText(int)
100    CMultiplayRules::FlHealthChargerRechargeTime(void)
101    CMultiplayRules::FlHEVChargerRechargeTime(void)
102    CMultiplayRules::DeadPlayerWeapons(CBasePlayer *)
103    CMultiplayRules::DeadPlayerAmmo(CBasePlayer *)
104    CTeamplayRules::GetTeamID(CBaseEntity *)
105    CTeamplayRules::PlayerRelationship(CBaseEntity *,CBaseEntity *)
106    CTeamplayRules::PlayerCanHearChat(CBasePlayer *,CBasePlayer *)
107    CGameRules::CheckChatText(CBasePlayer *,char *)
108    CTeamplayRules::GetTeamIndex(char const*)
109    CTeamplayRules::GetIndexedTeamName(int)
110    CTeamplayRules::IsValidTeam(char const*)
111    CTeamplayRules::ChangePlayerTeam(CBasePlayer *,char const*,bool,bool)
112    CCSGameRules::SetDefaultPlayerTeam(CBasePlayer *)
113    CCSGameRules::UpdateClientData(CBasePlayer *)
114    CCSGameRules::PlayTextureSounds(void)
115    CMultiplayRules::PlayFootstepSounds(CBasePlayer *)
116    CGameRules::AllowSoundscapes(void)
117    CCSGameRules::FAllowNPCs(void)
118    CMultiplayRules::EndMultiplayerGame(void)
119    CTerrorGameRules::WeaponTraceEntity(CBaseEntity *,Vector const&,Vector const&,unsigned int,CGameTrace *)
120    CTerrorGameRules::InitScripts(void)
121    CTerrorGameRules::CreateStandardEntities(void)
122    CTerrorGameRules::GetChatPrefix(bool,CBasePlayer *)
123    CTerrorGameRules::GetChatLocation(bool,CBasePlayer *)
124    CTerrorGameRules::GetChatFormat(bool,CBasePlayer *)
125    CGameRules::ShouldBurningPropsEmitLight(void)
126    CGameRules::CanEntityBeUsePushed(CBaseEntity *)
127    CCSGameRules::CreateCustomNetworkStringTables(void)
128    CGameRules::MarkAchievement(IRecipientFilter &,char const*)
129    CMultiplayRules::ResetMapCycleTimeStamp(void)
130    CTerrorGameRules::UpdateGameplayStatsFromSteam(void)
131    CGameRules::DoFindClientInPVS(edict_t *,unsigned char *,unsigned int)
132    CGameRules::GetGameTypeName(void)
133    CGameRules::GetGameType(void)
134    CGameRules::ForceSplitScreenPlayersOnToSameTeam(void)
135    CGameRules::IsTopDown(void)
136    CGameRules::GetTopDownMovementAxis(void)
137    CTerrorGameRules::GetMaxHumanPlayers(void)const
138    CMultiplayRules::GetDeathScorer(CBaseEntity *,CBaseEntity *,CBaseEntity *)
139    CMultiplayRules::VoiceCommand(CBaseMultiplayerPlayer *,int,int)
140    CMultiplayRules::HandleTimeLimitChange(void)
141    CMultiplayRules::InitCustomResponseRulesDicts(void)
142    CMultiplayRules::ShutdownCustomResponseRulesDicts(void)
143    CMultiplayRules::UseSuicidePenalty(void)
144    CMultiplayRules::GetNextLevelName(char *,int,bool)
145    CMultiplayRules::ChangeLevel(void)
146    CCSGameRules::GoToIntermission(void)
147    CTeamplayRules::GetCaptureValueForPlayer(CBasePlayer *)
148    CTeamplayRules::TeamMayCapturePoint(int,int)
149    CTeamplayRules::PlayerMayCapturePoint(CBasePlayer *,int,char *,int)
150    CTeamplayRules::PlayerMayBlockPoint(CBasePlayer *,int,char *,int)
151    CTeamplayRules::PointsMayBeCaptured(void)
152    CTeamplayRules::SetLastCapPointChanged(int)
153    CTeamplayRules::TimerMayExpire(void)
154    CTeamplayRules::SetWinningTeam(int,int,bool,bool,bool)
155    CTeamplayRules::SetStalemate(int,bool,bool)
156    CTeamplayRules::SetSwitchTeams(bool)
157    CTeamplayRules::ShouldSwitchTeams(void)
158    CTeamplayRules::HandleSwitchTeams(void)
159    CTeamplayRules::SetScrambleTeams(bool)
160    CTeamplayRules::ShouldScrambleTeams(void)
161    CTeamplayRules::HandleScrambleTeams(void)
162    CTerrorGameRules::PlayersAllowedToAttack(void)const
163    CTerrorGameRules::GetBuyTimeLength(void)const
164    CTerrorGameRules::PopulateDeathEvent(IGameEvent *,CBaseEntity const*,CBaseCombatCharacter const*,CTakeDamageInfo const&)
165    CTerrorGameRules::DoesEntityBlockExplosions(CBaseEntity *)const
166    CCSGameRules::DeathNoticeForEntity(CBaseCombatCharacter *,CTakeDamageInfo const&)
167    CTerrorGameRules::CheckRoundTimeExpired(void)
168    CTerrorGameRules::CheckWinConditions(void)
169    CTerrorGameRules::TerminateRound(float,int)
170    CTerrorGameRules::TeamFull(int)
171    CCSGameRules::CheckGameOver(void)
172    CCSGameRules::CheckMaxRounds(void)
173    CCSGameRules::CheckWinLimit(void)
174    CCSGameRules::CheckFragLimit(void)
175    CTerrorGameRules::CheckRestartRound(void)
176    CTerrorGameRules::NeededPlayersCheck(bool &)
177    CCSGameRules::SetAllowWeaponSwitch(bool)
178    CCSGameRules::GetAllowWeaponSwitch(void)
179    CTerrorGameRules::RestartRound(void)
180    CTerrorGameRules::CleanUpMap(void)
181    CTerrorGameRules::PopulateDeathEvent(KeyValues *,CBaseEntity const*,CBaseCombatCharacter const*,CTakeDamageInfo const&)
182    CTerrorGameRules::TrackPlayerZombieDamage(CTerrorPlayer *,int,bool)
183    CTerrorGameRules::GetPlayerZombieDamage(ZombieClassType,bool)
184    CTerrorGameRules::ClearPlayerZombieDamage(void
Am I looking at the wrong table?
__________________
Spirit_12 is offline
asherkin
SourceMod Developer
Join Date: Aug 2009
Location: OnGameFrame()
Old 02-27-2016 , 18:04   Re: [IDA/DHooks]How to get vtable offsets
Reply With Quote #24

