3.0.8 Descriptors

[RoKFenris]

also is mob name still:

((MobAddress+0x9B0)+0x3C)

and object name:

((ObjectAddress+0x1F4)+0x7 ?

Just finished updating my project, mob name is now at:

((MobAddress+0x9A0)+0x3C)

object name seems to not have changed.

[jbrauman]

Can't test it yet (yay EU), but I *think* that his is the new address to the CGUnit_C::UpdateModel() method (e.g. for Cyphers awesome Morph Hack)

0x006800A0

Correct me if I'm wrong.

Update: Servers are up, it's working.



0x006800A0 = CGUnit_C::UpdateModel()

Dynamic Jump Height (float) = [playerbase + 0x874]

Rofl at the picture

[Hannah]

very helpful thanks

[Rabies]

Is there any way to get auras(buff/debuff) out from the player structure?
I've tried to use [PlayerStructure + UNIT_FIELD_AURASTATE] and see if I could find any values that had the same as my current buff/debuff but without any luck.

[Greyman]

Auras changed in 3.0, you now have to retrieve them from the player struct or use the internal WoW routines. If you reverse the LUA functions for buffs/debuffs you'll see how it works... Very straightforward.

[Sillyboy72]

Given this:
0x006800A0 = CGUnit_C::UpdateModel()

I would expect that if hit ye ol debugger, grab a pointer to the player object, and search its vtable... I would see 0x006800A0 in there somewhere. but alas, i do not.

Was hoping to just replace one of the my empty WowObject::FunctionXXX with the call to UpdateModel, but apparently that ain't gonna happen

[kynox]

You're thinking of a virtual method, not all methods of a class are virtual.

[Sillyboy72]

You're thinking of a virtual method, not all methods of a class are virtual.

I'm a retard. thx.

[Rabies]

Auras changed in 3.0, you now have to retrieve them from the player struct or use the internal WoW routines. If you reverse the LUA functions for buffs/debuffs you'll see how it works... Very straightforward.

Sounds interesting. To be honest I have no previous experience with reverse engineering; started with memory reading a few weeks ago and managed to build a fairly recent bot so far.

I would like to learn how to isolate internal methods in a program like the LUA methods, but so far I really didn't find any good tutorial on memory reading. Furthermore I have a few concerns knowing that looking for these information might include injection in the WoW memory which Warden can detect.

If you have found any further information about buff/debuff or have a link to where I safely can start learning how to isolate the LUA methods that would be lovely.

[Xarg0]

Sounds interesting. To be honest I have no previous experience with reverse engineering; started with memory reading a few weeks ago and managed to build a fairly recent bot so far.

I would like to learn how to isolate internal methods in a program like the LUA methods, but so far I really didn't find any good tutorial on memory reading. Furthermore I have a few concerns knowing that looking for these information might include injection in the WoW memory which Warden can detect.

If you have found any further information about buff/debuff or have a link to where I safely can start learning how to isolate the LUA methods that would be lovely.

Get a debugger

[SKU]

From what i've heard, the chances of getting detected doing injections isn't that differenct from doing it out of process. (please correct me if I'm wrong.)

About the LUA methods, you can either go to gamedeceptions.net->WoW section and read the awesome post of bobbysing (and others who posted their ways) about "How to find stuff". Oh and ofcourse his WoW Base. LUA functions (often) have the pattern "Usage: <name>". Open WoW in Olly and do a text search for said pattern. eg.: Open Olly, open WoW -> text string search -> "Usage: CastSpellByName", doubleclick on the result and scroll up, you now found "0x004D1960" -> CastSpellByName.

I'm new to this aswell so don't take these things for granted, if I'm wrong i'll soon enough get flamed into the ground and you'll have the correct answers.