[WoW][3.2.2] Info Dump Thread

[berserk85]

lua_getfield should be (for 3.2.2.10505) 0x803D00, yours one points to luaL_findtable.
lua_gettable - 0x00803CD0

lua_getglobal is defined as
#define lua_getglobal(L,s) lua_getfield(L, LUA_GLOBALSINDEX, (s))

Grazie ...

Do you know also the address of lua_settable,lua_rawgeti,lua_rawseti ??
I know that lua_rawgeti(L, t, key) is equivalent to the sequence

lua_pushnumber(L, key);
lua_rawget(L, t);

and lua_rawseti(L, t, key) is equivalent to

lua_pushnumber(L, key);
lua_insert(L, -2);
lua_rawset(L, t);

but in lua.h they are defined as
LUA_API void (lua_rawgeti) (lua_State *L, int idx, int n);
LUA_API void (lua_rawseti) (lua_State *L, int idx, int n);

Tnx

[Xeranor]

hRotation: 0x7AC :P

[amadmonk]

Here are the offsets I use, with my handy RE'ing notes on em. Still need to set up good RE notes for the VMT indices.

Code:

    public enum Luas
    {
        Lua_FullState = 0x0133B99C, // 3.2.2a (RE: lua_DoString[6th static]
        //Lua_DoString = 0x007CF6B0, // 3.2.2a (RE: lua_RunScript[3rd call]
        Lua_GetTop = 0x00803340, // 3.2.2a (RE: lua_GetSpellLink[2nd call]
        Lua_ToString = 0x00803850, // 3.2.2a (RE: lua_EnableAllAddOns[1st call]
        Lua_PushString = 0x00803A70, // 3.2.2a (RE: lua_GetChangedOptionWarning[3rd call]
        Lua_Type = 0x00803620, // 3.2.2a (RE: lua_PINEntered[1st call]
        Lua_SetTop = 0x00803360, // 3.2.2a (RE: lua_EnumerateFrames[4th call]
        Lua_LoadWrapper = 0x00804FD0, // 3.2.2a (RE: lua_DoString[3rd call]
        Lua_PCall = 0x008043C0, // 3.2.2a (RE: call right after Lua_LoadWrapper in lua_DoString, above)
    }

    public enum GlobalOffsets
    {
        EnumVisibleObjects = 0x004778D0, // 3.2.2a (RE: lua_SetUIVisibility[3rd call])
        ClntObjMgrGetActivePlayer = 0x00476580, // 3.2.2a (RE: lua_SendAddonMessage[1st call])
        GetObjectByGuid = 0x00477B50, // 3.2.2a -- aka ClntObjMgrObjectPtr (RE: lua_SendAddonMessage[2nd call])
        LastTargetGuid = 0x0113D7B0, // 3.2.2a (RE: SelectTarget[3rd static])
        FocusGuid = 0x0113D7C8, // 3.2.2a (RE: lua_FocusUnit[3rd call]->(unnamed FN)[1st static])
        MouseOverGuid = 0x0113D798, // 3.2.2a (RE: lua_InteractUnit, right after push string "mouseover" && call)
        SelectTarget = 0x004C4940, // 3.2.2a (RE: last call in lua_TargetLastEnemy)
        UnitGetThreat = 0x006AE120, // 3.2.2a (reverse from lua_UnitThreatSituation)
        CGWorldFrame__Intersect = 0x0073ACC0, // 3.2.2a (RE: search for sequence of bytes:  A9 FF 00 F3 40 (test eax, 40F300FFh), look for xref to containing function that is a jmp (short stub fn))
        CInputControl = 0x0121B50C, // 3.2.2a (first static in lua_IsMouseLooking)
        CInputControl__SetFlags = 0x00581230, // 3.2.2a (RE:  first call from lua_MouseLookStop->(unnamed fn), second xref to this fn (probably above lua_AscendStop)
        RaidTargetIndexCache = 0x01143B70 // 3.2.2a (RE: lua GetRaidTargetIndex[5th call]->first static  for this)
    }

    public enum ObjectOffsets
    {
        ObjectTypeOffset = 0x14 // 3.2.0
    }

    public enum VFTableIndex : int
    {
        GetFacing = 12, // 3.2.2a
        GetPosition = 10, // 3.2.2a
        InteractUnit = 41, // 3.2.2a
        GetName = 51 // 3.2.2a
    }

[Apoc]

Here are the offsets I use, with my handy RE'ing notes on em. Still need to set up good RE notes for the VMT indices.

