uEngine.py is used to analyze the unreal engine games,
Usage:
1. Open the NSO/elf files and wait until it shows IDLE at the status bar
2. Extract all the files in the same folder.
Press ALT+F7 in IDA PRO and choose uEngine.py
3. Wait until the script stop. (about 1 hour)
Some information and sample code will be shown
4. For further study, we can use SDK('UClassName'), such as SDK('UWorld') , SDK('UGameInstance') etc
5. To examine the contents of UObjects, we need another IDA instance to connect GDBstub
then ALT+F7 the uEngine.py there.
Copy the pointers strings at there,
e.g. jumpto(ptr((0x8AF4F18, 0x170, 0))) , it stands for [[main+8AF4F18]+170]+0, it will jump to an instance of UGameInstance
6. If you searched an address of some memory. you may want to know what UClass it is.
First, you need to find out the offset of an UObject by the ASM codes with breakpoint.
Then, you can jump to the offset 0 of this UObject and press O,
The offset 0 always points to an address of MAIN, it is the Assets (Function Lists) of that UObject,
then you can copy that address, and check the address at the IDA instance of NSO/ELF
for here, it is an UObject calls UMeshDescriptionBase
and you can SDK('UMeshDescriptionBase') to study what the offsets stands for and what functions it contains
======================================================================================
CheatGen.py is a template for developing cheat codes with instructions and hints
Example usage can be found in various game cheat posts. Such as
https://gbatemp.net/threads/neverawake-tid-0100da30189ca000.625158/
https://gbatemp.net/threads/river-city-girls-2-01002e80168f4000.622566/
https://gbatemp.net/threads/megaton-musashi-x-cross-megaton-musashix-kurosu-0100571018a70000.623399/
https://gbatemp.net/threads/fire-emblem-engage-0100a6301214e000.624800/
https://gbatemp.net/threads/octopath-traveler-ii-prologue.626041/
https://gbatemp.net/threads/theatrhythm-final-bar-line-010024201834a000-010081b01777c000.626223/
https://gbatemp.net/threads/xenoblade-chronicles-3-010074f013262000.615986/
Usage:
1. Open the NSO/elf files and wait until it shows IDLE at the status bar
2. Extract all the files in the same folder.
Press ALT+F7 in IDA PRO and choose uEngine.py
3. Wait until the script stop. (about 1 hour)
Some information and sample code will be shown
4. For further study, we can use SDK('UClassName'), such as SDK('UWorld') , SDK('UGameInstance') etc
5. To examine the contents of UObjects, we need another IDA instance to connect GDBstub
then ALT+F7 the uEngine.py there.
Copy the pointers strings at there,
e.g. jumpto(ptr((0x8AF4F18, 0x170, 0))) , it stands for [[main+8AF4F18]+170]+0, it will jump to an instance of UGameInstance
6. If you searched an address of some memory. you may want to know what UClass it is.
First, you need to find out the offset of an UObject by the ASM codes with breakpoint.
Then, you can jump to the offset 0 of this UObject and press O,
The offset 0 always points to an address of MAIN, it is the Assets (Function Lists) of that UObject,
then you can copy that address, and check the address at the IDA instance of NSO/ELF
for here, it is an UObject calls UMeshDescriptionBase
and you can SDK('UMeshDescriptionBase') to study what the offsets stands for and what functions it contains
======================================================================================
CheatGen.py is a template for developing cheat codes with instructions and hints
Example usage can be found in various game cheat posts. Such as
https://gbatemp.net/threads/neverawake-tid-0100da30189ca000.625158/
https://gbatemp.net/threads/river-city-girls-2-01002e80168f4000.622566/
https://gbatemp.net/threads/megaton-musashi-x-cross-megaton-musashix-kurosu-0100571018a70000.623399/
https://gbatemp.net/threads/fire-emblem-engage-0100a6301214e000.624800/
https://gbatemp.net/threads/octopath-traveler-ii-prologue.626041/
https://gbatemp.net/threads/theatrhythm-final-bar-line-010024201834a000-010081b01777c000.626223/
https://gbatemp.net/threads/xenoblade-chronicles-3-010074f013262000.615986/
