"Games" { "tf" { "Addresses" { "CTFPlayer::DoTauntAttack()::TauntAttackOffset" { // reads CTFPlayer.m_iTauntAttack early in the function "signature" "CTFPlayer::DoTauntAttack()" "linux" { "offset" "88" } "windows" { "offset" "78" } } "CTFProjectile_Flare::Explode_Air()::SelfDamageRadius" { // validate that this location has the immediate 100.f (0x42C80000) "signature" "CTFProjectile_Flare::Explode_Air()" "linux" { "offset" "1128" // 0x459 } "windows" { "offset" "559" // 0x231 } } } "Functions" { "CBaseCombatWeapon::ItemPostFrame()" { "offset" "CBaseCombatWeapon::ItemPostFrame()" "hooktype" "entity" "return" "void" "this" "entity" } "CBaseEntity::UpdateOnRemove()" { "offset" "CBaseEntity::UpdateOnRemove()" "hooktype" "entity" "return" "void" "this" "entity" } "CBaseCombatWeapon::SecondaryAttack()" { "offset" "CBaseCombatWeapon::SecondaryAttack()" "hooktype" "entity" "return" "void" "this" "entity" } "CBaseCombatWeapon::FinishReload()" { "signature" "CBaseCombatWeapon::FinishReload()" "callconv" "thiscall" "return" "void" "this" "entity" } "CBaseGrenade::Explode()" { "offset" "CBaseGrenade::Explode()" "callconv" "thiscall" "return" "void" "this" "entity" "arguments" { "trace" { "type" "int" // ptr } "int_value" { "type" "int" } } } "CBaseGrenade::GetDamageRadius()" { "offset" "CBaseGrenade::GetDamageRadius()" "callconv" "thiscall" "return" "float" "this" "entity" } "CTFPlayer::OnEmitFootstepSound()" { "signature" "CTFPlayer::OnEmitFootstepSound()" "callconv" "thiscall" "return" "void" "this" "entity" "arguments" { "sound_params" { "type" "objectptr" // ptr } "origin" { "type" "vectorptr" } "volume" { "type" "float" } } } "CObjectSentrygun::SentryThink()" { "signature" "CObjectSentrygun::SentryThink()" "callconv" "thiscall" "return" "void" "this" "entity" } "CTFBaseProjectile::ProjectileTouch()" { "offset" "CTFBaseProjectile::ProjectileTouch()" "hooktype" "entity" "return" "void" "this" "entity" "arguments" { "other" { "type" "cbaseentity" } } } "CTFFlameThrower::SecondaryAttack()" { "signature" "CTFFlameThrower::SecondaryAttack()" "callconv" "thiscall" "return" "void" "this" "entity" } "CTFMechanicalArm::ShockAttack()" { "signature" "CTFMechanicalArm::ShockAttack()" "callconv" "thiscall" "return" "bool" "this" "entity" } "CTFMinigun::RingOfFireAttack()" { "signature" "CTFMinigun::RingOfFireAttack()" "callconv" "thiscall" "return" "void" "this" "entity" "arguments" { "int_value" { "type" "int" } } } "CTFMinigun::SharedAttack()" { "signature" "CTFMinigun::SharedAttack()" "callconv" "thiscall" "return" "void" "this" "entity" } "CTFMinigun::ActivatePushBackAttackMode()" { "signature" "CTFMinigun::ActivatePushBackAttackMode()" "callconv" "thiscall" "return" "void" "this" "entity" } "CTFBaseRocket::RocketTouch()" { "offset" "CTFBaseRocket::RocketTouch()" "hooktype" "entity" "return" "void" "this" "entity" "arguments" { "target" { "type" "cbaseentity" } } } "CTFWeaponInvis::SetCloakRates()" { "signature" "CTFWeaponInvis::SetCloakRates()" "callconv" "thiscall" "return" "void" "this" "entity" } "CTFGameRules::ApplyOnDamageAliveModifyRules()" { "signature" "CTFGameRules::ApplyOnDamageAliveModifyRules()" "callconv" "thiscall" "return" "float" "this" "address" "arguments" { "damage_info" { "type" "int" } "target" { "type" "cbaseentity" } "damage_extras" { "type" "int" } } } "CTFGameRules::RadiusDamage()" { "signature" "CTFGameRules::RadiusDamage()" "callconv" "thiscall" "return" "void" "this" "address" "arguments" { "damage_info" { "type" "objectptr" } } } "CTFLunchBox::ApplyBiteEffects()" { "signature" "CTFLunchBox::ApplyBiteEffects()" "callconv" "thiscall" "return" "void" "this" "entity" "arguments" { "target" { "type" "cbaseentity" } } } "CTFLunchBox::SecondaryAttack()" { "signature" "CTFLunchBox::SecondaryAttack()" "callconv" "thiscall" "return" "void" "this" "entity" } "CTFPlayer::ApplyPushFromDamage()" { "signature" "CTFPlayer::ApplyPushFromDamage()" "callconv" "thiscall" "return" "void" "this" "entity" "arguments" { "damage_info" { "type" "int" } "damage_x" { "type" "float" } "damage_y" { "type" "float" } "damage_z" { "type" "float" } } } "CTFPlayer::CreateRagdollEntity()" { "signature" "CTFPlayer::CreateRagdollEntity()" "callconv" "thiscall" "return" "void" "this" "entity" "arguments" { "gib" { "type" "bool" } "burning" { "type" "bool" } "electrocuted" { "type" "bool" } "onground" { "type" "bool" } "cloaked" { "type" "bool" } "gold_ragdoll" { "type" "bool" } "ice_ragdoll" { "type" "bool" } "become_ash" { "type" "bool" } "damagecustom" { "type" "int" } "crit_on_hard_hit" { "type" "bool" } } } "CTFPlayer::DetonateObjectOfType()" { "signature" "CTFPlayer::DetonateObjectOfType()" "callconv" "thiscall" "return" "void" "this" "entity" "arguments" { "int_a" { "type" "int" } "int_b" { "type" "int" } "force_removal" { // this