[0.1.62115] Offsets

[rm10]

Most of my experience come from reversing World of Warcraft which is also x64 other than that there is not that much difference between x86 and x64 so its not a hard swap to do.

And yes, I do sit for hours on end looking for stuff.

Roger that. Well thanks again <3.

[rm10]

There wasn't anything yet so lets bring out heads together and see if we can't get some good info out of this alpha build.

I haven't looked a lot into the client just yet but this is what I found so far.

0x1EE2990 is some sort of configuration global that has a lot of fun stuff. Further reversing needed

Code:

+0x638	=  ??
+0x86D 	=  alwaysRegenMapInSP
+0x86E 	=  alwaysDisplayLifeAndManaValues	
+0x86F 	=  allowCowPortalWhenCowKingWasKilled
+0x870 	=  allowLadderRunewords
+0x871 	=  displayItemLevel			Working, adds (ilvl) to items
+0x872 	=  allowStatUnassignment		Working (alt-click to unassign stat)
+0x873 	=  enableUberQuest
+0x874 	=  allowSkillUnassignment		Tested but not working (tried shift,ctrl,alt with right and left clicks and nothing seem to work) maybe just need to figure out what hotkey works
+0x875 	=  playerDifficulty			Doesn't seem to be related to /players X, unsure
+0x87D 	=  enableWorldEventOffline
+0x87E 	=  enableMultipleHirelings		Works and is very awesome!!
+0x87F 	=  enableSharedStash			If set to 0 it crashes game when you attempt to insert an item into the shared stash, it does not hide or disable the shared stash.
+0x881 	=  worldEventMonsterClass
+0x885 	=  worldEventGlobalMessage
+0x985 	=  worldEventGlobalSound
+0xD27	=  if ( (signed int)v5 >= *(_DWORD *)(result + 0xD27) ) then send chat message?

0x22DA220 stores the current character name
0x22DA1C8 is a pointer to the current act structure
0x22DA2EC Control unit id (or index don't know yet), related to the next offset which is a pointer array
0x22DA340 Party unit pointer array, not sure exactly how

This is going to be fun!

Your mailbox is full trying to send you an invite.

[djain]

Here's some offsets that will be needed for maphack later.

Code:

// tested functions
LoadAct = 0x278BD0

LoadAct takes mapID as a parameter, right? Did you happen to find the offset where that is stored? I'm interested in finding it to see if procedural generation changed at all.

[ejt]

<removed, you go figure it out>

[ejt]

Added updated structures, offsets and function definitions in first post.

[rm10]

Added updated structures, offsets and function definitions in first post.

Thank you for your efforts. I'm going to look further into it on the weekend.

Trying to find ReceivePacket function atm.

[madowsky]

can confirm ladderrunewords are enabled!

Ty sir @ejt

Hello, there I am new but trying to figure it out how I could made Ladder Runewords working in d2r.


That line (0x1EE3200:90: ~ allowLadderRunewords) was add into patches.txt, I also try to add it via Cheat Engine by "Add Address Manually" . I typed there "0x7FF6963F3200" with value "90" and nothings seems to happend after. Ladder runewords still not working ingame.

How I can force game to do that (step by step) to make this happend?

[ejt]

Hello, there I am new but trying to figure it out how I could made Ladder Runewords working in d2r.


That line (0x1EE3200:90: ~ allowLadderRunewords) was add into patches.txt, I also try to add it via Cheat Engine by "Add Address Manually" . I typed there "0x7FF6963F3200" with value "90" and nothings seems to happend after. Ladder runewords still not working ingame.

How I can force game to do that (step by step) to make this happend?

The offset is most likely a boolean value.

Imagine something like this (pseudo-code):

Code:

if (GetConfig()->allowLadderRunewords == 0) { /* trying to create a runeword that is ladder-only */ }

Now this code would make it so setting the value of the variable to '0x90' will let you create ladder-only runewords.

Now take this code instead (again, pseudo-code):

Code:

if (GetConfig()->allowLadderRunewords == 1) { /* create runeword */ }

Here, setting the value of the variable to '0x90' will NOT work because the code itself is actually checking for the value '0x01' or 'true'.

EDIT: Additionally, I see a lot of people in this thread and the other thread about D2R-Offline do this mistake.

0x90 is actually an opcode called 'nop' which in executable code does NOTHING, hence why it's used in the patches to make different things work like playing even though there is no connection to the battle.net service.

However, those that do not know about opcodes or why they are used and where just puts 0x90 everywhere expecting things to work, the offsets posted in THIS thread are all data offsets which has nothing to do with opcodes because they are in R+W memory section (.data).

If you can't figure out the difference between a opcode and boolean maybe you should wait until the game actually releases or someones creates hacks to do the things you want. This thread is NOT suppose to be an AMA or support thread for how to use or abuse the information posted here! Stop asking questions which has already been explained and if you don't have anything that is actually useful to share, open your own thread instead.

[dschu012]

Some random stuff

Code:

D2UnitStrc* pUnitList[5][128]; //Game.exe +0x22DA360


D2MonStatsTxt* pMonStatsTxt; //Game.exe +0x02312900;
D2SkillsTxt* pSkillsTxt; //Game.exe +0x02312B58; changed. now sizeof 0x25E
D2CharStatsTxt* pCharStatsTxt; //Game.exe +0x02312BE8;
D2ItemStatCostTxt* pItemStatCostTxt; //Game.exe +0x02312C00;
D2ItemTypesTxt* pItemTypesTxt; //Game.exe +0x02312C78;
D2SetItemsTxt* pSetItemsTxt; //Game.exe +0x02312CD8;
D2UniqueItemsTxt* pUniqueItemsTxt; //Game.exe +0x02312CF8;
D2GemsTxt* pGemsTxt; //Game.exe +0x023141C8;
D2ItemsTxt* pItemsTxt; //Game.exe +0x023141E0;
D2ItemsTxt* pWeapons; //Game.exe +0x023141F8;
D2ItemsTxt* pArmor; //Game.exe +0x02314200;
D2ItemsTxt* pMisc; //Game.exe +0x02314208;

pUnitList is collection of units by the unit type. the first index is the unit type excluding tiles (i.e player, monster, missile, item) . the second index is pUnit->UnitId % 128. you can get the current player from pUnitList[0][1].

most of the txt tables look more or less the same as 1.14d except D2SkillsTxt. a lot of the structs can be found here. D2MOO/source/D2Common/include/DataTbls at master . ThePhrozenKeep/D2MOO . GitHub

[raph0x88]

any discord I could join to help with this effort?

[Darhole]

Anyone happen to have messed around with the new beta and found offline patches?

[dudeabides]

This version looks different. Don't know if it will be possible to make it offline.

edit: They even removed the TCP/IP mode from the game so I doubt it will be possible.

edit 2: Maybe someone talented can patch the alpha version with the missing textures and voice lines from the full version later but that is probably a lot of work.

[dudeabides]

You can download the retail version now.

[anon3259]

You can download the retail version now.

Looks like the executable is just a shell binary, not much we can do with it till launch.

[ZLOFENIX]

Released already.
Also same as was in beta - sp game creating game on blizz servers.