arm-mah-gerd (macOS since 10.2.6 53989)

**scizzydo** · 4 Weeks Ago

Since there has been all this talk of mac & arm in the memory editing section, I decided to create this specific thread. Attached are some of the patterns I've found so far in converting my wow tool over to macOS (I will just leave patterns, not structures here)

Code:

SETUP_PATTERN(g_WoWClientDB2__Spell, "FD 83 00 91 X ? ? ? ? 73 ? ? 91 ? ? ? ? 21 ? ? 91 E0 03 13 AA /da");
SETUP_PATTERN(ptUnkForQuestObjectiveCache, "? ? ? ? 94 ? ? 91 E0 ? ? AA ? ? ? ? E0 ? ? AA E1 ? ? AA 02 ? ? 52 FD ? ? A9 F4 ? ? A8 ? ? ? ? ? ? ? ? 68 /da");
SETUP_PATTERN(CGQuestObjectiveCache__ObjectTrackedInQuest, "E1 ? ? AA 02 ? ? 52 FD ? ? A9 F4 ? ? A8 X ? ? ? ? ? ? ? ? 68 /da");
SETUP_PATTERN(CMissile__s_inFlightMissileList, "09 ? ? F9 X ? ? ? ? 08 ? ? 91 68 ? ? F9 ? ? ? ? 28 ? ? F9 68 ? ? F9 /da");
SETUP_PATTERN(s_spellShadowPos, "89 ? ? ? X ? ? ? ? B5 ? ? 91 E9 ? ? B9 /da");
SETUP_PATTERN(g_lasthardwareaction, "02 ? ? 0A X ? ? ? ? 1F 20 03 D5 /da");
SETUP_PATTERN(s_curMgr, "? ? ? ? 08 ? ? F9 09 81 04 91 /da");
SETUP_PATTERN(g_lua_taintedclosure, "09 ? ? F9 08 ? ? ? 68 ? ? ? X ? ? ? ? 1F 20 03 D5 /da");
SETUP_PATTERN(g_lua_taint, "E0 ? ? AA ? ? ? ? X ? ? ? ? 1F 20 03 D5 08 ? ? F9 E8 ? ? F9 ? ? ? ? 21 /da");
SETUP_PATTERN(g_lua_context, "FD ? ? ? X ? ? ? ? 60 ? ? F9  ? ? ? ? 21 ? ? 91 02 ? ? 52 ? ? ? ? 60 /da");
SETUP_PATTERN(g_type_table, "E0 ? ? BD E8 ? ? 39 X ? ? ? ? 18 ? ? 91 08 ? ? ? 00 /da");
SETUP_PATTERN(g_MouseoverGUID, "09 ? ? F9 29 ? ? ? X ? ? ? ? B5 ? ? 91 3F /da");
SETUP_PATTERN(g_game_state, "C0 03 5F D6 X ? ? ? ? 08 ? ? 79 00 ? ? 53 C0 03 5F D6 /da");
SETUP_PATTERN(g_screen_ratio_compensation, "00 ? ? BD X ? ? ? ? 00 ? ? 91 ? ? ? ? ? ? ? ? ? ? ? ? 00 ? ? 91 /da");
SETUP_PATTERN(g_unkContainsMouse, "C0 03 5F D6 X ? ? ? ? 1F 20 03 D5 08 ? ? F9 09 ? ? F9 /da");
SETUP_PATTERN(g_CurFrame, "1F ? ? 39 X ? ? ? ? 18 ? ? 91 14 03 40 F9 /da");
SETUP_PATTERN(g_corpse, "68 ? ? B9 X ? ? ? ? 94 ? ? 91 69 ? ? B9 88 ? ? B9 /da");
SETUP_PATTERN(g_zone, "68 ? ? B9 X ? ? ? ? 28 ? ? B9 ? ? ? ? ? ? ? ? 00 ? ? 91 /da");
SETUP_PATTERN(CGGameUI__HandleTerrainClick, "1F 05 00 71 ? ? ? ? E0 ? ? AA X ? ? ? ? 60 ? ? ? 88 /da");
SETUP_PATTERN(GUIDToString, "E0 ? ? AA 02 ? ? 52 X ? ? ? ? 88 ? ? ? 80 /da");
SETUP_PATTERN(g_spellDB, "1F 00 00 F1 F6 ? ? ? X ? ? ? ? 00 ? ? 91 E3 ? ? 91 E1 ? ? AA /da");
SETUP_PATTERN(WowClientCompressedDBCache__GetRecord, "1F 00 00 F1 F6 ? ? ? ? ? ? ? 00 ? ? 91 E3 ? ? 91 E1 ? ? AA 02 ? ? ? X ? /da");
SETUP_PATTERN(CUnitDisplay__GetCurrentAnimation, "C8 ? ? ? E0 ? ? AA 21 ? ? 52 X ? ? ? ? E1 ? ? AA ? ? ? ? 00 ? ? 91 /da");
SETUP_PATTERN(CGGameObject_C__GetLockRec, "E0 ? ? AA X ? ? ? ? 40 ? ? ? F6 ? ? AA 01 /da");
SETUP_PATTERN(ptCGWorldFrameStrc, "E3 ? ? FD E0 ? ? BD X ? ? ? ? 1F 20 03 D5 /da");
SETUP_PATTERN(CGWorldFrame__Intersect, "03 00 80 D2 25 ? ? ? 05 ? ? ? X ? ? ? ? A0 /da");
SETUP_PATTERN(CGWorldFrame__GetScreenCoordinates, "E2 ? ? 91 E0 ? ? AA 03 00 80 52 X ? ? ? ? A0 /da");
SETUP_PATTERN(CGMovementShared__SetRawFacing, "A0 ? ? BD E0 ? ? AA X ? ? ? ? 60 ? ? 34 /da");
SETUP_PATTERN(CGUnit_C__SendMovementHeartBeat, "E0 ? ? F9 X ? ? ? ? E0 ? ? 91 ? ? ? ? 68 /da");
SETUP_PATTERN(Script_GetGUIDByToken, "01 00 80 52 03 00 80 52 04 00 80 52 05 00 80 52 X ? ? ? ? E8 03 00 AA /da");

The pattern scanner I use is the one I have made and am constantly updating: GitHub - scizzydo/PatternScanner
From my retail wow tool, I have about ~70 patterns... so this is just the first chunk identified. I have scanned against 2 previous release, so I haven't had time to build "reliable" patterns.

Feel free to use this thread for any macOS/arm questions there are as these forums are kinda empty on that part! I will be updating my stuff as I go.

3/30/2024
Added more signatures

**scizzydo** · 4 Weeks Ago

The following is what I use to dump the game: macOS x86_64 executable dylib dumper . GitHub

Idea with it is, inject dylib (DYLD_INSERT_LIBRARIES or inject) and just close client. Alternatively, I have started using Bit Slicer, which also can dump the game from memory.

**Turtle25** · 4 Weeks Ago

interesting stuff, ill have to buy a mac-book now

**scizzydo** · 4 Weeks Ago

Added a total of 30 patterns, and updated pattern scanner accordingly with what has been tested.

**_chase** · 2 Weeks Ago

+1 for the name.

Hopefully not hijacking, but created a blizzget kinda clone in rust. Wanted to throw it up here because it might help for others to download the other architecture and operating system builds from one machine.
I have to take a peek and see if I can get it to download the mac builds too. Its a real quick tool I wrote up. In the main download command I think the name filter just needs to be changed to also grab the mac binaries.

GitHub - ohchase/blizztools: a super sloppy, quick tool for interact with blizzard cdn

**Archos** · 2 Weeks Ago

If you want to extract binaries from a Universal Binary (FAT Mach-O) you can also use the below command ("x86_64" or "arm64")

Code:

lipo -extract arm64 wow -output wow_arm64

**scizzydo** · 2 Weeks Ago

Originally Posted by Archos

If you want to extract binaries from a Universal Binary (FAT Mach-O) you can also use:

Code:

lipo universalBinary -remove x86_64 -output armBinary

Good note. I think the main thing though isn't about extracting the arm or x86, but dumping the decrypted version.

Shout-Out

User Tag List

Thread: arm-mah-gerd (macOS since 10.2.6 53989)

Thread Tools

Search Thread

arm-mah-gerd (macOS since 10.2.6 53989)

Similar Threads

[Selling] 14m gold, $10 USD per 1m. | I.D. Verified | Paypal verified | Member since 2009

[Selling] 12m gold, $10 USD per 1m. | I.D. Verified | Paypal verified | Member since 2009

[Selling] 9m gold, $10 USD per 1m. | I.D. Verified | Paypal verified | Member since 2009

[Selling] 5m gold $10 usd each | Paypal Verified | Member since 2009

[Ulduar 10] Easy "With Open Arms" achievement.

OwnedCore Forums

casino

CoreCoins

My OwnedCore

About Us

Casino