[Question] PBA(Player Base Address)

[hestas]

This is a copy of my post over at MMOGlider. I figured it may get a better response over here.
------------------------------------------

Hey all, I am a bit new to playing with memory and I am slowly gaining a hold on it. I am currently using C++ to play with it.

I have managed to find the base player address via cheat engine but as many of you know this changes per WoW session. The way I have gone about finding this is taking the hp scan f.ex say its "0x108A42C" and subtracting 0xFF4(This is the value you would add to the base address to produce the HP). After doing this with the two-three hp address I found, I took the mana address and did the same but with 0xFF8(The value added to the base for mana). Now comparing the addresses I find two that are identical and this is what I assume to be our base address so I add another to it (0x3630 to be specific) and this produces our exp to prove that we have our base address.

Now after this long winded bit of text on to my question. I have no clue how to find a pointer that is static and will always point to our base address. Is anyone able to help me? Via Advice xD Im not looking for any address handouts but a pointer if you will to the correct direction xD

Yes I have searched these forums as well as google(For some few days now) so If I missed it I am dearly sorry and would be very great-full of a link to what I missed.

-Hestas

[furang]

Not sure if it's what you need. Just look through it)

Code:

DWORD GetPlayerBase()
{
	DWORD dwObjMgr=GetOM();
        if ( dwObjMgr == NULL ) return 0;
        unsigned __int64 LocalGuid,guid;
	DWORD	dwFirstObject;
	DWORD	dwCurObject;
        ReadProcessMemory( hProc, (LPVOID)(dwObjMgr + 0xAC), (LPVOID)&dwFirstObject, 4, NULL );
	LocalGuid=GetLocalGUID();
        dwCurObject = dwFirstObject;
        while ( dwCurObject!=0  && (dwCurObject&1) == 0 )
	{
        dwCurObject=dwCurObject;
        ReadProcessMemory( hProc, (LPVOID)(dwCurObject +  0x30),(LPVOID)&guid, 8, NULL );
        if (guid==LocalGuid) 
	return dwCurObject;				
	dwFirstObject = dwCurObject;
	ReadProcessMemory( hProc, (LPVOID)(dwFirstObject + 0x3C),(LPVOID)&dwCurObject, 4, NULL );
         if ( dwCurObject == dwFirstObject )
         break;
	}
         return 0;
}

[hestas]

Uhh I think that is what I am looking for...at least in a way. I don't understand the OM to well tho. Like how it would implement it and stuff...

If I understand what I have read about the OM that should produce the same things im looking for, such as info about my character and other NPCs, correct? If so can anyone explain any better how I could implement such a thing? I can't seem to understand what I see but I may need to just re-read it more.(That includes the other stuff in the forum involving OM of course)

Uhh and what I am specifically looking for would be a pointer to BasePlayerAddress.

BPA = Pointer+0x30+0x40 (I think)
CharacterHP = BPA + 0xFF4.

So as you can see for any character stuff I need BPA and for BPA I need a pointer that is static and always points to it.

So what I am looking for is "Pointer = ??"
Does that make it any clearer as to what I am looking for?

[furang]

OMG. Why finding HP and MP to get pBase? That's pretty ugly!
Here's the rest

Code:

#define G_CLI_CON 0x12705B0
#define S_CUR_OBJ 0x2D94
DWORD GetOM()
{
	DWORD dwObjMgr=0;
        ReadProcessMemory( hProc, (LPVOID)(G_CLI_CON), (LPVOID)&dwObjMgr, 4, NULL );
        ReadProcessMemory( hProc, (LPVOID)(dwObjMgr + S_CUR_OBJ), (LPVOID)&dwObjMgr, 4, NULL );
	return dwObjMgr;
}

unsigned __int64 GetLocalGUID()
{
	unsigned __int64 LocalGuid;
	DWORD dwObjMgr=GetOM();
	ReadProcessMemory( hProc, (LPVOID)(dwObjMgr + 0xC0), (LPVOID)&LocalGuid, 8, NULL );
	return LocalGuid;
}

It's ugly too, but not so much. And it just works.
And read Shynd's blog. There you can find basic knowledge http://shynd.wordpress.com

[hestas]

Thank you. I have heard much about this blog =)

[flo8464]

Don't you think G_CLI_CON is a bad abbreviation?
Normally CLI means commandline interface and I think someone who doesn't know what your code does could be easily misleaded

[furang]

It's not my problem.
Those who know about comand line interface would know that this abreviation is not related to this offset. And it's defined. So they can see what it is.