skips the sapper / plasma disabled checks "type" "bool" } } } "CTFPlayer::DoTauntAttack()" { "signature" "CTFPlayer::DoTauntAttack()" "callconv" "thiscall" "return" "void" "this" "entity" } "CTFPlayer::GetChargeEffectBeingProvided()" { "signature" "CTFPlayer::GetChargeEffectBeingProvided()" "callconv" "thiscall" "return" "int" "this" "entity" } "CTFPlayer::RegenThink()" { "signature" "CTFPlayer::RegenThink()" "callconv" "thiscall" "return" "void" "this" "entity" } "CTFPlayer::RemoveAmmo()" { "offset" "CTFPlayer::RemoveAmmo()" "hooktype" "entity" "return" "bool" "this" "entity" "arguments" { "count" { "type" "int" } "ammo_type" { "type" "int" } } } "CTFPlayer::RemoveAllObjects()" { "signature" "CTFPlayer::RemoveAllObjects()" "callconv" "thiscall" "return" "void" "this" "entity" "arguments" { "detonate" { "type" "bool" } } } "CTFPlayer::ShouldGib()" { "offset" "CTFPlayer::ShouldGib()" "hooktype" "entity" "return" "bool" "this" "entity" "arguments" { "damageinfo" { "type" "objectptr" } } } "CTFPlayerShared::ActivateRageBuff()" { "signature" "CTFPlayerShared::ActivateRageBuff()" "callconv" "thiscall" "return" "void" "this" "address" "arguments" { "inflictor" { "type" "cbaseentity" } "buff_type" { "type" "int" } } } "CTFPlayerShared::ModifyRage()" { "signature" "CTFPlayerShared::ModifyRage()" "callconv" "thiscall" "return" "void" "this" "address" "arguments" { "delta" { "type" "float" } } } "CTFPlayerShared::PulseRageBuff()" { "signature" "CTFPlayerShared::PulseRageBuff()" "callconv" "thiscall" "return" "void" "this" "address" "arguments" { "buff_slot" { "type" "int" } } } "CTFPlayerShared::UpdateCloakMeter()" { "signature" "CTFPlayerShared::UpdateCloakMeter()" "callconv" "thiscall" "return" "void" "this" "address" } "CTFPlayerShared::UpdateCloakMeter().part.0" { "signature" "CTFPlayerShared::UpdateCloakMeter().part.0" "callconv" "cdecl" "return" "void" "arguments" { "this" { "type" "objectptr" "register" "eax" } } } "CTFProjectile_Flare::Explode_Air()" { "signature" "CTFProjectile_Flare::Explode_Air()" "callconv" "thiscall" "return" "void" "this" "entity" "arguments" { "trace" { "type" "int" } "damagetype" { "type" "int" } "self" { "type" "bool" } } } "CTFProjectile_HealingBolt::ImpactTeamPlayer()" { "signature" "CTFProjectile_HealingBolt::ImpactTeamPlayer()" "callconv" "thiscall" "return" "void" "this" "entity" "arguments" { "target" { "type" "cbaseentity" } } } "CTFWeaponBase::IncrementAmmo()" { "signature" "CTFWeaponBase::IncrementAmmo()" "callconv" "thiscall" "return" "void" "this" "entity" } "CTFStunBall::ApplyBallImpactEffectOnVictim()" { "offset" "CTFStunBall::ApplyBallImpactEffectOnVictim()" "hooktype" "entity" "return" "void" "this" "entity" "arguments" { "target" { "type" "cbaseentity" } } } "CTFWeaponBaseMelee::DoMeleeDamage()" { "signature" "CTFWeaponBaseMelee::DoMeleeDamage()" "callconv" "thiscall" "return" "void" "this" "entity" "arguments" { "target" { "type" "cbaseentity" } "trace" { "type" "objectptr" } "damage_scale" { "type" "float" } } } "CTFWeaponBaseMelee::OnEntityHit()" { "offset" "CTFWeaponBaseMelee::OnEntityHit()" "hooktype" "entity" "return" "void" "this" "entity" "arguments" { "target" { "type" "cbaseentity" } "damage_info" { "type" "int" } } } "CTFWeaponBase::DeflectEntity()" { "offset" "CTFWeaponBase::DeflectEntity()" "hooktype" "entity" "return" "void" "this" "entity" "arguments" { "target" { "type" "cbaseentity" } "owner" { "type" "cbaseentity" } "deflect_pos" { "type" "vectorptr" } } } "CTFWeaponBase::PrimaryAttack()" { "offset" "CTFWeaponBase::PrimaryAttack()" "hooktype" "entity" "return" "void" "this" "entity" } "CTFWeaponBase::FinishReload()" { "offset" "CTFWeaponBase::FinishReload()" "hooktype" "entity" "return" "void" "this" "entity" } "CTFWeaponBaseGun::FireProjectile()" { "signature" "CTFWeaponBaseGun::FireProjectile()" "callconv" "thiscall" "return" "void" "this" "entity" "arguments" { "player" { "type" "cbaseentity" } } } "CTFWeaponBaseGun::PrimaryAttack()" { "signature" "CTFWeaponBaseGun::PrimaryAttack()" "callconv" "thiscall" "return" "void" "this" "entity" } "CTFWeaponBaseGun::SecondaryAttack()" { "signature" "CTFWeaponBaseGun::SecondaryAttack()" "callconv" "thiscall" "return" "void" "this" "entity" } "CTFWeaponBaseMelee::SecondaryAttack()" { "signature" "CTFWeaponBaseMelee::SecondaryAttack()" "callconv" "thiscall" "return" "void" "this" "entity" } "CTraceFilterObject::ShouldHitEntity()" { "signature" "CTraceFilterObject::ShouldHitEntity()" "callconv" "thiscall" "return" "bool" "this" "address" "arguments" { "target" { "type" "cbaseentity" } "contents_mask" { "type" "int" } } } "CWeaponMedigun::AllowedToHealTarget()" { "signature" "CWeaponMedigun::AllowedToHealTarget()" "callconv" "thiscall" "return" "bool" "this" "entity" "arguments" { "heal_target" { "type" "cbaseentity" } } } "CWeaponMedigun::DrainCharge()" { "signature" "CWeaponMedigun::DrainCharge()" "callconv" "thiscall" "return" "void" "this" "entity" } "CWeaponMedigun::DrainCharge().part.0" { "signature" "CWeaponMedigun::DrainCharge().part.0" "callconv" "cdecl" "return" "void" "arguments" { "this" { "type" "cbaseentity" "register" "ebx" } } } "CWeaponMedigun::HealTargetThink()" { "signature" "CWeaponMedigun::HealTargetThink()" "callconv" "thiscall" "return" "void" "this" "entity" } "CWeaponMedigun::SecondaryAttack()" { "signature" "CWeaponMedigun::SecondaryAttack()" "callconv" "thiscall" "return" "void" "this" "entity" } "HandleRageGain()" { "signature" "HandleRageGain()" "callconv" "cdecl" "return" "void" "arguments" { "player" { "type" "cbaseentity" } "int_value" { "type" "int" } "float_value" { "type" "float" } "other_float_value" { "type" "float" } } } "JarExplode()" { "signature" "JarExplode()" "callconv" "cdecl" "return" "void" "arguments" { "filter" { "type" "int" // IRecipientFilter* } "thrower" { "type" "cbaseentity" } "original_launcher" { "type" "cbaseentity" } "launcher" { "type" "cbaseentity" } "position" { "type" "vectorptr" } "team_num" { "type" "int" } "radius" { "type" "float" } "condition" { "type" "int" } "duration" { "type" "float" } "particle_effect" { "type" "charptr" } "sound_effect" { "type" "charptr" } } } "CTFPlayerShared::RecalculateChargeEffects()" { "signature" "CTFPlayerShared::RecalculateChargeEffects()" "callconv" "thiscall" "return" "void" "this" "address" "arguments" { "bInstantRemove" { "type" "bool" } } } "CTFPlayerShared::StopHealing()" { "signature" "CTFPlayerShared::StopHealing()" "callconv" "thiscall" "return" "void" "this" "address" "arguments" { "pHealer" { "type" "cbaseentity" } } } } "MemPatches" { "CTFGameRules::ApplyOnDamageAliveModifyRules()::DisableHeavyRageDamagePenalty" { "linux" { "signature" "CTFGameRules::ApplyOnDamageAliveModifyRules()::HeavyDmgScale" "offset" "0h" // mulss xmm2, *float == 0.5 "verify" "\xF3\x0F\x59\x2A\x2A\x2A\x2A\x2A" // nop out the multiply operand "patch" "\x90\x90\x90\x90\x90\x90\x90\x90" } "windows" { "signature" "CTFGameRules::ApplyOnDamageAliveModifyRules()" "offset" "9D8h" // mulss xmm0, &float == 0.5 "verify" "\xF3\x0F\x59\x05\x2A\x2A\x2A\x2A" // nop out the multiply operand "patch" "\x90\x90\x90\x90\x90\x90\x90\x90" } } "CTFLunchBox::SecondaryAttack()::OverwriteDroppedEntityClass" { // patch and unconditonally jump past the string pointer logic "signature" "CTFLunchBox::SecondaryAttack()" "linux" { "offset" "271h" // mov eax, "item_healthammokit"; cmp ecx, 5; jz +0x14 "verify" "\xB8\x2A\x2A\x2A\x2A\x83\x2A\x05\x74\x14" // mov eax, pszOverride; nop; nop; nop; jmp +0x14 "patch" "\xB8\x00\x00\x00\x00\x90\x90\x90\xEB\x14" } // windows handles things differently enough that it'll need a second patch // will need to update the extension to report operating system } "CTFPlayer::ApplyPushFromDamage()::NoHeavyKnockbackRage" { // patches