How to Find Box Address?

get the L***ient pointer, then just use the variable name ;P and to why06 addy like boxes are in CShell.dll you don't need to load Engine.exe with Olly

Hmmmm.... maybe it's in both, because one of the addresses are in the 0x00000000 - 0x10000000 range and I've seen it in there too =/

I didn't think CShell.dll started till around 0x30000000(ish) o__O. Hey say, while ur here do you know how to find the L T Client pointer, like is there a mask for it or something?

Yay some other addy aren't in CShell, but he asked for boxes, and it is in CShell ;P

And about L T Client pointer its really easy.

1- Load CShell.dll in OllyDBG (be sure to have all other required .dll in your Olly folder so it load them, it might take itme to load you can press space at 70%-90% don't need it fully loaded)

2- Right Click on any line in the dissasembler window and do
Search for -> All referenced text strings

3- Go to the top of the list, right click on first line -> Search for text

4- Search for "IL***ient.Default"

5- Double Click on the result line

6- You will now see
PUSH address1
PUSH address2 ASCII "IL***ient.Default"

7- address 1 is the pointer ;P

offset is 208, if it ever change search for any of the console command and repear step above you should see

MOV ECX,DWORD PTR DS:[EAX+offset]
PUSH address

offset is the offset ;P

hope it help

Wow. nice explanation, thanks power!
Should be able to do a lot more now, its just difficult trying to understand dissassembly. I think I searched for L T Client once, and was staring right at it , but didn't know what to do with it... xD

If i righ***ick on it and click onto search for referenced text strings i get unable to open debugged process :/

Try reinstall Olly, maybe be something with loaddll!