Simple tool to generate patterns and masks used to find functions in a binary without hard-coding offsets. Supports x86 and x64 binaries.
Since I've had multiple people ask me how I generated them for minqlx, I've decided to make a repository for it, but it's not something I plan to develop much further, if at all.
Usage: minfuncfind <header> <target> <output> [base_address]
Input:
// qlds64.h
#define SV_SETCONFIGSTRING 0x43C3B0
#define SV_GETCONFIGSTRING 0x43C590
#define SV_DROPCLIENT 0x439580
#define SYS_SETMODULEOFFSET 0x4518D0Run with: minfuncfind64 qlds64.h qzeroded.x64 qlds64_patterns.h 0x400000
Output:
// qlds64_patterns.h
// Generated by minfuncfind64.
#define PTRN_SV_SETCONFIGSTRING "\x51\x00\x49\x00\xdc\x48\x00\xc9\x48\x0f\x45\xc1\x48\x81\xc3\x00\x00\x00\x00\x48\x8b\x2c\xdd\x00\x00\x00\x00\x48\x89\xc7\x48\x89\x44\x24\x00\x48\x89\xee\xe8\x00\x00\x00\x00\x85\xc0\x75\x00"
#define MASK_SV_SETCONFIGSTRING "XXX-XX-XXXXXXXX----XXXX----XXXXXXX-XXXX----XXX-"
#define PTRN_SV_GETCONFIGSTRING "\xda\xbf\x00\x00\x00\x00\xe8\x00\x00\x00\x00\x48\x8b\x34\xdd\x00\x00\x00\x00\x48\x85\xf6\x75\x00\x5b\x5d\x41\xc6\x04\x24\x00\x41\x5c\xc3"
#define MASK_SV_GETCONFIGSTRING "XX----X----XXXX----XXXX-XXXXXX-XXX"
#define PTRN_SV_DROPCLIENT "\x0f\xaf\xfb\xff\x50\x00\xbe\x00\x00\x00\x00\x31\xc0\x4c\x89\xe2\x48\x89\xef\xe8\x00\x00\x00\x00\x8b\xb5\x00\x00\x00\x00\x85\xf6\x74\x00\x48\x8b\xbd\x00\x00\x00\x00\xe8\x00\x00\x00\x00"
#define MASK_SV_DROPCLIENT "XXXXX-X----XXXXXXXXX----XX----XXX-XXX----X----"
#define PTRN_SYS_SETMODULEOFFSET "\x3c\x00\xfb\xff\x00\x66\x66\x2e\x0f\x1f\x84\x00\x00\x00\x00\x00\x41\x56\x41\x55\x41\x54\x49\x89\xfc\x55\x48\x89\xf5\x53\x31\xdb\x48\x83\xec\x00\x64\x48\x8b\x04\x25\x00\x00\x00\x00\x00\x89\x44\x24\x48"
#define MASK_SYS_SETMODULEOFFSET "X-XX-XXXXXX----XXXXXXXXXXXXXXXXXXXX-XXXXX-----XXXX"