Reversing and macOS question menu

User Tag List

Results 1 to 6 of 6
  1. #1
    scizzydo's Avatar Active Member
    Reputation
    26
    Join Date
    Oct 2019
    Posts
    37
    Thanks G/R
    2/14
    Trade Feedback
    0 (0%)
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)

    Reversing and macOS question

    Was curious if there was some type of packing going on for macOS like WoW does for Windows. I have just got a mac up and going the other day and wanted to toy around with it there. After downloading the game and just moving that to my VM for IDA I noticed that it didn't seem quite right at what was produced from IDA. I took a few lua function strings and xref'd do their registered C function to just see. Anyone got some tips for reversing WoW on macOS?

    These ads disappear when you log in.

  2. #2
    scizzydo's Avatar Active Member
    Reputation
    26
    Join Date
    Oct 2019
    Posts
    37
    Thanks G/R
    2/14
    Trade Feedback
    0 (0%)
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)
    In case others want to dump it on macOS, I wrote this simple dylib that dumps the file from memory to disk on process exit. Being lazy, I just DYLD_INSERT_LIBRARIES

    Source code here:
    macOS x86_64 executable dylib dumper . GitHub

  3. Thanks Finkie (1 members gave Thanks to scizzydo for this useful post)
  4. #3
    charles420's Avatar Contributor
    Reputation
    311
    Join Date
    Jun 2009
    Posts
    306
    Thanks G/R
    22/115
    Trade Feedback
    0 (0%)
    Mentioned
    9 Post(s)
    Tagged
    0 Thread(s)
    vm / run overwatch dump script didn't work ? guess dump would work the same besides adding vm step mind u last messed with mac was before all that

  5. #4
    scizzydo's Avatar Active Member
    Reputation
    26
    Join Date
    Oct 2019
    Posts
    37
    Thanks G/R
    2/14
    Trade Feedback
    0 (0%)
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)
    The only "OverWatch dump" thing I'm aware of was the plug-in for x64dbg, and that's windows. Along with the fact OverWatch isn't even on macOS... not sure why a script for it would exist on Mac

  6. #5
    Archos's Avatar Site Donator
    Authenticator enabled
    Reputation
    1
    Join Date
    Mar 2007
    Posts
    21
    Thanks G/R
    0/0
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Originally Posted by scizzydo View Post
    The only "OverWatch dump" thing I'm aware of was the plug-in for x64dbg, and that's windows. Along with the fact OverWatch isn't even on macOS... not sure why a script for it would exist on Mac
    Overwatch being available on a specific platform has nothing to do with the platforms supposed by the "OverWatch dump" thing. The original author made it for Overwatch but it was discovered that it also works with other Blizzard games, such as WoW.

  7. #6
    scizzydo's Avatar Active Member
    Reputation
    26
    Join Date
    Oct 2019
    Posts
    37
    Thanks G/R
    2/14
    Trade Feedback
    0 (0%)
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)
    Originally Posted by Archos View Post
    Overwatch being available on a specific platform has nothing to do with the platforms supposed by the "OverWatch dump" thing. The original author made it for Overwatch but it was discovered that it also works with other Blizzard games, such as WoW.
    The fact of windows and macOS are actually very important in the case of the OverWatch dump fix. Not sure if you looked at the code of it on GitHub, but it is specific to -Windows- anti debug techniques, with functions contained in dlls like ntdll (which is a windows thing). Additionally, stuff like fixing the IAT, which is another thing that's Windows specific on the PE header, isn't even going to be helpful on the macOS Mach-O file format and loading. Lastly, the tools that are for this (x64dbg and Scylla) are Windows specific tools, so it kind of seems like your whole comment doesn't have any input here on what the topic is for, and what that comment was about.

Similar Threads

  1. Quick Hello and a Question
    By Pigwizzle in forum World of Warcraft General
    Replies: 4
    Last Post: 10-28-2007, 10:50 AM
  2. A few simple recolours and a question.
    By Votty in forum WoW ME Questions and Requests
    Replies: 2
    Last Post: 10-01-2007, 07:41 AM
  3. hair and sound question
    By mynameisangrod in forum WoW ME Questions and Requests
    Replies: 2
    Last Post: 08-01-2007, 05:21 PM
  4. programming, hacks, and bot questions, answered!
    By WoWLegend in forum World of Warcraft General
    Replies: 38
    Last Post: 03-06-2007, 01:41 PM
  5. A request and 2 questions
    By Osmose in forum WoW ME Questions and Requests
    Replies: 3
    Last Post: 10-14-2006, 12:10 PM
All times are GMT -5. The time now is 12:23 AM. Powered by vBulletin® Version 4.2.3
Copyright © 2023 vBulletin Solutions, Inc. All rights reserved. User Alert System provided by Advanced User Tagging (Pro) - vBulletin Mods & Addons Copyright © 2023 DragonByte Technologies Ltd.
Digital Point modules: Sphinx-based search