where do i find those 2 signatures/patterns?

[T1GxR]

i'm looking to find inventory_services and force_jump patterns and i just can't find them anywhere. Both of them existed back when config.json was a thing but right now i can't find them. Can i get some help finding them?

[a2x]

There have never been any references to "inventory_services" in this repo; I'm not sure where you got that from.

Regarding force jump, here is the current IDA-style signature (it's a long one): 48 8D 05 ? ? ? ? 48 89 4D ? 48 89 45 ? 48 8D 05 ? ? ? ? 48 89 45 ? 48 8D 05 ? ? ? ? 48 89 45 ? 48 8D 05 ? ? ? ? 48 89 45 ? 48 8D 05 ? ? ? ? 48 89 45 ? 48 8D 05 ? ? ? ? 48 89 45 ? 48 8D 05 ? ? ? ? 48 89 45 ? 4C 6B E3 Note that you still need to add 48 bytes to the result.

I recommend opening client.dll in a disassembler and referencing the string "jump" the next time the signature breaks.

Next time, please refrain from opening issues unrelated to the repo.

[T1GxR]

Thanks for the help, but i need a way to convert the patterns into ida patterns because its better for me. And regarding inventory_services, its this offset m_pInventoryServices = 0x700; // CCSPlayerController_InventoryServices and i really need the pattern for it. Someone on unknowncheats said that i could find it in your dumper in the client.dll a few months ago but right now there aren't any patterns there. I don't have a lot of experience in reverse engineering and i just don't know a lot of stuff...

[a2x]

Simply put, either you find an older commit that still has the config.json file present, or if you are trying to learn, I suggest you first start by reading this. Once you have a basic grasp of how signatures are created, converting the existing pelite style ones to IDA-style and vice versa, is fairly trivial.

Take the following example of dwGameRules: Pelite style: 48890d${'} 8b0d${} ff15 IDA-style: 48 89 0D ? ? ? ? 8B 0D ? ? ? ? FF 15

The key difference here is that the IDA-style pattern uses spaces to separate bytes and question marks (?) to represent wildcard bytes. The pelite style pattern doesn't require spaces between bytes, although you can include them for readability. ${'} is used to follow the relative address being moved and then store the resulting RVA in the save array. If you passed the same IDA-style pattern to your typical pattern scanner, it would return the same RVA (relative virtual address). ${} is just used in place of the wildcards (? ? ? ?), both would work. The documentation here, covers all of the cases.

Regarding your second question, why would you need a pattern for m_pInventoryServices? In this case, all you would do is add 0x700 to an instance of CCSPlayerController (it's just a field in the CCSPlayerController class), which you can get first by reading client.dll + dwLocalPlayerPawn.

[T1GxR]

Simply put, either you find an older commit that still has the config.json file present, or if you are trying to learn, I suggest you first start by reading this. Once you have a basic grasp of how signatures are created, converting the existing pelite style ones to IDA-style and vice versa, is fairly trivial.

Take the following example of dwGameRules: Pelite style: 48890d${'} 8b0d${} ff15 IDA-style: 48 89 0D ? ? ? ? 8B 0D ? ? ? ? FF 15

The key difference here is that the IDA-style pattern uses spaces to separate bytes and question marks (?) to represent wildcard bytes. The pelite style pattern doesn't require spaces between bytes, although you can include them for readability. ${'} is used to follow the relative address being moved and then store the resulting RVA in the save array. If you passed the same IDA-style pattern to your typical pattern scanner, it would return the same RVA (relative virtual address). ${} is just used in place of the wildcards (? ? ? ?), both would work. The documentation here, covers all of the cases.

Regarding your second question, why would you need a pattern for m_pInventoryServices? In this case, all you would do is add 0x700 to an instance of CCSPlayerController (it's just a field in the CCSPlayerController class), which you can get first by reading client.dll + dwLocalPlayerPawn.

@a2x tysm for the help, appreciate it!