Are you sure the function is virtual? Doesn't look like it.
__________________
asherkin is offline
Spirit_12
Veteran Member
Join Date: Dec 2012
Location: Toronto, CA
Old 02-27-2016 , 19:39   Re: [IDA/DHooks]How to get vtable offsets
Reply With Quote #25

I'm clueless when it comes to offsets. If the function is not virtual, then where would I find its offset?
__________________
Spirit_12 is offline
asherkin
SourceMod Developer
Join Date: Aug 2009
Location: OnGameFrame()
Old 02-27-2016 , 19:40   Re: [IDA/DHooks]How to get vtable offsets
Reply With Quote #26

You wouldn't - it doesn't have one. You'll need to use a signature instead.
__________________
asherkin is offline
Spirit_12
Veteran Member
Join Date: Dec 2012
Location: Toronto, CA
Old 02-27-2016 , 19:45   Re: [IDA/DHooks]How to get vtable offsets
Reply With Quote #27

The extension that I'm looking at uses both. It uses offset + signatures. This is from L4D2 8+ player bug fixes extension. I've seen the same on Spummer's hardmod plugin. What could be the use of it then?

PHP Code:
/* created by V10 aka maldersoft */
"Games"
{
    
"left4dead2"
    
{    
        
"Offsets"
        
{
            
"WitchAttackCharaster"
            
{
                
"windows"    "275"
                "linux"        "14"
            
}
            
            
"SurvivorCounters"
            
{
                
"windows"    "1056"
                "linux"        "1048"
            
}
                        
            
/* Offset into CDirectorMusicBanks::OnRoundStart */
            
"TheDirector"
            
{
                
"windows"    "12"
            
}            
        }
        
"Signatures"
        
{
            
"WitchAttack::WitchAttack"
            
