Giter VIP home page Giter VIP logo

sigtool's Introduction

SigTool

image.png

Utility for scanning signatures, as well as converting them between different formats.

Goal:

Rather than eight and a half million sig scanning utilities out there, each built for a specifically targetted game, with hardcoded sigs, this utility aims to modularize all of that. Scanning signatures has never been easier, and the .st files created by this allow for anyone to distrubute different signatures with ease.

SigTool

Works on x64. Actual sig scanning is performed in the background, and updaded asynchronously to the UI.

The [Is Function] switch returns the address of the actual byte array, otherwise the address will be returned like such:

mov rax, [143fae5c8] ;  mov register, [rip + offset]

Supports custom files that can be opened (both manually and just by associating SigTool with) that save the process name, sig names, and the sigs themselves.

image.png

image.png

image.png

.st Files

When the [save] button is clicked, sigs are saved in a file with the following format:

<SigScan>
  <process>starwarsbattlefrontii</process>
  <Sig>
    <name>OFFSET_ClientGameContext</name>
    <data>\x48\x89\x15\x00\x00\x00\x00\x48\x89\xcb</data>
    <mask>xxx????xxx</mask>
    <func>False</func>
  </Sig>
  <Sig>
    <name>OFFSET_GameRenderer</name>
    <data>\x48\x8b\x0d\x00\x00\x00\x00\x48\x85\xc9\x74\x0b\x48\x8b\x01\xba\x00\x00\x00\x00\xff\x50\x68</data>
    <mask>xxx????xxxxxxxxx????xxx</mask>
    <func>False</func>
  </Sig>
  <Sig>
    <name>OFFSET_FirstTypeInfo</name>
    <data>\x48\x8b\x05\x00\x00\x00\x00\x48\x89\x41\x08\x48\x89\x0d\x00\x00\x00\x00</data>
    <mask>xxx????xxxxxxx????</mask>
    <func>False</func>
  </Sig>
  <Sig>
    <name>OFFSET_DXRenderer</name>
    <data>\x48\x8b\x0d\x00\x00\x00\x00\x48\x8b\x01\xff\x50\x20\x85\xc0</data>
    <mask>xxx????xxxxxxxx</mask>
    <func>False</func>
  </Sig>
  <Sig>
    <name>OFFSET_Main</name>
    <data>\x48\x8b\x05\x00\x00\x00\x00\x48\x63\x58\x40\xe8\x00\x00\x00\x00\x48</data>
    <mask>xxx????xxxxx????x</mask>
    <func>False</func>
  </Sig>
</SigScan>

The clipboard contents after clicking [Copy Output] is in the following format:

#define OFFSET_ClientGameContext 0x14428A188
#define OFFSET_GameRenderer 0x1444F90C8
#define OFFSET_FirstTypeInfo 0x143FAEBD8
#define OFFSET_DXRenderer 0x1444F7150
#define OFFSET_Main 0x143FAE5C8

sigtool's People

Contributors

coltonon avatar

Watchers

James Cloos avatar avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.