WoW v3.0.2 Information

[mordok]

Thank Shynd or I should call u shine XD. I didnt knew that the objects inluded mobs arround me thx.

[lanman92]

Cypher, how do you come up with the offsets for the CGObject_C class? I've looked in the memory, but I have no idea how you manage to dump all of those offsets within ~12 hours of a patch.

[Cypher]

Cypher, how do you come up with the offsets for the CGObject_C class? I've looked in the memory, but I have no idea how you manage to dump all of those offsets within ~12 hours of a patch.

Which ones precisely are you talking about?

Theres a huge dump of info there, be more specific.

[lanman92]

Mainly, the pointers to the movementState, X, Y, Z, etc. The pointers to the DB/Cache or whatever also. I'm gonna start looking at that, I've never looked at it... Seems nice.

[Cypher]

Mainly, the pointers to the movementState, X, Y, Z, etc. The pointers to the DB/Cache or whatever also. I'm gonna start looking at that, I've never looked at it... Seems nice.

Via functions that use the pointers. I find the functions across WoW versions and use them to rip out the offsets I need.

[lanman92]

Ohhhh, I didn't think about that. I really need to start using FIndpattern()... I'm sick of updating EVERYTHING.

EDIT: XREF's FTW for that method I'm assuming. Heh.

[Cypher]

Ohhhh, I didn't think about that. I really need to start using FIndpattern()... I'm sick of updating EVERYTHING.

EDIT: XREF's FTW for that method I'm assuming. Heh.

Stuff is fairly easy to track down, even with a binary/hex based scanner.

I intend to write an IDA script that can do more advanced scanning by utilizing xrefs, the string list, etc when I'm not feeling so damn lazy.

[ostapus]

Small IDA script i made to rename LUA functions to readable state...
the script tries to identify LUA tables ie:

.data:00FCDBF0 dd offset aGetunitspeed ; "GetUnitSpeed"
.data:00FCDBF4 dd offset sub_00FCDBF4

and rename to

.data:00FCDBF0 dd offset aGetunitspeed ; "GetUnitSpeed"
.data:00FCDBF4 dd offset myluaf_GetUnitSpeed

sometime helpfull :-)


#include <idc.idc>

static main(){
auto x, ea, end_seg, write, OutFName, Outfile;
auto sname, fname ;
auto fptr, nptr, fstart ;

ea = FirstSeg();
// ea = here ;
end_seg = SegEnd(ea);

while ( ea != BADADDR) {
if( substr( Name(ea), 0, 1) == "a" && DfirstB(ea) != BADADDR ) {
nptr = DfirstB(ea) ;
fptr = Dword(nptr+4) ;
fstart = LocByName(GetFunctionName(fptr));

Message("String %s @ %x -> %x <> %x/%x : ", Name(ea), ea, nptr, fptr, fstart) ;
if ( nptr != BADADDR && GetStringType(ea) == 0 && strlen(GetFunctionName(fptr)) != 0 && fstart == fptr)
{
fname = GetFunctionName(fptr) ;
sname = GetString(ea, -1, 0) ;

Message("Detected @ %08X : <%s> (%d) -> <%s>\n", ea, sname, GetStringType(nptr), fname) ;

MakeNameEx(fptr, form("myluaf_%s", sname), 1) ;
// break ;
}
else
{
Message(" Wrong: %d %s/%d\n", GetStringType(nptr), GetFunctionName(fptr), strlen(GetFunctionName(fptr))) ;
}

}
if (ea == end_seg)
{
ea = NextSeg(ea);
if (ea!=BADADDR) end_seg = SegEnd(ea);
}
else
{
ea = NextHead(ea, 0xffffffff);
}
}
Message( "String Search complete!\n\n" );
}

[Shamun]

How can I use the lua function with the BlackMagic Library?

[ostapus]

i dont know... have no idea what BlackMagic is.

[Shamun]

BlackMagis is shynd's library it helps to read/write process memory and inject code or dll...
Don't mind BlackMagic how can I use the function?
I'll manage to convert it by myself..

[Shynd]

You can use it when you learn what the hell you're doing. Its an IDA script, not something you inject into the game. Unless, of course, you're talking about something else.

[Shamun]

I want to call a lua function from my bot...

[Shynd]

Then you should probably figure out what you need to do to achieve that. If you're trying to call a protected LUA function, you have to disable the protection; if you're not, then what's the problem?

[Shamun]

Can you show me an example please?