[Question] What method do you use to find static Z address? menu

User Tag List

Results 1 to 6 of 6
  1. #1
    Tanaris4's Avatar Contributor Authenticator enabled
    Reputation
    148
    Join Date
    Oct 2008
    Posts
    646
    Thanks G/R
    0/0
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    [Question] What method do you use to find static Z address?

    I've noticed in the white paper it shows 2 different methods for determining the base player address. It also (I believe) has the static Z address and then loops through memory until it finds the player w/that exact Z coordinate - then you have the current player address.

    My question - if you don't already have the static Z address - how do you find it?

    I"m familiar w/using IDA Pro, assembly, and checking out memory - but I'm just stumped as how you find the original Z address.

    Any help would be greatly appreciated (note: don't flame... I know... yet another right? I'm trying to do this on a mac - which has different addresses so I can't use the static Z address). I've found the static MAP ID for the player on a mac (unfortunately like 10 addresses, haven't narrowed it down further). But I'm not certain how to find Z.

    Thanks!

    [Question] What method do you use to find static Z address?
  2. #2
    Shynd's Avatar Contributor
    Reputation
    97
    Join Date
    May 2008
    Posts
    393
    Thanks G/R
    0/0
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Search unknown; get on a table, search increased; get off of the table, search decreased; repeat.

  3. #3
    argh44z's Avatar Member
    Reputation
    19
    Join Date
    Nov 2007
    Posts
    93
    Thanks G/R
    0/1
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I'd just find the address of the g_clientConnection global variable inside of the OSX binary. Should be pretty easy to do with IDA (begin by looking for ".\\ObjectMgrClient.cpp" in the string list, and then view the xrefs to it). From there, you can find the address of the object manager inside of the clientconnection stucture. That will give you the current player GUID and the object list.

    Can you upload the current OSX wow binary somewhere btw?

  4. #4
    Tanaris4's Avatar Contributor Authenticator enabled
    Reputation
    148
    Join Date
    Oct 2008
    Posts
    646
    Thanks G/R
    0/0
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    It's been uploaded here:
    RapidShare: Easy Filehosting

    Still attempting to find it in IDA Pro - unable to find it. Hopefully it uses the same source tree as the windows version.

    Edit: The app is here: World of Warcraft.app\Contents\MacOS\World of Warcraft

    Edit: I lied - found it :-) db './ObjectMgrClient/ObjectMgrClient.cpp',0

    Still trying to get to the static Z address - will post updates if/when I find it
    Last edited by Tanaris4; 10-21-2008 at 09:23 AM.

  5. #5
    argh44z's Avatar Member
    Reputation
    19
    Join Date
    Nov 2007
    Posts
    93
    Thanks G/R
    0/1
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    That's not it-- that's just a string that gets passed into a logging or assert function (the OSX client seems to be like the win32 PTR client in terms of coming with the asserts and such-- very useful).

    What you are looking for is 0x00B6D1BC. That's g_currentConnection. Jump to that address and look at the xrefs. There are many instances of it checking to see if that variable is NULL.
    Last edited by argh44z; 12-06-2008 at 01:54 AM.

  6. #6
    Tanaris4's Avatar Contributor Authenticator enabled
    Reputation
    148
    Join Date
    Oct 2008
    Posts
    646
    Thanks G/R
    0/0
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    How did you go from getting the xrefs of g_clientConnection to finding 0x00B6D1BC - think I'm missing a next step here

    Not sure how you found the sub_1A99CA func either
    Last edited by Tanaris4; 10-21-2008 at 11:34 AM.

Similar Threads

  1. [Question] What GPS Spoofing Method Are You Using?
    By cvlol in forum Pokemon GO Chat
    Replies: 4
    Last Post: 07-18-2016, 12:45 AM
  2. [Question] What program do I use for deep .m2-editing?
    By Violence in forum WoW ME Questions and Requests
    Replies: 5
    Last Post: 06-15-2008, 08:21 AM
  3. [Question] What's the sound used by Essnance of Eranikus?
    By Neverent in forum WoW ME Questions and Requests
    Replies: 0
    Last Post: 03-09-2008, 11:11 PM
  4. What DB do you use and why?
    By cannibalx in forum World of Warcraft Emulator Servers
    Replies: 6
    Last Post: 11-13-2007, 03:16 PM
  5. [Question] What sire should I use for powerleveling?
    By Dancingcow in forum World of Warcraft General
    Replies: 3
    Last Post: 09-18-2007, 07:18 AM
All times are GMT -5. The time now is 06:54 AM. Powered by vBulletin® Version 4.2.3
Copyright © 2024 vBulletin Solutions, Inc. All rights reserved. User Alert System provided by Advanced User Tagging (Pro) - vBulletin Mods & Addons Copyright © 2024 DragonByte Technologies Ltd.
Digital Point modules: Sphinx-based search