[Diablo 3][[0.5.1.8101] Patch 9 - Info Dump Thread

[xzidez]

I use the very same approach as you do (with same offsets). However this line.

Code:

uint pScene = d3.ReadUInt(pScenes + ARRAY_OFFSET);

Will actually return a scene with 3 "guids".

There is a function GetSceneById somewhere ( which can be quite nice if you want to get the scene that your hero is in for example ). Which will return a scene with only 2 guids.

In other words
d3.ReadUInt(pScenes + ARRAY_OFFSET) + 0x4..

So I discard the first id and start here instead (just to have same offsets for scene regardless if I get it from GetSceneById or from this iteration) : )

[diablothree]

I use the very same approach as you do (with same offsets). However this line.

Code:

uint pScene = d3.ReadUInt(pScenes + ARRAY_OFFSET);

Will actually return a scene with 3 "guids".

There is a function GetSceneById somewhere ( which can be quite nice if you want to get the scene that your hero is in for example ). Which will return a scene with only 2 guids.

In other words
d3.ReadUInt(pScenes + ARRAY_OFFSET) + 0x4..

So I discard the first id and start here instead (just to have same offsets for scene regardless if I get it from GetSceneById or from this iteration) : )

Ah, that makes more sense now. I was trying to reuse the same code for fetching scenes, actors, ACDs, etc. but I was having to adjust all over the offsets for fields in the scene by 4 to get things to match up. I guess scenes are treated slightly differently from the other objects using a similar storage scheme.

[xzidez]

Ah, that makes more sense now. I was trying to reuse the same code for fetching scenes, actors, ACDs, etc. but I was having to adjust all over the offsets for fields in the scene by 4 to get things to match up. I guess scenes are treated slightly differently from the other objects using a similar storage scheme.

For each "wrapper" they add another Id.

So objects have one Id..
Actors have 2 Ids. So the object start as Actor +0x4.

Im not 100% sure here but this is the impression ive got so faar.

[Valtharak]

Hi I finaly came around and got my GetInterger working.

but how do i match the GameAttribute index datamined by Mooege to the -xxxx value. like Next Exp is -4057 and the matching index is 39.

is there a list in memory of the -xxxx values or something?

[diablothree]

Hi I finaly came around and got my GetInterger working.

but how do i match the GameAttribute index datamined by Mooege to the -xxxx value. like Next Exp is -4057 and the matching index is 39.

is there a list in memory of the -xxxx values or something?

There's a direct translation. uint lookupAttribID = 0xFFFFF000 | attribID;

[Valtharak]

There's a direct translation. uint lookupAttribID = 0xFFFFF000 | attribID;

Lol thx, kinda feel stupid now. should have looked a it a bit more it's kinda obvious

[diablothree]

Lol thx, kinda feel stupid now. should have looked a it a bit more it's kinda obvious

It threw me too at first. And it seems like there are a few attributes which can successfully be looked up without ORing in the extra bits. I don't understand it 100%, but with the upper bits set you should be able to fetch 99% of the attributes (including all the ones you would care about).

[rhch]

Ah ok we're on the same page now. Yeah, I'm able to fetch a list of scenes with code that looks something like this:

Code:

const uint INVALID = 0xFFFFFFFF;
const uint OBJMANAGER = 0x140593C;
const uint OBJMANAGER_SCENES_PTR_OFFSET = 0x8F0;
const uint ARRAY_SIZE_OFFSET = 0x10C;
const uint ARRAY_OFFSET = 0x148;
const int SIZEOF_SCENE = 680;

public List<Scene> GetScenes()
{
    uint pScenes = GetScenesContainer();

    // Grab the size of the Scenes array
    int sceneArraySize = d3.ReadInt(pScenes + ARRAY_SIZE_OFFSET);

    // Grab the first scene
    uint pScene = d3.ReadUInt(pScenes + ARRAY_OFFSET);

