PS3 IDC Generator v0.0.3

[Nostafaru]

How do I use an IDC Script?
Simple, while in IDA, you click "File->Script File..." (Hotkey = win7: alt+f7 win8: fn+alt+f7) and simply open "filenamehere.idc", and the script can be executed. Very useful for up****** offsets quickly upon a new TU aslong as the binary patterns you used didn't change.

Why is the downloaded IDC script empty?


B1TW153 is still working on it. May fixed in v0.0.3

Whats in the application?

• Open an IDC Script
• Save an IDC Script
• Upload an IDC Script
• Delete current Uploaded IDC Script
• Download IDC Script
• Preset code to start you off on your script
• Syntax highlighting for the IDC language
• Auto up****** system

Now, for everyone who knew this project was construction;
B1TW153 ditched his own syntax highlighting method, It was good and all, but lagged so much and wasn't that good. So he used someone else's method, but he personalized alot for this App.

Download: here
Virus Scan:
https://www.virustotal.com/en-gb/fi...2e9036c9636881c4c89c1bd2/analysis/1401269358/

Pictures:
v0.0.2
Pictures:

v0.0.3
Pictures:

Credits;
B1TW153 Creating the tool and about 95% off inside it
Leumonic Creating the GUI and FTP class


Update Log

v0.0.2

• Open an IDC Script
• Save an IDC Script
• Upload an IDC Script
• Delete current Uploaded IDC Script
• Download IDC Script
• Preset code to start you off on your script
• Syntax highlighting for the IDC language
• Auto up****** system

v0.0.3

• Hotkeys
• Line Counting
• VS-Like Brace Collapsing
• Donate Feature (optional use, B1TW153 would appreciate if you clicked it and sent atleast $5 (Also, if your Geo-IP is located in the UK, you donate in pounds. If not, you pay in dollars))
• Features to modify your experience with the IDE
• Click on "AIM" and it will IM B1TW153 a message (not custom, one by default) and if I am on I will reply and try to help with whatever is wrong.
• ICON! XD

HOTKEYS:

1. 
   Ctrl+O = Open IDC Script
   Ctrl+S = Save IDC Script
   Ctrl+U = Upload IDC Script
   Ctrl+D = Download IDC Script
   Ctrl+SHIFT+D = Delete Currently Uploaded IDC Script
   Ctrl+Space = Declaration Intellisense
   Ctrl+F = Function Intellisense
   Ctrl+K = Keyword Intellisense

Here is an IDC Script created using his own IDE. It makes it so much easier scripting in it.

Code:

}#include<idc.idc>

extern function, byte, address, value;

static LabelFunction(name,binary,functionname)
{
for(function=0;function != BADADDR;function = function + 0x04)
{
function = FindBinary(function,SEARCH_DOWN,binary);
Message(".:: @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@::.\n\nTrying to find function %s with binary ['%s']...\n", name, binary);
Sleep(250);
if(function == BADADDR)
{
Warning("%s could not be found in memory (%08X)\n", name, BADADDR);
Message("%s failed...\n", name);
break;
}
else
{
//Message("%s\n", GetDisasm(function));
auto math = GetFunctionAttr(function, FUNCATTR_START);
MakeUnknown(math, GetFunctionAttr(math, FUNCATTR_END), 0x00);
SetStatus(1);
MakeCode(math);
MakeFunction(math, GetFunctionAttr(math, FUNCATTR_END));
MakeNameEx(math, name, 0x00);
SetStatus(0);
MakeRptCmt(math, sprintf("%s found in memory at %08X #bitwisehax", name, DecodeInstruction(math).ea));
if(GetCharPrm(INF_COMPILER) != COMP_MS) // Thanks to Dwack
{
SetCharPrm(INF_COMPILER, COMP_MS);
}
SetType(math, sprintf("%s;", functionname));
Jump(math);
SetStatus(1);
Message("%s found in memory (%08X)\nDeclariation:\n\t%s\n\n\n", name, math, GetType(math));
SetStatus(0);
break;
}
}
}

#define ADD 1
#define MINUS 2
#define TRUE 1
#define FALSE 0
#define FIRST_OPERAND 0
#define SECOND_OPERAND 1
#define THIRD_OPERAND 2
#define FORTH_OPERAND 3
#define FITH_OPERAND 4

static test()
{
auto test;
for(test=0;test!=BADADDR;test=test+0x04)
{
test = FindBinary(test,SEARCH_DOWN,"%c %i");
Message("crap found at %08X " + atoa(GetCharPrm(INF_XREFS)) + "\n", test);
break;
}

}

static EPTest(start, id, print)
{
auto gay;
for(gay=start;gay!=BADADDR;gay=gay+0x04)
{
Message("Trying to find the ep...");
if(start == BADADDR || gay == BADADDR)
{
Message("EP not found\n");
break;
}
else
{
gay = FindText(gay,SEARCH_DOWN,0,0,id);
if(print == TRUE)
{
Message("EP Found!\n\t0x%08X\n\n", gay);
return gay;
break;
}
else
{
return gay;
break;
}


