Some Memory Address Pointers

[ARMqt]

HI,

i think you all forget the base... dont scam him that it not work. he proved it with a tool. and yes all work if you do it right way !

yo, and i thought no one here scam him I'm just wondering why it does not work, no that's not work
perhaps I should say "its works now gj or something" to prevent misunderstanding and for me it was a careless mistake

I am glad that he share this and waiting for more / possibly new
btw Thanks zewt

[zewt]

yo, and i thought no one here scam him I'm just wondering why it does not work, no that's not work
perhaps I should say "its works now gj or something" to prevent misunderstanding and for me it was a careless mistake

I am glad that he share this and waiting for more / possibly new
btw Thanks zewt

no problem. i updated health pointer since 1.0.2 patch and im gonna get some more pointers and update this thread tomorrow.

cheers!

[jmac321]

Code:

                BlackMagic diablo = new BlackMagic();
                diablo.OpenProcessAndThread(SProcess.GetProcessFromWindowTitle("Diablo III"));
                IntPtr baseDiablo = diablo.MainModule.BaseAddress;
                Console.WriteLine("baseDiablo: " + baseDiablo);

                // Try to get current health
                uint value = diablo.ReadUInt((uint)baseDiablo + 0xFE31CC);
                value += 0x18;
                value = diablo.ReadUInt(value);
                value += 0xC8;
                value = diablo.ReadUInt(value);
                value += 0xC;
                value = diablo.ReadUInt(value);
                value += 0x2A0;
                value = diablo.ReadUInt(value);
                value += 0x14;
                float hp = diablo.ReadFloat(value);

Works for me

Hello, I have black magic referencing fine in my c# project, my code looks exactly the same as yours (thank you), with the new 1.0.2a offsets, however hp always returns 4. Any suggestions?

BlackMagic d3 = new BlackMagic();
d3.OpenProcessAndThread(SProcess.GetProcessFromProcessName("Diablo III.exe"));
IntPtr d3BA = d3.MainModule.BaseAddress;

//--Player Current HP
//MessageBox.Show("baseDiablo: " + d3BA);

// Try to get current health
uint value = d3.ReadUInt((uint)d3BA + 0x00FF13E4);
value += 0x18;
value = d3.ReadUInt(value);
value += 0xC8;
value = d3.ReadUInt(value);
value += 0xC;
value = d3.ReadUInt(value);
value += 0x298;
value = d3.ReadUInt(value);
value += 0x2C;
float hp = d3.ReadFloat(value);
lblHP.Text = hp.ToString();

[zewt]

i have 0 experience with blackmagic.

[Valkirie]

Maybe you could share the code you're using zewt to read that hp value ?
I must admit i'm still unable to read these value, using Blackmagic also I only get CanRead Uint error.

[Kikipaz]

Damn i better learn coding :/

[truetarin]

You always have to start visual studio as administrator.

Here is the new code (i only changed the Pointer) and this works for me...

Code:

            try
            {
                BlackMagic diablo = new BlackMagic();
                diablo.OpenProcessAndThread(SProcess.GetProcessFromWindowTitle("Diablo III"));
                IntPtr baseDiablo = diablo.MainModule.BaseAddress;
                Console.WriteLine("baseDiablo: " + baseDiablo);

                // Try to get current health
                uint value = diablo.ReadUInt((uint)baseDiablo + 0xFF13E4);
                value += 0x18;
                value = diablo.ReadUInt(value);
                value += 0xC8;
                value = diablo.ReadUInt(value);
                value += 0xC;
                value = diablo.ReadUInt(value);
                value += 0x2A0;
                value = diablo.ReadUInt(value);
                value += 0x14;
                float hp = diablo.ReadFloat(value);


                Console.WriteLine("value: " + value);
                Console.WriteLine("hp: " + hp);
                while (true)
                {
                    hp = diablo.ReadFloat(value);
                    Console.Clear();
                    Console.WriteLine("You have " + hp + " health");
                    Thread.Sleep(400);
                }
            }// try
            catch (Exception e)
            {
                Console.WriteLine("Error@BlackMagic init \n" + e);
            }// catch

[projectbarcelona]

no problem. i updated health pointer since 1.0.2 patch and im gonna get some more pointers and update this thread tomorrow.

Any update on this?

Side note, I'm also only getting 4 back as HP with the current pointer. The original armor pointer seems to also be working again.

[jimmy06]

Just so you know if you leave the town then TP back thats it that offset is invalid.

I'm trying to get the players gold with a pointer any idears where i should be looking with CE as i pointer scan and reload the game. then with a second pointer scan i get 0 results.

[caosmen]

Hi,

here are my memories.

Base= Life Pointer

life pointer= Diablo III.exe+00FF13E4 + 18 + c8 + c + 2a4 + 8

Mana= base -192 Float
Int= base +1500 Float
armor= base +1068 Float
strenght= base + 1548 Float
gold collect radius = base - 816 Float

In this memorie region is alot more stuff of the player see in the screens

But right now i have some problems the player stats are in ?? Arrays ? or what ever they are there but i cannot get them when i call the memorie.

