3.1.3 info dump

[bouh2]

Sorry i'm confused, i search GameObject Name offset ^^

EDIT : And I search how to find CorpseOject owner name ^^

EDIT2 : Founded : [[curObj + 0x1a4] + 0x88]

[Nesox]

Gameobjects are dynamically allocated there's no static adress for them.
You need to iterate the linked list of object until you find w/e object you want or if you call GetObjectByGUID if you already got the GUID.

[abuckau907]

"bierstud"
[08:06:59]: 0x0058EE10 -> UseItem

How do I learn how to use this function? For example, where do I store the variable to be passed as parameters? For example, in my thinking, if I create a new thread and run the code at 0058EE10, then it'll check some other memory locations (for parameters)? and then do the code to 'use the item' Anyway, there are a lot of holes in this..theory So if anyone could point me in the right direction, would be much appreciated. I'm semi-ok w/ programming but don't know much about game hacking techniques so if you could just point the way to your fav. tutorials that'd be great.

[lanman92]

What I would recommend for this 'theory' is to have your injecting app allocate some mem and have offsets from this memory block. Set each 4 bytes to something and use those offsets as your values. Then you can just write to them from your app and run UseItem with the Asm class. Look up blackmagic.

[namreeb]

"bierstud"
[08:06:59]: 0x0058EE10 -> UseItem

How do I learn how to use this function? For example, where do I store the variable to be passed as parameters? For example, in my thinking, if I create a new thread and run the code at 0058EE10, then it'll check some other memory locations (for parameters)? and then do the code to 'use the item' Anyway, there are a lot of holes in this..theory So if anyone could point me in the right direction, would be much appreciated. I'm semi-ok w/ programming but don't know much about game hacking techniques so if you could just point the way to your fav. tutorials that'd be great.

If you're out of process, which I assume you are based on your wording, do as lanman92 suggests. If you're not, the way I do it is this:

Code:

typedef void ( __cdecl * tUseItem )( DWORD, DWORD);
tUseItem oUseItem = 0;

void __cdecl hook_UseItem( DWORD p1, DWORD p2)
{
	DWORD dwEcx;
	CGObject_C *obj;

	_asm { mov dwEcx, ecx };

	obj = (CGObject_C *)(dwEcx);

	_asm { mov ecx, dwEcx };

	oUseItem( p1, p2);
}

void HookUseItem()
{
	oUseItem = (tUseItem)gpWoWX->GetFindPattern()->GetAddress( "UseItem" );
	gpWoWX->GetPatcher()->AddPatch( &(PVOID&)oUseItem, reinterpret_cast<PBYTE>( hook_UseItem ), "UseItem" );
}

Once I came up with this function I think I got interested in something else and left it.. not sure if it actually works, but you get the general idea.

[johno22]

Sorry I removed this and posted it elsewhere, please delete

[Apoc]

DBC dump:

Code:

    public enum ClientDb
    {
        Achievement = 0x000000EB,
        Achievement_Criteria = 0x000000EC,
        Achievement_Category = 0x000000ED,
        AnimationData = 0x000000EE,
        AreaGroup = 0x000000EF,
        AreaPOI = 0x000000F0,
        AreaTable = 0x000000F1,
        AreaTrigger = 0x000000F2,
        AttackAnimKits = 0x000000F3,
        AttackAnimTypes = 0x000000F4,
        AuctionHouse = 0x000000F5,
        BankBagSlotPrices = 0x000000F6,
        BannedAddOns = 0x000000F7,
        BarberShopStyle = 0x000000F8,
        BattlemasterList = 0x000000F9,
        CameraShakes = 0x000000FA,
        Cfg_Categories = 0x000000FB,
        Cfg_Configs = 0x000000FC,
        CharBaseInfo = 0x000000FD,
        CharHairGeosets = 0x000000FE,
        CharSections = 0x000000FF,
        CharStartOutfit = 0x00000100,
        CharTitles = 0x00000101,
        CharacterFacialHairStyles = 0x00000102,
        ChatChannels = 0x00000103,
        ChatProfanity = 0x00000104,
        ChrClasses = 0x00000105,
        ChrRaces = 0x00000106,
        CinematicCamera = 0x00000107,
        CinematicSequences = 0x00000108,
        CreatureDisplayInfo = 0x00000109,
        CreatureDisplayInfoExtra = 0x0000010A,
        CreatureFamily = 0x0000010B,
        CreatureModelData = 0x0000010C,
        CreatureMovementInfo = 0x0000010D,
        CreatureSoundData = 0x0000010E,
        CreatureSpellData = 0x0000010F,
        CreatureType = 0x00000110,
        CurrencyTypes = 0x00000111,
        CurrencyCategory = 0x00000112,
        DanceMoves = 0x00000113,
        DeathThudLookups = 0x00000114,
        DestructibleModelData = 0x00000115,
        DungeonMap = 0x00000116,
        DungeonMapChunk = 0x00000117,
        DurabilityCosts = 0x00000118,
        DurabilityQuality = 0x00000119,
        Emotes = 0x0000011A,
        EmotesText = 0x0000011B,
        EmotesTextData = 0x0000011C,
        EmotesTextSound = 0x0000011D,
        EnvironmentalDamage = 0x0000011E,
        Exhaustion = 0x0000011F,
        Faction = 0x00000120,
        FactionGroup = 0x00000121,
        FactionTemplate = 0x00000122,
        FileData = 0x00000123,
        FootprintTextures = 0x00000124,
        FootstepTerrainLookup = 0x00000125,
        GameObjectArtKit = 0x00000126,
        GameObjectDisplayInfo = 0x00000127,
        GameTables = 0x00000128,
        GameTips = 0x00000129,
        GemProperties = 0x0000012A,
        GlyphProperties = 0x0000012B,
        GlyphSlot = 0x0000012C,
        GMSurveyAnswers = 0x0000012D,
        GMSurveyCurrentSurvey = 0x0000012E,
        GMSurveyQuestions = 0x0000012F,
        GMSurveySurveys = 0x00000130,
        GMTicketCategory = 0x00000131,
        GroundEffectDoodad = 0x00000132,
        GroundEffectTexture = 0x00000133,
        gtBarberShopCostBase = 0x00000134,
        gtCombatRatings = 0x00000135,
        gtChanceToMeleeCrit = 0x00000136,
        gtChanceToMeleeCritBase = 0x00000137,
        gtChanceToSpellCrit = 0x00000138,
        gtChanceToSpellCritBase = 0x00000139,
        gtNPCManaCostScaler = 0x0000013A,
        gtOCTClassCombatRatingScalar = 0x0000013B,
        gtOCTRegenHP = 0x0000013C,
        gtOCTRegenMP = 0x0000013D,
        gtRegenHPPerSpt = 0x0000013E,
        gtRegenMPPerSpt = 0x0000013F,
        HelmetGeosetVisData = 0x00000140,
        HolidayDescriptions = 0x00000141,
        HolidayNames = 0x00000142,
        Holidays = 0x00000143,
        Item = 0x00000144,
        ItemBagFamily = 0x00000145,
        ItemClass = 0x00000146,
        ItemCondExtCosts = 0x00000147,
        ItemDisplayInfo = 0x00000148,
        ItemExtendedCost = 0x00000149,
        ItemGroupSounds = 0x0000014A,
        ItemLimitCategory = 0x0000014B,
        ItemPetFood = 0x0000014C,
        ItemPurchaseGroup = 0x0000014D,
        ItemRandomProperties = 0x0000014E,
        ItemRandomSuffix = 0x0000014F,
        ItemSet = 0x00000150,
        ItemSubClass = 0x00000151,
        ItemSubClassMask = 0x00000152,
        ItemVisualEffects = 0x00000153,
        ItemVisuals = 0x00000154,
        LanguageWords = 0x00000155,
        Languages = 0x00000156,
        LfgDungeons = 0x00000157,
        Light = 0x00000158,
        LightFloatBand = 0x00000159,