}
}
}

static GetValue(binary, oper, aom, offset, print)
{
for(value=0;value!=BADADDR;value=value+0x04)
{
value = FindBinary(value,SEARCH_DOWN,binary);
if(value == BADADDR || GetOperandValue((aom == ADD) ? value + offset : value - offset, oper) == BADADDR)
{
Message("Value could not be grabbed!\n");
break;
}
else
{
auto math = (aom == ADD ? value + offset : value - offset);
if(print == TRUE)
{
if(GetOpType(math,oper) == 1) { Message("Operand %i is a GPR! Register is r%i\n", oper + 1, GetOperandValue(math, oper)); }
if(GetOpType(math,oper) == 2) { Message("Operand %i is a Memory Referance! Referance is %08X\n", oper + 1, GetOperandValue(math, oper)); }
if(GetOpType(math,oper) >= 5) { Message("Operand %i is an Immediate! Value is %08X\n", oper + 1, GetOperandValue(math, oper)); }
if(GetOpType(math,oper) == 8) { Message("Operand %i is a FPR! Register is fp%i\n", oper + 1, GetOperandValue(math, oper)); }
return GetOperandValue(math,oper);
break;
}
else
{
return GetOperandValue(math,oper);
break;
}
}
}
}

static LabelEP(name, binary, aom, offset)
{
for(byte=0;byte != BADADDR;byte = byte + 0x04)
{
byte = FindBinary(byte,SEARCH_DOWN,binary);
if(byte == BADADDR)
{
Warning("%s not found in memory (%08X)\n", name, BADADDR);
Message("%s failed...\n", name);
break;
}
else
{
auto addr = (aom == 1) ? byte + offset : byte - offset;
if(CheckBpt(addr) == -1 || CheckBpt(addr) == 0)
{
AddBptEx(addr, 0x00, BPT_SOFT);
}
Message("%s found in memory. Jump to %08X and %s will be highlighted with a bp!\n", name, addr, name);

Jump(addr);
MakeRptCmt(addr, sprintf("%s EP found at %08X (%s is the dword_address or qword_address ect...) #bitwisehax", name, addr, name));
break;
}
}
}

static getStructureSize(ps)
{
auto test;
for(test=0;test != BADADDR;test = test + 0x04)
{
test = FindBinary(test,SEARCH_DOWN,(ps == "ps") ? "7F A3 EB 78 38 80 00 00 83 6B 00 0C 93 7F 05 34" : "55 07 38 30 38 CB 01 64 7C 67 30 2E 2B 03 00 00");
auto ret = (ps == "ps") ? GetOperandValue(test + 0x60, 2) : atol(sprintf("%X%X0", GetOperandValue(test + 0x8, 2), GetOperandValue(test + 0x12, 2)));
return ret;
}
}

static main()
{
Message("IDC Script created by Bitwise has been executed!\n\nCurrent file that has been disassembled ['%s']\n\n", GetInputFile());
Sleep(1000);
LabelFunction("SV_GameSendServerCommand", " 7D 69 40 2E 7D 43 51 D6 7C 6A 5A 14", "void __cdecl SV_GameSendServerCommand(__int32 clientIndex, unsigned __int32 type, const char*fmt)");
LabelFunction("SV_DropClient", "60 E6 FA 00 7D 69 40 2E 7D 43 31 D6 7C 6A 5A 14", "void __cdecl SV_GameDropClient(__int32 clientIndex, const char*fmt)");
LabelFunction("SV_SendServerCommand", "61 6A 7E 8C 7F FF 8A 14 7D 38 50 2E 7F 13 48 00", "void __cdecl SV_SendServerCommand(__int32 client_s, unsigned int type, const char*fmt)");
LabelFunction("AntiCheat_reportConsoleDetails", "7C 78 1B 78 90 7F 00 F4 7C 94 23 78 7C BD 2B 78", "void __cdecl AntiCheat_reportConsoleDetails(int r3, int r4, int r5, int r6, int r7, int r8, int r9, int r10)");
LabelFunction("AntiCheat_awnserChallenges", "7C 7C 1B 78 90 7F 00 A4 7C 9B 23 78 7C BD 2B 78", "void __cdecl AntiCheat_awnserChallenges(int r3, int r4, int r5, int r6, int r7, int r8, int r9, int r10)");
LabelFunction("AntiCheat_consoleID", "94 21 FF 90 39 60 00 08 7C 7F 1B 78 7C 9E 23 78", "void __cdecl AntiCheat_consoleID(int r3, int r4)");
LabelFunction("GScr_Earthquake", "38 21 00 90 81 81 FF F8 7D 88 03 A6 CB A1 FF D8", "void __cdecl GScr_Earhtquake(float*scale, int duration, float*source, int radius)");
LabelEP("gentity_s", "55 07 38 30 38 CB 01 64 7C 67 30 2E 2B 03 00 00", MINUS, 0x14);
Message("Structure size: 0x280\n");
LabelEP("playerState_s", "7F A3 EB 78 38 80 00 00 83 6B 00 0C 93 7F 05 34", MINUS, 0x18);
Message("Structure size: 0x%04X\n", getStructureSize("ps"));
//Message("playerstate; %08X\n", EPTest(0x832D0000, "+3D8", FALSE));
LabelEP("client_s", "7D 69 40 2E 7D 43 51 D6 7C 6A 5A 14", MINUS, 0x20);
Message("client_s + 0x%02X%04X + (clientIndex * ", GetValue("7D 69 40 2E 7D 43 51 D6 7C 6A 5A 14", SECOND_OPERAND, MINUS, 0x1C, FALSE), GetValue("7D 69 40 2E 7D 43 51 D6 7C 6A 5A 14", THIRD_OPERAND, MINUS, 0x14, FALSE));
Message("/*Structure size: */0x%i%04X)\n", GetValue("7D 69 40 2E 7D 43 51 D6 7C 6A 5A 14", SECOND_OPERAND, MINUS, 0x10, FALSE), GetValue("7D 69 40 2E 7D 43 51 D6 7C 6A 5A 14", THIRD_OPERAND, MINUS, 0x8, FALSE));
LabelEP("Unknown EP", "7D 4B 20 2E 7D 49 07 B4 F9 21 00 50 C9 81 00 50", MINUS, 0x1C);
Message("Structure size: 0x%X%04X\n", GetValue("7D 4B 20 2E 7D 49 07 B4 F9 21 00 50 C9 81 00 50", SECOND_OPERAND, MINUS, 0x68, FALSE), GetValue("7D 4B 20 2E 7D 49 07 B4 F9 21 00 50 C9 81 00 50", THIRD_OPERAND, MINUS, 0x60, FALSE));
//GetValue("7F A3 EB 78 38 80 00 00 83 6B 00 0C 93 7F 05 34",FIRST_OPERAND, MINUS, 0x18, TRUE);
}
Please note, I couldn't care about the things grabbed. I care more on the functions I created to do everything with such easy. (Also, note that those binary patterns are for xbox...)