jump before "generate_rage_on_dmg" check so no pushback is applied "signature" "CTFPlayer::ApplyPushFromDamage()" "linux" { "offset" "35Eh" "verify" "\x0F\x84\x24\x0C\x00\x00" "patch" "\x90\x90\x90\x90\x90\x90" } "windows" { "offset" "88Ch" "verify" "\x0F\x84" "patch" "\x90\xE9" // unconditional JMP } } "CTFPlayerShared::UpdateCloakMeter()::ModifyDebuffReduction" { "linux" { "signature" "CTFPlayerShared::UpdateCloakMeter().part.0" "offset" "B7h" "verify" "\xF3\x0F\x10\x2A\x2A\x2A\x2A\x2A" "patch" "\xF3\x0F\x10\x05\x00\x00\x00\x00" "preserve" "\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF" } "windows" { "signature" "CTFPlayerShared::UpdateCloakMeter()" "offset" "256h" "verify" "\xF3\x0F\x59\x05\x2A\x2A\x2A\x2A" "patch" "\xF3\x0F\x59\x05\x00\x00\x00\x00" "preserve" "\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF" } } "HandleRageGain()::NoHeavyRageGain" { // patch jump to prevent rage gain on Heavy "signature" "HandleRageGain()" "linux" { "offset" "6Ch" "verify" "\x74\x62" "patch" "\x90\x90" } "windows" { "offset" "1A9h" "verify" "\x74" "patch" "\xEB" // unconditional JMP } } "CTFWeaponBase::ApplyOnHitAttributes()::RemoveSlowness" { // patch jump to prevent the slow cond on hit "signature" "CTFWeaponBase::ApplyOnHitAttributes()" "linux" { "offset" "5C5h" "verify" "\x74" "patch" "\xEB" } "windows" { "offset" "D20h" "verify" "\x0F\x85" "patch" "\x90\xE9" } } "CWeaponMedigun::DrainCharge()::PatchExtraDrainRate" { "linux" { "signature" "CWeaponMedigun::DrainCharge().part.0" "offset" "BBh" "verify" "\xF3\x0F\x59\x0D\x2A\x2A\x2A\x2A" "patch" "\xF3\x0F\x59\x0D\x00\x00\x00\x00" "preserve" "\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF" } "windows" { "signature" "CWeaponMedigun::DrainCharge()" "offset" "C1h" "verify" "\xF3\x0F\x59\x05\x2A\x2A\x2A\x2A" "patch" "\xF3\x0F\x59\x05\x00\x00\x00\x00" "preserve" "\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF" } } } "Signatures" { "CBaseCombatWeapon::FinishReload()" { // find CTFWeaponBase::FinishReload which references "last_shot_crits", second call in the function is the target "library" "server" "linux" "@_ZN17CBaseCombatWeapon12FinishReloadEv" "windows" "\x2A\x2A\x2A\x2A\x2A\x2A\x57\x8B\xF9\x8B\x8F\x2A\x2A\x2A\x2A\x85\xC9\x0F\x84\x2A\x2A\x2A\x2A\xBA\xFF\x1F\x00\x00\x83\xF9\xFF\x74\x03\x0F\xB7\xD1\xA1\x2A\x2A\x2A\x2A\xC1\xE2\x04\x83\xC0\x04\x03\xC2\x0F\x84\x2A\x2A\x2A\x2A\xC1\xE9\x10\x39\x48\x04\x0F\x85\x2A\x2A\x2A\x2A\x8B\x08\x85\xC9\x0F\x84\x2A\x2A\x2A\x2A\x8B\x01\x53" } "CBaseObject::DestroyScreens()" { // get to CBaseObject::MakeCarriedObject() through string "player_carryobject" // ... to CBaseObject::DestroyScreens() is two calls above the string in that block "library" "server" "linux" "@_ZN11CBaseObject14DestroyScreensEv" "windows" "\x56\x57\x8B\xF9\x8B\xB7\x2A\x09\x00\x00" } "CBaseObject::SetControlPanelsActive()" { // get to CObjectSapper::FinishedBuilding() through string "player_sapped_object" // ... to CBaseObject::FinishedBuilding() as first call in previous function // ... to CBaseObject::SetControlPanelsActive() as first call in previous function "library" "server" "linux" "@_ZN11CBaseObject22SetControlPanelsActiveEb" "windows" "\x55\x8B\xEC\x53\x8B\xD9\x56\x8B\xB3\x2A\x09\x00\x00" } "CBaseObject::SpawnControlPanels()" { // contains unique string "bp%d_controlpanel%%d_ll" "library" "server" "linux" "@_ZN11CBaseObject18SpawnControlPanelsEv" "windows" "\x55\x8B\xEC\x81\xEC\x58\x01\x00\x00\x53\x56\x57\x8B\xF9" } "CGlobalEntityList::FindEntityInSphere()" { // xref "NULL entity in global entity list!