        LightIntBand = 0x0000015A,
        LightParams = 0x0000015B,
        LightSkybox = 0x0000015C,
        LiquidType = 0x0000015D,
        LiquidMaterial = 0x0000015E,
        LoadingScreens = 0x0000015F,
        LoadingScreenTaxiSplines = 0x00000160,
        Lock = 0x00000161,
        LockType = 0x00000162,
        MailTemplate = 0x00000163,
        Map = 0x00000164,
        Material = 0x00000165,
        Movie = 0x00000166,
        MovieFileData = 0x00000167,
        MovieVariation = 0x00000168,
        NameGen = 0x00000169,
        NPCSounds = 0x0000016A,
        NamesProfanity = 0x0000016B,
        NamesReserved = 0x0000016C,
        OverrideSpellData = 0x0000016D,
        Package = 0x0000016E,
        PageTextMaterial = 0x0000016F,
        PaperDollItemFrame = 0x00000170,
        ParticleColor = 0x00000171,
        PetPersonality = 0x00000172,
        PowerDisplay = 0x00000173,
        QuestInfo = 0x00000174,
        QuestSort = 0x00000175,
        Resistances = 0x00000176,
        RandPropPoints = 0x00000177,
        ScalingStatDistribution = 0x00000178,
        ScalingStatValues = 0x00000179,
        ScreenEffect = 0x0000017A,
        ServerMessages = 0x0000017B,
        SheatheSoundLookups = 0x0000017C,
        SkillCostsData = 0x0000017D,
        SkillLineAbility = 0x0000017E,
        SkillLineCategory = 0x0000017F,
        SkillLine = 0x00000180,
        SkillRaceClassInfo = 0x00000181,
        SkillTiers = 0x00000182,
        SoundAmbience = 0x00000183,
        SoundEmitters = 0x00000184,
        SoundEntries = 0x00000185,
        SoundProviderPreferences = 0x00000186,
        SoundSamplePreferences = 0x00000187,
        SoundWaterType = 0x00000188,
        SpamMessages = 0x00000189,
        SpellCastTimes = 0x0000018A,
        SpellCategory = 0x0000018B,
        SpellChainEffects = 0x0000018C,
        Spell = 0x0000018D,
        SpellDispelType = 0x0000018E,
        SpellDuration = 0x0000018F,
        SpellEffectCameraShakes = 0x00000190,
        SpellFocusObject = 0x00000191,
        SpellIcon = 0x00000192,
        SpellItemEnchantment = 0x00000193,
        SpellItemEnchantmentCondition = 0x00000194,
        SpellMechanic = 0x00000195,
        SpellMissile = 0x00000196,
        SpellMissileMotion = 0x00000197,
        SpellRadius = 0x00000198,
        SpellRange = 0x00000199,
        SpellRuneCost = 0x0000019A,
        SpellShapeshiftForm = 0x0000019B,
        SpellVisual = 0x0000019C,
        SpellVisualEffectName = 0x0000019D,
        SpellVisualKit = 0x0000019E,
        SpellVisualKitAreaModel = 0x0000019F,
        StableSlotPrices = 0x000001A0,
        Stationery = 0x000001A1,
        StringLookups = 0x000001A2,
        SummonProperties = 0x000001A3,
        Talent = 0x000001A4,
        TalentTab = 0x000001A5,
        TaxiNodes = 0x000001A6,
        TaxiPath = 0x000001A7,
        TaxiPathNode = 0x000001A8,
        TerrainType = 0x000001A9,
        TerrainTypeSounds = 0x000001AA,
        TotemCategory = 0x000001AB,
        TransportAnimation = 0x000001AC,
        TransportPhysics = 0x000001AD,
        TransportRotation = 0x000001AE,
        UISoundLookups = 0x000001AF,
        UnitBlood = 0x000001B0,
        UnitBloodLevels = 0x000001B1,
        Vehicle = 0x000001B2,
        VehicleSeat = 0x000001B3,
        VocalUISounds = 0x000001B4,
        WMOAreaTable = 0x000001B5,
        WeaponImpactSounds = 0x000001B6,
        WeaponSwingSounds2 = 0x000001B7,
        Weather = 0x000001B8,
        WorldMapArea = 0x000001B9,
        WorldMapTransforms = 0x000001BA,
        WorldMapContinent = 0x000001BB,
        WorldMapOverlay = 0x000001BC,
        WorldSafeLocs = 0x000001BD,
        WorldStateUI = 0x000001BE,
        ZoneIntroMusicTable = 0x000001BF,
        ZoneMusic = 0x000001C0,
        WorldStateZoneSounds = 0x000001C1,
        WorldChunkSounds = 0x000001C2,
        SoundEntriesAdvanced = 0x000001C3,
        ObjectEffect = 0x000001C4,
        ObjectEffectGroup = 0x000001C5,
        ObjectEffectModifier = 0x000001C6,
        ObjectEffectPackage = 0x000001C7,
        ObjectEffectPackageElem = 0x000001C8,
        SoundFilter = 0x000001C9,
        SoundFilterElem = 0x000001CA,
    }

