[WoW][3.3.0] Info Dump Thread

[JuJuBoSc]

Unit Name = [[Obj+0x964]+0x5C]

IsIndoors = 0x00D5888C
CurrentRealm = 0x00C9227E
SpellCooldown_Pointer = 0xD5EA00

CTM_Activate_Pointer = 0xB686C4
CTM_Activate_Offset = 0x30

AutoLoot_Activate_Pointer = 0xB686E4
AutoLoot_Activate_Offset = 0x30

AutoSelfCast_Activate_Pointer = 0xB686F0
AutoSelfCast_Activate_Offset = 0x30

FollowGUID = 0xCB97A8
LeaderGUID = 0xB69720
Member1GUID = 0xB69700
Member2GUID = s_Member1GUID + 0x8 // 0x+8 for next, etc

[lustikus12]

Ok i have searched the CTM posi Pointers here :

const $CMTX = 0x00CB9814
const $CMTY = 0x00CB9818
const $CMTZ = 0x00CB981C
EDIT : $CTMACTION = 0x00CB97A4

sry its autoitcode :P

Hamburger / lustikus12

[guizmows]

according to

Code:

  unsigned int v2; // edx@2
  int result; // eax@6

  if ( *(_DWORD *)(this + 3536) == -1 )
    v2 = *(_DWORD *)(this + 3156);
  else
    v2 = *(_DWORD *)(this + 3536);
  if ( a2 >= v2 )
  {
    result = 0;
  }
  else
  {
    if ( *(_DWORD *)(this + 3536) == -1 )
      result = *(_DWORD *)(this + 3160) + 24 * a2;
    else
      result = this + 24 * a2 + 3152;
  }

I use :

Code:

public enum BuffOffsets : uint
        {
            AURA_COUNT_1 = 0xDD0,
            AURA_COUNT_2 = 0xC54,
            AURA_TABLE_1 = 0xC50,
            AURA_TABLE_2 = 0xC58,
            AURA_SIZE = 0x18,
            AURA_SPELL_ID = 0x8
        }

[guizmows]

CastingSpellID: 0xA60
ChannelSpellID: 0xA80

thx for this : can you explain me how you found these offsets plz. Can't find it by myslef

[amadmonk]

<snip>
FollowGUID = 0xCB97A8
</snip>

OMG, if this is what I think it is (the guid of who you're following), you just saved me a ton of reversing... THANK YOU.

[JuJuBoSc]

OMG, if this is what I think it is (the guid of who you're following), you just saved me a ton of reversing... THANK YOU.

It is :wave:

thx for this : can you explain me how you found these offsets plz. Can't find it by myslef

If you know the spell id, and the player base obj, it's really easy to find with CE using range scan and pause game while scanning.

Other find wow chat related :

Chat message start : 0x00B0D984
Next message still the same : 0x17C0

Message seem to be changed, now it look like : Type: [1], Channel: [], Player Name: [Fdgfisdgn], Sender GUID: [06800000021AF61B], Text: [CatchMe!]

[Sednogmah]

Edit: Damn, JuJuBoSc beat me to it. I've got a tiny extra detail though.

The static chat ring-buffer has slightly changed in 3.3.0, for the better!

- Each message includes the sender's GUID
- The party leader now has a separate chat type id: 51

Code:

// WoW 3.3.0
const uint32_t MEM_STATIC_CHAT      = 0x00B0D984;
const uint32_t MEM_STATIC_CHAT_NEXT = 0x17C0;

For those who are curious what this ring-buffer is all about, here's my summary:

Code:

/* WoW's chat is stored as a ring buffer which holds 60 lines of text.
 * Each line is an array of 0x17C0 bytes, NULL-terminated and UTF-8 encoded.
 * The total size of the ring buffer is 60 * 0x17C0 = 364800 bytes.
 *
 * Examples:
 * 	Say: "Type: [1], Channel: [], Player Name: [Somedude], Sender GUID: [0123456789ABCDEF], Text: [gief gold plox]"
 * 	Trade: "Type: [17], Channel: [Trade - City], Player Name: [Somedude], Sender GUID: [0123456789ABCDEF], Text: [WTB Mudkipz]"
 * 	Party: "Type: [2], Channel: [], Player Name: [Somedude], Sender GUID: [0123456789ABCDEF], Text: [test]"
 * 	Party leader: "Type: [51], Channel: [], Player Name: [Somedude], Sender GUID: [0123456789ABCDEF], Text: [test]"
 *
 * Message types (?? means 3rd party source, not verified):
 *	1	Say
 *	2	Party
 *	3	Raid
 *	4	Guild
 *	5	Guild - Officer
 *	6	Yell
 *	7	Whisper-Incoming (Name = From)
 *	8	Whisper Mob ??
 *	9	Whisper-Outgoing (Name = To)
 *	10	Emote
 *	12	Monster Say
 *	13	Monster Party ??
 *	14	Monster Yell
 *	15	Monster Whisper
 *	16	Monster Emote
 *	17	Channel (General, Trade, LookingForGroup, LocalDefense, ...)
 *	18	Channel Join ??
 *	19	Channel Leave ??
 *	20	Channel List ??
 *	21	Channel Notice ??
 *	22	Channel Notice User ??
 *	23	AFK ??
 *	24	DND ??
 *	25	Ignored ??
 *	26	Skill ??
 *	27	Loot ??
 *	28	System ??
 *	35	Battleground Event - Neutral ??
 *	36	Battleground Event - Alliance ??
 *	37	Battleground Event - Horde ??
 *	38	Combat Faction Change ??
 *	39	Raid Leader
 *	40	Raid Warning
 *	41	Raid Warning Widescreen ??
 *	43	Filtered ??
 *	44	Battleground
 *	45	Battleground Leader
 *	46	Restricted ??
 *	51	Party leader
 */

As I only started to tinker with WoW's internals very recently, this is all I can contribute so far. I already learned a lot from this site though, and hopefully can give back more some day.

[Jadd]

All the good stuff:

Code:

Base			= [[0x00A7B434] + 0x0C] + 0x24
X			= 0x798 (unchanged)
Y			= 0x79C (unchanged)
Z			= 0x7A0 (unchanged)

CTM_Base		= 0x00CB9788
CTM_State		= 0x00CB97A4
CTM_Target		= 0x00CB97A8
CTM_InteractDistance	= 0x00CB9794
CTM_Xpos		= 0x00CB9814
CTM_Ypos		= 0x00CB9818
CTM_Zpos		= 0x00CB981C

Found these myself ^__^

[ziinus]

First offset found myself :

CastingID Offset : 0xA6C // 3.2.2 = 0xA68

[flo8464]

you just saved me a ton of reversing... THANK YOU.

Ton of reversing?
Read the GUID of your target. Follow that target, search for its guid via CheatEngine. Follow something else and check which guid changed

[Apoc]

Edit: Damn, JuJuBoSc beat me to it. I've got a tiny extra detail though.

The static chat ring-buffer has slightly changed in 3.3.0, for the better!

- Each message includes the sender's GUID
- The party leader now has a separate chat type id: 51

Code:

// WoW 3.3.0
const uint32_t MEM_STATIC_CHAT      = 0x00B0D984;
const uint32_t MEM_STATIC_CHAT_NEXT = 0x17C0;

For those who are curious what this ring-buffer is all about, here's my summary:

Code:

/* WoW's chat is stored as a ring buffer which holds 60 lines of text.
 * Each line is an array of 0x17C0 bytes, NULL-terminated and UTF-8 encoded.
 * The total size of the ring buffer is 60 * 0x17C0 = 364800 bytes.
 *
 * Examples:
 *     Say: "Type: [1], Channel: [], Player Name: [Somedude], Sender GUID: [0123456789ABCDEF], Text: [gief gold plox]"
 *     Trade: "Type: [17], Channel: [Trade - City], Player Name: [Somedude], Sender GUID: [0123456789ABCDEF], Text: [WTB Mudkipz]"
 *     Party: "Type: [2], Channel: [], Player Name: [Somedude], Sender GUID: [0123456789ABCDEF], Text: [test]"
 *     Party leader: "Type: [51], Channel: [], Player Name: [Somedude], Sender GUID: [0123456789ABCDEF], Text: [test]"
 *
 * Message types (?? means 3rd party source, not verified):
 *    1    Say
 *    2    Party
 *    3    Raid
 *    4    Guild
 *    5    Guild - Officer
 *    6    Yell
 *    7    Whisper-Incoming (Name = From)
 *    8    Whisper Mob ??
 *    9    Whisper-Outgoing (Name = To)
 *    10    Emote
 *    12    Monster Say
 *    13    Monster Party ??
 *    14    Monster Yell
 *    15    Monster Whisper
 *    16    Monster Emote
 *    17    Channel (General, Trade, LookingForGroup, LocalDefense, ...)
 *    18    Channel Join ??
 *    19    Channel Leave ??
 *    20    Channel List ??
 *    21    Channel Notice ??
 *    22    Channel Notice User ??
 *    23    AFK ??
 *    24    DND ??
 *    25    Ignored ??
 *    26    Skill ??
 *    27    Loot ??
 *    28    System ??
 *    35    Battleground Event - Neutral ??
 *    36    Battleground Event - Alliance ??
 *    37    Battleground Event - Horde ??
 *    38    Combat Faction Change ??
 *    39    Raid Leader
 *    40    Raid Warning
 *    41    Raid Warning Widescreen ??
 *    43    Filtered ??
 *    44    Battleground
 *    45    Battleground Leader
 *    46    Restricted ??
 *    51    Party leader
 */

As I only started to tinker with WoW's internals very recently, this is all I can contribute so far. I already learned a lot from this site though, and hopefully can give back more some day.

It's actually just a queue with a capacity of 60. Look it up. It's nothing special really. (You can substitute Queue with anything that implements the FIFO ideology.)

[Robske]

thx for this : can you explain me how you found these offsets plz. Can't find it by myslef

Look at UnitCastingInfo and UnitChannelInfo...

[UnknOwned]

All the good stuff:

Code:

Base            = [[0x00A7B434] + 0x0C] + 0x24
X            = 0x798 (unchanged)
Y            = 0x79C (unchanged)
Z            = 0x7A0 (unchanged)

CTM_Base        = 0x00CB9788
CTM_State        = 0x00CB97A4
CTM_Target        = 0x00CB97A8
CTM_InteractDistance    = 0x00CB9794
CTM_Xpos        = 0x00CB9814
CTM_Ypos        = 0x00CB9818
CTM_Zpos        = 0x00CB981C

Found these myself ^__^

Why kill the old struc?

[lanman92]

There's an array of party member GUIDs at 0xB69700.

Loot type is as an enum value at 0xA6D4E8.

Code:

Free for all = 0
Round robin = 1
Master = 2
Group = 3
Need before greed = 4

[RoKFenris]

Here is a bunch more info about the chat buffer:
- The function that adds a new message to the buffer is at 0x004A35B0.
- The format string for the message in the text buffer is at 0x009DC4F8 : 'Type: [%d], Channel: [%s], Player Name: [%s], Sender GUID: [%016I64X], Text: [%s]'
- The real base address for the chat buffer is 0x00B0D948; there are 0x3c bytes before the string. The index of the first free slot in the ring buffer is at 0x00B66EDC.
- As already said, the buffer has 60 slots.
- The message structure is as follows:

Code:

0x0000 - Sender GUID
0x0008 - Unknown
0x003c - formatted message, 3000 bytes
0x0bf4 - pure text, also 3000 bytes
0x17ac - messageType
0x17b0 - channelNumber
0x17b4 - sequence
0x17b8 - time