\n" // process of elimination -- the target function has 4 arguments // to get the target, check all 4 argument functions for usage of float argument 3 for the first time deeper in the function... "library" "server" "linux" "@_ZN17CGlobalEntityList18FindEntityInSphereEP11CBaseEntityRK6VectorfP17IEntityFindFilter" "windows" "\x2A\x2A\x2A\x2A\x2A\x2A\x53\x8B\xD9\x8B\x4D\x08\x56\x57\x85\xC9\x74\x24" } "CObjectSentrygun::SentryThink()" { // contains unique string "mult_sentry_range" "library" "server" "linux" "@_ZN16CObjectSentrygun11SentryThinkEv" "windows" "\x2A\x2A\x2A\x2A\x2A\x2A\x56\x8B\xF1\x57\x80\xBE\x2A\x2A\x2A\x2A\x2A\xC7" } "CObjectTeleporter::FindMatch()" { // called in CObjectSapper::OnTakeDamage(), xref "set_dmg_apply_to_sapper" // it's a ways down within a branch "library" "server" "linux" "@_ZN17CObjectTeleporter9FindMatchEv" "windows" "\x2A\x2A\x2A\x2A\x2A\x2A\x56\x8B\x75\x08\x8B\xC1\x57" } "CTFFlameThrower::SecondaryAttack()" { // find "set_charged_airblast", "set_buff_type", and "mult_airblast_cost" in same block "library" "server" "linux" "@_ZN15CTFFlameThrower15SecondaryAttackEv" "windows" "\x2A\x2A\x2A\x2A\x2A\x2A\x56\x57\x8B\xF9\xE8\x2A\x2A\x2A\x2A\x8B\xF0\x85\xF6\x0F\x84\x2A\x2A\x2A\x2A\xF3" } "CTFWeaponInvis::SetCloakRates()" { // unique x-ref to string "mult_cloak_meter_consume_rate" "library" "server" "linux" "@_ZN14CTFWeaponInvis13SetCloakRatesEv" "windows" "\x55\x8B\xEC\x83\xEC\x08\x56\x57\x8B\xF9\xE8\x2A\x2A\x2A\x2A\x8B\xF0\x85\xF6\x74\x2A\x8B\x16\x8B\xCE\x8B\x92\x2A\x01\x00\x00\xFF\xD2\x84\xC0\x75\x2A" } "CTFGameRules::ApplyOnDamageAliveModifyRules()" { // unique x-ref "mult_dmgtaken_active" "library" "server" "linux" "@_ZN12CTFGameRules29ApplyOnDamageAliveModifyRulesERK15CTakeDamageInfoP11CBaseEntityRNS_20DamageModifyExtras_tE" "windows" "\x55\x8B\xEC\x81\xEC\x2A\x00\x00\x00\x53\x8B\x5D\x0C\x89\x4D\xDC\x56\x57" } "CTFGameRules::ApplyOnDamageAliveModifyRules()::HeavyDmgScale" { // signature with ApplyOnDamageAliveModifyRules starting with MULSS operation "library" "server" "linux" "\xF3\x0F\x59\x2A\x2A\x2A\x2A\x2A\xF3\x0F\x11\x2A\x2A\x2A\x2A\x2A\xE9\x2A\x2A\x2A\x2A\x90\x31\xC0" } "CTFGameRules::RadiusDamage()" { // xref unique "add_health_on_radius_damage" "library" "server" "linux" "@_ZN12CTFGameRules12RadiusDamageER19CTFRadiusDamageInfo" "windows" "\x55\x8B\xEC\x81\xEC\x24\x08\x00\x00\x53" } "CTFLunchBox::ApplyBiteEffects()" { // xref unique "lunchbox_healing_scale" "library" "server" "linux" "@_ZN11CTFLunchBox16ApplyBiteEffectsEP9CTFPlayer" "windows" "\x55\x8B\xEC\x51\x53\x8B\xD9\x56\x57\x6A\x01" } "CTFMechanicalArm::ShockAttack()" { // now inlined on Windows (CTFMechanicalArm::SecondaryAttack) "library" "server" "linux" "@_ZN16CTFMechanicalArm11ShockAttackEv" } "CTFLunchBox::SecondaryAttack()" { // xref semi-unique string "models/items/plate_robo_sandwich.mdl" "library" "server" "linux" "@_ZN11CTFLunchBox15SecondaryAttackEv" } "CTFMinigun::ActivatePushBackAttackMode()" { // contains "generate_rage_on_dmg", "Heavy.Battlecry03", and "Player.DenyWeaponSelection" "library" "server" "linux" "@_ZN10CTFMinigun26ActivatePushBackAttackModeEv" "windows" "\x2A\x2A\x2A\x2A\x2A\x2A\x2A\x2A\x2A\x56\x8B\xF1\xF3\x0F\x10\x40\x0C\xF3\x0F\x58\x05\x2A\x2A\x2A\x2A\xF3\x0F\x11\x86" } "CTFMinigun::RingOfFireAttack()" { // get to CTFMinigun::SharedAttack() from xref "uses_ammo_while_aiming" // find xref "ring_of_fire_while_aiming", get call in next block "library" "server" "linux" "@_ZN10CTFMinigun16RingOfFireAttackEi" "windows" "\x2A\x2A\x2A\x2A\x2A\x2A\x83\xE4\xF0\x83\xC4\x04\x55\x8B\x6B\x04\x89\x6C\x24\x04\x8B\xEC\x81\xEC\x2A\x2A\x2A\x2A\xF3\x0F\x10\x2A\x2A\x2A\x2A\x2A\x0F\x2E\x05\x2A\x2A\x2A\x2A\x56\x57\x89\x4D\xFC" } "CTFMinigun::SharedAttack()" { //references "mult_minigun_spinup_time" "library" "server" "linux" "@_ZN10CTFMinigun12SharedAttackEv" "windows" "\x2A\x2A\x2A\x2A\x2A\x2A\x53\x57\x8B\xF9\xE8\x2A\x2A\x2A\x2A\x8B\xD8\x85\xDB\x0F\x84\x2A\x2A\x2A\x2A\x8B\x13\x8B\xCB\x8B\x92\x2A\x2A\x2A\x2A\xFF\xD2\x84\xC0\x0F\x84\x2A\x2A\x2A\x2A\x8B\x07\x8B\xCF\x8B\x80\x2A\x2A\x2A\x2A\xFF\xD0\x84\xC0\x75\x10\x8B" } "CTFMinigun::WindDown()" { //Instructions:: Very complex, follow carefully: //1. Find CTFMinigun::SharedAttack ^^ //2. Go back in the call chain, go to the function which contains only 'jmp' (that's CTFMinigun::PrimaryAttack) //3. Go to the place where CTFMinigun::PrimaryAttack is referenced in the sole vtable that references it //4. Move 24 vtable function address places in decreasing address direction (excellent grammar btw) //5. The function now is CTFMinigun::Holster, get into it //6. The first call in the function which is in branch (or in seperate IDA block) is the TARGET "library" "server" "linux" "@_ZN10CTFMinigun8WindDownEv" "windows" "\x2A\x2A\x2A\x2A\x2A\x2A\x56\x57\x8B\xF1\xE8\x2A\x2A\x2A\x2A\x8B\xF8\x85\xFF\x0F\x84\x2A\x2A\x2A\x2A\x8B\x17\x8B\xCF\x8B\x92\x2A\x2A\x2A\x2A\xFF\xD2\x84\xC0\x0F\x84\x2A\x2A\x2A\x2A\x8B\x06\x8B\xCE\x53\x68\x59\x04\x00\x00" } "CTFPlayer::ApplyPushFromDamage()" { // unuqie x-ref "damage_blast_push" "library" "server" "linux" "@_ZN9CTFPlayer19ApplyPushFromDamageERK15CTakeDamageInfo6Vector" "windows" "\x2A\x2A\x2A\x2A\x2A\x2A\x2A\x2A\x83\xEC\x34\x83\x78\x30\x00\x53\x8B\x5D\x08\x56\x57" } "CTFPlayer::CreateRagdollEntity()" { // semi-unique xref "tf_ragdoll" with tons of straight conditionals // disambiguate from CreateFeignDeathRagdoll with offset around 0x1100 (as opposed to 0x2200s) at the start of the function "library" "server" "linux" "@_ZN9CTFPlayer19CreateRagdollEntityEbbbbbbbbib" "windows" "\x2A\x2A\x2A\x2A\x2A\x2A\x53\x56\x57\x8B\xF9\x8B\x8F\x8C\x12\x00\x00" } "CTFPlayer::DetonateObjectOfType()" { // contains unique string "pda_engineer" "library" "server" "linux" "@_ZN9CTFPlayer20DetonateObjectOfTypeEiib" "windows" "\x2A\x2A\x2A\x2A\x2A\x2A\xFF\x75\x0C\x8B\xD9\xFF\x75\x08\x89\x5D\xFC\xE8" } "CTFPlayer::DoTauntAttack()" { // unique x-ref "scout_grand_slam" "library" "server" "linux" "@_ZN9CTFPlayer13DoTauntAttackEv" "windows" "\x2A\x2A\x2A\x2A\x2A\x2A\x83\xE4\xF0\x83\xC4\x04\x55\x8B\x6B\x04\x89\x6C\x24\x04\x8B\xEC\x81\x2A\x2A\x2A\x2A\x2A\x56\x57\x8B\xF9\x6A\x07" } "CTFPlayer::GetChargeEffectBeingProvided()" { // via CTFPlayer::OnBurnOther() contains xref "PlayerIgnitedInv" // ... CTFPlayer::GetChargeEffectBeingProvided() called in previous block "library" "server" "linux" "@_ZN9CTFPlayer28GetChargeEffectBeingProvidedEv" "windows" "\x55\x8B\xEC\x51\x56\x8B\xF1\x8D\x86\x2A\x2A\x00\x00\x85\xC0" } "CTFPlayer::GetObjectOfType()" { // first call in "CTFPlayer::DetonateObjectOfType()" "library" "server" "linux" "@_ZNK9CTFPlayer15GetObjectOfTypeEii" "windows" "\x55\x8B\xEC\x51\x53\x8B\xC1\x56\x57\x33\xFF\x89\x45\xFC\x8B\x98\x2A\x23\x00\x00" } "CTFPlayer::OnEmitFootstepSound()" { // unique string "add_jingle_to_footsteps" "library" "server" "linux" "@_ZN9CTFPlayer19OnEmitFootstepSoundERK16CSoundParametersRK6Vectorf" "windows" "\x55\x8B\xEC\x83\xEC\x6C\x53\x56\x6A\x01" } "CTFPlayer::RegenThink()" { // contains string "RegenThink" in block after first jump // also references "add_health_regen" "library" "server" "linux" "@_ZN9CTFPlayer10RegenThinkEv" "windows" "\x2A\x2A\x2A\x2A\x2A\x2A\x56\x8B\xF1\x8B\x06\x8B\x80\x2A\x2A\x2A\x2A\xFF\xD0\x84\xC0\x0F\x84\x2A\x2A\x2A\x2A\xA1\x2A\x2A\x2A\x2A\x68\x2A\x2A\x2A\x2A\x51\x8B\xCE\xF3\x0F\x10\x40\x2A\xF3\x0F\x58\x05\x2A\x2A\x2A\x2A\xF3\x0F\x11\x04\x24\x68\x2A\x2A\x2A\x2A\xE8\x2A\x2A\x2A\x2A\xA1" } "CTFPlayer::RemoveAllObjects()" { // containing non-unique string "object_removed" "library" "server" "linux" "@_ZN9CTFPlayer16RemoveAllObjectsEb" "windows" "\x55\x8B\xEC\x83\xEC\x08\x8B\xC1\x56\x89\x45\xF8" } "CTFPlayerShared::ActivateRageBuff()" { // containing non-unique string "mod_buff_duration" "library" "server" "linux" "@_ZN15CTFPlayerShared16ActivateRageBuffEP11CBaseEntityi" "windows" "\x2A\x2A\x2A\x2A\x2A\x2A\x10\x05\x2A\x2A\x2A\x2A\x56\x8B\xF1\x57\x8B\x7D\x0C" } "CTFPlayerShared::Heal()" { // via CTFHolidayEntity::Teleport() with xref "spawn_loot_%s" // ... CTFPlayerShared::Heal() is below with multiple vcalls that receive (0, n, 3E8) "library" "server" "linux" "@_ZN15CTFPlayerShared4HealEP11CBaseEntityfffbP9CTFPlayer" "windows" "\x2A\x2A\x2A\x2A\x2A\x2A\x53\x56\x8B\x75\x08\x8B\xD9\x57\x0F\x57\xC0" } "CTFPlayerShared::ModifyRage()" { // last call in assembly block containing unique string "rage_on_hit" "library" "server" "linux" "@_ZN15CTFPlayerShared10ModifyRageEf" "windows" "\x2A\x2A\x2A\x2A\x2A\x2A\x2A\x2A\x83\xEC\x08\x56\x8B\xF1\xF3\x0F\x58" } "CTFPlayerShared::PulseRageBuff()" { // references "mod_soldier_buff_range" "library" "server" "linux" "@_ZN15CTFPlayerShared13PulseRageBuffENS_13ERageBuffSlotE" "windows" "\x2A\x2A\x2A\x2A\x2A\x2A\x33\xC0\xC7\x45\xFC\x2A\x2A\x2A\x2A\x89\x45\xF8" } "CTFPlayerShared::StopHealing()" { // first call in block with xref "healtarget:alive" "library" "server" "linux" "@_ZN15CTFPlayerShared11StopHealingEP11CBaseEntity" "windows" "\x2A\x2A\x2A\x2A\x2A\x2A\x75\x08\x8B\xF1\xE8\x2A\x2A\x2A\x2A\x8B\xD0\x83\xFA" } "CTFPlayerShared::UpdateCloakMeter()" { //Naydef's