Question How do you make an offhost plugin (Xbox)

TwinightCow

Insane-Known Member
Messages
18
Points
358
I can code a menu easily, but Ive never understood how to make an offhost. I havent found any scripts or anything, all I can find is ps3 offhost sources and scripts. Is there any websites or videos or sources out for an xbox offhost?
 

The Dark Side

Former Staff Member
Messages
1,006
Points
568
I can code a menu easily, but Ive never understood how to make an offhost. I havent found any scripts or anything, all I can find is ps3 offhost sources and scripts. Is there any websites or videos or sources out for an xbox offhost?
There is very little released with what i could find. But a little google and...

NOP = 60000000
Sever ID = 0x82c15758
cbuff_addtext = 824015E0
G_GetWeaponIndexForName = 823AB8B8
G_InitializeAmmo = 823120E0
Number of players = 833938D8
Scr_PlayFX = 8220ED28
PlayerCmd_Suicide = 82318B10
player_die = 82325008
GScr_Spawn = 8235D898
G_EffectIndex = 823894B8
G_TagIndex = 82389418
BG_WeaponFireRecoil = 826BAF08
G_CallSpawnEntity = 8237C498
G_CallSpawn = 8237D7C8
G_Spawn = 82389FB8
G_SetFog = 823232A8
BG_GetPerkIndexForName = 82690E50
CL_RenderScene = 82262978
R_RenderScene = 828AF978
G_GetPlayerViewOrigin = 82311B18
Cl_DrawText = 82275898
G_GivePlayerWeapon = 823ACB78
G_ModelIndex = 82388E00
G_SetAngle = 8238A4A0
G_SetOrigin = 8238A448
G_SetModel = 823896E0
G_SpawnItem = 8232F160
SV_LinkEntity = 8243DC70
SV_SetBrushModel = 8242FE70
SV_AddTestClient = 8242F2A8
SV_SetConfigString = 82432A10
SV_SendClientSnapshot = 82438188
G_LocalizedStringIndex = 82388AC0
G_LocalizedMaterialIndex = 82388CE0
Chams = 821FC04C // On = 38C0FFFF Off = 7FA6EB78
No Recoil = 82259BC8 // On = NOP Off = 48461341
Laser = 82255E1C // On = 2B110001 Off = 419A0078
Red Boxes = 821F5B7F // On = 1 Off = 0
Orbital VSAT = 821B8FD3 // On = 1 Off = 0
UAV = 821B8FD0 // On = 2B110001
Class No Cost = 826A5FBC // On = NOP
10 Classes = 843546B2 // On = 4480810122404 Only works if the account is prestige master.
off host clan tag = 843543c8
Pre game gt
841e1b30
81aa2ddc
No Bullet Spread = 826BB50C // On = 39600002
No Sway = 826C6E6C // On = 39600000
League Play Master = 83732A63 // On = 060C
Super Jump = 82085654 // Float
Fall Damage = 82003FD4 // Float

If you want to find your own i have a tut here. Courtesy of Se7ensins. If anyone here in the CCM community could step up and help (Preferably @Liam ) That would be nice!
Also the pictures are broken. Which is fantastic. -.- So just use your brain and you should be able to get a feel for it.

Here's how you "port" or "update" offsets on any game, not just Call of Duty. This is literally how simple it is.

Things you need:

* IDA
* A (functioning) brain
* An attention span longer than a squirrel



STEP 1. LOCATE YOUR OFFSET IN ONE TITLE UPDATE OR VERSION.

We'll be using the infamous SV_GameSendServerCommand function.

STEP 2. LOCATE A UNIQUE PART OF A FUNCTION.

You see those 3 mr's at the beginning along with the cmpwi? There's a very slim chance we'll get a duplicate of this:

Code:
mr r31, r3
mr r30, r4
mr r29, r5
cmpwi cr6, r3, -1

in any function in the whole .xex no matter what TU your game is on.

