This repository is used to teach you how to obtain the Minecraft packages (vTable & Signature) using reverse engineering (IDA 8.3).
❤️ Made By H4cK3dR4Du ❤️
- If you have any questions do not hesitate to enter my discord: https://discord.gg/raducord
- Or if you have any error do not forget to report it in: issues
- Download IDA 8.3 here
- Download Your Minecraft Bedrock Version Database here
- Download Cheat Engine here
- Download SigMakerEX For IDA 8.3 here
1. Download your Minecraft Bedrock version database from the Flopper databases.
2. Download IDA 8.3 and open the Minecraft Windows Client database you downloaded before.
3. After opening the database in IDA, you should see the database unpacked.
4. You can now view the Minecraft database. Let's start searching for the Packet you want to obtain the vTable and Signature for.
5. The first thing we'll do is search for the name of the package you want to obtain. In my case, we'll use MovePlayerPacket. To do that, first click on View > Open Subviews > Strings.
6. After that, you should see a menu like this:
7. Now what we'll do is press CTRL+F and search for the Packet name, in this case, MovePlayerPacket
8. After that, you will see a couple of strings containing the name of your Packet. We need to double-click on the one that solely contains the name of the Packet without any additional information.
9. Afterwards, you'll see a bunch of data, and the selected line contains the name of your Packet. Next to it, there's a DATA_XREF that we'll need to double-click, which will take us to the location where our Packet is located.
10. After double-clicking the XREF, you'll be taken directly to where the MovePlayerPacket is located. There you can see where the vTable is located; it's always in the .data section above the packet name. Here's how to obtain it:
11. After double-clicking the .data value, you'll be taken directly to the vTable of the packet you searched for earlier. Now, in the following image, I'll show you what the vTable is and how you can obtain the Signature of your Packet.
12. Now that you have the vTable, you can also easily obtain the signature. Simply from where you are now, look for the string "off_" above the vTable and press CTRL+X; this will show you the cross-references of the packet. Always select the first one that is selected by default. Here's how to do it:
13. You're on the final step! After clicking on the first automatically selected range, you'll be taken to the origin of the string "off_" you selected earlier. Now, simply select from the line that has been automatically selected to where you see a line with "======" or "-----". Here's how:
14. Finally, just press CTRL+Alt+S to open the SigMakerEx menu (the files you downloaded earlier) and select the 'From address range' option.
15. Click on 'Continue' and you're done! Now in the console, you have the signature of your Packet. It's automatically copied to your clipboard as well.
1. Open Cheat Engine and Minecraft Bedrock.
2. Select the Minecraft.Windows.exe process and click on 'Open'.
3. Then, you need to configure some settings to verify if a Packet's signature is valid or not. Here's how they should look:
4. Finally, paste the signature of your packet in the search engine and press 'First Scan', if the signature is valid you should see some value found with its address (Minecraft), in case you could not delete it 2 at a time signature from end to beginning until you get 1 as valid.
