3.0.2 Addresses

**Nesox** · 10-15-2008

Originally Posted by Cypher

Errr. Thats exactly the way we're talking about Nesox.

Both the OP and I posted it.

i know..

btw. to get curObj and localGUID
the offsets seems to have changed i used to be able to get them with theese:

Code:

localGUID = Memory.ReadUInt64(hProcess, (ObjectManager.s_curMgr + 0xC0));
curObj = Memory.ReadUInt(hProcess, (ObjectManager.s_curMgr + 0xAC));

did it change? :yuck:

**Cypher** · 10-15-2008

Neither have changed.

**Nesox** · 10-15-2008

Originally Posted by Cypher

Neither have changed.

ah ok, my bad cant login right now so ill try again tomorrow

**Cypher** · 10-15-2008

Also. The GUID is 8 bytes and stored at 0xC0 and 0xC4.

And the second offset isn't "curobj" it's the pointer to the first object.

**Dearleader** · 10-15-2008

Originally Posted by Cypher

Also. The GUID is 8 bytes and stored at 0xC0 and 0xC4.

And the second offset isn't "curobj" it's the pointer to the first object.

So you mean [ [g_clientConnection] + 0x285C ] + 0xAC = First Object Ptr?

**kynox** · 10-15-2008

Originally Posted by Dearleader

So you mean [ [g_clientConnection] + 0x285C ] + 0xAC = First Object Ptr?

Yes, its a linked list.

**Cypher** · 10-15-2008

Originally Posted by kynox

Yes, its a linked list.

^ This .

**luciferc** · 10-15-2008

Charmander be a trollin the front lawn...

**RoKFenris** · 10-15-2008

Originally Posted by kynox

Yes, its a linked list.

BTW, it's a double linked list:

[currObjPtr + 0x38] = prevObjPtr + 0x38
[firstObjPtr + 0x38] = [ [g_clientConnection] + 0x285C ] + 0xA8
[ [ [g_clientConnection] + 0x285C ] + 0xA8] = lastObjectPtr + 0x38

You can iterate over the whole list from any one object. Of course, with the ease of finding g_clientConnection, it's not really needed.

I also found the adresses I was looking for, thanks to Cypher's info (and finally learning how to reverse a VMT). The object name is found at [ [currObj + 0x1f4] + 0x078 ], and the object type is now the second byte of GAMEOBJECT_BYTES_1 (offset 0x045 from the start of the gameObject structure).

**Cypher** · 10-15-2008

Originally Posted by RoKFenris

BTW, it's a double linked list:

[currObjPtr + 0x38] = prevObjPtr + 0x38
[firstObjPtr + 0x38] = [ [g_clientConnection] + 0x285C ] + 0xA8
[ [ [g_clientConnection] + 0x285C ] + 0xA8] = lastObjectPtr + 0x38

You can iterate over the whole list from any one object. Of course, with the ease of finding g_clientConnection, it's not really needed.

I also found the adresses I was looking for, thanks to Cypher's info (and finally learning how to reverse a VMT). The object name is found at [ [currObj + 0x1f4] + 0x078 ], and the object type is now the second byte of GAMEOBJECT_BYTES_1 (offset 0x045 from the start of the gameObject structure).

Oh nice. You found where GOT is located! Thats what I was gonna do after I sorted this DBC stuff. Nice work.

**crazyelfjj** · 10-16-2008

....ok i dont know about all this coding stuff or what it is for...someone on XYZ page 33 told us to come here for the new pointers of XYZ....can someone below me post all of it??i wanna get to ebon hold lol...

**Nesox** · 10-16-2008

Originally Posted by crazyelfjj

....ok i dont know about all this coding stuff or what it is for...someone on XYZ page 33 told us to come here for the new pointers of XYZ....can someone below me post all of it??i wanna get to ebon hold lol...

it has already been posted, take a look at the frst page.

0x012DF9E4 : Static X
0x012DF9E8 : Static Y
0x012DF9EC : Static Z

**RoKFenris** · 10-16-2008

Originally Posted by Cypher

Oh nice. You found where GOT is located! Thats what I was gonna do after I sorted this DBC stuff. Nice work.

Found it by accident. I was looking at the GetModel function for game objects, and some types of game objects can't have models

If GOT vanishes again, looking at this function should be enough to find it.

**Cursed** · 10-16-2008

I dont have an account atm, so I cant test this but you can try if you want:

Code:


Hours (Time):   	0x0E11ABC
__________________________________________________________________
Minutes (Time): 	0x0E11AB8
__________________________________________________________________
Fall Speed:		0x1009560
__________________________________________________________________
Game Speed:		0x095A320
__________________________________________________________________
Unlimited Jumping:	0x08D53E1

**UnknOwned** · 10-16-2008

Originally Posted by Nesox

it has already been posted, take a look at the frst page.

0x012DF9E4 : Static X
0x012DF9E8 : Static Y
0x012DF9EC : Static Z

Guess the guy means modifiable pointers.

Originally Posted by crazyelfjj

....ok i dont know about all this coding stuff or what it is for...someone on XYZ page 33 told us to come here for the new pointers of XYZ....can someone below me post all of it??i wanna get to ebon hold lol...

You don't just need the pointers for this patch. You need to re-write or atleast add a few lines of code to make it work since its no longer just one level to get to $base.

Just add it to the pointers.ini
and add the code to part before:

Code:

$base = _memoryread($pointer ,$wow,'dword')
$Y = "0x" & hex($base + 0xBF0)

Shout-Out

User Tag List

Thread: 3.0.2 Addresses

Thread Tools

Search Thread

Similar Threads

IP address question.

ce adding address(plz help noob)

[Guide] Change you IP address

How To: Find put ur IP address by clicking on an icon

Anyone got new WC address?

OwnedCore Forums

casino

CoreCoins

My OwnedCore

About Us

Casino