    // Loop through the array and grab all valid scene objects
    List<Scene> scenes = new List<Scene>(sceneArraySize);
    for (uint i = 0; i < sceneArraySize; i++)
    {
        Scene scene = GetScene(pScene + i * SIZEOF_SCENE);
        if (scene != null)
            scenes.Add(scene);
    }

    return scenes;
}

private Scene GetScene(uint ptr)
{
    if (d3.ReadUInt(ptr) != INVALID)
        return new Scene(d3, ptr, d3.ReadBytes(ptr, SIZEOF_SCENE));
    return null;
}

private uint GetScenesContainer()
{
    uint pObjMgr = d3.ReadUInt(OBJMANAGER);
    uint pScenes = d3.ReadUInt(pObjMgr + OBJMANAGER_SCENES_PTR_OFFSET);
    if (d3.ReadASCIIString(pScenes, 7) == "Scenes")
        return pScenes;
    return INVALID;
}

thanks. Good infomations!
at Diablo 3 9558 I know
OBJMANAGER_SCENES_PTR_OFFSET = 0x8f4
ARRAY_SIZE_OFFSET = 0x108.
But Can you also tell me Scene( d3 , ptr, bytes) class structure ? Thanks .

[Nesox]

thanks. Good infomations!
at Diablo 3 9558 I know
OBJMANAGER_SCENES_PTR_OFFSET = 0x8f4
ARRAY_SIZE_OFFSET = 0x108.
But Can you also tell me Scene( d3 , ptr, bytes) class structure ? Thanks .

Maybe you should try by ureself, take a look in IDA how and why he's iterating the scenes like that?
Read some of the older threads and check usages on ie. Scenes::Iterate instead of asking for copy pasta? Ure not gonna learn anything if he just pastes it for you.

[BitHacker]

rhch,

public class d3
{
// public methods
public ? ReadBytes( int *, int )
{
return ;
}

public uint ReadUInt( uint )
{
return ;
}

public int ReadInt( uint )
{
return ;
}

public string ReadASCIIString( int * , int )
{
return ;
}

// private variables
private ...
private ...
private ...
private ...
private ...
private ...
}

There is his d3 class, I don't know what his implementation is doing though. I would have to see more of his code. But this is why classes exist. To hide information. :P ...

The more I sit here and think about it though, he should of posted the D3 class. At least with those functions. So, we all could get a chance to see what he is doing.

Sometimes, though I think people think we are suppose to be mind readers. I know some of you out there have done what he is doing. But the fact is most of the people reading these forums haven't. That is why there is a lack of information.

Its just like when you were in college. You need to post your code so anyone that wants to look at it can follow it and read all of it.

But this is where people don't want to share. What one thinks is important is really unimportant. But it also works the other way too.

Its up to him if he posts more information. We would all like to see what he is doing.


Inside each Read function there using Kernel32.dll ReadProcessMemory .. Which is Ordinal 3C8 inside the .dll

Or easier way google ReadProcessMemory hahahaha... Little funny there. :P

Here is an example,

Code:

        /// <summary> 
        /// reads an int32 from memory 
        /// </summary> 
        /// <param name="handle">the handle to read from</param> 
        /// <param name="adress">the adress to read at</param> 
        /// <param name="silent">true if you dont want log messages</param> 
        /// <returns></returns> 
        public static Int32 ReadInt32(IntPtr handle, IntPtr adress, bool silent) 
        { 
            byte[] byteBuffer = new byte[4]; 
            Int32 value = 0; 
            int bytesRead; 
            bool success = wowmem.Kernel32.ReadProcessMemory(handle, adress, byteBuffer, 4, out bytesRead); 
            if (success) 
            { 
                value = BitConverter.ToInt32(byteBuffer, 0); 
                if (!silent) 
                Program.Log("ReadProcessMemory: SUCCESS Int32 Read " + bytesRead + " bytes from address " + adress + " in handle " + handle + ". Value: " + value); 
            } 
            else if (!silent && !success) 
                Program.Log("ReadProcessMemory:: FAILURE Int32 Read " + bytesRead + " bytes from address " + adress + " in handle " + handle); 
 
            return value; 
        }

REF: http://read.pudn.com/downloads159/sourcecode/game/717015/pinvoke/Kernel32.cs__.htm

I don't know why he thinks the ReadProcessMemory functions are so special to not be included. But whatever.


-Bit_Hacker