(However this isn't the case, so I can explain what to do if this happens.)

So what we do is, we select that instruction..

STEP 3. CLICK THE HEX-VIEW-A TAB

IDA will automatically match the selected instruction to the corresponding hex.

Select that whole line of hex then Copy (Ctrl+C).


STEP 4. GO TO THE NEW TU OR VERSION OF THAT XEX IN IDA

Open up the newest version or TU of whatever game you have.



I have TU4 open in this picture.


STEP 5. SEARCH THE BYTE (HEX) PATTERN IN THE NEW XEX

With the NEW XEX opened in IDA, Press Alt+B. You should get a box like this to popup.

Make sure your settings are EXACTLY the same as my settings.

Paste in your byte pattern. Click OK. Wait a few seconds.

When it's done, you should have something like this:

STEP 6. COMPARING RESULTS

OH NOES. There's 4 results of that byte pattern! This is where logic and common sense come into play.

Open both XEX's in IDA. Compare stuff such as:

* strings
* size
* shape of the graph
* number of instructions before a certain point
* number of times it's referenced
* repetitive instructions used in similiar places


Because there may not be exact matches due to patches/recoding in Title Updates.

Especially if it's a new game using the same engine, things will be most likely extremely different, but similar in various areas.

You have to look/explore, and investigate them.

With this one, it's extremely simple since the shapes, and the presence of "%s" is there/similar.


Here's a comparison picture, to insist that we have the right new offset for this function:

The colored boxes resemble all the similiarities.

So there we have it. TU4's new offset for SV_GameSendServerCommand is 0x82411668.

Hopefully you guys learned something.
 

TwinightCow

Insane-Known Member
Messages
18
Points
358
There is very little released with what i could find. But a little google and...

NOP = 60000000
Sever ID = 0x82c15758
cbuff_addtext = 824015E0
G_GetWeaponIndexForName = 823AB8B8
G_InitializeAmmo = 823120E0
Number of players = 833938D8
Scr_PlayFX = 8220ED28
PlayerCmd_Suicide = 82318B10
player_die = 82325008
GScr_Spawn = 8235D898
G_EffectIndex = 823894B8
G_TagIndex = 82389418
BG_WeaponFireRecoil = 826BAF08
G_CallSpawnEntity = 8237C498
G_CallSpawn = 8237D7C8
G_Spawn = 82389FB8
G_SetFog = 823232A8
BG_GetPerkIndexForName = 82690E50
CL_RenderScene = 82262978
R_RenderScene = 828AF978
G_GetPlayerViewOrigin = 82311B18
Cl_DrawText = 82275898
G_GivePlayerWeapon = 823ACB78
G_ModelIndex = 82388E00
G_SetAngle = 8238A4A0
G_SetOrigin = 8238A448
G_SetModel = 823896E0
G_SpawnItem = 8232F160
SV_LinkEntity = 8243DC70
SV_SetBrushModel = 8242FE70
SV_AddTestClient = 8242F2A8
SV_SetConfigString = 82432A10
SV_SendClientSnapshot = 82438188
G_LocalizedStringIndex = 82388AC0
G_LocalizedMaterialIndex = 82388CE0
Chams = 821FC04C // On = 38C0FFFF Off = 7FA6EB78
No Recoil = 82259BC8 // On = NOP Off = 48461341
Laser = 82255E1C // On = 2B110001 Off = 419A0078
Red Boxes = 821F5B7F // On = 1 Off = 0
Orbital VSAT = 821B8FD3 // On = 1 Off = 0
UAV = 821B8FD0 // On = 2B110001
Class No Cost = 826A5FBC // On = NOP
10 Classes = 843546B2 // On = 4480810122404 Only works if the account is prestige master.
off host clan tag = 843543c8
Pre game gt
841e1b30
81aa2ddc
No Bullet Spread = 826BB50C // On = 39600002
No Sway = 826C6E6C // On = 39600000
League Play Master = 83732A63 // On = 060C
Super Jump = 82085654 // Float
Fall Damage = 82003FD4 // Float

If you want to find your own i have a tut here. Courtesy of Se7ensins. If anyone here in the CCM community could step up and help (Preferably @Liam ) That would be nice!
Also the pictures are broken. Which is fantastic. -.- So just use your brain and you should be able to get a feel for it.

