[ASM and C++] defining the members of an unknown data structure

This forum is for discussions on how to edit what can not be edited through the txt files, needless to say this isn't about battle net hacking.

Moderators: Nefarius, Havvoric

Post Reply
User avatar
weapon-x
Forum Legend
Arch-Angel
Posts: 1047
Joined: Wed Mar 18, 2009 4:52 am
Location: Mindanao, Philippines
Contact:
Philippines

[ASM and C++] defining the members of an unknown data structure

Post by weapon-x » Thu Feb 08, 2018 4:21 am

hi all,

i just went back to modding, now that i have some free time for some code hunting and bashing, anyhow... ever since i started learning to code edit, i am always having a trouble defining members of data structures, i tried searching through the internet but somehow could not find what i am looking for :cry:

how does one define the members of a data structure without using trial and error?

thank you in advanced
" It's not the size of the dog in the fight, it's the size of the fight in the dog. "

~Mark Twain

User avatar
kidpaddle94
Forum Legend
Principality
Posts: 2057
Joined: Thu Aug 13, 2009 2:54 pm
Location: localhost
Canada

Re: [ASM and C++] defining the members of an unknown data structure

Post by kidpaddle94 » Thu Feb 08, 2018 7:27 am

It's rarely ever about trial and error, but sometimes you get lucky by changing values of things and noticing in-game what it does. But most of the time it's mostly from looking at the code that uses this struct, the code that allocates this struct, etc.

Say I have an unknown struct member, and looking at the code using it, I see it's being set using bitwise and / bitwise or operations, then I can already tell it's a bitflag field. Then I look into another member and, looking at the code using it, I see it just keeps incrementing, then I can tell it's some kind of counter. Your ability to analyze this stuff also increases exponentially as you map out more code. For example, given that I see a piece of code using my unknown struct member in a call to D2Common.GetStat, then I can easily tell it's a stat Id. You'll also reach a point eventually where you start recognizing some structures in memory without even analyzing them, for example I get to recognize pUnit structs in memory pretty quickly nowadays, so it's really easy to tell which members of other structs are pUnit pointers.

Long story short, there's no precise and defined technique to do this, it's reverse engineering.

User avatar
weapon-x
Forum Legend
Arch-Angel
Posts: 1047
Joined: Wed Mar 18, 2009 4:52 am
Location: Mindanao, Philippines
Contact:
Philippines

Re: [ASM and C++] defining the members of an unknown data structure

Post by weapon-x » Fri Feb 09, 2018 3:10 am

ah, experience is indeed the key...

thanks for the insight bro... i think its time to brush-up my RE know-how again ;)
" It's not the size of the dog in the fight, it's the size of the fight in the dog. "

~Mark Twain

Post Reply

Return to “Code Editing”