instructions: Find function UpdateRageBuffsAndRage "Invalid rage buff type %i for entindex %i\n", then look for the functions that call it, one of the functions should contain 5 consecutive "call"s, the second of those calls is CTFPlayerShared::UpdateCloakMeter() // find raw contents of g_aDebuffConditions and jump to xref function with most references "library" "server" "windows" "\x2A\x2A\x2A\x2A\x2A\x2A\x56\x8B\xF1\x6A\x08\x8B" } "CTFPlayerShared::UpdateCloakMeter().part.0" { "library" "server" "linux" "@_ZN15CTFPlayerShared16UpdateCloakMeterEv.part.0" } "CTFProjectile_Flare::Explode_Air()" { // contains unique xref "ExplosionCore_MidAir_Flare" "library" "server" "linux" "@_ZN19CTFProjectile_Flare11Explode_AirEP10CGameTraceib" "windows" "\x55\x8B\xEC\x81\xEC\xCC\x00\x00\x00\x53\x56" } "CTFProjectile_HealingBolt::ImpactTeamPlayer()" { // x-ref "Weapon_Arrow.ImpactFleshCrossbowHeal" in branching function "library" "server" "linux" "@_ZN25CTFProjectile_HealingBolt16ImpactTeamPlayerEP9CTFPlayer" "windows" "\x55\x8B\xEC\x83\xEC\x10\x56\x57\x8B\x7D\x08\x8B\xF1\x89\x75\xF0" } "CTFWeaponBase::IncrementAmmo()" { // called in xref "Weapon_DumpsterRocket.Reload" "library" "server" "linux" "@_ZN13CTFWeaponBase13IncrementAmmoEv" "windows" "\x2A\x2A\x2A\x2A\x2A\x2A\x56\x57\x6A\x00\x68\x2A\x2A\x2A\x2A\x68\x2A\x2A\x2A\x2A\x6A\x00\x8B\xF1\xE8\x2A\x2A\x2A\x2A\x50\xE8\x2A\x2A\x2A\x2A\x83" } "CTFWeaponBaseGun::FireProjectile()" { // xref "override_projectile_type" with 25+ switch cases "library" "server" "linux" "@_ZN16CTFWeaponBaseGun14FireProjectileEP9CTFPlayer" "windows" "\x2A\x2A\x2A\x2A\x2A\x2A\x00\x00\x00\x53\x56\x57\x6A\x01\x6A\x00" } "CTFWeaponBaseGun::PrimaryAttack()" { // unique xref "mult_postfiredelay_with_reduced_health" "library" "server" "linux" "@_ZN16CTFWeaponBaseGun13PrimaryAttackEv" "windows" "\x2A\x2A\x2A\x2A\x2A\x2A\x57\x8B\xF9\x8B\x07\x8B\x80\x2A\x2A\x2A\x2A\xFF\xD0\xD9\xEE\xD9\xC9\xDF\xF1" } "CTFWeaponBaseGun::SecondaryAttack()" { // called first in function with semi-unique xref "minicrit_boost_when_charged" "library" "server" "linux" "@_ZN16CTFWeaponBaseGun15SecondaryAttackEv" "windows" "\x2A\x2A\x2A\x2A\x2A\x2A\x8b\xF1\xE8\x2A\x2A\x2A\x2A\x8B\x86\x2A\x2A\x2A\x2A\x8D\xBE\x2A\x2A\x2A\x2A\x8D\x4D\xFC\xC7\x45\xFC\x00\x00\x00\x00\x3B\x01\x74\x0E\x57\x8B\xCE\xE8\x2A\x2A\x2A\x2A\xC7\x07\x00\x00\x00\x00\x8B\xCE\xE8" } "CTFWeaponBaseMelee::DoMeleeDamage()" { // xref "crit_forces_victim_to_laugh" "library" "server" "linux" "@_ZN18CTFWeaponBaseMelee13DoMeleeDamageEP11CBaseEntityR10CGameTracef" "windows" "\x2A\x2A\x2A\x2A\x2A\x2A\x83\xE4\xF0\x83\xC4\x04\x55\x8B\x6B\x04\x89\x6C\x24\x04\x8B\xEC\x81\xEC\x2A\x2A\x2A\x2A\x56\x8B\xC1\x57\x8B" } "CTFWeaponBaseMelee::SecondaryAttack()" { // function in vtable after function containing "air_jump_on_attack" (CTFShovel::PrimaryAttack) "library" "server" "linux" "@_ZN18CTFWeaponBaseMelee15SecondaryAttackEv" "windows" "\x2A\x2A\x2A\x2A\x2A\x2A\x83\xEC\x48\x8B\x5D\x08\x8B\x03\x53\xFF\x90\x2A\x2A\x2A\x2A\x83\xC4\x10\x84\xC0\x75\x0C" } "CWeaponMedigun::AllowedToHealTarget()" { // contains non-unique string "weapon_blocks_healing" with references to CTFPlayerShared offset in the next few blocks // Naydef's instructions: The target contains one argument and references the mentioned string and only this string. "library" "server" "linux" "@_ZN14CWeaponMedigun19AllowedToHealTargetEP11CBaseEntity" "windows" "\x2A\x2A\x2A\x2A\x2A\x2A\x56\x57\x8B\x93\x2A\x2A\x2A\x2A\x85\xD2\x0F\x84\x2A\x2A\x2A\x2A\xB9\xFF\x1F\x00\x00\x83\xFA\xFF\x74\x03\x0F\xB7\xCA\xA1\x2A\x2A\x2A\x2A\xC1\xE1\x04\x8D\x78\x04\x03\xF9\x0F\x84\x2A\x2A\x2A\x2A\xC1\xEA\x10\x39\x57\x04\x0F\x85\x2A\x2A\x2A\x2A\x8B\x3F\x85\xFF\x0F\x84\x2A\x2A\x2A\x2A\x8B\x07\x8B\xCF\x8B\x80\x2A\x2A\x2A\x2A\xFF\xD0\x84\xC0\x0F\x84\x2A\x2A\x2A\x2A\x8B\x75\x08\x85\xF6\x74\x7F" } "CWeaponMedigun::HealTargetThink()" { // contains two references to string "MedigunHealTargetThink" "library" "server" "linux" "@_ZN14CWeaponMedigun15HealTargetThinkEv" "windows" "\x55\x8B\xEC\x51\x53\x57\x8B\xF9\x8B\x2A\x2A\x2A\x00\x00\x85\xC9" } "CWeaponMedigun::SecondaryAttack()" { // contains