Code:

    public enum Luas
    {
        Lua_FullState = 0x0133B99C, // 3.2.2a (RE: lua_DoString[6th static]
        //Lua_DoString = 0x007CF6B0, // 3.2.2a (RE: lua_RunScript[3rd call]
        Lua_GetTop = 0x00803340, // 3.2.2a (RE: lua_GetSpellLink[2nd call]
        Lua_ToString = 0x00803850, // 3.2.2a (RE: lua_EnableAllAddOns[1st call]
        Lua_PushString = 0x00803A70, // 3.2.2a (RE: lua_GetChangedOptionWarning[3rd call]
        Lua_Type = 0x00803620, // 3.2.2a (RE: lua_PINEntered[1st call]
        Lua_SetTop = 0x00803360, // 3.2.2a (RE: lua_EnumerateFrames[4th call]
        Lua_LoadWrapper = 0x00804FD0, // 3.2.2a (RE: lua_DoString[3rd call]
        Lua_PCall = 0x008043C0, // 3.2.2a (RE: call right after Lua_LoadWrapper in lua_DoString, above)
    }

    public enum GlobalOffsets
    {
        EnumVisibleObjects = 0x004778D0, // 3.2.2a (RE: lua_SetUIVisibility[3rd call])
        ClntObjMgrGetActivePlayer = 0x00476580, // 3.2.2a (RE: lua_SendAddonMessage[1st call])
        GetObjectByGuid = 0x00477B50, // 3.2.2a -- aka ClntObjMgrObjectPtr (RE: lua_SendAddonMessage[2nd call])
        LastTargetGuid = 0x0113D7B0, // 3.2.2a (RE: SelectTarget[3rd static])
        FocusGuid = 0x0113D7C8, // 3.2.2a (RE: lua_FocusUnit[3rd call]->(unnamed FN)[1st static])
        MouseOverGuid = 0x0113D798, // 3.2.2a (RE: lua_InteractUnit, right after push string "mouseover" && call)
        SelectTarget = 0x004C4940, // 3.2.2a (RE: last call in lua_TargetLastEnemy)
        UnitGetThreat = 0x006AE120, // 3.2.2a (reverse from lua_UnitThreatSituation)
        CGWorldFrame__Intersect = 0x0073ACC0, // 3.2.2a (RE: search for sequence of bytes:  A9 FF 00 F3 40 (test eax, 40F300FFh), look for xref to containing function that is a jmp (short stub fn))
        CInputControl = 0x0121B50C, // 3.2.2a (first static in lua_IsMouseLooking)
        CInputControl__SetFlags = 0x00581230, // 3.2.2a (RE:  first call from lua_MouseLookStop->(unnamed fn), second xref to this fn (probably above lua_AscendStop)
        RaidTargetIndexCache = 0x01143B70 // 3.2.2a (RE: lua GetRaidTargetIndex[5th call]->first static  for this)
    }

    public enum ObjectOffsets
    {
        ObjectTypeOffset = 0x14 // 3.2.0
    }

    public enum VFTableIndex : int
    {
        GetFacing = 12, // 3.2.2a
        GetPosition = 10, // 3.2.2a
        InteractUnit = 41, // 3.2.2a
        GetName = 51 // 3.2.2a
    }

Just to add on to your list...