{
                
"library"    "server"
                "windows"    "\x55\x8b\xec\x83\xec\x10\x53\x33\xdb\x56\x8b\xf1\xc7\x46*****\xc7\x46*****\x89\x5d\xf0\x89\x5d\xf4\xf3****\x66\x0f\xd6\x46*\x57\x89\x5d*\x89\x5d*\xf3****\x89\x5e*\x89\x5e*\x89\x5e*\x89\x5e*\x89\x5e*\x89\x5e*\x66\x89\x5e*\x66\x0f\xd6\x46*\xc7\x06****\xc7\x46*****\x53\x8d\x4e*\xc7\x46"
                "linux"        "@_ZN11WitchAttackC1EP11CBaseEntity"
            
}
        
            
"CCharge::HandleCustomCollision_code"
            
{
                
"library"    "server"
                "windows"    "\x0f\x85***\x00\xc6\x00\x01\x8b\x15****\xf3\x0f\x10\x42*\xf3\x0f\x59\xc0\x0f"
                "linux"        "\x0F\x85**\xFF\xFF\xC6\x84****\x00\x01\xF3\x0F\x58\xC1\xA1****\xF3\x0F\x58\xC2\xF3"
            
}
            
"CCharge::HandleCustomCollision"
            
{
                
"library"    "server"
                "windows"    "\x55\x8b\xec\x81\xec**\x00\x00\xa1****\x33\xc5\x89\x45*\x8b\x45*\x53\x8b\xd9\x89\x45*\x8b\x83**\x00\x00\x56\x8b\x75"
                "linux"        "@_ZN7CCharge21HandleCustomCollisionEP11CBaseEntityRK6VectorS4_P10CGameTraceP9CMoveData"
            
}
            
            
"CTerrorGameRules::CalculateSurvivalMultiplier"
            
{
                
"library"    "server"
                "windows"    "\x55\x8b\xec\x83\xec*\x80\x7d*\x00\x53\x56\x8b\xd9\x0f\x84**\x00\x00"
                "linux"        "@_ZN16CTerrorGameRules27CalculateSurvivalMultiplierEb"
            
}
            
            
"TheDirector"
            
{
                
"library"    "server"
                "linux"        "@TheDirector"
            
}
            
"DirectorMusicBanks::OnRoundStart"
            
{
                
"library"    "server"
                "windows"   "\x55\x8b\xec\x83\xec*\x56\x57\x8b\xf9\x8b\x0d****\xe8****\x84\xc0\x0f\x85"
            
}
            
"CDirector::AreTeamsFlipped"
            
{
                
"library"    "server"
                "windows"   "\x57\x8b\xf9\xe8****\x84\xc0\x75*\xf7\x05*******\x00\x56\x74*\xbe"
                "linux"        "@_ZNK9CDirector15AreTeamsFlippedEv"
            
}
            
        }
    }

__________________
Spirit_12 is offline
Miu
Veteran Member
Join Date: Nov 2013
Old 02-28-2016 , 20:47   Re: [IDA/DHooks]How to get vtable offsets
Reply With Quote #28

CTerrorGameRules::CalculateSurvivalMultiplier is in the signatures list of the gamedata you posted, not the offsets
Miu is offline
Spirit_12
Veteran Member
Join Date: Dec 2012
Location: Toronto, CA
Old 03-01-2016 , 19:55   Re: [IDA/DHooks]How to get vtable offsets
Reply With Quote #29

PHP Code:
int g_SurvivorCountsOffset = -1;

charSurvCounts=((char*)this)+g_SurvivorCountsOffset;

g_pGameConf->GetOffset("SurvivorCounters",&g_SurvivorCountsOffset); 
These are the 3 incidents where this offset is being used. Am I looking at the wrong function then?

Extension Thread: https://forums.alliedmods.net/showthread.php?t=121945
__________________
Spirit_12 is offline
Miu
Veteran Member
Join Date: Nov 2013
Old 03-01-2016 , 22:19   Re: [IDA/DHooks]How to get vtable offsets
Reply With Quote #30

You were talking about "CTerrorGameRules::CalculateSurvivalMultiplie r" before, not "SurvivorCounters", and it looks like it's not a virtual method, but the offset of a member of CTerrorGameRules
Miu is offline
Reply


Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT -4. The time now is 05:51.


Powered by vBulletin®
Copyright ©2000 - 2024, vBulletin Solutions, Inc.
Theme made by Freecode