You can see in the 2 pictures:






For eg the yellow memorie i cannot get when i look just in the memorie.

so can someone give me a hint to browse this memorie region to find it in ida or olly ? or tell me what to look for. i am right now in the tuts4you debugging tut 12 and right now this isnt written in there. but i ll keep on working on this tuts.


ty

caos

[spixxeljamot]

Hi, I am trying to do it in C++ and having some problems, I get 0 as the first value read from baseadress+0xFE31CC

Here is the code.


diabloHandle = FindWindow(0, _T("Diablo III"));
DWORD pID = 0;
GetWindowThreadProcessId(diabloHandle, &pID);

DWORD baseAddr = dwGetModuleBaseAddress(pID, _T("Diablo III.exe"));
DWORD staticOffset = 0xFE31CC;
HANDLE handle = OpenProcess(PROCESS_ALL_ACCESS, FALSE, pID);
DWORD value;
DWORD numBytesRead;
ReadProcessMemory(handle, (LPCVOID)(baseAddr+staticOffset), &value, sizeof(DWORD), &numBytesRead);
value+=0x18;
ReadProcessMemory(handle, (LPCVOID)value, &value, sizeof(DWORD), &numBytesRead);
value+=0xC8;
ReadProcessMemory(handle, (LPCVOID)value, &value, sizeof(DWORD), &numBytesRead);
value+=0xC;
ReadProcessMemory(handle, (LPCVOID)value, &value, sizeof(DWORD), &numBytesRead);
value+=0x298;
ReadProcessMemory(handle, (LPCVOID)value, &value, sizeof(DWORD), &numBytesRead);
value+=0x2C;
ReadProcessMemory(handle, (LPCVOID)value, &hp, sizeof(DWORD), &numBytesRead);

sais that I read 4 bytes from the first readprocessmemory but inside "value" it is 0 and then it reads 0 bytes from the rest of them, appriciate help, thanks

[RamirezX]

You have to open process with SE_PRIVILEGE_ENABLED. My way:

Code:

DWORD ProcessID; 
HANDLE ProcessHandle;
DWORD ModuleBaseAddress;

void enableDebugPrivileges() {  
 
	HANDLE hToken;
	LUID SeDebugNameValue;
	TOKEN_PRIVILEGES TokenPriv;
	TOKEN_PRIVILEGES PrevTokenPriv;
	DWORD ReturnLength;


	if (OpenProcessToken(GetCurrentProcess(), TOKEN_ALL_ACCESS, &hToken)) {

		if (LookupPrivilegeValue(NULL, SE_DEBUG_NAME,&SeDebugNameValue))	{

			TokenPriv.PrivilegeCount = 1;
			TokenPriv.Privileges[0].Luid = SeDebugNameValue;
			TokenPriv.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
			PrevTokenPriv = TokenPriv;
			
			AdjustTokenPrivileges(hToken, FALSE, &TokenPriv, sizeof(TokenPriv), &PrevTokenPriv, &ReturnLength);
		}
	}

}  


DWORD GetProcId(char* ProcName)  
{  
    PROCESSENTRY32   pe32;  
    HANDLE         hSnapshot = NULL;  
  
    pe32.dwSize = sizeof( PROCESSENTRY32 );  
    hSnapshot = CreateToolhelp32Snapshot( TH32CS_SNAPPROCESS, 0 );  
  
    if( Process32First( hSnapshot, &pe32 ) )  
    {  
        do{  
            if( strcmp(pe32.szExeFile, ProcName ) == 0 )  
               break;  			
        }while( Process32Next( hSnapshot, &pe32 ) );  
    }  
  
    if( hSnapshot != INVALID_HANDLE_VALUE )  
        CloseHandle( hSnapshot );  
  
    return pe32.th32ProcessID;  
}

DWORD GetModuleBaseAddress(char* ModuleName, DWORD ProcessID)	{

	MODULEENTRY32 me32; 
	HANDLE        hSnapshot = NULL;

	hSnapshot = CreateToolhelp32Snapshot( TH32CS_SNAPMODULE, ProcessID );
	me32.dwSize = sizeof(MODULEENTRY32);

	if ( Module32First( hSnapshot, &me32 ))	{
	
		do{  
            if( strcmp(me32.szModule, ModuleName ) == 0 )  
			   return (DWORD)(me32.modBaseAddr);	
               break;  			
        }while( Module32Next( hSnapshot, &me32 ) );  

	}
}

int Attach(void)	{


	enableDebugPrivileges();  
 
	ProcessID = GetProcId("Diablo III.exe");  
    if(GetLastError())  
	{  
		return -1;  
	}  
     
	ProcessHandle = OpenProcess(PROCESS_ALL_ACCESS,0,ProcessID);  
	if(GetLastError())  
	{  
		return -1;  
	}  
  
	char buffer[4096];
	char filename[4096];

	GetModuleFileNameEx(ProcessHandle, NULL, (char *)(buffer), 4096);
	if(GetLastError())  
	{  
	    return -1;  
	}

	char *fname; 
	fname = buffer; 
	fname =	strrchr(buffer,'\\') + 1;

	ModuleBaseAddress = GetModuleBaseAddress(fname, ProcessID);

	// Debug info, if they are 0, something is wrong  
  
	printf("PID: 0x%X\n", ProcessID);
	printf("HANDLE: 0x%X\n", ProcessHandle);
	printf("BASE: 0x%X\n", ModuleBaseAddress);

	return 1;
}

[datguyjoe]

could anyone tell me if these are still the correct values for the newest version of diablo?