Latest AoC Memory Paths, InjectSoft

**Hyru** · 08-30-2008

We decided to split InjectSoft into two divisions. The first is our existing MMOExtreme software that we will continue to support (for now), and the second is dedicated to open source game hacking. We felt it was better for the hacking community to have valuable resources rather than relying on others to write software for them. Some developers like writing AI but hate having to dig through memory, while others like debugging but hate having to write applications. We will be posting memory locations, tutorials, apis, and more, and hope you are as excited as we are. The goal is to create a strong resource for both new game hackers and veterans as well. We want everyone to contribute.

http://www.injectsoft.com/showthread.php?t=137

Here's an example of what we're posting:

R = Read
W = Write
[static pointer]
+ offset
All pointers and offsets are in hexadecimal

Camera

Zoom Distance Current (R/W): [01797C84]
Zoom Distance Max (R/W): [01797C88]
Zoom Distance Buffer (R): [01797C80]

Player

Casting (R): [237D564] + 3B4 + 240 + 58
Total Experience (R): [237D4E4] + A4 + 8 + 17C

Miscellaneous

Logged In (R): [0237683C]
Window State (R/W): [0167AC61]

Sincerely,
The InjectSoft Team :wave:

**Lifestream** · 08-30-2008

Very nice.
Even tho' I don't play AOC anymore, I enjoy to see what YOU found.
The "Combo Byte" was new to me (See your forum)

+REP

**mosimo** · 09-08-2008

Does anyone have the full list of offsets that was on their site before it went down?

**teemu123** · 09-08-2008

how to use this i mean addres?

**defthack** · 09-08-2008

Here is the main post that was on the injectsoft forums before the site went down. This is information about where data is stored inside the game, Values marked with W means that you can change the data stored in memory and it will change the value in game. Other values with just R you can read to find out more information about what is going on in the game. To use this information you would need to download a program that can read/write to memory, or you can write your own for more flexibility.

US Client

R = Read
W = Write
[static pointer]
+ offset
All pointers and offsets are in hexadecimal

Player

* Serial (R, 4 bytes): [02323708]
* Casting (R, 4 bytes): [237D564] + 3B4 + 240 + 58
* Total Experience (R, 4 bytes): [237D4E4] + A4 + 8 + 17C
* Buff Count (R, 4 bytes): ??
* Movement
o Current Move Speed (R, Float): [02376838] + 9C
o Running
+ Run Speed (W, Float): [01797EE8] + 18C
+ Running Strafe (W, Float): [01797EE8] + 1A0
+ Running Reverse (W, Float): [01797EE8] + 198
o Walking
+ Walk Speed (W, Float): [01797EE8] +188
+ Walking Strafe (W, Float): [01797EE8] + 19C
+ Walking Reverse (W, Float): [01797EE8] + 194
o Sprinting
+ Sprint Speed (W, Float): [01797EE8] + 190
* Float State (R, 4 bytes): [017B1368]
* Direction (R, Float): [0237DCC8] + 40 + 0 + 14 + 20
* Coordinates
o Player X (R/W, Float): [01797EE8] + 2C
o Player Y (R/W, Float): [01797EE8] + 34
o Player Z (R/W, Float): [01797EE8] + 30
* Attributes
o Health, Current (R, 4 bytes): [1797C50] + 8 + 20 + 16C8
o Health, Maximum (R, 4 bytes): [1797C50] + 8 + 20 + 16C4
o Stamina, Current (R, 4 bytes): [1797C50] + 8 + 20 + 16D4
o Stamina, Maximum (R, 4 bytes): [1797C50] + 8 + 20 + 16D8
o Mana, Current (R, 4 bytes): [1797C50] + 8 + 20 + 16D0
o Mana, Maximum (R, 4 bytes): [1797C50] + 8 + 20 + 16CC

Target

* Serial, Current (R, 4 bytes): [237D79C]
* Serial, Last (R, 4 bytes): [0237D7A4]
* Type (R, 2 bytes): [0237D79F]
* Coordinates: Read target serial then find the corresponding game object

Game Object Table

* Table Base: [01797EE8] + 10C + 84 + 4
* First Object Base: [01797EE8] + 10C + 84 + 4 + 0
* First Object Type: [01797EE8] + 10C + 84 + 4 + 0 + 7
* Object Offsets
o Serial: +4
o Type: +7
o Target Type: +14C7
o Target Serial +14C8
o X-Coord: +10C
o Y-Coord: +114
o Z-Coord: +110
o Name, Mobile: +1538
o Name, Other: +1D0
o Health, Cur: +1B4
o Health, Max: +14C
o Level: +220
o Owner Serial (Pets): +1678
o Invulnerable (NPC): +11AD
o Stealth Type: +1716
o Loot Owner Serial, Orig: +280
o Loot Owner Serial, Current: +288

