Welcome
Ladies and Gents:

These forums are now closed and registration disabled.

Please join us at our new forum on Proboards. Our hope is that these new forums are more stable, provide more and better features, and allow continuation of the project forums in a safer, more secure, long term environment.

me3explorer.proboards.com

--The ME3Explorer Team

ME3 On The Hook

Technical research related to the structure of Mass Effect game files.

Re: ME3 On The Hook

Postby mnn » 23 May 2013, 22:28

First of all, I'm kind of disappointed :) You don't know that C# does have pointers. It's called unsafe code - http://msdn.microsoft.com/en-us/library/vstudio/t2yzs44b.aspx. :)

Second, I do understand how injected DLLs work - I actually use one. You don't remember my project I talked to you about? I hook Direct3D game with EasyHook and then I can easily use Direct3D of the hooked game inside the game process and at the same time I use regular C# (no unsafe code).

Third - the communication I use is .NET remoting. Works pretty well, though one have to be careful about "overloading" game process with too much of your own stuff (well that should apply to any kind of hooking).

So, I basically want to hook the game with C++/CLI library (that will use ME3OTH) and relay necessary information back to regular C# application. Since I've already done hooking via just "simple" C# DLL/library (and EasyHook library), I believe this is possible. It should be just a matter of studying C++/CLI and stuff around that.

Edit: looking at the ME3OTH source, seems like my original idea, how to hook the game, is going to get flushed down the toilet :(
mnn
User
 
Posts: 42
Joined: 22 Aug 2012, 17:10
Has thanked: 1 time
Have thanks: 15 time

Re: ME3 On The Hook

Postby WarrantyVoider » 24 May 2013, 06:24

why do you even ask me, if you know everything better? just do it and show me how cool you are...

PS:sure I know pointers in c#, look into dlc patcher code, I use them alot, but its like using gotos, you just dont and its not made for it...

Edit: "hooking the game" allready tipped me off, if you hook anything, than its functions...
always backup your files!
mess with the best or die like the rest!
"I tried everything!" - "mkay, please list that..." ; please dont pm me for help, we have a help section
User avatar
WarrantyVoider
Emeritus
 
Posts: 2270
Joined: 22 Aug 2012, 11:33
Has thanked: 480 time
Have thanks: 626 time

Re: ME3 On The Hook

Postby WarrantyVoider » 04 Jun 2013, 10:35

always backup your files!
mess with the best or die like the rest!
"I tried everything!" - "mkay, please list that..." ; please dont pm me for help, we have a help section
User avatar
WarrantyVoider
Emeritus
 
Posts: 2270
Joined: 22 Aug 2012, 11:33
Has thanked: 480 time
Have thanks: 626 time

Re: ME3 On The Hook

Postby Paigan » 20 Oct 2013, 19:41

Lololo malloc(). The last time I saw that I was still studying ^^.
Using a garbagecollected language (although Java, not C#) for >10 years now I sometimes wonder why game developers still live in the stone ages.

Apart from technology bragging: Awesome job, didn't think it would be possible (with bearable effort) to get so deep into the game.
Paigan
User
 
Posts: 4
Joined: 30 Dec 2012, 14:10
Has thanked: 0 time
Have thanks: 1 time

Re: ME3 On The Hook

Postby aimspams » 18 Aug 2014, 00:43

Offset for RU client:
Code: Select all
70DC87862DA9010AAD1ACD7D0C2C857B, 01AB5634;

aimspams has been thanked by:
aimspams
User
 
Posts: 3
Joined: 18 Aug 2014, 00:41
Has thanked: 1 time
Have thanks: 2 time

Re: ME3 On The Hook

Postby aimspams » 20 Aug 2014, 13:25

How to get bone location?
I'm trying this code (from apb aimbot):
FName BoneName;
BoneName.Index = Framework::FindName("Bip01_Head");
BoneName.Recursion = 0;
vHeadBone = WorldToScreen::World2( Canvas, Pawn->Mesh->GetBoneLocation( BoneName, 0 ));

but Pawn->Mesh->GetBoneLocation isn't declarated.
aimspams
User
 
Posts: 3
Joined: 18 Aug 2014, 00:41
Has thanked: 1 time
Have thanks: 2 time

Re: ME3 On The Hook

Postby WarrantyVoider » 31 Aug 2014, 20:33

hey there, sorry I missed your post, but it seems you have figured it out :) what was the solution?

