We need some good Frostbite Game Engine information if anyone has some to share. I will drop some info here as I'm messing around.

The Frostbite Game Engine is made by Dice/EA and is used in many of their games, including:
  • All new Battlefield Games
  • All new FIFA games
  • All new Madden Games
  • All the new Need for Speed Games
  • Star Wars Battlefront 1 & 2
  • Medal of Honor Games
  • Dragon Age Inquisition
  • Anthem
  • and many more
Frostbite is cross platform, working on PlayStation and XBox also. One of it's main innovations was making many structures and items in the game destructible, most obvious in the battlefield games.

Most of these games are Origin releases, the .exe will be packed but you can learn to dump them easily with this: Tutorial - How to Dump a packed executable with Scylla

SWBF2 and BF5 are both made with Frostbite 3, the engine versions are similar enough where the signatures for SWBF2 work on BF5 with a little modification so read all this junk SWBF2 stuff:
Source Code - Star Wars Battlefront II Hacks SWBF2 Cheats ( 2017 )

For example:

SWBF2 game renderer signature:
8b 0d ?? ?? ?? ?? 48 85 c9 74 0e 48 8b

BF5 game render signature
8b 0d ?? ?? ?? ?? 48 85 c9 74 0e 48 8b

Probably similar in all Frostbite 3 games.

From the SWBF2 thread you will also see all the structures you need to find to make an ESP in any Frostbite 3 game. This is basically all you need:
You have view matrix, local player and entity list right there, all starting with 2 simple pointers which are static global.

Attaching a debugger:
In single player, it's perfectly fine in SWBF2 and BF5
If you attach VS debugger on multiplayer SWBF2 you will get instantly banned
In BF5 I attached the CE debugger while I was in a multiplayer game, nothing happened. Still waiting for the ban idk, I will keep you updated.

BF5 uses pointer obfuscation, SWBF2 does not.

SWBF2 appears to use these Havok Animation compressed files, maybe all Frostbite 3 games use them, looks interesting, might be able to extract models / animations / textures idk - Dexesttp/hkxpack

No other RTTI is available, only the Havok stuff exists in the binary.

At least in SWBF2 there are plenty of juicy strings available, makes finding stuff really easy:

ClientGame Stuff

ViewMatrix easy to find with strings

Frostbite BMS Scripts for extracting data:
Frostbite engine archives TOC/SB BMS Script - Battlefield 3, Need for Speed: The Run / Rivals, Dragon Age
Frostbite Frostbite engine archives TOC/SB (script 0.3.5b) . cat . \x00\xd1\xce . 0x7B . xor . id . name . offset . size . originalSize . sha1 . zlib . zstd . oodle . lz4 . 0xd58e799d



Frostbite is mad annoying. There are so many location jumps instead of function calls, it makes reversing a huge pain in the ass.

I am doing some more indepth reversing on SWBF2 and wow, so annoying.

I did find a cool Frostbite SDK Generator tho: CallumCVM/FrostbiteGen

Haven't tried it yet
