the process event adress

Question

the process event adress

sopoka1999 opened this issue 2 years ago · 3 comments

sopoka1999 commented 2 years ago

how to get the process event adress？

(long)( *MyShooterWeapon + 0x230) = (long)WeaponProcessEvent;

Answer 1 · 2023-03-07T02:13:48.000Z

To get the game original process event address, you change the address, you can Read(*MyShooterWeapon + 0x230) - (long)_dyld_get_image_header(0)

Answer 2 · 2023-03-07T02:23:42.000Z

How do you know that *MyShooterWeapon + 0x230 is bound to this function. I only know to get the attributes of each class through the sdk? Thanks

Answer 3 · 2023-03-07T12:55:23.000Z

because when you read the code in IDA or Ghidra, read any Server function for the game you are working on. For ARK, the process event address is stored at 0x230, while in other games it may be different. The server function finds the function pointer for process event by looking at that address, so in order to find it you can do the same.