Detect the character

[loeal]

Hi,

I am looking for a way to find the character every time, as seen from the version 1.0.5, the value of 0x004 RActor is no longer any time to set 0x77BC000 (especially in the act 3).

I tried several things, such as using ActorCollisionData and reading the value located 0x0B0; takes the value of 7 players present.

But I can not find a way to differentiate players (depending on whether you create the party or you can reach information in ActorCollisionData are not declared in the same order.

Could anyone give me a tip?

[Evozer]

There is a container of players which contains current acdid and actorid (aswell as active spells and some other stuff). It's located at objectmanager+83c I believe. If you are in a multiplayer game you will also need the index of the local player which is somewhere in objectmanager aswell. The exact offsets can be found in the lootalert source.

[loeal]

the container located 0x83C of ObjManStorage must match obDataContainer.

I have not yet handled.
I'll look at it closer thank you for the tip

Edit:
I just decrypter part of the loot code alert (I noticed some small bugs in the source code, but it is not the purpose of this subject that I will skip).

Handling works well when you are alone in the game, I can retrieve the offset of the player (in RActor) as follow :

Code:

int index = memory.ReadInt(ObjectManager, 0x934, 0); // unknown container
int actor_id = memory.ReadInt(ObjectManager, 0x83C, 0x60 + index * 0x82C8))); // retrieve info. from ObDataContainer

int Actor_container = memory.ReadInt(ObjectManager, 0x8C8);
int Actor_Data = memory.ReadInt(Actor_container + 0x148)
short Actor_shortid = (short)(0xFFFF & actor_id);
int Actor_bitShift = memory.ReadInt(Actor_container + 0x18C);
int ofs_actor = memory.ReadInt(Actor_Data) + 4 * (Actor_shortid >> Actor_bitShift) + 0x42C * (Actor_shortid & ( (1 << Actor_bitShift) - 1) );

public int ReadInt(int addr, params int[] offsets)
{
int res = ReadInt(addr);
foreach (int i in offsets)
res = ReadInt(res + i);
return res;
}

But when I'm multiplayer part, ofs_actor returns something other than the offset of the player.
It must come from both container in which the work going on, but unfortunately I can not find the information above (ObDataContainer ( +0x83C) and UIManager ( +0x93C)

Someone would have the structures for the two?

[MisguidedRage]

f_GetActorPtrFromGUID 886C60
f_GetLocalPlayer 99F530
f_GetPlayerGuid 99F570
f_GetTeamID1 E0ABC0
f_GetTeamID2 E0ABF0
f_GetTeamID3 E0C290

Untested but they should point you in the right direction

[Evozer]

Did you even download the LootAlert source?

It's 0x94C and not 0x934 anymore, also struct size went from 0x82C8 to 0x8590

[boredevil]

All you need is in this function:
RActor* __cdecl D3::GetLocalPlayer() - 0x0099F590

[loeal]

offsets are not good? I thought I had recovered bone version (ca teach me not to look

@ MisguidedRage
thank you for this information it's going to help me a little more.

@ Evozer
I thought I had the latest version, but actually looking at the value of Ractor it would make me think.
I will test with the new values​​. thank you
Edit : Ok i do not have the final version (loot alert 1.0.5 instead of loot alert 1.0.5a)

@ boredevil
ok ... then? function without source or without sound mode are not very useful.
I use things that I understand only

[MisguidedRage]

All you need is in this function:
RActor* __cdecl D3::GetLocalPlayer() - 0x0099F590

Hmm, what version is that offset for?

[boredevil]

oh. my bad. that was for 12480

[MisguidedRage]

Mine is from a Patchdiff2 analysis going from version 11327 (1.0.4) -> 12811 (1.0.5). If my initial identification of the function was wrong let me know and I'll change it. What does yours say for 12811?

