Hello & Need somewhere to start.

[Nesox]

Either way you're going to have to change the page protections. Both .text and .rdata are generally marked as readexecute/readonly. Even if they aren't they both should be so you should be making sure you have write access before attempting to write to them.

Ok, thx for the tip havent run into any problems modifying the .text section and i think it's safer to change the pointer in the function instead of messing with the .rdata section

[bhpushnslide]

EDIT: I AM A DICKHEAD

Hope noone saw that last post :-D.. Was a REALLLLY stupid question.

[bhpushnslide]

Just wondered if there was a list that i just cant seem to find to all the latest offsets / pointers? I'm trying to find the current object list.. Got the player one working (can get name, x, y, z etc etc) but just cant seem to find the one for the object list!

[Robske]

Just wondered if there was a list that i just cant seem to find to all the latest offsets / pointers? I'm trying to find the current object list.. Got the player one working (can get name, x, y, z etc etc) but just cant seem to find the one for the object list!

Eh whut? player as in the local player?

If not, you can iterate all objects quite easy. Each object has a pointer to the next, so we only need to get the base of the first object. The objectmanager in WoW holds the pointer to this object (amongst other things such as continent ID, local GUID...)

This holds the base of the objectManager class: [[g_ClientConnection]+s_curMgr] (currently [[0x011CB310]+0x28A4] in patch 3.0.9)
Offset 0xAC from this pointer and you'll have the base of the first object. To get the base of the next object in the list, add 0x3C to the current base.

Once you have the base of a wow object stored in the objectManager, you can look up it's type by reading from [base+0x14]. 1 for items, 2 for containers etc... or access it's descriptor fields by reading from [base+0x8]... There's enough info on this board to do all of this.

To sum it all up, to get the type of the first object would be located at:
[[[[0x011CB310]+0x28A4]+0xAC]+0x14]
(do note that you don't need to do all these consequentive reads contantly, the object base and objectManager usually don't change unless you're zoning)

[bhpushnslide]

Sorry,

What i mean is..

iv got the base address of my local player (0x0127F13C) + 0x30) + 0x2 and can use offsets to get the information i need (player health etc etC).

what i needed (And looks like you have supplied) is the base of the object Manager.

i was looking pretty hard but couldnt find the information.. Is there a place to go where the info is all in one place? trying to find bits without being able to search is pretty hard!

Thanks very much +REP

[SKU]

Usually when a new patch launches, someone starts a new thread where everyone shares the updated stuff. (By 'usually' I mean: Since I've been here.)

Example:
* http://www.mmowned.com/forums/wow-me...9-offsets.html
* http://www.mmowned.com/forums/wow-me...scriptors.html

And obviously the stickies.

[bhpushnslide]

Usually when a new patch launches, someone starts a new thread where everyone shares the updated stuff. (By 'usually' I mean: Since I've been here.)

Example:
* http://www.mmowned.com/forums/wow-me...9-offsets.html
* http://www.mmowned.com/forums/wow-me...scriptors.html

And obviously the stickies.

Thanks,

I did seem the threads but they only seem to have limited amount of offsets? Is that cos only some things change? or with each patch do most offsets change?

Also anyone got any idea what stupid thing im doing wrong here?

Code:

                    uint s_curMgr = wow.ReadUInt(wow.ReadUInt(0x11CB310) + 0x28A4);
                    uint s_curObj = wow.ReadUInt(s_curMgr + 0xAC);


                    int bob = wow.ReadInt(s_curObj + 0x14); // WORKS FINE!

                    string test1 = wow.ReadASCIIString(s_curObj + 0x1F4 + 0x78, 30); // Dont work.. Returns JIBBERISH!

[bhpushnslide]

After some playing about... i got it to return the word Destroying... Any ideas.. not very descriptive

Code:

string test1 = wow.ReadASCIIString(wow.ReadUInt(s_curObj) + 0x1F4 + 0x78, 50); // Dont work.. Returns the word Destroying?!?