Here's how you "port" or "update" offsets on any game, not just Call of Duty. This is literally how simple it is.

Things you need:

* IDA
* A (functioning) brain
* An attention span longer than a squirrel



STEP 1. LOCATE YOUR OFFSET IN ONE TITLE UPDATE OR VERSION.

We'll be using the infamous SV_GameSendServerCommand function.

STEP 2. LOCATE A UNIQUE PART OF A FUNCTION.

You see those 3 mr's at the beginning along with the cmpwi? There's a very slim chance we'll get a duplicate of this:

Code:
mr r31, r3
mr r30, r4
mr r29, r5
cmpwi cr6, r3, -1

in any function in the whole .xex no matter what TU your game is on.

(However this isn't the case, so I can explain what to do if this happens.)

So what we do is, we select that instruction..

STEP 3. CLICK THE HEX-VIEW-A TAB

IDA will automatically match the selected instruction to the corresponding hex.

Select that whole line of hex then Copy (Ctrl+C).


STEP 4. GO TO THE NEW TU OR VERSION OF THAT XEX IN IDA

Open up the newest version or TU of whatever game you have.



I have TU4 open in this picture.


STEP 5. SEARCH THE BYTE (HEX) PATTERN IN THE NEW XEX

With the NEW XEX opened in IDA, Press Alt+B. You should get a box like this to popup.

Make sure your settings are EXACTLY the same as my settings.

Paste in your byte pattern. Click OK. Wait a few seconds.

When it's done, you should have something like this:

STEP 6. COMPARING RESULTS

OH NOES. There's 4 results of that byte pattern! This is where logic and common sense come into play.

Open both XEX's in IDA. Compare stuff such as:

* strings
* size
* shape of the graph
* number of instructions before a certain point
* number of times it's referenced
* repetitive instructions used in similiar places


Because there may not be exact matches due to patches/recoding in Title Updates.

Especially if it's a new game using the same engine, things will be most likely extremely different, but similar in various areas.

You have to look/explore, and investigate them.

With this one, it's extremely simple since the shapes, and the presence of "%s" is there/similar.


Here's a comparison picture, to insist that we have the right new offset for this function:

The colored boxes resemble all the similiarities.

So there we have it. TU4's new offset for SV_GameSendServerCommand is 0x82411668.

Hopefully you guys learned something.
Alright thank you, Ill try to peice these together lol
 

Liam

I'm a god
Messages
191
Points
393
There is very little released with what i could find. But a little google and...