greetz WV
always backup your files!
mess with the best or die like the rest!
"I tried everything!" - "mkay, please list that..." ; please dont pm me for help, we have a help section
User avatar
WarrantyVoider
Emeritus
 
Posts: 2270
Joined: 22 Aug 2012, 11:33
Has thanked: 480 time
Have thanks: 626 time

Re: ME3 On The Hook

Postby aimspams » 02 Sep 2014, 15:40

GetBoneLocation is declarated in game, but TheFeckless UE3 SDK Generator cant find these func.
i just added next code to Engine_classes.h (in class USkeletalMeshComponent : public UMeshComponent)
Spoiler:
// Function Engine.SkeletalMeshComponent.GetBoneNames
// [0x00420401] ( FUNC_Final | FUNC_Native )
// Parameters infos:
// TArray< struct FName > BoneNames ( CPF_Parm | CPF_OutParm | CPF_NeedCtorLink )

void USkeletalMeshComponent::GetBoneNames(TArray< struct FName >* BoneNames)
{
static UFunction* pFnGetBoneNames = NULL;

if (!pFnGetBoneNames)
pFnGetBoneNames = (UFunction*)UObject::GObjObjects()->Data[6952];

USkeletalMeshComponent_execGetBoneNames_Parms GetBoneNames_Parms;

pFnGetBoneNames->FunctionFlags |= ~0x400;

this->ProcessEvent(pFnGetBoneNames, &GetBoneNames_Parms, NULL);

pFnGetBoneNames->FunctionFlags |= 0x400;

if (BoneNames)
memcpy(BoneNames, &GetBoneNames_Parms.BoneNames, 0xC);
};

// Function Engine.SkeletalMeshComponent.GetParentBone
// [0x00020401] ( FUNC_Final | FUNC_Native )
// Parameters infos:
// struct FName ReturnValue ( CPF_Parm | CPF_OutParm | CPF_ReturnParm )
// struct FName BoneName ( CPF_Parm )

struct FName USkeletalMeshComponent::GetParentBone(struct FName BoneName)
{
static UFunction* pFnGetParentBone = NULL;

if (!pFnGetParentBone)
pFnGetParentBone = (UFunction*)UObject::GObjObjects()->Data[6946];

USkeletalMeshComponent_execGetParentBone_Parms GetParentBone_Parms;
memcpy(&GetParentBone_Parms.BoneName, &BoneName, 0x8);

pFnGetParentBone->FunctionFlags |= ~0x400;

this->ProcessEvent(pFnGetParentBone, &GetParentBone_Parms, NULL);

pFnGetParentBone->FunctionFlags |= 0x400;

return GetParentBone_Parms.ReturnValue;
};

// Function Engine.SkeletalMeshComponent.GetBoneMatrix
// [0x00020401] ( FUNC_Final | FUNC_Native )
// Parameters infos:
// struct FMatrix ReturnValue ( CPF_Parm | CPF_OutParm | CPF_ReturnParm )
// int BoneIndex ( CPF_Parm )

struct FMatrix USkeletalMeshComponent::GetBoneMatrix(int BoneIndex)
{
static UFunction* pFnGetBoneMatrix = NULL;

if (!pFnGetBoneMatrix)
pFnGetBoneMatrix = (UFunction*)UObject::GObjObjects()->Data[6943];

USkeletalMeshComponent_execGetBoneMatrix_Parms GetBoneMatrix_Parms;
GetBoneMatrix_Parms.BoneIndex = BoneIndex;

pFnGetBoneMatrix->FunctionFlags |= ~0x400;

this->ProcessEvent(pFnGetBoneMatrix, &GetBoneMatrix_Parms, NULL);

pFnGetBoneMatrix->FunctionFlags |= 0x400;

return GetBoneMatrix_Parms.ReturnValue;
};

// Function Engine.SkeletalMeshComponent.GetBoneName
// [0x00020401] ( FUNC_Final | FUNC_Native )
// Parameters infos:
// struct FName ReturnValue ( CPF_Parm | CPF_OutParm | CPF_ReturnParm )
// int BoneIndex ( CPF_Parm )

struct FName USkeletalMeshComponent::GetBoneName(int BoneIndex)
{
static UFunction* pFnGetBoneName = NULL;

if (!pFnGetBoneName)
pFnGetBoneName = (UFunction*)UObject::GObjObjects()->Data[6940];