[Robske]

After some playing about... i got it to return the word Destroying... Any ideas.. not very descriptive

Code:

string test1 = wow.ReadASCIIString(wow.ReadUInt(s_curObj) + 0x1F4 + 0x78, 50); // Dont work.. Returns the word Destroying?!?

Gawd no idea, how did you acquire your s_curObj?

And [] means read from. So you need to do multiple reads, your code should look something like this... Think abit here, why would we give you 2 offsets just so you can add them up in your code? (0x1F4 + 0x7

BlackMagic
wow.ReadString(wow.ReadUint(wow.ReadUint(wow.ReadUint(curObj)+0x1F4)+0x7));
(The ReadUInt method around curObj may be obsolete... I use the objects VMT to get the name)

Apoc Style (guestimating)
mgr.Read<String>(mgr.Read<Uint>(curObj, 0x1F4, 0x7);

(I love Apoc Style)

[bhpushnslide]

Thanks for the reply.... What do you mean [] = read from? Probs missing some vital part of the puzzle..

uint s_curMgr = wow.ReadUInt(wow.ReadUInt(0x11CB310) + 0x28A4);
uint s_curObj = wow.ReadUInt(s_curMgr + 0xAC);


int bob = wow.ReadInt(s_curObj + 0x14); // WORKS FINE!

string test1 = wow.ReadASCIIString(s_curObj + 0x1F4 + 0x78, 30); // Dont work.. Returns JIBBERISH!

From my post above the post you commented on :-)

[bhpushnslide]

And [] means read from. So you need to do multiple reads, your code should look something like this... Think abit here, why would we give you 2 offsets just so you can add them up in your code? (0x1F4 + 0x7

string test1 = wow.ReadASCIIString(wow.ReadUInt(wow.ReadUInt(wow.ReadUInt(s_curObj) + 0x1F4) + 0x7,50);

returns an error: ReadUInt failed.

string test1 = wow.ReadASCIIString(wow.ReadUInt(s_curObj) + 0x1F4 + 0x78, 50);

Returns the word Destroying?!?

So really im looking at wow.ReadASCIIString(wow.ReadUInt(s_curObj) + 26C, 50); which does also return destroying.. Righty getting the idea now.

Still not quiet worked out how to get it.. but im getting a better idea of how things work.. thanks for the help!

P.S whats an Objects VMT?

EDIT:

i did try

string test1 = wow.ReadASCIIString((wow.ReadUInt(wow.ReadUInt(s_curObj) + 0x1F4) + 0x7, 50);

and it returned nothing (did this earlier and just dismissed it) Could it be that the curobj just dosnt have any name?

EDIT:

Code:

                    curObj = wow.ReadUInt(s_curMgr + 0xAC);
                    nextObj = curObj;

                    while (curObj != 0 && (curObj & 1) == 0)
                    {
                        UInt64 cGUID = wow.ReadUInt(curObj + 0x30);

                        if (cGUID == localGUID)
                            localObj = curObj;//Memory.WriteMemory(hProcess, (curObj + 0xBF8), (Z + 20.0f));

                        string test1 = wow.ReadASCIIString((wow.ReadUInt(curObj + 0x1F4) + 0x78), 50);
                        

                        Console.WriteLine(bob);

                        nextObj = wow.ReadUInt(curObj + 0x3C);
                        if (nextObj == curObj)
                            break;
                        else
                            curObj = nextObj;
                    }

The above code makes my PC beep like a bitch :-D


EDITTTTT:
Does it make a difference that im working on an EU client?!

[Robske]

string test1 = wow.ReadASCIIString(wow.ReadUInt(wow.ReadUInt(wow.ReadUInt(s_curObj) + 0x1F4) + 0x7,50);

returns an error: ReadUInt failed.

string test1 = wow.ReadASCIIString(wow.ReadUInt(s_curObj) + 0x1F4 + 0x78, 50);

Returns the word Destroying?!?

So really im looking at wow.ReadASCIIString(wow.ReadUInt(s_curObj) + 26C, 50); which does also return destroying.. Righty getting the idea now.