Camera

* Zoom Distance Current (R/W, Float): [01797C84]
* Zoom Distance Max (R/W, Float): [01797C88]
* Zoom Distance Buffer (R, Float): [01797C80]

Miscellaneous

* Logged In (R, 4 bytes): [0237683C]
* Window State (R/W, 4 bytes): [0167AC61]
* Mouse Hover Serial (R, 4 bytes): [0237D7AC]

Auto Combo

* Combo Step (R, Byte): [2376840] + B0 + 8 + 3C + 18
* Slot 1 Highlight: ??

**mosimo** · 09-09-2008

Thats the post I was after, cheers defthack

**voglster** · 09-09-2008

Do we have length of a game object type? or a ptr to the next game object?

**mosimo** · 09-10-2008

I found that:
1st object is Table Base: [01797EE8] + 10C + 84 + 4 + 0
2nd object is Table Base: [01797EE8] + 10C + 84 + 4 + 4
3rd object is Table Base: [01797EE8] + 10C + 84 + 4 + 8

Basically add 0x4 onto the last offset for table base for the next object. Looking though to find if it says anywhere how many obejects there are that I can read.

**defthack** · 09-10-2008

That is what I do to traverse through the game objects, just add 4 * Object Number - 4 to get the data from the objects stored in memory. There are a few discrepancies between locations for data between the different object types (offset +7 Read as Short - 2 bytes) so if some of the offsets are giving you data that doesn't seem right it might be stored in a different place for that object type. I haven't found a way to tell if you are at the last object though.

**defthack** · 09-21-2008

Is there any interest in new memory locations after the PVP patch on 9/18/08? I have been able to find the memory addresses that I was using before the patch such as Player position, Player Health/Stam/Mana, and the players/npcs game object table but it seems like most people have lost interest in Age of Conan. It never seemed like there was a big interest in memory locations anyways. If there isn't any interest here for memory addresses does anyone know of any other forums/communities that would be interested?

**mosimo** · 09-21-2008

I'm still interested in it defthack. I started looking last night, found game objects but couldnt track the pointers back. If you have any offsets since the patch I wouldn't mind having them. Also yea I'm in teh same boat as you. I was here originally because people seemed more interested in doing this kinda stuff until recently.

**defthack** · 09-21-2008

A big thanks to Hyru for posting the original list of memory locations. Without the list he posted I wouldn't have been able to find most of the new locations. I just used the same list Hyru posted and added in the new memory locations I have found so far. Anything with NEW or UPDATED after it should work for the current version of AoC. The ones I left out I have either been unable to find or haven't been interested in finding. Some of the memory locations seem to have multiple pointer paths as well so if some of these pointers don't work let me know and I'll try to find the correct path.

US Client

R = Read
W = Write
[static pointer]
+ offset
All pointers and offsets are in hexadecimal

Player

* Serial (R, 4 bytes): [02319BC8] UPDATED
* Casting (R, 4 bytes): [2A34BF4] +2C4 +2A8 +D8 UPDATED
* Total Experience (R, 4 bytes): [237D4E4] + A4 + 8 + 17C
* Buff Count (R, 4 bytes): ??
* Movement
o Current Move Speed (R, Float): [02376838] + 9C
o Running
+ Run Speed (W, Float): [017A71DC] + 18C UPDATED
+ Running Strafe (W, Float): [017A71DC] + 1A0 UPDATED
+ Running Reverse (W, Float): [017A71DC] + 198 UPDATED
o Walking
+ Walk Speed (W, Float): [017A71DC] +188 UPDATED
+ Walking Strafe (W, Float): [017A71DC] + 19C UPDATED
+ Walking Reverse (W, Float): [017A71DC] + 194 UPDATED
o Sprinting
+ Sprint Speed (W, Float): [017A71DC] + 190 UPDATED
* Float State (R, 4 bytes): [017B1368]
* Direction (R, Float): [0237DCC8] + 40 + 0 + 14 + 20
* Coordinates
o Player X (R/W, Float): [017A71DC] + 2C SEE CHANGES
o Player Y (R/W, Float): [017A71DC] + 30 SEE CHANGES
o Player Z (R/W, Float): [017A71DC] + 34 SEE CHANGES
* Attributes
o Health, Current (R, 4 bytes): [17A71DC] +24 +16C4 UPDATED
o Health, Maximum (R, 4 bytes): [17A71DC] +24 +16C0 UPDATED
o Stamina, Current (R, 4 bytes): [17A71DC] +24 +16D0 UPDATED
o Stamina, Maximum (R, 4 bytes): [17A71DC] +24 + 16D4 UPDATED
o Mana, Current (R, 4 bytes): [17A71DC] +24 + 16CC UPDATED
o Mana, Maximum (R, 4 bytes): [17A71DC] +24+ 16C8 UPDATED