one reference to "player_chargedeployed" (other function has three) "library" "server" "linux" "@_ZN14CWeaponMedigun15SecondaryAttackEv" "windows" "\x2A\x2A\x2A\x2A\x2A\x2A\x2A\x2A\x2A\x56\x8B\xF1\x89\x75\xE0\x8B\x8E\x2A\x2A\x2A\x2A\x85\xC9" } "HandleRageGain()" { "library" "server" "linux" "@_Z14HandleRageGainP9CTFPlayerjff" "windows" "\x55\x8B\xEC\x56\x8B\x75\x08\x85\xF6\x0F\x84\x2A\x2A\x2A\x2A\x53" } "JarExplode()" { // find xref "extinguish_reduces_cooldown" "library" "server" "linux" "@_Z10JarExplodeiP9CTFPlayerP11CBaseEntityS2_RK6Vectorif7ETFCondfPKcS8_" "windows" "\x2A\x2A\x2A\x2A\x2A\x2A\x83\xE4\xF0\x83\xC4\x04\x55\x8B\x6B\x04\x89\x6C\x24\x04\x8B\xEC\x81\xEC\xE8\x02\x00\x00" } "CTFWeaponBase::ApplyOnHitAttributes()" { //references "add_onhit_addammo" "library" "server" "linux" "@_ZN13CTFWeaponBase20ApplyOnHitAttributesEP11CBaseEntityP9CTFPlayerRK15CTakeDamageInfo" "windows" "\x2A\x2A\x2A\x2A\x2A\x2A\x2A\x2A\x2A\x53\x56\x57\x8B\x7D\x0C\x8B\xF1\x89\x75\xE4" } "CTFPlayerShared::RecalculateChargeEffects()" { "library" "server" "linux" "@_ZN15CTFPlayerShared24RecalculateChargeEffectsEb" "windows" "\x55\x8B\xEC\x83\xEC\x38\x53\x56\x57\x8B\xF9\xC7\x45\xCC\x00\x00\x00\x00" } "CTraceFilterObject::ShouldHitEntity()" { "library" "server" "linux" "@_ZN18CTraceFilterObject15ShouldHitEntityEP13IHandleEntityi" "windows" "\x55\x8B\xEC\x51\x8B\xC1\x8B\x0D" } "CWeaponMedigun::DrainCharge()" { // contains non-unique xref to "add_uber_time", but references only this string and has no arguments "library" "server" "windows" "\x2A\x2A\x2A\x2A\x2A\x2A\x56\x8B\xF1\x80\xBE\x2A\x2A\x2A\x2A\x2A\x0F\x84\x2A\x2A\x2A\x2A\x8B\x8E\x2A\x2A\x2A\x2A\x85\xC9" } "CWeaponMedigun::DrainCharge().part.0" { "library" "server" "linux" "@_ZN14CWeaponMedigun11DrainChargeEv.part.0" } } "Offsets" { "CBaseCombatWeapon::ItemPostFrame()" { "windows" "272" "linux" "278" } "CBaseCombatWeapon::SecondaryAttack()" { "windows" "287" "linux" "293" } "CBaseEntity::GetBaseEntity()" { "windows" "5" "linux" "6" } "CBaseEntity::GetEnemy()" { "windows" "101" "linux" "101" } "CBaseEntity::MyCombatCharacterPointer()" { "windows" "73" "linux" "74" } "CBaseEntity::UpdateOnRemove()" { "windows" "110" "linux" "111" } "CBaseGrenade::Explode()" { "windows" "235" "linux" "236" } "CBaseObject::CanBeUpgraded(CTFPlayer)" { // note: windows offsets aren't correct on the vtable dumper "windows" "382" "linux" "383" } "CBaseObject::DetonateObject()" { // these are correct on the vtable dumper "windows" "351" "linux" "353" } "CBaseObject::ChangeTeam()" { "windows" "96" "linux" "97" } "CBaseObject::GetMaxUpgradeLevel()" { // note: windows offsets aren't correct on the vtable dumper "windows" "387" "linux" "388" } "CBaseObject::StartUpgrading()" { // note: windows offsets aren't correct on the vtable dumper "windows" "383" "linux" "384" } "CBaseGrenade::GetDamageRadius()" { "windows" "241" "linux" "242" } "CTFWeaponBaseGrenadeProj::InitGrenade(int float)" { "windows" "243" "linux" "245" } "CBasePlayer::OnEmitFootstepSound()" { "windows" "375" "linux" "376" } "CTFBaseProjectile::ProjectileTouch()" { "windows" "239" "linux" "242" } "CTFBaseRocket::RocketTouch()" { "windows" "238" "linux" "239" } "CTFPlayer::RemoveAmmo()" { "windows" "264" "linux" "264" } "CTFPlayer::ShouldGib()" { "windows" "296" "linux" "297" } "CTFStunBall::ApplyBallImpactEffectOnVictim()" { "windows" "266" "linux" "267" } "CTFWeaponBase::DeflectEntity()" { "windows" "421" "linux" "428" } "CTFWeaponBase::Detach()" { "windows" "270" "linux" "276" } "CTFWeaponBase::Equip()" { "windows" "233" "linux" "239" } "CTFWeaponBase::GetProjectileFireSetup()" { "windows" "401" "linux" "408" } "CTFWeaponBase::PrimaryAttack()" { "windows" "286" "linux" "292" } "CTFWeaponBase::FinishReload()" { "windows" "281" "linux" "287" } "CTFWeaponBaseGun::FireEnergyBall()" { "windows" "478" "linux" "485" } "CTFWeaponBaseMelee::OnEntityHit()" { "windows" "477" "linux" "484" } // member offsets "CTFMinigun::m_flNextFireRingTime" { // updated at the end of CTFMinigun::RingOfFireAttack() "windows" "2248" "linux" "2252" } "CTFPlayerShared::m_pOuter" { // checked in CTFPlayerShared::HasDemoShieldEquipped() "linux" "396" "windows" "396" } } } }