Still not quiet worked out how to get it.. but im getting a better idea of how things work.. thanks for the help!

P.S whats an Objects VMT?

EDIT:

i did try

string test1 = wow.ReadASCIIString((wow.ReadUInt(wow.ReadUInt(s_curObj) + 0x1F4) + 0x7, 50);

and it returned nothing (did this earlier and just dismissed it) Could it be that the curobj just dosnt have any name?

:/

F.ex. [[0xDEADBEEF]+0xABCD] means you first read the value located at 0xDEADBEEF then add 0xABCD to that value and read again from the sum.

Now, [[Base+0x1f4]+0x78] is apperantly used for reading the ObjectName (GameObjects?) according to the thread a few lines down, while [[Base+0x970]+0x3C] is used if your object is a Mob (Unit)... You will get bogus values if the type of the object you're reading from isn't an Unit for example.

so

Code:

string test1 = wow.ReadASCIIString((wow.ReadUInt(s_curObj + 0x1F4) + 0x78), 50);

Should work only if that object is a GameObject (or whatever...)

All this tooling around with offsets is quite ugly and difficult to keep up to date as you can imagine, the 'better' way to do it is to use the objects VMT (Virtual Method Table) go google if you don't know what virtual methods are... each object has a method 'GetObjectName'. You can call it directly and it will return a pointer to the name of that object.

The reads above ([[Base+0x1f4]+0x78]) are the implementations of this method in the current patch. Each type of object (be it items, containers, units, players etc...) get it in a different way.


Try dumping all objects in memory instead of fooling around with the first object.

This thread will teach you everything you need: http://www.mmowned.com/forums/wow-me...e-objects.html

[divmaster]

Hi,

i have a question on this code here.

BlackMagic
wow.ReadString(wow.ReadUint(wow.ReadUint(wow.ReadUint(curObj)+0x1F4)+0x7));
(The ReadUInt method around curObj may be obsolete... I use the objects VMT to get the name)

I so often saw code like this and everytime i read the word BlackMagic. Is that a Memory reader class from someone that many people are using?

I ask this because im not realy sure if this is the best way to wrote bots for wow. Here in the Forum it often sounds a little bit like "I Will klick the bot together" without reading the 21 Book that you have read to wrote this cool stuff.

Where can i download this Library? :-) :-)

Regards

[Robske]

Hi,

i have a question on this code here.



I so often saw code like this and everytime i read the word BlackMagic. Is that a Memory reader class from someone that many people are using?

I ask this because im not realy sure if this is the best way to wrote bots for wow. Here in the Forum it often sounds a little bit like "I Will klick the bot together" without reading the 21 Book that you have read to wrote this cool stuff.

Where can i download this Library? :-) :-)

Regards

You don't need to read all those books to make some simple bots if you already know basic programming (inheritance, polymorphism...) and some simple math if your bot wants to move... doing it this way however makes you miss out on all the interesting stuff such as reversing yourself (as you will be dependant on this site for new pointers/offsets) and advanced bots. If you go down this road however, please make sure that you UNDERSTAND all the code you copy/paste from this site. We don't take kindly to that ^^ use Google.

BlackMagic is a memory reading library designed by Shynd. There's a link on his blog and in one of the threads on this forum (I believe it was in the PlayerName thread)

There's another memory reading library made by Apoc which is (imo) even easier to use, Read<UInt>(0xDEADBEEF, 0xA, 0xB) is way more elegant than wow.ReadUInt(wow.ReadUInt(wow.ReadUInt(0xDEADBEEF)+0xA)+0xB)

[bhpushnslide]

Robske007a thanks for all your help!

Was playing about some more last literally fell asleep at my desk! I got it to dump all objects around me into my console.. If i looked for the type 0x14 was it? I do get a nice list of 1,2,3's etc etc... But if i tried anything else i pretty much got a list of jibberish. Sometimes in the list i saw the odd "Campfire" but that was about it...

Btw.. where can i download the Apoc library ?