Get Player Base NO TLS + Delphi code [2.3.3]

[robotkid]

Hello everyone :wave:


This is a simple way to get to the player's base (to read the stracture)
without using TLS method or anything..there is a static pointer which
gives us the base

Just read this address with CE -> 0E60BB8...

Adding 2508h will get you to the player's GUID
Adding C13h you'll have the fly hack address (128 off/130 on)
Adding 3890h will get you to the hunter type tracking address (possible values
are here http://www.mmowned.com/forums/wow-me...ess-2-3-a.html)

There is delphi code for a small program that enumerates ALL wow processes
and lists their PID along with the base, fly hack, GUID addresses

EDIT:
Uploaded the attachment again cause PCex.pas unit was missing.
Also i've added a CE file to load those hacks and more from the
player's stracture as raindog has posted.

Have fun
jOHNIDIs [c]

[Whalemarte]

Doesn't that static address change with each major revision though? The whole strength of TLS is that you only need to update one offset to get to the WoWModuleOffset

[robotkid]

Yes it changes but i offer an alternative quick easy way for it for this version
In next revs it would worth to take a look at nearby addresses..it could be
somewhere near..

[suicidity]

not bad +rep

[robotkid]

not bad +rep

Thx dude

[Xarg0]

Really cool, how did you find that Adress?
+rep btw :-)

[robotkid]

Really cool, how did you find that Adress?
+rep btw :-)

Well i had found a similar address for 2.3.0 myself and was quite sure there
was one for this one too..i wasn't into finding this address alone again since
TLS existed..Then i unpacked the latest WEH to examine its code and
among other things i discovered that it uses this static address..
(btw this is my thread with unpacked WEH read to examine with a debugger
http://www.mmowned.com/forums/wow-me...-unpacked.html)

Im pretty sure this address should stick around this offset if wow.exe won't
dramatically change.

If the same stracture and logic will be used in future revs then the logic to
find this is quite simple..

First you find the GUID which is the first value of the player's stracture,
then you substract 2508h (shouldn't change but if it will, it should be around
there somewhere) At the moment you should be at the base..now open CE
and search for this Address in hex That will lead you to the pointer
which will hopefully be static

A fast and easy way to find the GUID for those aren't familiar with these
stractures you can find the MAX HP of the player and substract 70h.
To do that, search for your max health, then gain/loose some stamina to
change health value, search for new MAX HP rinse and repeat

[radegast]

Hello everyone :wave:


This is a simple way to get to the player's base (to read the stracture)
without using TLS method or anything..there is a static pointer which
gives us the base

Just read this address with CE -> 0E60BB8...

Adding 2508h will get you to the player's GUID
Adding C13h you'll have the fly hack address (128 off/130 on)
Adding 3890h will get you to the hunter type tracking address (possible values
are here http://www.mmowned.com/forums/wow-me...ess-2-3-a.html)

There is delphi code for a small program that enumerates ALL wow processes
and lists their PID along with the base, fly hack, GUID addresses

Have fun
jOHNIDIs [c]

nice work .. i have a question : PCex is a part of D7 or it is 3rd party code ?
I use D6 Ent. and it's unable to compile .. if it's 3rd party, where can i get it ? i searched the web and nothing found ... thx for answer.

[robotkid]

nice work .. i have a question : PCex is a part of D7 or it is 3rd party code ?
I use D6 Ent. and it's unable to compile .. if it's 3rd party, where can i get it ? i searched the web and nothing found ... thx for answer.

Dang you're right forgot to put that in the attachment
I'll try to upload a working one :P

EDIT:
Done It should compile now

P.S. Radegast? Isn't that a common Czech beer? :P
But i assume you mean the god XD

[Phygar]

So, I do this for flymode?

[radegast]

Dang you're right forgot to put that in the attachment
I'll try to upload a working one :P

EDIT:
Done It should compile now

P.S. Radegast? Isn't that a common Czech beer? :P
But i assume you mean the god XD

Thx for upgrade
I tried to reply to your P.M. but as marked as n00b I couldn't ... so THX !!!
And yes .. you're right, Radegast is a Czech beer (and old god too), but I prefer Pilsner

[robotkid]

So, I do this for flymode?

Yes. That simple same applies for GUID
You can save this as a file and you will never have to change
anything again..at least for version 2.3.3

[=sinister=]

robotkid, you are really my hero, your posts are easy to read and everything!

--edit-- oh btw i get disconnected on fly hack =\

[robotkid]

robotkid, you are really my hero, your posts are easy to read and everything!

--edit-- oh btw i get disconnected on fly hack =

Well the fly hack works on many servers but not for all..depends on the hack protection settings this server has :S

Well i always try to be simple or at least understandable through my posts..
You see when i started working with reverse engineering it was a pain in
the arse you know Everybody think they are the super geek and post
their mambo jumbo with their bad english and say at the bottom im not gonna
feed you with the spoon or you should kill your self if you dont know how to
do this :yuck: pfff

Have fun

[Phygar]

Well, I just started to learn C#, and I wanted to know if anyone knew how to put memory actions into it, so if you pressed a button, or clicked a check box, it would turn on fly mode.