XBOX OUTPUT!
Code:

IDC Script created by Bitwise has been executed!

Current file that has been disassembled ['ghosts_tu10.xex']

.:: @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@::.

Trying to find function SV_GameSendServerCommand with binary [' 7D 69 40 2E 7D 43 51 D6 7C 6A 5A 14']...
SV_GameSendServerCommand found in memory (824D1498)
Declariation:
void __cdecl(__int32 clientIndex, unsigned __int32 type, const char *fmt)


.:: @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@::.

Trying to find function SV_DropClient with binary ['60 E6 FA 00 7D 69 40 2E 7D 43 31 D6 7C 6A 5A 14']...
SV_DropClient found in memory (824D14E8)
Declariation:
void __cdecl(__int32 clientIndex, const char *fmt)


.:: @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@::.

Trying to find function SV_SendServerCommand with binary ['61 6A 7E 8C 7F FF 8A 14 7D 38 50 2E 7F 13 48 00']...
SV_SendServerCommand found in memory (824D7818)
Declariation:
void __cdecl(__int32 client_s, unsigned int type, const char *fmt)


.:: @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@::.

Trying to find function AntiCheat_reportConsoleDetails with binary ['7C 78 1B 78 90 7F 00 F4 7C 94 23 78 7C BD 2B 78']...
AntiCheat_reportConsoleDetails found in memory (827B44E0)
Declariation:
void __cdecl(int r3, int r4, int r5, int r6, int r7, int r8, int r9, int r10)


.:: @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@::.

Trying to find function AntiCheat_awnserChallenges with binary ['7C 7C 1B 78 90 7F 00 A4 7C 9B 23 78 7C BD 2B 78']...
AntiCheat_awnserChallenges found in memory (827B4298)
Declariation:
void __cdecl(int r3, int r4, int r5, int r6, int r7, int r8, int r9, int r10)


.:: @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@::.

Trying to find function AntiCheat_consoleID with binary ['94 21 FF 90 39 60 00 08 7C 7F 1B 78 7C 9E 23 78']...
AntiCheat_consoleID found in memory (827B9810)
Declariation:
void __cdecl(int r3, int r4)


.:: @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@::.

Trying to find function GScr_Earthquake with binary ['38 21 00 90 81 81 FF F8 7D 88 03 A6 CB A1 FF D8']...
GScr_Earthquake found in memory (8240DAF0)
Declariation:
void __cdecl(float *scale, int duration, float *source, int radius)


gentity_s found in memory. Jump to 8215CD30 and gentity_s will be highlighted with a bp!
Structure size: 0x280
playerState_s found in memory. Jump to 823EF3A0 and playerState_s will be highlighted with a bp!
Structure size: 0x3700
client_s found in memory. Jump to 824D14B4 and client_s will be highlighted with a bp!
client_s + 0x207E90 + (clientIndex * /*Structure size: */0x6FA00)
Unknown EP found in memory. Jump to 82137E30 and Unknown EP will be highlighted with a bp!
Structure size: 0xC8880

 

[Chris]

You should probably explain to peeps what idcs are lol

 

[:*ßєєя๖ۣۜFєαя๖ۣۜMσ∂z]

Good post

 

[Nostafaru]

Good post

Thanks

 

[:*ßєєя๖ۣۜFєαя๖ۣۜMσ∂z]

Thanks

No Problem :3