[HELP] Find Offset by using Classname or Method on Non-Unity Games

[DoDevil]

Hi, i'm trying to hack game base on non-unity btw i can't figure out how to find Offset by using Classname or Methodname that i got from DumpMemory

I tried dump from radare2 and got Offset but it's in unreadable format string

 

Edited September 20 by DoDevil

[kiynox]

[ @DoDevil ]
---

Quote

Find Offset by using Classname or Method on Non-Unity Games

You surely cant do that with classname or even method. It depends on how the game stored it's string. But the concept is like this:
Search for string -> pointer -> may lead to method
---
You need surely try with: IDA Pro. Or find anything that starts with: "PUSH" (Mostly PLT Function) or "ADD", it most likely the start of the function.
---

Edited September 21 by kiynox

[DoDevil]

4 hours ago, kiynox said:

[ @DoDevil ]
---

You surely cant do that with classname or even method. It depends on how the game stored it's string. But the concept is like this:
Search for string -> pointer -> may lead to method
---
You need surely try with: IDA Pro. Or find anything that starts with: "PUSH" (Mostly PLT Function) or "ADD", it most likely the start of the function.
---

Well, sadly i know IDA Pro can do but maybe when i have a pc i will try again

[MC874]

Hi @DoDevil, 

Quote

I tried dump from radare2 and got Offset but it's in unreadable format string

It is not 'unreadable', it's a normal function name. Decompiler tends to rename 'unknown' function from what that function corresponds to and probably most of the function name is obsecured when the library is being compiled.

[DoDevil]

1 hour ago, MC874 said:

Hi @DoDevil, 

It is not 'unreadable', it's a normal function name. Decompiler tends to rename 'unknown' function from what that function corresponds to and probably most of the function name is obsecured when the library is being compiled.

Oh yeah i just found out my dump file not fully completed so i need IDA Pro to do the rest part Thanks you anyway