[IDA] Dumping Packet Handlers menu
Follow us:

Shout-Out

User Tag List

Results 1 to 7 of 7
  1. 12-28-2010 #1
    jjaa's Avatar
    jjaa
    jjaa is offline
    Contributor
    Reputation
    245
    Join Date
    Dec 2006
    Posts
    562
    Thanks G/R
    0/0
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    [IDA] Dumping Packet Handlers

    In 4.0.1, the registering of packet handlers changed.
    There are three methods that I have come across
    Being set directly such as:
    mov dword_C339E4, offset sub_8F0C10
    Then called in the NetClient__HandleAuthOpcodes or NetClient__ProcessSpecialOpcodes function

    Being added to a structure in what appears to be an inline function:
    mov eax, dword_CB3F8C
    mov dword ptr [eax+1DC0h], offset sub_8553F0
    mov [eax+3DC0h], ebx

    And lastly, by a function call such as:
    SetMessageHandler(0xA754u, (int)sub_56A840, 0);

    This IDAPython script attempts to dump the handlers. I'll prob add stuff (such as dumping OpCodes) and clean it in the future.
    Script:
    Code:
    """
This script will attempt to dump all the packet handlers.
Designed for the 4.0.3.13329 Nov 17 2010 binary
By jjaa @ MMowned.com and gamedeception.net

Info
The WoW binary changed the way that it registers packet handlers in 4.0.1.
There are three methods that I have come across

Being set directly such as:
    mov     dword_C339E4, offset sub_8F0C10
Then called in the NetClient__HandleAuthOpcodes or NetClient__ProcessSpecialOpcodes function

Being added to a structure in what appears to be an inline function:
    mov     eax, dword_CB3F8C
    mov     dword ptr [eax+1DC0h], offset sub_8553F0
    mov     [eax+3DC0h], ebx

And lastly, by a function call such as:
     SetMessageHandler(0xA754u, (int)sub_56A840, 0);
"""
from idc import BADADDR, INF_BASEADDR, SEARCH_DOWN, FUNCATTR_START, FUNCATTR_END
import idc
import idaapi
directSetPattern = [0xC7, 0x05, -1, -1, -1, -1, -1, -1, -1, -1]


def ProcessSpecialOpcodesAddr():
    return FindFunctionAddr("NetClient::ProcessSpecialOpcodes", "55 8B EC 0F B7 55 10 8B C2 C1 E8 ? 25 ? ? ? ? 81 E2 ? ? ? ? 0B C2 81 EC ? ? ? ? C1 E8 ? 53 83 F8 ? 0F 87 ? ? ? ?")

def HandleAuthOpcodesAddr():
    return FindFunctionAddr("NetClient::HandleAuthOpcodes", "55 8B EC 0F B7 45 10 81 EC ? ? ? ? 8B D0 ? ? 53 56 81 E2 ? ? ? ? 8B F0 81 E6 ? ? ? ?")

def SetMessageHandlerAddr():
    return FindFunctionAddr("SetMessageHandler", "55 8B EC 8B 4D 08 8B 15 ? ? ? ? 56 8B C1 ? ? 25 ? ? ? ? 8B F1 81 E6 ? ? ? ? 0B C6 8B F1 C1 E8 ? 83 E6 ?")

def PacketHandlersAddr():
    return FindDataAddr("PacketHandlers", "55 8B EC 8B 4D 08 8B 15 ? ? ? ? 56 8B C1 ? ? 25 ? ? ? ? 8B F1 81 E6 ? ? ? ? 0B C6 8B F1 C1 E8 ? 83 E6 ?", 6)

def FindFunctionAddr(name, pattern):
    addr = idc.LocByName(name)
    if addr == BADADDR:
        addr = idc.FindBinary(INF_BASEADDR, SEARCH_DOWN, pattern)
    if addr != BADADDR:
        return addr
    idc.Warning("Could not find the " + name + " function")

def FindDataAddr(name, pattern, offs):
    addr = idc.LocByName(name)
    if addr == BADADDR:
        addr = idc.FindBinary(INF_BASEADDR, SEARCH_DOWN, pattern)
        addr = addr + offs
        addr = idc.Dword(addr)
    if addr != BADADDR and addr != 0:
        return addr
    idc.Warning("Could not find the " + name + " function")

def Matches(src, pattern):
    """
    Checks if src and pattern are equal , uses a wildcard
    of -1
    """
    ret = [i for i,j in zip(src,pattern) if j != -1 and j != i]
    return len(ret) == 0

