WoW Disassembled Functions (over 8000) menu

User Tag List

Page 2 of 3 FirstFirst 123 LastLast
Results 16 to 30 of 31
  1. #16
    GmG's Avatar Member
    Reputation
    1
    Join Date
    Apr 2009
    Posts
    4
    Thanks G/R
    0/0
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    How to use the mask?

    WoW Disassembled Functions (over 8000)
  2. #17
    testout's Avatar Member
    Reputation
    7
    Join Date
    May 2008
    Posts
    44
    Thanks G/R
    0/0
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Search through memory using the mask and matching the code.

    I'm guessing X is don't care and if its a number its the mask.

    so

    <mask>44XX44</mask>
    <code>123456</code>

    means you are looking for the byte 0x12, followed by another byte we don't care about, followed by 0x56.

  3. #18
    roxaz911's Avatar Member
    Reputation
    1
    Join Date
    Jun 2009
    Posts
    8
    Thanks G/R
    0/0
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    umm how the hell is this list compiled? i can not see any func names in executable

  4. #19
    testout's Avatar Member
    Reputation
    7
    Join Date
    May 2008
    Posts
    44
    Thanks G/R
    0/0
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Got IDA? Look at xrefs to the LUA function strings.

    They are in huges lists of:

    ref to name of function
    ref to function
    ref to name of function
    ref to function
    ref to name of function
    ref to function
    etc etc...

  5. #20
    roxaz911's Avatar Member
    Reputation
    1
    Join Date
    Jun 2009
    Posts
    8
    Thanks G/R
    0/0
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    right right, found them interesting i should say ^_^ gonna try to add additional lua api funcs now =]

  6. #21
    GmG's Avatar Member
    Reputation
    1
    Join Date
    Apr 2009
    Posts
    4
    Thanks G/R
    0/0
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Originally Posted by testout View Post
    Search through memory using the mask and matching the code.

    I'm guessing X is don't care and if its a number its the mask.

    so

    <mask>44XX44</mask>
    <code>123456</code>

    means you are looking for the byte 0x12, followed by another byte we don't care about, followed by 0x56.
    Thank you for your reply, But I found the problem seems to be a little.

    eg. CMovement_SetFacing
    XXXXX1 XXXXXXX1 XXXX4444 XXXX1X1
    558BEC D9450856 D9C08BF1 D86620D
    ------ -------- -------- -------
    XXXXX0 XXXXXXX0 XXXX0040 XXXX0X1


    I'm found,
    The length of the mask and the code is 68, indicating that they are the same length, and an X correspond to one byte, the other as well.
    However, the results do not seem right, do not know why?

  7. #22
    testout's Avatar Member
    Reputation
    7
    Join Date
    May 2008
    Posts
    44
    Thanks G/R
    0/0
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Ok, got it.

    Don't look at that function it maybe incorrect address as stated in his post

    Look at: 0075FC70 RLF_GetLFGResults

    X X X X X 4 4 4 4 X X X 1 X 1 X ...
    55 8B EC 81 EC 14 01 00 00 56 8B 75 08 6A 01 56 ...

    If it is an X, match it, otherwise we don't care. Te numbers just seem to secify the size of the skip in bytes.

    Here the
    4444 (14 01 00 00) is a value: sub esp, 114h
    1 (08 ) is a value: mov esi, [ebp+arg_0]
    1 (01 ) is a value: push 1

    So yeah I guess that is it. X is match, number = don't care.
    Last edited by testout; 06-03-2009 at 04:00 AM.

  8. #23
    goderion's Avatar Active Member
    Reputation
    25
    Join Date
    Oct 2008
    Posts
    54
    Thanks G/R
    0/0
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    testout: its correct! ^^

    The Mask is really simple. Maybe there should be a Text who tell how to use it.

