[WoW][3.3.5.12340] Info Dump Thread

**~~culino~~** · 07-19-2010

Originally Posted by mnbvc

oh, rly? :confused:

Ya rly.

**[Blinded]** · 07-22-2010

I'm searching for the descriptors offset, can anyone post it or confirm 0x08?

thanks

**Bananenbrot** · 07-22-2010

If it would be something else than 0x08, you would have read about it in this forum. Blizzard will hardly change that in future.

**Cromon** · 07-22-2010

Code:

        enum Offsets : uint
        {
            Spectator_Player_Base           = 0x1008, /* + PlayerBase */
            Spectator_Player_IsSpectating   = 0x0A, /* + [PlayerBase + Spectator_Player_Base]. byte => 255 => IsCommentator returns true */

            Spectator_Base                  = 0xACE4A8,
            Spectator_X                     = 0x0C,
            Spectator_Y                     = 0x10,
            Spectator_Z                     = 0x14,
            Spectator_FollowGUID            = 0x20, /* Set to own GUID */
            Spectator_CamZoom               = 0x40,
            Spectator_CamSpeed              = 0x44,
            Spectator_Collision             = 0x48,
        }

Spectator-mode for free camera movement.

Example:

Code:

            uint specBase = mgr.Read<uint>(mgr.Me + (uint)Offsets.Spectator_Player_Base);
            Write((byte)0xFF, specBase + Offsets.Spectator_Player_IsSpectating);

            Write(posX, (uint)Offsets.Spectator_Base + (uint)Offsets.Spectator_X);
            Write(posY, (uint)Offsets.Spectator_Base + (uint)Offsets.Spectator_Y);
            Write(posZ + 1.0f, (uint)Offsets.Spectator_Base + (uint)Offsets.Spectator_Z);

            Write(mgr.Read<ulong>(ObjMgr.OfsMyGUID), (uint)Offsets.Spectator_FollowGUID + (uint)Offsets.Spectator_Base);

            Write(100.0f, (uint)Offsets.Spectator_Base + (uint)Offsets.Spectator_CamSpeed);
            Write(0, (uint)Offsets.Spectator_Base + (uint)Offsets.Spectator_Collision);

**Cromon** · 07-23-2010

Some LUA-stuff:

Code:

typedef void (__cdecl* tPushInteger)(LPDWORD lua_state, int* pValue);
tPushInteger FrameScript__PushInteger = (tPushInteger)0x84E2D0;

typedef INT* (__cdecl* tToInteger)(LPDWORD lua_state, INT stackIndex);
tToInteger FrameScript__ToInteger = (tToInteger)0x84E070;

typedef void (__cdecl* tSetTop)(LPDWORD lua_state, INT stackNewTop);
tSetTop FrameScript__SetTop = (tSetTop)0x84DBF0;

typedef HRESULT(__stdcall* EndScene_t)(LPDIRECT3DDEVICE9);

HRESULT __stdcall hkEndScene(LPDIRECT3DDEVICE9 pDevice)
{
	LPDWORD* luaState = (LPDWORD*)0xD3F78C; // or something like that, dont know, if its really the lua_stateL*, but used for all the FrameScript-stuff.

	int a = 0xFFFF0000;
	FrameScript__PushInteger(*luaState, &a);

	int b = *FrameScript__ToInteger(*luaState, 1);

	FrameScript__SetTop(*luaState, 0);
	return pEndScene(pDevice);
}

**eLaps** · 07-24-2010

Code:

AHListAuctions                   0xc0f448
AHListNumAuctions                0xc0f444
AHListTotalAuctions              0xc0f408
CGUnit_C__UpdateDisplayInfo      0x73e410

Not tested.

**Cromon** · 07-25-2010

Code:

CloudDensity              0xD38C34
RenderFlags               0xCD774C
WmoCollision              0xD25440 /* some sort of pointer. Setting it to 0 removes rendering and collision of WMO */
SkyRadius                 0xADEEF0 /* Something related to the distance of the sky to the toon */
NearClip                    0xADEED4
SunGlareEnabled         0xD38F60

Just a little bit

**Cromon** · 07-27-2010

Where are all the other people?

Some stuff related to rendering:
0xAF4878 (float): Something related to the sky/light color, see screenshots:
http://www.imagr.eu/up/4c4ef9985816a...610_155317.jpg
http://www.imagr.eu/up/4c4ef9e0378b4...610_155336.jpg
http://www.imagr.eu/up/4c4ef9f5e0635...610_155343.jpg

0xD391D0 (float): Phi of sun
0xD39204 (float): Theta of sun
Both assuming those coordinates:

0xD38EC8 (float): Size of the sunglare

0xAC0CB4 (float[3]): Offset for UI-texture-coordinates (u and v) and alpha multiplier (0-1)

Code:

struct UITexCoordAlphaMultiplier
{
        float u, v, alpha;
};

0xCE07D0 (Text): Start of the current folder of ADTs

0xCE06D0 (Text): Name of the current continent

**caytchen** · 07-27-2010

Originally Posted by Cromon

0xCD07D0 (Text): Start of the current folder of ADTs
0xCD06D0 (Text): Name of the current continent

Actually 0xCE07D0 and 0xCE06D0
Sorry I got nothing new, though.