def ReadDataRef(inst, operand):
    """Read the intersting part of an instruction"""
    offb = operand.offb
    size = idaapi.cvar.cmd.size - offb
    ref  = idc.Dword(inst + offb)
    return ref

def ReadInstructionBytes(addr):
    """Dumps all of the bytes of an instruction to list of bytes"""
    idaapi.decode_insn(addr)
    instBytes = range(idaapi.cvar.cmd.size)
    instBytes = map(lambda x:idc.Byte(addr + instBytes.index(x)), instBytes)
    return instBytes

def IntToBytes(i):
    """Converts a 4 byte int to a list of bytes"""
    packedData = struct.pack("i", i)
    return struct.unpack("BBBB", packedData)

def FormatAddr(addr):
    """Makes the address look pretty!"""
    return "%s:%08X" % (idc.SegName(addr), addr)

def ParseXref(xref):
    """Grabs the packet handler out of an xref"""
    #we only care about mov's
    if (GetMnem(xref.frm) == "mov"):
        #dump the xref instructions bytes to a list
        instBytes = ReadInstructionBytes(xref.frm)
        directSetPattern[2:6] = IntToBytes(xref.to)
        #check pattern...
        if Matches(instBytes, directSetPattern):
            #Last but not least!, extract the packet handler
            op = idaapi.get_instruction_operand(idaapi.cvar.cmd, 1)
            return op.value

def FindRegisterOpeand(startAddr, registerNum):
    """Some function calls push an already set register, this tries to get the operand being written to the register"""
    #bl to ebx, ebx is xor'ed, bl is used....
    #TODO: Add better support for swaping the 16bit to 32bit registers
    if registerNum == 19:
        registerNum = 3

    funcStart = idc.GetFunctionAttr(startAddr, FUNCATTR_START)
    inst = idc.PrevHead(startAddr, funcStart)
    while inst != BADADDR:
        if idc.GetMnem(inst) == "mov":
            idaapi.decode_insn(inst)
            operand = idaapi.get_instruction_operand(idaapi.cvar.cmd, 0)
            if (operand.type == idaapi.o_reg and operand.reg == registerNum):
                #print "    %s found mov" % FormatAddr(inst)
                #Found the register write!
                operand = idaapi.get_instruction_operand(idaapi.cvar.cmd, 1)
                return operand
        if idc.GetMnem(inst) == "xor":
            #print "    %s found xor, register %d" % (FormatAddr(inst), registerNum)
            idaapi.decode_insn(inst)
            operand = idaapi.get_instruction_operand(idaapi.cvar.cmd, 0)
            if operand.reg == registerNum:
                operand = idaapi.get_instruction_operand(idaapi.cvar.cmd, 1)
                if operand.reg == registerNum:
                    return None

        inst = idc.PrevHead(inst, funcStart)


def FindRegisterValue(startAddr, registerNum):
    """Some function calls push an already set register, this tries to get the operand being written to the register"""
    #print "%X Looking for registers %d" % (startAddr, registerNum)
    operand = FindRegisterOpeand(startAddr, registerNum)
    if operand == None:
        return 0
    else:
        return operand.value


def ParseMessageHandlerArgs(callAddr):
    """Get the args for the call to SetMessageHandler"""
    funcStart = idc.GetFunctionAttr(callAddr, FUNCATTR_START)
    inst = idc.PrevHead(callAddr, funcStart)
    opCode = 0
    packetHandler = 0
    found = 0
    while inst != BADADDR and found < 2:
        if idc.GetMnem(inst) == "push":
             idaapi.decode_insn(inst)
             operand = idaapi.get_instruction_operand(idaapi.cvar.cmd, 0)
             if operand.type in [idaapi.o_imm, idaapi.o_mem, idaapi.o_reg]:
                if operand.type == idaapi.o_reg:
                    operand = FindRegisterOpeand(inst, operand.reg)
                if found == 0: opCode = operand.value
                if found == 1: packetHandler = operand.value
                found += 1
        inst = idc.PrevHead(inst, funcStart)
    return opCode, packetHandler


def DumpReferencedHandlers(funcAddr):
    for inst in FuncItems(funcAddr):
        idaapi.decode_insn(inst)
        for i in range(0, 3):
            operand = idaapi.get_instruction_operand(idaapi.cvar.cmd, i)
            if operand.offb != 0 and operand.type == idaapi.o_mem:
                refAddr = ReadDataRef(inst, operand)
                for xref in XrefsTo(refAddr, idaapi.dr_W | idaapi.XREF_USER):
                    packetHandler = ParseXref(xref)
                    if packetHandler != None and packetHandler != 0:
                        print "%s %s" %(FormatAddr(packetHandler), idc.Name(packetHandler))


def DumpMessageHandlerCalls():
    for xref in XrefsTo(SetMessageHandlerAddr(), 0):
        opCode, packetHandler = ParseMessageHandlerArgs(xref.frm)
        print "%s %s" % (FormatAddr(packetHandler), idc.Name(packetHandler))

