Quote:
Originally Posted by KORD_12.7
I have used IDA and yours with Arkshine tutorials to find ag offsets. 
And one man helped me to find op4 offsets without linux binary (but not shure if they 100% right, need to check  ).
Op4 offsets not the same as hldm. I have tested some hl plugins in op4 with "@mirror valve gearbox" and there was crashes. |
Ok
. I asked because I was curious to know other techniques and for "base" and "pev" me and Arkshine didn't even have one that didn't deal with making c++ code to figure them out brute force style but we figured out today a clean way to get them
Arkshine added the offsets, you can check it here:
https://github.com/joaquimandrade/Hamsandwich-Update
Now, I don't know if he tested them but since there is no linux binary what you can do to put it together yourself is to start from the first function and try to find the first that makes it crash. If you find it try to see if you add +1 it doesn't crash anymore (try this 3 times). If it works as It should increase the next offsets of the list by the same amount you increased that one. If it doesn't maybe they have different headers so pass to the next function and tell us
Example:
Code:
scream 32
dance 33
shut 34
stuff 35
levitate 36
"dance" crashes.
Make it 34.
It works? make shut 35, stuff 36, levitate 37.
It doesn't? make it 35.
It works? make shut 36, stuff 37, levitate 38.
It doesn't? make it 36
It works? make shut 37, stuff 38, levitate 39.
It doesn't? ignore it and check shut.
Threaded Mode