    X = Part of an assembler instruction
    1 = byte value (8 bit)
    22 = word value (16 bit)
    4444 = dword value (32 bit)

    XX22XXX1XXXX4444XXXX is like xx??xxx?xxxx????xxxx.

    x = check
    ? = ignore

    The 1, 22 and 4444 are used, couse some functions are in the X part the same but differs in the values they use.

    I guess it would help some people if a version of the htm-files would appear for 3.1.3. ^^

  9. #24
    GmG's Avatar Member
    Reputation
    1
    Join Date
    Apr 2009
    Posts
    4
    Thanks G/R
    0/0
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Thank you very much for the help, now I understand.
    However, if the code change, then how can match?
    For example, in function of the middle section of the code to insert, not only the code was changed, its length has been changed. Is not to determine the length of code block in order to match it? Or what other method? Disassembly is carried out?

  10. #25
    Shynd's Avatar Contributor
    Reputation
    97
    Join Date
    May 2008
    Posts
    393
    Thanks G/R
    0/0
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Am having english winning? Or else for something I know forget! What can happens if . No?

  11. #26
    undrgrnd59's Avatar Active Member
    Reputation
    16
    Join Date
    May 2008
    Posts
    140
    Thanks G/R
    0/0
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    So, can we use FindPattern with these masks just like we do to find s_curMgr to make our bots "auto-update"?
    U59

  12. #27
    GmG's Avatar Member
    Reputation
    1
    Join Date
    Apr 2009
    Posts
    4
    Thanks G/R
    0/0
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Shynd:zhong guo ren??

    English is not good. As for it?

  13. #28
    testout's Avatar Member
    Reputation
    7
    Join Date
    May 2008
    Posts
    44
    Thanks G/R
    0/0
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Originally Posted by undrgrnd59 View Post
    So, can we use FindPattern with these masks just like we do to find s_curMgr to make our bots "auto-update"?
    Yes, with a little intervention. (Sometimes multiple matches will be found - or none at all if a function changes heavily).

  14. #29
    goderion's Avatar Active Member
    Reputation
    25
    Join Date
    Oct 2008
    Posts
    54
    Thanks G/R
    0/0
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Yo!

    Function-Index 3.1.3

    The following 7z-archiv (14 MB) contain an iso (290 MB), wich contains addresses, asm, pattern(mask+code) for wow 3.1.1, 3.1.2 and 3.1.3.

    Put the wow.iso in a virtual cd/dvd drive. Dont extract it, couse it contains over 70.000 files, your HD will hate you! ^^

    You find the file here:
    RapidShare: Easy Filehosting
    or
    MEGAUPLOAD - The leading online storage and file delivery service

  15. #30
    roxaz911's Avatar Member
    Reputation
    1
    Join Date
    Jun 2009
    Posts
    8
    Thanks G/R
    0/0
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    did anyone share tool that extracts funcs?

Page 2 of 3 FirstFirst 123 LastLast

Similar Threads

  1. WoW NPC Voice Overs Add On
    By zrweber in forum World of Warcraft General
    Replies: 8
    Last Post: 06-27-2010, 12:28 PM
  2. WoW warnings degrade over time?
    By Ball in forum World of Warcraft General
    Replies: 3
    Last Post: 07-03-2008, 05:58 PM
  3. [Emulator Question] WoW Pets Functioning Correctly
    By TrunksVegita in forum World of Warcraft Emulator Servers
    Replies: 4
    Last Post: 01-13-2008, 02:05 AM
All times are GMT -5. The time now is 06:14 PM. Powered by vBulletin® Version 4.2.3
Copyright © 2025 vBulletin Solutions, Inc. All rights reserved. User Alert System provided by Advanced User Tagging (Pro) - vBulletin Mods & Addons Copyright © 2025 DragonByte Technologies Ltd.
Google Authenticator verification provided by Two-Factor Authentication (Free) - vBulletin Mods & Addons Copyright © 2025 DragonByte Technologies Ltd.
Digital Point modules: Sphinx-based search