**qjlex** · 07-29-2010

Code:

 Lua_InvalidPtrCheck = 0x0086B5CE;
 Lua_Register = 0x00817F90;
 Lua_GetTop = 0x0084DBD0;
 Lua_ToString = 0x0084E0E0;
 Lua_GetState = 0x0084DBD0;
 Lua_DoString = 0x00819210;

**~~mnbvc~~** · 08-02-2010

i found something useful to make the bots look a little bit less stupid
CGGameObject_C_virt40 aka gameobject vfunc (gameobject vtable is at 416) function nr 24
is in reality a CGGameObject_C__ContainsLoot function

i think everbody knows it, the server is lagging and the god damn herb needs several seconds to despawn and your bot keeps standing there and tries to loot the shit...
this function will return false as soon as you have finished looting and you can save some seconds :P

and because it was what i was really looking for and didn't find it:

how can i get the info if the herb/ore is already being used by somebody? basically the check before the message "this is already being used" appears when you interact with it
GAMEOBJECT_FLAGS is always 0 for herbs/ores, so that's not the answer :P

**wenhao** · 08-02-2010

JuJuSoc:
i am a green hand in WOW. i tried your offset about objectManager, but can't find all the game objects by tracing the linked list. Can you make some clarification? it is possible my understanding of how to tracing the linked list is wrong. my code is as following
curmgr=[[0xC79ce0] + 0x2ED0] ;[ ] is a memry reading operator
the adress of the first object=curmgr+0xAC
the address of the seconde object= [address of the first object + 0x3C]
.......
i did a checkk of the local guild =[curmgr+0xC0], which is correct.

thx.
wenhao

**Syltex** · 08-18-2010

Hmm, didnt see the Playerbase got posted, so i just ran Malu05 pattern scanner.

PlayerBaseStatic 0x00CD87A8

**IceFire32** · 08-21-2010

0x00CABCC4

1 = Console active
0 = Console not active

/Edit:

00ADBAC4 = Console Key (DirectInput Keycode)

/Edit2:
0x00CA1978

1 = Console open
0 = Console closed

/Edit 3:
I use it like this, so you don't have to use this lame "-console" parameter

Code:

// Console Thread
void consoleThread()
{
	bool bWasKeyPressedBefore = false ;
	DWORD *pdwConsoleOpen = (DWORD*)0x00CA1978 ; 
	DWORD *pdwConsoleActive = (DWORD*)0x00CABCC4 ;

	while (true)
	{
		if (GetAsyncKeyState(VK_F12)) {
			if (!bWasKeyPressedBefore) {
				*pdwConsoleOpen = *pdwConsoleOpen ? false : true ;
				*pdwConsoleActive = true ;
			} 

			bWasKeyPressedBefore = true ;
		} else
			bWasKeyPressedBefore = false ;

		Sleep(30) ;
	}
}

**Jadd2** · 08-22-2010

Originally Posted by Cromon

Some LUA-stuff:

Code:

typedef void (__cdecl* tPushInteger)(LPDWORD lua_state, int* pValue);
tPushInteger FrameScript__PushInteger = (tPushInteger)0x84E2D0;

typedef INT* (__cdecl* tToInteger)(LPDWORD lua_state, INT stackIndex);
tToInteger FrameScript__ToInteger = (tToInteger)0x84E070;

typedef void (__cdecl* tSetTop)(LPDWORD lua_state, INT stackNewTop);
tSetTop FrameScript__SetTop = (tSetTop)0x84DBF0;

typedef HRESULT(__stdcall* EndScene_t)(LPDIRECT3DDEVICE9);

HRESULT __stdcall hkEndScene(LPDIRECT3DDEVICE9 pDevice)
{
	LPDWORD* luaState = (LPDWORD*)0xD3F78C; // or something like that, dont know, if its really the lua_stateL*, but used for all the FrameScript-stuff.

	int a = 0xFFFF0000;
	FrameScript__PushInteger(*luaState, &a);

	int b = *FrameScript__ToInteger(*luaState, 1);

	FrameScript__SetTop(*luaState, 0);
	return pEndScene(pDevice);
}

Does this even do anything?

Shout-Out

User Tag List

Thread: [WoW][3.3.5.12340] Info Dump Thread

Thread Tools

Search Thread

Similar Threads

[WoW][4.0.6.13596] Info Dump Thread

[WoW][4.0.3.13329] Info Dump Thread

[WoW][4.0.1.13164] Info Dump Thread

[WoW][4.0.1.13205] Info Dump Thread

[WoW][3.3.3.11723] Info Dump Thread

OwnedCore Forums

casino

CoreCoins

My OwnedCore

About Us

Casino