-
Contributor
Help with finding PoE memory patterns
So I've been trying to follow the steps from GameHelper to find memory patterns, but with no sucess. My goal is to get the current pattern of the InGameState. The steps are as follows:
Code:
// <HowToFindIt>
// 1: Open CheatEngine and Attach to POE Game
// 2: Search for String: "InGameState", type: UTF-16 (use case insensitive if you don't find anything in the first try)
// 3: On all of them, "Find out what accesses this address"
// 4: Highlight one of the instruction
// 5: Go through all the registers (e.g. RAX, RBX, RCX) and one of them would be the HashNode Address which points to the InGameState Address.
// 5.1: To know that this is a HashNode Address make sure that Address + 0x20 points to the "InGameState" key (string)
// 6: Open HashNode Address in the "Dissect data/structure" window of CheatEngine program.
// 7: @ 0x08 is the Root HashNode. Copy that value (copy xxxx in i.e. p-> xxxxxx)
// 7.1: To validate that it's a real Root, 0x019 (byte) would be 1.
// 8: Pointer scan the value ( which is an address ) you got from step-7 with following configs
// Maximum Offset Value: 1024 is enough
// Maximum Level: 2 is enough, if you don't find anything increase to 3.
// "Allow stack addresses of the first threads": false/unchecked
// Rest: doesn't matter
// 9: Copy the base address and put it in your "Add address manually" button this is your InGameState Address.
// 10: Do "Find out what accesses this address" and make a pattern out of that function. (pick the one which has smallest offset)
// </HowToFindIt>
After doing step 2, it says "On all of them, "Find out what accesses this address"". I'm getting 152 found addresses. I've tried going through every one of the found addresses and pressing "Find out what accesses this address" for several seconds (since it looks like I can do it only for 1 address at a time), but CE doesn't show anything that would access any of those addresses. Am I doing something wrong?
-
Active Member
In CE there are some Checkboxes in the Memory Scan Options
Set Writable to Grey after that u should find what u are searching for
But u can Scan for " 48 8B F1 33 ED 48 39 2D " Array to find the "IngameStat" ptr.
GH is using "48 83 EC ?? 48 8B F1 33 ED 48 39 2D ^ ?? ?? ?? ??" as pattern and that don't Change
but it could change in future patches then u can go the way thats explained or try to scan for
an array with few changes something like that what is used in ExileApi. And then set the " ^ " to the right position
Last edited by darkxell133; 09-02-2022 at 12:08 PM.
-
Also if you're going to keep trying to update offsets... using the dev tree is super useful. You'll have to look at the code and see why something like the radar might be broken (perhaps even running it in debug). Frequently its just because an offset changed... like the metadata's location. You should be able to see the metadata pointer broken, then use cheat engine's tools to look for the new location.
-
Post Thanks / Like - 1 Thanks
arturino009 (1 members gave Thanks to Sychotix for this useful post)
-
These steps broke a couple of leagues ago ( when they changed from strings to enums ). I never really have to update the doc string since it’s a stable one.
Last edited by GameHelper; 09-02-2022 at 12:46 PM.
If I did not reply to you, it mean the question you are asking is stupid.
-
Contributor
Originally Posted by
GameHelper
This method broke a couple of leagues ago. I never really have to update the doc string since it’s a stable one.
Damn, no wonder I can't follow them . Maybe there are some suggestions on which offsets break most often after random midleague updates and on leaguestarts? As a learning practice
-
Active Member
On Small Patches most of time Offsets only moving a few Bytes up or down but it can be happen to most Offsets
Using ExileAPI with DevTree u can find that out very fast then u should add the Addresse and take a look to Memory View
there u can see how to change it to works againe.
On big Patches There are many Changes cause of new UI Elements MapElements and many other that is added to the Game
the Pointer to this are moving all other Pointer to other locations within the memory.
And all new stuff change the Offset KLake changed InGameStat, IngameData, ServerData, WorldData, Mods and UIElements
I have a Folder With ExileAPI and only with DevTree without any other Plugins and this is the one where VisualStudio save the Compiled stuff
so i can change offset compile start ExileAPI and see if Offset Changes was right
Last edited by darkxell133; 09-02-2022 at 01:28 PM.
-
Post Thanks / Like - 2 Thanks