[WoW] [5.4.8 18414] Release x86 Info Dump Thread

[danwins]

Would anyone be kind enough to share a named IDB? I never got around to this patch and lost all of my old ones a couple of weeks ago so can't even diff from those

Thanks a lot if someone is so kind.

coulda swore someone already posted one...
https://mega.co.nz/#!ANURnRZK!J5clpg...W-dEw9uuSMnQyk

[NitroGlycerine]

Code:

CCommand_ObjUsage                              .text 0079B4D3 0000011A R . . . B . .
CGAreaTrigger__InitializeBaseDataDescriptors   .text 007A0564 00000091 R . . . . . .
CGContainer__InitializeBaseDataDescriptors     .text 007A0AA7 00000045 R . . . . . .
CGCorpse__InitializeBaseDataDescriptors        .text 007A0475 000000EF R . . . . . .
CGDynamicObject__InitializeBaseDataDescriptors .text 007A03D7 0000008B R . . . . . .
CGGameObject_C__GetName                        .text 007DBF9D 00000018 R . . . . . .
CGGameObject_C__GetPosition                    .text 007E2340 0000001C R . . . B . .
CGGameObject__InitializeBaseDataDescriptors    .text 007A067E 000000E5 R . . . . . .
CGGameUI__OnTerrainClick                       .text 00CD2F5A 000001C4 R . . . B . .
CGItem__InitializeBaseDataDescriptors          .text 007A084C 000001B9 R . . . . . .
CGItem__InitializeBaseDynamicDataDescriptors   .text 007A0A05 00000014 R . . . . . .
CGObject_C__GetPosition                        .text 0080A0FC 0000001B R . . . B . .
CGObject__InitializeBaseDataDescriptors        .text 0079F6B8 000000B4 R . . . . . .
CGPlayer_C_ClickToMove                         .text 0081FB57 0000029B R . . . B . .
CGPlayer__InitializeBaseDataDescriptors        .text 007A0B33 00000963 R . . . . . .
CGPlayer__InitializeBaseDynamicDataDescriptors .text 007A1496 00000034 R . . . . . .
CGSceneObject__InitializeBaseDataDescriptors   .text 007A05FE 00000070 R . . . . . .
CGUnit_C__GetPosition                          .text 007BD945 0000001C R . . . B . .
CGUnit_C__GetUnitName                          .text 0082189B 000003A6 R . . . B . .
CGUnit_C__HasAura2                             .text 0081C9B4 00000063 R . . . . . .
CGUnit__InitializeBaseDataDescriptors          .text 0079FA85 00000880 R . . . . . .
CGUnit__InitializeBaseDynamicDataDescriptors   .text 007A0305 00000029 R . . . . . .
CGWorldFrame__Intersect                        .text 009EEF7B 00000089 R . . . B . .
ClntObjMgrEnumVisibleObjects                   .text 0079B686 00000052 R . . . B . .
ClntObjMgrEnumVisibleUnits                     .text 0079B6D8 00000052 R . . . B . .
ClntObjMgrGetActivePlayer                      .text 0079ABCA 0000001C R . . . . . .
ClntObjMgrGetActivePlayerObj                   .text 00404F84 0000002A R . . . . . .
ClntObjMgrGetCurrent                           .text 0079AB9D 00000006 R . . . . . .
ClntObjMgrGetMapID                             .text 0079ABE6 00000013 R . . . . . .
ClntObjMgrInitializeShared                     .text 0079B609 0000007D R . . . . . .
ClntObjMgrInitializeStd                        .text 0079E441 000000A8 R . . . B . .
ClntObjMgrIsValid                              .text 0079ABA3 00000027 R . . . B . .
ClntObjMgrObjectPtr                            .text 0079BA5B 0000002D R . . . B . .
ClntObjMgrPop                                  .text 0079AB87 00000016 R . . . . . .
ClntObjMgrPush                                 .text 0079AB62 00000025 R . . . B . .
ClntObjMgrSetTypeMirrorHandler                 .text 0079C3C7 00000050 R . . . B . .
DBCache_NameCache__GetRecord                   .text 0062E21E 0000003F R . . . B . .
DBCache_PetNameCache__GetRecord                .text 0062E735 00000022 R . . . B . .
DBCache_RealmCache__GetRecord                  .text 0062EBF1 00000022 R . . . B . .
FrameScript_ExecuteBuffer                      .text 0044FD12 000000EC R . . . B . .
FrameScript_GetText                            .text 00450E77 00000111 R . . . B . .
FrameScript_GetLocalizedText                   .text 00814267 00000045 R . . . B . .
FrameScript_RegisterFunction                   .text 0044ED93 00000038 R . . . B . .
ObjectMgrClient__Init                          .text 0079D779 000000BD R . . . B . .
j_CGGameObject_C__GetName                      .text 007E2450 00000005 R . . . . . .
j_ClntObjMgrGetActivePlayerObj                 .text 00991801 00000005 R . . . . . .
j_ClntObjMgrGetMapID                           .text 007ABBF2 00000005 R . . . . . .
j_j_lua_getContext                             .text 00861D2E 00000005 R . . . . . .
j_lua_getContext                               .text 00838E44 00000005 R . . . . . .
klua_call                                      .text 004D6EAD 00000037 R . . . B . .
klua_createtable                               .text 004D694E 00000045 R . . . B . .
klua_getContext                                .text 0044EB31 00000006 R . . . . . .
klua_getfield                                  .text 004D67DB 00000054 R . . . B . .
klua_gettable                                  .text 004D67B5 00000026 R . . . B . .
klua_gettop                                    .text 004D5E84 00000011 R . . . B . .
klua_insert                                    .text 004D5F82 00000115 R . . . B . .
klua_isnumber                                  .text 004D6284 0000002E R . . . B . .
klua_isstring                                  .text 004D62B2 00000023 R . . . B . .
klua_load                                      .text 004D6F62 00000039 R . . . B . .
klua_next                                      .text 004D7135 00000034 R . . . B . .
klua_pushboolean                               .text 004D673A 00000029 R . . . B . .
klua_pcall                                     .text 004D6EFC 00000066 R . . . B . .
klua_pushcclosure                              .text 004D665A 000000E0 R . . . B . .
klua_pushinteger                               .text 004D656D 00000024 R . . . B . .
klua_pushlstring                               .text 004D6591 00000045 R . . . B . .
klua_pushstring                                .text 004D65D6 0000002D R . . . B . .
klua_pushvalue                                 .text 004D61A2 00000083 R . . . B . .
klua_typename                                  .text 004D6244 0000001B R . . . B . .
klua_type                                      .text 004D6225 0000001F R . . . B . .
klua_tonumber                                  .text 004D634B 0000002F R . . . B . .
klua_tointeger                                 .text 004D637A 00000062 R . . . B . .
klua_settop                                    .text 004D5E95 00000053 R . . . B . .
klua_settable                                  .text 004D6B7E 0000002D R . . . B . .
klua_setfield                                  .text 004D6BAB 00000058 R . . . B . .
klua_remove                                    .text 004D5EE8 0000009A R . . . B . .
klua_rawseti                                   .text 004D6CC4 000000BC R . . . B . .
klua_rawset                                    .text 004D6C03 000000C1 R . . . B . .
klua_rawgeti                                   .text 004D68BF 0000008F R . . . B . .
klua_rawget                                    .text 004D682F 00000090 R . . . B . .
lua_isstring                                   .text 009394E9 0000005D R . . . B . .
lua_pushnumber                                 .text 004D6549 00000024 R . . . B T .