USkeletalMeshComponent_execGetBoneName_Parms GetBoneName_Parms;
GetBoneName_Parms.BoneIndex = BoneIndex;

pFnGetBoneName->FunctionFlags |= ~0x400;

this->ProcessEvent(pFnGetBoneName, &GetBoneName_Parms, NULL);

pFnGetBoneName->FunctionFlags |= 0x400;

return GetBoneName_Parms.ReturnValue;
};

// Function Engine.SkeletalMeshComponent.MatchRefBone
// [0x00020401] ( FUNC_Final | FUNC_Native )
// Parameters infos:
// int ReturnValue ( CPF_Parm | CPF_OutParm | CPF_ReturnParm )
// struct FName BoneName ( CPF_Parm )

int USkeletalMeshComponent::MatchRefBone(struct FName BoneName)
{
static UFunction* pFnMatchRefBone = NULL;

if (!pFnMatchRefBone)
pFnMatchRefBone = (UFunction*)UObject::GObjObjects()->Data[6937];

USkeletalMeshComponent_execMatchRefBone_Parms MatchRefBone_Parms;
memcpy(&MatchRefBone_Parms.BoneName, &BoneName, 0x8);

pFnMatchRefBone->FunctionFlags |= ~0x400;

this->ProcessEvent(pFnMatchRefBone, &MatchRefBone_Parms, NULL);

pFnMatchRefBone->FunctionFlags |= 0x400;

return MatchRefBone_Parms.ReturnValue;
};

// Function Engine.SkeletalMeshComponent.GetBoneLocation
// [0x00024401] ( FUNC_Final | FUNC_Native )
// Parameters infos:
// struct FVector ReturnValue ( CPF_Parm | CPF_OutParm | CPF_ReturnParm )
// struct FName BoneName ( CPF_Parm )
// int Space ( CPF_OptionalParm | CPF_Parm )

struct FVector USkeletalMeshComponent::GetBoneLocation(struct FName BoneName, int Space)
{
static UFunction* pFnGetBoneLocation = NULL;

if (!pFnGetBoneLocation)
pFnGetBoneLocation = (UFunction*)UObject::GObjObjects()->Data[6933];

USkeletalMeshComponent_execGetBoneLocation_Parms GetBoneLocation_Parms;
memcpy(&GetBoneLocation_Parms.BoneName, &BoneName, 0x8);
GetBoneLocation_Parms.Space = Space;

pFnGetBoneLocation->FunctionFlags |= ~0x400;

this->ProcessEvent(pFnGetBoneLocation, &GetBoneLocation_Parms, NULL);

pFnGetBoneLocation->FunctionFlags |= 0x400;

return GetBoneLocation_Parms.ReturnValue;
};

// Function Engine.SkeletalMeshComponent.GetBoneQuaternion
// [0x00024401] ( FUNC_Final | FUNC_Native )
// Parameters infos:
// struct FQuat ReturnValue ( CPF_Parm | CPF_OutParm | CPF_ReturnParm )
// struct FName BoneName ( CPF_Parm )
// int Space ( CPF_OptionalParm | CPF_Parm )

struct FQuat USkeletalMeshComponent::GetBoneQuaternion(struct FName BoneName, int Space)
{
static UFunction* pFnGetBoneQuaternion = NULL;

if (!pFnGetBoneQuaternion)
pFnGetBoneQuaternion = (UFunction*)UObject::GObjObjects()->Data[6929];

USkeletalMeshComponent_execGetBoneQuaternion_Parms GetBoneQuaternion_Parms;
memcpy(&GetBoneQuaternion_Parms.BoneName, &BoneName, 0x8);
GetBoneQuaternion_Parms.Space = Space;

pFnGetBoneQuaternion->FunctionFlags |= ~0x400;

this->ProcessEvent(pFnGetBoneQuaternion, &GetBoneQuaternion_Parms, NULL);

pFnGetBoneQuaternion->FunctionFlags |= 0x400;

return GetBoneQuaternion_Parms.ReturnValue;
};

and
Spoiler:
// Function Engine.SkeletalMeshComponent.GetBoneNames
// [0x00420401] ( FUNC_Final | FUNC_Native )
struct USkeletalMeshComponent_execGetBoneNames_Parms
{
TArray< struct FName > BoneNames; // 0x0000 (0x000C) [0x0000000000400180] ( CPF_Parm | CPF_OutParm | CPF_NeedCtorLink )
};