Target

Serial, Current (R, 4 bytes): [2373C7C] UPDATED
Type, Current (R, 2 bytes): [02373C7F] UPDATED
Serial, Last (R, 4 bytes): [02373C84] UPDATED
Type, Last (R, 2 bytes): [02373C87] UPDATED
Coordinates (Selection Circle)
Target X [023A3D08] +F0 NEW
Target Y [023A3D08] +F4 NEW
Target Z [023A3D08] +FC NEW

Game Object Table Mobile(SEE CHANGES)
Table Base: [171420C] +8 +EC UPDATED
First Object Base: [171420C] +8 +EC +0 UPDATED
First Object Type: [171420C] +8 +EC +0 +7 UPDATED
Object Offsets
Serial: +4 UNCHANGED
Type: +7 UNCHANGED
Target Type: +14C7 UNCHANGED
Target Serial +14C8 UNCHANGED
X-Coord: +10C SEE CHANGES
Y-Coord: +110 SEE CHANGES
Z-Coord: +114 SEE CHANGES
Name, Mobile: +1538 UNCHANGED
Health, Cur: +1B4 UNCHANGED
Health, Max: +14C UNCHANGED
Level: +220 UNCHANGED
Owner Serial (Pets): +1678 UNCHANGED
Invulnerable (NPC): +11AD UNCHANGED
Stealth Type: +1716 UNCHANGED
Loot Owner Serial, Orig: +280 UNCHANGED
Loot Owner Serial, Current: +288 UNCHANGED

Game Object Table Immoble
Table Base: [017A71DC] +10C +84 +4 SEE CHANGES
First Object Base: [017A71DC] +10C +84 +4 +0 SEE CHANGES
First Object Type: [017A71DC] +10C +84 +4 +0 +7 SEE CHANGES
Objects Offset (Similar to mobile game objects offsets)
Health, Cur: +297
Health, Max +29B
Name: +210

Camera

* Zoom Distance Current (R/W, Float): [17A6F5C] UPDATED
* Zoom Distance Max (R/W, Float): [17A6F60] UPDATED
* Zoom Distance Buffer (R, Float): [17A6F58] UPDATED

Miscellaneous

* Logged In (R, 4 bytes): [0237683C]
* Window State (R/W, 4 bytes): [0167AC61]
* Mouse Hover Serial (R, 4 bytes): [02373C8C] or [02A32914] UPDATED

Auto Combo

* Combo Step (R, Byte): [2376840] + B0 + 8 + 3C + 18
* Slot 1 Highlight: ??

**CHANGES**
Coords:
X is the East West Value
Y is the Elevation UP/DOWN
Z is the North South Value

Game Objects Table:
It appears that the game objects table has been seperated into non moveable objects and mobveable objects

The formatting seems to be removed, but enough is intact that there shouldn't be a problem with finding the information you need.

**mosimo** · 09-21-2008

Cheers Defthack

I had the shield offset for game objects too. Forgot what it was now.. lost it in my code.
But anyway the values are:
300 = all left shields
30 = all middle
3 = all right
201 = 2 left, 0 mid, 1 right
210 = 2left, 1 mid, 0 right
12 = 1 mid, 2 right

you get the idea.

I'll post the actual offset tomorrow but you can easily find it by using your own game object, looking for taht value in it and changing your shield. Thanks again for the new offsets

**defthack** · 10-01-2008

Seems that the memory locations have changed with the patch on 9/30/08. I have managed to find enough addresses to get my radar working again, but haven't had much time to find other variables.

**mosimo** · 10-03-2008

I've not had chance to look at anything yet. Been raiding and doing low level pvp without my radar for a change :P I might ahve a look later or tomorrow if I get chance

Shout-Out

User Tag List

Thread: Latest AoC Memory Paths, InjectSoft

Thread Tools

Search Thread

Latest AoC Memory Paths, InjectSoft

sup

Similar Threads

45 minutes of model editing and path exploiting

Path to Karazhan

Path to Mount Hyjal

Exploiting Stormwind Pathing

Stonetalon Mountains Pathing Guide

OwnedCore Forums

casino

CoreCoins

My OwnedCore

About Us

Casino