Overwatch client dump/idb menu

User Tag List

Results 1 to 10 of 10
  1. #1
    aeo's Avatar Contributor
    Reputation
    126
    Join Date
    Apr 2007
    Posts
    270
    Thanks G/R
    84/62
    Trade Feedback
    7 (100%)
    Mentioned
    2 Post(s)
    Tagged
    0 Thread(s)

    Overwatch client dump/idb

    Guys,

    Here is the client I dumped with scylla and opened in IDA. Nothing more then that but can start to explore.

    https://drive.google.com/file/d/0B7s...ew?usp=sharing

    Hope we can get the ball rolling soon
    Ace

    Overwatch client dump/idb
  2. Thanks jppgibbs, mail0r, Torpedoes, h42 (4 members gave Thanks to aeo for this useful post)
  3. #2
    Torpedoes's Avatar ★ Elder ★ Doomsayer
    Authenticator enabled
    Reputation
    1147
    Join Date
    Sep 2013
    Posts
    956
    Thanks G/R
    148/415
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Originally Posted by aeo View Post
    Here is the client I dumped with scylla and opened in IDA. Nothing more then that but can start to explore.

    Hope we can get the ball rolling soon
    Thanks, I've made some excellent progress in the world of deep scanning and memory analysis, specifically in Legacy of the Void. If that game is any indication then standard methods of reverse engineering will probably fail due to automatic obfuscation. Every patch now it seems that all static pointers get messed up somehow, so perhaps start thinking of other strategies. When I get access I'll be able to see if any of my techniques can be applied for something like a quick ESP or Aimbot. Though it won't be as trivial as TF2 or CS :-P

  4. #3
    aeo's Avatar Contributor
    Reputation
    126
    Join Date
    Apr 2007
    Posts
    270
    Thanks G/R
    84/62
    Trade Feedback
    7 (100%)
    Mentioned
    2 Post(s)
    Tagged
    0 Thread(s)
    Yeah that's where I am at now, no access so its hard to realtime debug. However, everytime i attach x64dbg the process terminates even with scyllahide plugin so Im not sure what they are doing to protect it.

    Why cant they just be like WoW and accidently release a .pdb

  5. #4
    Torpedoes's Avatar ★ Elder ★ Doomsayer
    Authenticator enabled
    Reputation
    1147
    Join Date
    Sep 2013
    Posts
    956
    Thanks G/R
    148/415
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Originally Posted by aeo View Post
    Everytime i attach x64dbg the process terminates even with scyllahide plugin so Im not sure what they are doing to protect it.
    They're doing something serious, but VEH mode works (for now) so give that a shot.

    Originally Posted by aeo View Post
    Why cant they just be like WoW and accidently release a .pdb
    That would be the dream!
    Last edited by Torpedoes; 10-30-2015 at 05:25 PM.

  6. #5
    aeo's Avatar Contributor
    Reputation
    126
    Join Date
    Apr 2007
    Posts
    270
    Thanks G/R
    84/62
    Trade Feedback
    7 (100%)
    Mentioned
    2 Post(s)
    Tagged
    0 Thread(s)
    From what I have read the protection they use is called guardit . Not much info on it avaliable

  7. #6
    crazian's Avatar Member
    Reputation
    1
    Join Date
    Mar 2013
    Posts
    3
    Thanks G/R
    0/0
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    :shh:hopefully we can work a way around and the first thing i would do is to the find the address for the widomaker recon skill, it's the build in esp in game, i am guessing after casting it, client sends a trigger message to the server and then whole team got the recon message, if we can just lock the address for the recon skill to never run out locally, this might be the perfect esp, or maybe keep fake receiving the recon skill on client side, but it might be very easy to get detected:gusta:

  8. #7
    Saridormi's Avatar Contributor
    Reputation
    306
    Join Date
    Mar 2007
    Posts
    556
    Thanks G/R
    19/16
    Trade Feedback
    1 (100%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)


    :|
    Attached Thumbnails Attached Thumbnails Overwatch client dump/idb-yvpmnep-png  


  9. #8
    Midi12's Avatar Contributor
    Reputation
    90
    Join Date
    Sep 2012
    Posts
    182
    Thanks G/R
    6/13
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Originally Posted by Saridormi View Post


    :|
    patch ida64.wll :3
    92izii !

  10. #9
    maper's Avatar Elite User __readgsqword(0x188); CoreCoins Purchaser
    Reputation
    496
    Join Date
    Nov 2013
    Posts
    356
    Thanks G/R
    26/353
    Trade Feedback
    0 (0%)
    Mentioned
    3 Post(s)
    Tagged
    0 Thread(s)
    Originally Posted by aeo View Post
    Yeah that's where I am at now, no access so its hard to realtime debug. However, everytime i attach x64dbg the process terminates even with scyllahide plugin so Im not sure what they are doing to protect it.
    Super old post, but since the thread was revived anyway I just wanted to comment on this.

    I haven't taken a look myself, so this is all conjecture, but they probably have the game client attach to itself as the primary debugger. This prevents other processes from attaching themselves. This would also explain why VEH mode on debuggers would still work, as a process can have multiple vectored exception handlers installed at one time, but only one active debugger.

  11. #10
    Torpedoes's Avatar ★ Elder ★ Doomsayer
    Authenticator enabled
    Reputation
    1147
    Join Date
    Sep 2013
    Posts
    956
    Thanks G/R
    148/415
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Originally Posted by Maper View Post
    Super old post, but since the thread was revived anyway I just wanted to comment on this.

    I haven't taken a look myself, so this is all conjecture, but they probably have the game client attach to itself as the primary debugger. This prevents other processes from attaching themselves. This would also explain why VEH mode on debuggers would still work, as a process can have multiple vectored exception handlers installed at one time, but only one active debugger.
    Nah, not even VEH debugging works anymore. The game does not have any debugger attached but crashes as soon as it detects one through TLS callbacks and whatnot.

  12. Thanks maper (1 members gave Thanks to Torpedoes for this useful post)

Similar Threads

  1. Showing overwatch in client
    By sjaak12309 in forum Overwatch Exploits|Hacks
    Replies: 9
    Last Post: 10-15-2015, 04:19 PM
  2. Showing overwatch in client
    By sjaak12309 in forum FPS Game Discussions
    Replies: 8
    Last Post: 04-29-2015, 03:12 PM
  3. [Wow][4.0.0.11927][Cata Alpha Client] Info Dump Thread
    By Nesox in forum WoW Memory Editing
    Replies: 27
    Last Post: 06-21-2010, 07:47 AM
  4. How to change models and textures client side only
    By Matt in forum World of Warcraft Guides
    Replies: 9
    Last Post: 11-29-2006, 12:35 AM
  5. World of Warcraft Naked Patch (Client-Side Only)
    By Matt in forum World of Warcraft Exploits
    Replies: 2
    Last Post: 05-19-2006, 10:33 PM
All times are GMT -5. The time now is 01:19 PM. Powered by vBulletin® Version 4.2.3
Copyright © 2024 vBulletin Solutions, Inc. All rights reserved. User Alert System provided by Advanced User Tagging (Pro) - vBulletin Mods & Addons Copyright © 2024 DragonByte Technologies Ltd.
Digital Point modules: Sphinx-based search