NOP = 60000000
Sever ID = 0x82c15758
cbuff_addtext = 824015E0
G_GetWeaponIndexForName = 823AB8B8
G_InitializeAmmo = 823120E0
Number of players = 833938D8
Scr_PlayFX = 8220ED28
PlayerCmd_Suicide = 82318B10
player_die = 82325008
GScr_Spawn = 8235D898
G_EffectIndex = 823894B8
G_TagIndex = 82389418
BG_WeaponFireRecoil = 826BAF08
G_CallSpawnEntity = 8237C498
G_CallSpawn = 8237D7C8
G_Spawn = 82389FB8
G_SetFog = 823232A8
BG_GetPerkIndexForName = 82690E50
CL_RenderScene = 82262978
R_RenderScene = 828AF978
G_GetPlayerViewOrigin = 82311B18
Cl_DrawText = 82275898
G_GivePlayerWeapon = 823ACB78
G_ModelIndex = 82388E00
G_SetAngle = 8238A4A0
G_SetOrigin = 8238A448
G_SetModel = 823896E0
G_SpawnItem = 8232F160
SV_LinkEntity = 8243DC70
SV_SetBrushModel = 8242FE70
SV_AddTestClient = 8242F2A8
SV_SetConfigString = 82432A10
SV_SendClientSnapshot = 82438188
G_LocalizedStringIndex = 82388AC0
G_LocalizedMaterialIndex = 82388CE0
Chams = 821FC04C // On = 38C0FFFF Off = 7FA6EB78
No Recoil = 82259BC8 // On = NOP Off = 48461341
Laser = 82255E1C // On = 2B110001 Off = 419A0078
Red Boxes = 821F5B7F // On = 1 Off = 0
Orbital VSAT = 821B8FD3 // On = 1 Off = 0
UAV = 821B8FD0 // On = 2B110001
Class No Cost = 826A5FBC // On = NOP
10 Classes = 843546B2 // On = 4480810122404 Only works if the account is prestige master.
off host clan tag = 843543c8
Pre game gt
841e1b30
81aa2ddc
No Bullet Spread = 826BB50C // On = 39600002
No Sway = 826C6E6C // On = 39600000
League Play Master = 83732A63 // On = 060C
Super Jump = 82085654 // Float
Fall Damage = 82003FD4 // Float

If you want to find your own i have a tut here. Courtesy of Se7ensins. If anyone here in the CCM community could step up and help (Preferably @Liam ) That would be nice!
Also the pictures are broken. Which is fantastic. -.- So just use your brain and you should be able to get a feel for it.

Here's how you "port" or "update" offsets on any game, not just Call of Duty. This is literally how simple it is.

Things you need:

* IDA
* A (functioning) brain
* An attention span longer than a squirrel



STEP 1. LOCATE YOUR OFFSET IN ONE TITLE UPDATE OR VERSION.

We'll be using the infamous SV_GameSendServerCommand function.

STEP 2. LOCATE A UNIQUE PART OF A FUNCTION.

You see those 3 mr's at the beginning along with the cmpwi? There's a very slim chance we'll get a duplicate of this:

Code:
mr r31, r3
mr r30, r4
mr r29, r5
cmpwi cr6, r3, -1

in any function in the whole .xex no matter what TU your game is on.

(However this isn't the case, so I can explain what to do if this happens.)

So what we do is, we select that instruction..

STEP 3. CLICK THE HEX-VIEW-A TAB

IDA will automatically match the selected instruction to the corresponding hex.

Select that whole line of hex then Copy (Ctrl+C).


STEP 4. GO TO THE NEW TU OR VERSION OF THAT XEX IN IDA

Open up the newest version or TU of whatever game you have.



I have TU4 open in this picture.


STEP 5. SEARCH THE BYTE (HEX) PATTERN IN THE NEW XEX

With the NEW XEX opened in IDA, Press Alt+B. You should get a box like this to popup.

Make sure your settings are EXACTLY the same as my settings.

Paste in your byte pattern. Click OK. Wait a few seconds.

When it's done, you should have something like this:

STEP 6. COMPARING RESULTS

OH NOES. There's 4 results of that byte pattern! This is where logic and common sense come into play.

Open both XEX's in IDA. Compare stuff such as:

* strings
* size
* shape of the graph
* number of instructions before a certain point
* number of times it's referenced
* repetitive instructions used in similiar places


Because there may not be exact matches due to patches/recoding in Title Updates.

Especially if it's a new game using the same engine, things will be most likely extremely different, but similar in various areas.

You have to look/explore, and investigate them.

With this one, it's extremely simple since the shapes, and the presence of "%s" is there/similar.


Here's a comparison picture, to insist that we have the right new offset for this function:

The colored boxes resemble all the similiarities.

So there we have it. TU4's new offset for SV_GameSendServerCommand is 0x82411668.

Hopefully you guys learned something.
you called?
 

Similar threads


Top