- User ID
- 5497
- Messages
- 17
- Reactions
- 12
- Level
- 7
What is the GameObjectManager?
For anyone who is not familiar with Unity Engine, Unity works with GameObjects, anything that can be on the game scene is considered a GameObject (Examples: Walls, Trees, Guns, Players, etc...) and you can access them from anywhere in the scripts you make, for example if I created a Player and I want to access to it from a different script of the enemy what I could do is:
C#:
// This function finds GameObjects by name
GameObject.Find("Player");
// Another way could be if the player GameObject had a tag assigned we could do
GameObject.FindGameObjectWithTag("NameOfTheTag");And this is thanks to the GameObjectManager that has the engine, so thats what we are going to learn get on Escape From Tarkov in this post (Could be similar or the smae on other Unity games).
Step 1: Get UnityPlayer.dll pdb file
The first thing we will need, will be the UnityPlayer.dll .pdb file, to get it, we will do it using Visual Studio debugger. On the top bar go to, Tools, Options:
And then look for Debugging, Symbols:
And add the Unity Symbols server
You must be registered for see links
and also the directory where you want the symbols cache gets saved. Once done press Ok.Now open Escape From Tarkov (In case you are using live version and not SPT, don't open it with the launcher to avoid Battleye to get loaded, we don't need the game to get fully launched) and attach the Visual Studio debugger to the game. Then go back to the Debugging, Symbols options and press the Load all symbols button.
Once finished, go to the symbols cache folder and look for the UnityPlayer.dll pdb, should look like this:
Step 2: Find the offset
Open IDA, and open the UnityPlayer.dll. You will get this message or similar asking for the pdb:
Press Yes and then it will also ask you if you want to look for it on your drive, press Yes again and then select the pdb we got on Step 1.
Now wait for IDA to load everything. Once its on Idle, press ALT + T in order to search for text, and we will search for: FindGameObjectsWithTag.
Once its done searching you will see something like this:
What we are looking for is something like this:
So once you find it, double click and you should see something like this now:
Now double click on the yellow text and you should see something like this:
Press F5 in order to dissasamble it and it will now look like this:
Now scroll down and what we are looking for is:
Once you find it, double click on s_Instance and you should see this:
And there you go on the left you can see the offset, in my case: 0x1CF93F0
Next steps
Now that we have the GameObjectManager offset, the next step will be learn how to use it in order to be able to get any GameObject we want with it.(If I have time I will make a post showing how to do it)
And that should be it! As always, thank you for reading, and good luck!