Code:

    public enum VFTableIndex
    {
        GetBagPtr = 10,
        GetPosition = 11,
        GetFacing = 12,
        GetScale = 14,
        GetModel = 22,
        Interact = 41,
        GetName = 51,
    }

[amadmonk]

Do I need that Scale/Model crap to get intersect working "right"?

Right now I'm just adding 1.0 or some crap to the Z and it's working okay-ish.

EDIT: I need to put together some kinda real pattern finding IDC. Hand-RE'ing all these every patch is annoying. Only takes 20 minutes or so, but it's still annoying.

[Shutzler]

public const uint staticClientConnection = 0x1139F80, // client connection, same address every boot
objectManagerOffset = 0x2C34, // offset from the ClientConnection to the object manager
LocalGuid = 0x1118100

Thx Apoc :-D

Should there be any data at 0x113CBB4(0x1139F80+0x2C34)? CheatEngine only shows zeros at the location and far out when i view memory at that location.

[lanman92]

Lrn2Pointer? (filler)

[Neverhaven]

Should there be any data at 0x113CBB4(0x1139F80+0x2C34)? CheatEngine only shows zeros at the location and far out when i view memory at that location.

You shouldn't just add the values together, the offset is an offset to what the clientconnection points to.
If you're using cheatengine, add a manual value, check pointer, type to 4bytes, write clientconnection in the base pointer, and offset in the offset field. That'll give you the pointer to the object manager.

[Shutzler]

...
You shouldn't just add the values together, the offset is an offset to what the clientconnection points to.
...

OH!

So if i got this right there is a pointer in 0x1139F80, so its the content of 0x1139F80 i need to add 0x2C34 to then?

[ramey]

Do I need that Scale/Model crap to get intersect working "right"?

Right now I'm just adding 1.0 or some crap to the Z and it's working okay-ish.

EDIT: I need to put together some kinda real pattern finding IDC. Hand-RE'ing all these every patch is annoying. Only takes 20 minutes or so, but it's still annoying.

Try 2.0, probably get better results.

[Neverhaven]

OH!

So if i got this right there is a pointer in 0x1139F80, so its the content of 0x1139F80 i need to add 0x2C34 to then?

Precisely.

[ostapus]

Grazie ...

Do you know also the address of lua_settable,lua_rawgeti,lua_rawseti ??
I know that lua_rawgeti(L, t, key) is equivalent to the sequence

lua_pushnumber(L, key);
lua_rawget(L, t);

and lua_rawseti(L, t, key) is equivalent to

lua_pushnumber(L, key);
lua_insert(L, -2);
lua_rawset(L, t);

but in lua.h they are defined as
LUA_API void (lua_rawgeti) (lua_State *L, int idx, int n);
LUA_API void (lua_rawseti) (lua_State *L, int idx, int n);

Tnx

lua_settable - 0x00804040
lua_rawgeti - 0x00803DE0
lua_rawseti - 0x00804170

[berserk85]

lua_settable - 0x00804040
lua_rawgeti - 0x00803DE0
lua_rawseti - 0x00804170

Tnx 2 x +Rep

[Shutzler]

in post 5 apoc is kind enough to post nice descriptors (thanks to wraithZX too), but im having a little problem with

/* offsets:[d:0x0012]:[b:0x0048] */ WGUID UNIT_FIELD_TARGET;

its a WGUID, but how do i go forward to obtain stuff like target health++ from this value? do i need to search for an object with that GUID? why isnt this just a pointer to the target object (wouldnt it be easier??).

[Apoc]

in post 5 apoc is kind enough to post nice descriptors (thanks to wraithZX too), but im having a little problem with

/* offsets:[d:0x0012]:[b:0x0048] */ WGUID UNIT_FIELD_TARGET;

its a WGUID, but how do i go forward to obtain stuff like target health++ from this value? do i need to search for an object with that GUID? why isnt this just a pointer to the target object (wouldnt it be easier??).

Pass that GUID to ClntObjMgrObjectPtr (GetObjectByGUID) to get your object pointer.