[boredevil]

i didn´t update my stuff yet. gimme a few minutes. i´ll edit this post, when analysis finished. but i guess your offsets are correct. in 12480 GetLocalPlayerGuid is also just 0x40 bytes behind GetLocalPlayer

edit:
0x99f530 seems to be correct for GetLocalPlayer

To find the function to dump the Ui Elements just search for "Dumping UI" in the strings window.
Go to where it is referenced. Ida didn´t recognize the function till now.
Scroll a bit up, till you find the function prologue ( push ebp; mov ebp,esp) to find it´s beginning. rightclick on on the first instruction (push ebp) and hit Create Function

[MisguidedRage]

Ahhh okay, I've spent a lot of time learning IDA, patchdiff2, analysis on unmatched functions and patterns to quickly identify unmatched functions when their code changes too much for patchdiff to catch but they follow as you said a location pattern etc and would have been severely disappointed if I screwed that up. You wouldnt happen to have the address for DumpUIElements would you? It's the function that dumps all active UI Elements' names and hash codes to the D3debug.txt file.

[boredevil]

@MisguidedRage your pm box is full. can´t send you messages. but take a look at my last post to find what you are looking for.

@loeal
just take a look at the client function at 0x99f530 it returns the RActor of the LocalPlayer.
If you compare what´s happening in there you will realize that it uses the same offsets that have been posted in this thread. Try/learn to understand how the client does it, and you will be able to update offsets on your own next time.
if you only want to use stuff you actually understand, you should start to learn/understand what´s going on in the client.

[loeal]

@ boredevil
these two programs are beginning to have the values ​​in the brutal way ", but it misses the whole operation.

information that will be very useful is the name of the container located 0x94C to ObjectManager

PS:
"if you only want to use stuff you Actually Understand, you start to learn shoulds / understand what's going on in the client."
...

Edit:
Ok, I found something interesting, the fact that the value of the container has changed size unknown (0x934 -> 0x94C) and a value as low (0xF)
This seems to fit the size change ObjManStorage appeared in version 1.0.5.

After checking it matches the container Local:
ObjectManager / ObjManStorage / Local ( offset 0x1B8 )

From the code I got (I've condensed my second post) it is clear that there is a concern in the declaration of actor_id (0x60 + * index 0x8590)

I'll watch it later.

[loeal]

Hi,

after some research here is where I came, I did not check the syntax, but the spirit is.

Code:

int ObjectManager = memory.ReadInt(0x17DA33C);
int ObjManStorage = 0x794;

// ObDataContainer
int ObData = memory.Readint(ObjectManager, ObjManSorage + 0x0A8);
int ObData_header = 0x060;
int ObData_StrucSize = 0x8590;

// RActor
int Actor_container = memory.ReadInt(ObjectManager, ObjManSorage + 0x134);
int Actor_Data = memory.ReadInt(Actor_container + 0x148);
int Actor_bitShift = memory.ReadInt(Actor_container + 0x18C);
int Actor_StrucSize  = 0x42C

// stuff
int local_index = memory.ReadInt(ObjectManager, ObjManStorage + 0x1B8, 0);
int actor_id = memory.ReadInt(ObData + ObData_header + local_index * ObData_Container);

short Actor_shortid = (short)(0xFFFF & actor_id);
int Actor_index = Actor_shortid & ( (1 << Actor_bitShift) - 1);
int Actor_Ofs_character = memory.ReadInt(Actor_Data) + Actor_StrucSize * Actor_index;

// sub function
public int ReadInt(int addr, params int[] offsets)
{
int res = ReadInt(addr);
foreach (int i in offsets)
res = ReadInt(res + i);
return res;
}

Solo it works without problems.

Multi player it crash once in two (the original code of "loot 1.0.5a alert" also crash).
The problem just search for 'actor_id', more precisely the structure of "ObjectManager / ObjManStorage / ObData"

(If it does not crash solo is that only the first element ObData is used, so no need structure).

My research has been unsuccessful on this container, so if anyone has information that will help a lot!