[WoW] [3.1.1] General Information

[MasterGold]

....

Thanks , you didn't helped me to find out how to reverse lua functions but with something else thanks to this tutorial

[Zephir]

Super awesome man, thanks for your time. This helps me a lot. So basically you only check function calls and jumps after a comparison is done and the value does not euall zero. okay makes sense.

and what about this:

loc_6A3A4A:
mov ecx, [ebp+var_4]
mov edx, [ebp+var_8]
push ecx
push edx
call 0x6E1D40 ; interesting
movzx eax, al
mov [ebp+var_4], eax
fild [ebp+var_4]
jmp short loc_6A3A91

how do you know that this is interesting?

call 0x6E1D40 ; interesting

Edit:
I think i found the answer. If I follow the function flow instead of checking the call i end up at the end of the function without any addresses. so no knowing beforehand? please say yes because that would mean i got it

Oh yeah, +rep of course

[SKU]

Really it was a bad example, but yes. You expect this function to retrieve the combo points and then process it with the lua engine.

Anyone good at this would probably have known that this function had to give what you were looking for, seeing as after this call there are only 'lua calls' to manage the stack / w/e. For me it was either this function or the call in the other branch that looks extremely similar. Don't take this as an example of reversing. It's just a last resort if you don't grasp what the whole function really does in detail.

[Zephir]

Don't take this as an example of reversing. It's just a last resort if you don't grasp what the whole function really does in detail.

well its basically the best resource i got... so im gonna try to reverse a few others. if i try hard enough, i'll understand it

thank you for your help again!

[mordok]

Now that you mention the GetObjectByGuid function. Can you tell me the new offset for an object GUID¿? Before I just did read(object+0x30) but it dosnt work any more. I tried everything to find it with IDA but no luck yet.

[Cypher]

Now that you mention the GetObjectByGuid function. Can you tell me the new offset for an object GUID¿? Before I just did read(object+0x30) but it dosnt work any more. I tried everything to find it with IDA but no luck yet.

Too lazy to look, but I'm pretty sure 0x30 is right. If not, you could always use OBJECT_FIELD_GUID.

[Nesox]

Yes it's still at dwObj + 0x30

[mordok]

Too lazy to look, but I'm pretty sure 0x30 is right. If not, you could always use OBJECT_FIELD_GUID.

Damn!!! dont know why but I promise that 0x30 is not working.
Cyphers idea of using OBJECT_FIELD_GUID works as a charm ^^.
Thanks Cypher

[j121780im]

have one know new VMT address[3.1.1]?
for 3.0.9
VMT_GETNAME = 47 * 4
VMT_INTERACT = 36 * 4

[Nesox]

have one know new VMT address[3.1.1]?
for 3.0.9
VMT_GETNAME = 47 * 4
VMT_INTERACT = 36 * 4

GetObjectName = 48
Interact = 38

[Robske]

Damn!!! dont know why but I promise that 0x30 is not working.
Cyphers idea of using OBJECT_FIELD_GUID works as a charm ^^.
Thanks Cypher

Maybe because 0x30 is offset from the object's base address and not it's descriptor fields, that's probably why you get bogus information.

[dwObject + 0x30] == [[dwObject+0x8]+OBJECT_FIELD_GUID*4]

[mordok]

Maybe because 0x30 is offset from the object's base address and not it's descriptor fields, that's probably why you get bogus information.

[dwObject + 0x30] == [[dwObject+0x8]+OBJECT_FIELD_GUID*4]

Thanks, thats what I was currently doing. Solved why one worked and the other didnt. I was comparing a uint with a Uint64 XD, very silly me.

[j121780im]

GetObjectName = 48
Interact = 38

ok!!it's working.. thanks~

[Zephir]

just curious: what is the idea behind using those VMTs? I searched the forums and found some info. so its possible to make WoW loot without even using a mouse? what else can be done thats awesome?

[Cypher]

just curious: what is the idea behind using those VMTs? I searched the forums and found some info. so its possible to make WoW loot without even using a mouse? what else can be done thats awesome?

If you call engine functions you don't need to use the mouse or keyboard for anything..... At all. Ever.