Is there an easy way to copy these over to IDA? I am currently learning to work with IDA ...

[CrimeTime]

Code:

ctmBase = 0xD65D38

Not tested, but should work.

[radarlove]

How should i check whether a target is dead or alive? is it in the descriptors?

[TOM_RUS]

How should i check whether a target is dead or alive? is it in the descriptors?

Some of unit flags or dynamic flags + health.

[radarlove]

Some of unit flags or dynamic flags + health.

thx!

I guess i'll just write a little IsDead function which checks if health is zero.

[JuJuBoSc]

Is "FrameTime::GetCurTimeMs = 0x4a56a the same as what others refer to as PerformanceCounter or OsGetAsyncTimeMs, I have been trying to find the updated offset for it but haven't had any luck yet.

OsGetAsyncTimeMs is 0x111DB3

[namreeb]

Is "FrameTime::GetCurTimeMs = 0x4a56a the same as what others refer to as PerformanceCounter or OsGetAsyncTimeMs, I have been trying to find the updated offset for it but haven't had any luck yet.

I believe it is a wrapper which will call one or the other of those functions you referenced, depending on how the client is configured.

[JuJuBoSc]

Just diff it from previous version, and even manually it's pretty easy to find it in new binary if you have old address

[natt_]

Yo folks! havent touched this in AGES, but now im on the road again!

is it still the usual

baseadress+playerpointer+offset?

also the TLS? is it still the same?


looping through the curmgr with "next" and "prev" for guids and then converting them ?

i cant even remember their appropiate names.

Sorry for bein an ass!

Peace out!

[danwins]

Yo folks! havent touched this in AGES, but now im on the road again!

is it still the usual

baseadress+playerpointer+offset?

also the TLS? is it still the same?


looping through the curmgr with "next" and "prev" for guids and then converting them ?

i cant even remember their appropiate names.

Sorry for bein an ass!

Peace out!

fairly sure player base can be found from just one static offset now, otherwise yes its still the same.

[JuJuBoSc]

fairly sure player base can be found from just one static offset now, otherwise yes its still the same.

Code:

int ClntObjMgrGetActivePlayerObj()
{
  int result; // eax@1
  int v1; // eax@2
  int v2; // edx@2

  result = s_localPlayerObj;
  if ( !s_localPlayerObj )
  {
    v1 = ClntObjMgrGetActivePlayer();
    result = ClntObjMgrObjectPtr(v1, v2, 0x10);
    s_localPlayerObj = result;
  }
  return result;
}

So yep : 00CFF49C s_localPlayerObj

[natt_]

Code:

int ClntObjMgrGetActivePlayerObj()
{
  int result; // eax@1
  int v1; // eax@2
  int v2; // edx@2

  result = s_localPlayerObj;
  if ( !s_localPlayerObj )
  {
    v1 = ClntObjMgrGetActivePlayer();
    result = ClntObjMgrObjectPtr(v1, v2, 0x10);
    s_localPlayerObj = result;
  }
  return result;
}

So yep : 00CFF49C s_localPlayerObj

Cool!

Did they change anything with the Baseadress? is it something more than just ASLR, my old method via EnumProcessModules dosent work.

/T

[JuJuBoSc]

Nah it's still the same

[natt_]

Nah it's still the same

Okay, then i gotta figure somethin out, thanks yaal


Found the problem, apperently wow is now wow-64.exe instead of wow.exe, just removed the wow-64.exe and it works fine.


Pz out!