forget the above posting.. i got it... thanks!
EDIT:: i was writing a stupid LONG value instead of the 8 bytes GUID. seems to work thanks for the infos'
forget the above posting.. i got it... thanks!
EDIT:: i was writing a stupid LONG value instead of the 8 bytes GUID. seems to work thanks for the infos'
[obj + 0xD0] = descriptor field offset?
Hmm appologies if i'm wrong..
Ya Im confused... Im trying to find Mount ID for Flymount/Druid flight form detection... But I kept returning 0 with 0x8 and 0xD0... someone clear this up for us?
This is returning 0...
Mount ID: 0x44 * 4?..Code:MOUNT1 = "0x" & Hex((PlayerMEM) + (0x8)) //Or 0xD0 MOUNT1 = "0x" & Hex(_MEMREAD(MOUNT1, HPROCESS, "int")) MOUNT1 = (MOUNT1) + (0x44 * 4) mem = _MEMREAD(MOUNT1, HPROCESS, "int") mem = DruidForm(mem)
Descriptor offset?
Thanks guys
MountID = [[obj + 0xD0] + (0x3E * 4)]
0x44 * 4 = 0x110 = pet number or something.
I think you're maybe looking for mount display ID? (0x3E * 4)
p.s. Could you leave a reply to say if it worked ok? Thanks.
Last edited by nathan2022001; 08-05-2009 at 08:14 PM.
FactionIndex = 0x010451CC
FactionPointer = 0x010451DC
TotalFactions = 0x010451C8
LoginState = 0x01036CBC
ActionBar = 0x011F5E70
SpellID += 0x0
SpellType += 0x3
NextAction += 0x4
Last edited by garkeinplan; 08-06-2009 at 12:29 PM.
I'm trying to get the Target's Name but I actually can't find the new offset. Anybody an idea for that? (You would get +Rep )
Can anyone post a link to the 3.1 binary?
Cheers
@Guy above me:
I'm sure this will be asked for a few times in the next few days.
This is the code to get an objects name.
i.e. if you want to get your targets name then feed it your targets Base address.
I haven't tested it with 3.2 as i haven't had a chance yet. Should work though.
Code:private const int VMT_GETNAME = 51 * 4; public static string ReadName(uint curObjectBase) { uint pCurName, codecave, VMT; string Name = ""; codecave = OM.wow.AllocateMemory(); VMT = OM.wow.ReadUInt(curObjectBase); OM.wow.Asm.Clear(); //Update Cur_ObjMgr OM.wow.Asm.AddLine("fs mov eax, [0x2C]"); OM.wow.Asm.AddLine("mov eax, [eax]"); OM.wow.Asm.AddLine("add eax, 8"); OM.wow.Asm.AddLine("mov dword [eax], {0}", OM.Cur_ObjMgr); //End Update Cur_ObjMgr OM.wow.Asm.AddLine("mov ecx, {0}", curObjectBase); OM.wow.Asm.AddLine("call {0}", OM.wow.ReadUInt(VMT + VMT_GETNAME)); //read pointer to GetName method OM.wow.Asm.AddLine("retn"); try { pCurName = OM.wow.Asm.InjectAndExecute(codecave); if (pCurName != uint.MaxValue) { Name = OM.wow.ReadASCIIString(pCurName, 100); } } catch (Exception ex) { Console.WriteLine("Exception during Object.GetName : {0}", ex.Message); } OM.wow.FreeMemory(codecave); if (Name.Length == 0) Name = "Unknown"; return Name; }
Last edited by FenixTX2; 08-06-2009 at 05:04 AM.
You don't find the target's name like that. The simplest way to get the target's name is to keep track of the target guid static (0x01127770) in your memory reader's update loop and compare it to each player/monster as you go through the object list. When you get a match, pass the objBase to the appropriate name function.
For npc's you need, name = [[objBase + UNIT_PTR] + UNIT_NAME]
UNIT_PTR = 0x968,
UNIT_NAME = 0x5C
For players you need to read the cache, a nice function for doing that is posted on the board if you dont already have it, just plug in 0x123E2B8.
I know at least some (if not all) of these offsets were already posted so thanks to all who found them, saved me some work on today's patch for sure
Just uploaded,
RapidShare: 1-CLICK Web hosting - Easy Filehosting
It's the 3.1.3 binary.
Thank you so much, dkilkhan. I'will test that after work. +Rep
didn't look through all thread...
sorry if i twice something
Object Manager#define BASEADDR 0x1281838
#define PLAYER_X 0x80
#define PLAYER_Y 0x84
#define PLAYER_Z 0x88
#define CTM_X 0x8C
#define CTM_Y 0x90
#define CTM_Z 0x94
#define CTM_STATUS 0x1C
it's oldfashioned, but i'm still using itObjManager=[[ThreadBase + 0x2C]+0x8]
changes bolded#define CHAT_BASE 0x10CCB94 //changed
#define CHAT_NEXT 0x17C0
The shapeshift form is lurking in the descriptors, think you can find it if you reverse the shapeshift lua functions, or if you call them to get the values
I hope someone can help me. I can't get my Object Dumper to work now. I've got a lot of offsets now but some are wrong / missing.
Code:const $aClientConnection = 0x125A590 ; tested OK const $ObjManagerOffset = 0x2D8C ; tested OK const $ObjManagerFirstObject = 0xAC ; not tested const $ObjManagerPlayerGUID = 0xC0 ; not tested const $ObjDescriptorOffset = 0x8 ; not tested const $ObjectTypeOffset = 0x14 ; not tested const $ObjectGUIDOffset = 0x30 ; not tested const $ObjectNextOffset = 0x3C ; not tested
Someone knows if they are working? + rep if you can help me
Edit : seems that something is wrong look on my brilliant screenshot (laughing)
Last edited by Unkn0wn0x; 08-06-2009 at 02:47 PM.
gravityrate -> 009E24E8
gravity -> 00A1EFD4
updateModel -> 006B67A0
time -> 0131E0B8
Last edited by Sel3n; 08-09-2009 at 09:15 AM.