[Diablo 3][0.4.0.7841] Info Dump Thread

**felheartx** · 12-08-2011

Originally Posted by KOS0937

rmah destroyed it. People hope to make money with this, so they don't share the information they find (or, they are afraid others will use it to make money).

I already though it's something like this, preventing people from posting.

But as soon as someone releases his (paid)-bot, all the methods / offsets and everything will be public anyways.
You can always just rip offsets / patterns and function calls from paid-cheats, and then use them in your own cheat/hack/bot.
obfuscation or some other tricks don't do shit against anyone with a brain...
So in the end it doesn't matter anyways.

But thanks for answering, I started to feel alone in here

**KOS0937** · 12-08-2011

I don't really see why it should be easier to reverse another bot than to reverse the game itself (it's not like blizzard is trying to stop you. bot developers might...). But at least people will have more incentive to share / release what they have got once everybody can play the game...

**Nesox** · 12-08-2011

Originally Posted by felheartx

Patch 7 is released. Version string is "0.4.1.7931.BETA (34508-618511)"
Looks like all pointer paths / offsets still work.

At +0x1C8 in the Actor struct there's a value that's 0 for offscreen, 4 for "cached" and 5 for onscreen.
This works most of the time, but sometimes the game decides to set this to zero for every actor.
I don't know what causes this, maybe this value isn't even meaning "onscreen" at all, but it behaves like this most of the time.

Thanks DrakeFish, I'll try my luck at Mooege's source code

Oh my god, classifying Actors is way harder than I thought,
I tried to use Actor flags, for detecting if an Actor is an enemy, a corpse with loot, a item that can be picked up, or whatever...
But I get false-positives everywhere >_<
My program returns some NPCs(Leah/Anvil/Blacksmith) as hostile, even though they aren't.
I think I'm totally lost at this.
Has anyone got something like this working??

The type is stored in the Actor SNO file, each actor has it's own file.
You have to figure out where it's stored in memory or read it from disk

**felheartx** · 12-08-2011

Originally Posted by KOS0937

I don't really see why it should be easier to reverse another bot than to reverse the game itself (it's not like blizzard is trying to stop you. bot developers might...). But at least people will have more incentive to share / release what they have got once everybody can play the game...

I really don't want to offend anyone, but it IS piss easy to steal a hacks inner workings (by that i mean, offsets, patterns, code-calls)

In short there are two types of hacks (in process, and from outside)

from outside is obvious (hook RPM, WPM and maybe VirtualAllocEx)
if the hack injects, protect all pages, register own exception handler, check return address on page exception.
there is no (realistic) way any hack can hide its workings from this...
Feel free to pm me if you want, no need to derail this topic (and make it even more useless than it is

)

The above explanation is very short, ofc there are a lot more things to consider.

@Nesox:
By "type" do you mean the SNO?
I already have that, but that doesn't give me information about volatile stats like current-hp, "hostile" / "friendly", "lootable" / "already looted"

**Sychotix** · 12-08-2011

Don't the mobs automatically drop their loot? Doesn't matter if they are "looted" or not. And what you could do is perform a memory scan to find a easily findable variable for a mob such as its coordinates or current hp. These can easily be changed. Then start REing from there.

**stevenyy** · 12-09-2011

Originally Posted by felheartx

But thanks for answering, I started to feel alone in here

You are not alone =) I ven't got any time to work on D3 since your last message but I ll try to work on it this weekend. =D

**tensyo** · 12-11-2011

yeah, ur not alone. I am working on it also. (sorry, I am not as good as you guys, but i will try my best). Cheers ~

**felheartx** · 12-13-2011

089B860 GetDouble(p, index)
089B920 GetInteger(...)
they seem to work, but can anyone confirm those?

also, has anyone had a look at 0845B00 ? It's an interesting function.
From what I could gather the first function call is something like "Hash/Key to Value/Address"

the next(and last) function call updates the value in the hashmap (or creates it).

@Sychotix: There are floor tiles, dead villagers, barrels and stuff that has to be "looted" in order for the loot to spawn.

**Nesox** · 12-15-2011

Originally Posted by felheartx

089B860 GetDouble(p, index)
089B920 GetInteger(...)
they seem to work, but can anyone confirm those?

They are used to lookup attributes/stats on actors the second argument is the AttributeType.

**felheartx** · 12-15-2011

Yeah I know that.
What I mean was if the addresses are correct.
Sorry for the confusion :/
But thanks for replying!!

I am sure everyone here already noticed that the hashes, are composed of two "words".
It could be the system they use is not a hashmap at all. I don't know, since i've never seen a hashmap in assembler.
Anyway, here is the code i'm talking about.
847953: the code following effectively only inverts the lower two bytes. So far so good.
then they apply a mask (stored in ecx+418 ).

So what the code does is transform the two lower bytes of the input (the stat index) to an index of an array (hence the *4).

I *think* I understood what the code does. But not why the code is there,
can't they just use good values for their statIndexes and then use an array directly?

Shout-Out

User Tag List

Thread: [Diablo 3][0.4.0.7841] Info Dump Thread

Thread Tools

Search Thread

Similar Threads

[Diablo 3][0.8.0.8815] Info Dump Thread

[Diablo 3][0.3.0.7338] Info Dump Thread

[Diablo 3][0.2.0.7200] Info Dump Thread

[Diablo 3][0.3.0.7318] Info Dump Thread

[Diablo 3][0.2.0.7200] Info Dump Thread

OwnedCore Forums

casino

CoreCoins

My OwnedCore

About Us

Casino