Findpattern Masks menu

User Tag List

Results 1 to 9 of 9
  1. #1
    Neffarian's Avatar Member
    Reputation
    -5
    Join Date
    Sep 2006
    Posts
    53
    Thanks G/R
    0/0
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Findpattern Masks

    Ok Basically i cant find anything, and been looking around trying to understand findpatter by just mocking other bases etc

    Now for this
    World of Warcraft v4.1.0.13914
    FrameScript_GetTop
    55 8b ec 8b 4d ?? 8b 41 ?? 2b 41 ?? c1 f8 ?? 5d c3


    Is it trying to find the Chunk of data and the ?? are things that change, do the ?? store the offsets?

    any resources are apprechated

    Ide apprechate a non "OMFUGAHD l2LIFE"

    I can refrence in ida what the specific bytes?? are in the function im trying to mask. just not sure what im doing with it : /

    ---------- Post added at 11:46 AM ---------- Previous post was at 11:20 AM ----------

    Win
    http://www.vivid-abstractions.net/do...20Scanning.htm
    Last edited by Neffarian; 05-04-2011 at 11:28 AM.

    Findpattern Masks
  2. #2
    Cypher's Avatar Kynox's Sister's Pimp
    Reputation
    1358
    Join Date
    Apr 2006
    Posts
    5,368
    Thanks G/R
    0/6
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    OMFUGAHD l2LIFE

    amidoinitrite?

  3. #3
    sitnspinlock's Avatar Elite User CoreCoins Purchaser
    Reputation
    398
    Join Date
    Sep 2010
    Posts
    439
    Thanks G/R
    0/1
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    lol he beat me to it ;p

    but as for your post OP, WUT?

  4. #4
    Neffarian's Avatar Member
    Reputation
    -5
    Join Date
    Sep 2006
    Posts
    53
    Thanks G/R
    0/0
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Basically trying to use cleancore. which is fail
    Im trying to make a photon acelerator, when all my society knows is how to rape women and beat each other with stones.

    I think cleancores byte check is broken Anyways
    stay#

  5. #5
    _Mike's Avatar Contributor
    Reputation
    310
    Join Date
    Apr 2008
    Posts
    531
    Thanks G/R
    0/2
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Re that 'tutorial':
    Why is it that everyone seems to be using brute force byte scanning?

  6. #6
    Bananenbrot's Avatar Contributor
    Reputation
    153
    Join Date
    Nov 2009
    Posts
    384
    Thanks G/R
    1/3
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Originally Posted by Neffarian View Post
    photon acelerator
    wtf? the raptor knows..

    cleanCore will fail for you if you don't have the patience for reading and understanding how to use the pattern module.
    Ever tried using the IModifier interface?
    Did you even know that you can only use cleanCore if you are injected?
    Thereby you have to be too dumb to convert it into a proper out of process implementation.

    In its current implemenation, cleanCore does little more than a naive Linq query, which is really hard to screw up (and to misunderstand).

    So please, if you decide to roll you own version, just do it, but don't blame other people's code to be
    broken or wrong just because you don't have the knowledge to grasp it.

    Edit: Everyone uses brute force because it's sufficient and not much slower in most cases. Also, I found that Boyer-Moore (as opposed to Boyer-Moore-Horspool) is a little complicated to implement with wildcards.
    Last edited by Bananenbrot; 05-04-2011 at 12:58 PM.

  7. #7
    Cypher's Avatar Kynox's Sister's Pimp
    Reputation
    1358
    Join Date
    Apr 2006
    Posts
    5,368
    Thanks G/R
    0/6
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I tried using a custom Boyer-Moore-Horspool implementation which I added wildcard support to, but std::search ended up being slightly faster anyway (no surprises their algorithm is better tuned than my naive attempt). Both beat the crap out of a brute force scan tho.

    Is there no .NET equivalent?
    Last edited by Cypher; 05-04-2011 at 09:37 PM.

  8. #8
    _Mike's Avatar Contributor
    Reputation
    310
    Join Date
    Apr 2008
    Posts
    531
    Thanks G/R
    0/2
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Originally Posted by Cypher View Post
    I tried using a custom Boyer-Moore-Horspool implementation which I added wildcard support to, but std::search ended up being slightly faster anyway (no surprises their algorithm is better tuned than my naive attempt). Both beat the crap out of a brute force scan tho.
    Yeah I've had similar results when I tested BMH compared to dwFindPattern. One thing to note though is that you will take a performance hit if the pattern ends with wildcard(s). So add an extra static byte in that case.

    But the smart thing to do imo would be to store search results somewhere and only rescan if the binary has changed since last scan so execution times shouldn't be that much of an issue. Hardly anyone seems to be doing this though from my experience. They either scan at compile time and hardcode the offsets, or scan every time.

  9. #9
    Bananenbrot's Avatar Contributor
    Reputation
    153
    Join Date
    Nov 2009
    Posts
    384
    Thanks G/R
    1/3
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    @the thing with trailing wildcards: If your pattern ends or starts in wildcards, you may just simply trim your pattern.
    For BMH a "worst" case is when the second before last character is a wildcard, which is still beneficial compared to a naive approach.

    I wonder how you support wildcards while using std::search, Cypher? Do you split your pattern at wildcards and do partial scans?

    I don't think that there is a similar algorithm like std::search in C#, simply because it has to be performant and versatile.

    Most (not all) aspects of .Net's BCL favor versatility, so there comes linq at your help: See cleanPattern, it's really... clean.
    When I compared the linq thing to a normal for loop, I figured out that the compiler didn't inline the lambda method (for whatever stupid reason...), so it was massively slower than the unrolled loop (in release ofc).

    What else comes to my mind is abusing regex matching, but yeah... it's too versatile and therefore (probably) not performant enough for us.

    That's when I would love to code with STL/boost... basic versatility AND performance by more or less heavily leveraging templates.

    TLDR: I came up with my own Pattern class, with customizable algorithm interface. I persist my patterns in a special xml file where I also save the offset for each build.
    I intend to share it when I have thouroughly tested it.

Similar Threads

  1. Farming the Blood elf bandit mask (worth 10g at the AH) !!!
    By Flying Piggy in forum WoW Bot Maps And Profiles
    Replies: 24
    Last Post: 07-08-2007, 10:43 PM
  2. Can someone make Quick work plx Bloodelf mask -> nightslayer cover (head)
    By luddo9 in forum WoW ME Questions and Requests
    Replies: 0
    Last Post: 06-09-2007, 04:46 PM
  3. Blood Elf Bandit Mask
    By Jechob in forum World of Warcraft Exploits
    Replies: 60
    Last Post: 05-21-2007, 02:17 PM
  4. Tom Cruise Mask!!!
    By idusy-org in forum World of Warcraft Model Editing
    Replies: 11
    Last Post: 10-21-2006, 03:51 PM
All times are GMT -5. The time now is 10:59 PM. Powered by vBulletin® Version 4.2.3
Copyright © 2025 vBulletin Solutions, Inc. All rights reserved. User Alert System provided by Advanced User Tagging (Pro) - vBulletin Mods & Addons Copyright © 2025 DragonByte Technologies Ltd.
Google Authenticator verification provided by Two-Factor Authentication (Free) - vBulletin Mods & Addons Copyright © 2025 DragonByte Technologies Ltd.
Digital Point modules: Sphinx-based search