[abuckau907]

What I would recommend for this 'theory' is to have your injecting app allocate some mem and have offsets from this memory block. Set each 4 bytes to something and use those offsets as your values. Then you can just write to them from your app and run UseItem with the Asm class. Look up blackmagic.

Um..I don't know what you mean by '..inject and have offsets from this memory block'. This is what I *think* happens

Somewhere in wow.exe is function like.. UseItem which..uses an item in-game
so..how is UseItem ..implemented? Like..is it a global function that needs values passed in like PlayerToUseOn,PlayerUsing,Item.Id ??
I guess I mean..in the asm code for UseItem, what are all the variables used..how did you find this function? (Don't answer the variables question, just how to find it..I can try to look up)

Will it only be LocalPlayer calling useItem :S like..when another person in group uses a heal potion, does the server just send us the updated stats, or does it call UseItem(ByRef somePlayer as WowPlayer) ?

I'm asking because I *thought* thats important for ..--> to use an item you have to know where UseItem's storing it's values passed in -->(ie.if UseItem expect a uint32..it stores that somewhere..where is that location?/how to calculate it) then you write to those location w/ your desired values (item.id etc)
Then Call UseItem from a wow thread (I know it's not that easy w/ the threads thing..I'll tackle that later)

I *Really* have no idea what you meant by

"to have your injecting app allocate some mem and have offsets from this memory block. Set each 4 bytes to something and use those offsets as your values"

or** is useItem really as easy as
UseItem(Pointer to UseItemDataStructure)
or basically..
UseItem(Pointer to values as arrary) ?? Now I'm just jumping at every thought so I'm going to stop...later.

-Andrew

[lanman92]

I meant something along the lines of doing a simple endscene detour(like shynd posted) and have it read from a struct that you also injected into wow. Then you can just write to the struct from VB/C# and your detour will do whatever you want. It's not really that complex. This will take care of all threading issues. BTW, use "UseItemByName(NAMEHERE);" in lua to do this. So much easier.

[hamburger1]

What is the Clienteconnection pointer to find objekts?

[Robske]

What is the Clienteconnection pointer to find objekts?

French?

(fllr)

[MaiN]

Lua_ProtectionCheck = 0x6E4610 if anyone was wondering

[natt_]

Hmmm. Now i started with memory-reading a "bit" again. And im kinda confused... ?

Code:

#include 'NomadMemory.au3'
SetPrivilege("SeDebugPrivilege", 1)

$pid = WinGetProcess('World of Warcraft')
$mo = _Memoryopen($pid)
Sleep(100)

$PlayerBase         = _MemoryRead(0x010BD5F4,$mo,'ptr')
$playerBaseOffset1  = _MemoryRead($PlayerBase+0x34,$mo,'ptr')
$playerBaseOffset2  = _MemoryRead($playerBaseOffset1+0x24,$mo,'ptr')

$test = _MemoryRead($playerBaseOffset1+0x1F,$mo,'int')

while 1
    TrayTip('asd',$test,5,1)
Sleep(100)

WEnd

edit: 0x1F = offset for maxhealth. and im getting 0 ;/. i belive i did wrong?

[lanman92]

Use the descriptor fields at [obj+0x8]. Then the offset for HP is 0x17*4 away from that value.

[natt_]

Use the descriptor fields at [obj+0x8]. Then the offset for HP is 0x17*4 away from that value.

like this ?

$PlayerBase = _MemoryRead(0x010BD5F4,$mo,'ptr')
$hp = _MemoryRead(0x17*4,+_MemoryRead($playerbase+0x8, $mo, "int"))

still getting 0 ;/