// Function Engine.SkeletalMeshComponent.GetParentBone
// [0x00020401] ( FUNC_Final | FUNC_Native )
struct USkeletalMeshComponent_execGetParentBone_Parms
{
struct FName BoneName; // 0x0000 (0x0008) [0x0000000000000080] ( CPF_Parm )
struct FName ReturnValue; // 0x0008 (0x0008) [0x0000000000000580] ( CPF_Parm | CPF_OutParm | CPF_ReturnParm )
};

// Function Engine.SkeletalMeshComponent.GetBoneMatrix
// [0x00020401] ( FUNC_Final | FUNC_Native )
struct USkeletalMeshComponent_execGetBoneMatrix_Parms
{
int BoneIndex; // 0x0000 (0x0004) [0x0000000000000080] ( CPF_Parm )
struct FMatrix ReturnValue; // 0x0010 (0x0040) [0x0000000000000580] ( CPF_Parm | CPF_OutParm | CPF_ReturnParm )
};

// Function Engine.SkeletalMeshComponent.GetBoneName
// [0x00020401] ( FUNC_Final | FUNC_Native )
struct USkeletalMeshComponent_execGetBoneName_Parms
{
int BoneIndex; // 0x0000 (0x0004) [0x0000000000000080] ( CPF_Parm )
struct FName ReturnValue; // 0x0004 (0x0008) [0x0000000000000580] ( CPF_Parm | CPF_OutParm | CPF_ReturnParm )
};

// Function Engine.SkeletalMeshComponent.MatchRefBone
// [0x00020401] ( FUNC_Final | FUNC_Native )
struct USkeletalMeshComponent_execMatchRefBone_Parms
{
struct FName BoneName; // 0x0000 (0x0008) [0x0000000000000080] ( CPF_Parm )
int ReturnValue; // 0x0008 (0x0004) [0x0000000000000580] ( CPF_Parm | CPF_OutParm | CPF_ReturnParm )
};

// Function Engine.SkeletalMeshComponent.GetBoneLocation
// [0x00024401] ( FUNC_Final | FUNC_Native )
struct USkeletalMeshComponent_execGetBoneLocation_Parms
{
struct FName BoneName; // 0x0000 (0x0008) [0x0000000000000080] ( CPF_Parm )
int Space; // 0x0008 (0x0004) [0x0000000000000090] ( CPF_OptionalParm | CPF_Parm )
struct FVector ReturnValue; // 0x000C (0x000C) [0x0000000000000580] ( CPF_Parm | CPF_OutParm | CPF_ReturnParm )
};

// Function Engine.SkeletalMeshComponent.GetBoneQuaternion
// [0x00024401] ( FUNC_Final | FUNC_Native )
struct USkeletalMeshComponent_execGetBoneQuaternion_Parms
{
struct FName BoneName; // 0x0000 (0x0008) [0x0000000000000080] ( CPF_Parm )
int Space; // 0x0008 (0x0004) [0x0000000000000090] ( CPF_OptionalParm | CPF_Parm )
struct FQuat ReturnValue; // 0x0010 (0x0010) [0x0000000000000580] ( CPF_Parm | CPF_OutParm | CPF_ReturnParm )
};
to Engine_structs.h

aimspams has been thanked by:
aimspams
User
 
Posts: 3
Joined: 18 Aug 2014, 00:41
Has thanked: 1 time
Have thanks: 2 time

Re: ME3 On The Hook

Postby WarrantyVoider » 02 Sep 2014, 17:05

thanks alot! I reformatted your post for better reading :)

greetz WV
always backup your files!
mess with the best or die like the rest!
"I tried everything!" - "mkay, please list that..." ; please dont pm me for help, we have a help section
User avatar
WarrantyVoider
Emeritus
 
Posts: 2270
Joined: 22 Aug 2012, 11:33
Has thanked: 480 time
Have thanks: 626 time

Re: ME3 On The Hook

Postby TankMaster » 02 Sep 2014, 19:45

Nice work. I haven't had to deal with that area much, just toying around with other areas to perform dynamic array dumps, lol. That or setting accomplishments (single-player only) to completed or testing other things not usable via command prompt...
TankMaster
User
 
Posts: 173
Joined: 02 Nov 2012, 01:19
Location: Indiana
Has thanked: 6 time
Have thanks: 64 time

PreviousNext

Return to Technical Research

Who is online

Users browsing this forum: No registered users and 0 guests

cron
suspicion-preferred