#Dump the packet handlers from the NetClient__ProcessSpecialOpcodes and NetClient__HandleAuthOpcodes functions
DumpReferencedHandlers(ProcessSpecialOpcodesAddr())
DumpReferencedHandlers(HandleAuthOpcodesAddr())

#Dump the packet handlers from the SetMessageHandler calls
DumpMessageHandlerCalls()

#Dump the packet handlers from the inlined functions
#TODO: Clean this up....
for xref in XrefsTo(PacketHandlersAddr(), 0):
    funcEnd = idc.GetFunctionAttr(xref.frm, FUNCATTR_END)
    inst = xref.frm
    found = 0
    if idc.GetMnem(inst) != "mov":
        continue
    idaapi.decode_insn(inst)
    operand = idaapi.get_instruction_operand(idaapi.cvar.cmd, 0)
    if operand.type != idaapi.o_reg:
        continue
    reg = operand.reg
    while inst != BADADDR and found < 1:
        if idc.GetMnem(inst) == "mov":
            idaapi.decode_insn(inst)
            operand = idaapi.get_instruction_operand(idaapi.cvar.cmd , 0)
            if operand.type == idaapi.o_displ and operand.phrase == reg:
                idaapi.decode_insn(inst)
                operand = idaapi.get_instruction_operand(idaapi.cvar.cmd , 1)
                if operand.type == idaapi.o_imm:
                    value = operand.value
                    if (value > idc.SegStart(inst) and value < idc.SegEnd(inst)):
                        packetHandler = operand.value
                        print "%s %s" % (FormatAddr(packetHandler), idc.Name(packetHandler))
                        found += 1
                elif operand.type == idaapi.o_reg:
                    regval = FindRegisterValue(inst, operand.reg)
                    if (regval != 0):
                        packetHandler = regval
                        print "%s %s" % (FormatAddr(packetHandler), idc.Name(packetHandler))
                    found += 1
        inst = idc.NextHead(inst, funcEnd)
    Output, there will be duplicates, cause multiple OpCodes are registered with the same handler. Also some are named because of a binary differential from pre 4.0.1:
    Code:
    .text:008F0C90 sub_8F0C90
.text:008EEBA0 sub_8EEBA0
.text:008F0C10 sub_8F0C10
.text:008E7C40 sub_8E7C40
.text:008E7CB0 sub_8E7CB0
.text:0056D2F0 sub_56D2F0
.text:0056D390 sub_56D390
.text:00402D10 sub_402D10
.text:004E51B0 sub_4E51B0
.text:005CB9B0 sub_5CB9B0
.text:0056D3D0 sub_56D3D0
.text:005A57B0 CGUnit_C_virtCC
.text:008B5D80 sub_8B5D80
.text:008B6C00 sub_8B6C00
.text:00562430 PH_SMSG_GUILD_COMMAND_RESULT_1
.text:0088E1D0 PH_SMSG_GUILD_ROSTER
.text:008A60F0 sub_8A60F0
.text:008A5D80 sub_8A5D80
.text:0056D530 sub_56D530
.text:0056D580 PH_EVENT_GUILD_TRADESKILL_UPDATE
.text:005600E0 PH_EVENT_GUILD_RECIPE_KNOWN_BY_MEMBERS
.text:00933910 sub_933910
.text:00933980 sub_933980
.text:008B74E0 PH_STABLE_UNK_PACKET_1
.text:008223A0 loc_8223A0
.text:00578AD0 sub_578AD0
.text:00560100 PH_EVENT_ROLE_CHANGED_INFORM
.text:0088E6C0 PH_EVENT_GUILD_REWARDS_LIST
.text:005601B0 PH_EVENT_ROLE_POLL_BEGIN
.text:00566690 PH_SMSG_RAID_SUMMON_FAILED
.text:00831EC0 PH_SMSG_PUREMOUNT_CANCELLED_OBSOLETE_should_be_SMSG_REMOVE_FROM_PVP_QUEUE_RESULT
.text:00893620 PH_SMSG_BATTLEFIELD_STATUS_3
.text:00893690 PH_SMSG_BATTLEFIELD_STATUS_2
.text:00893820 PH_SMSG_GROUP_JOINED_BATTLEGROUND
.text:00893600 PH_SMSG_BATTLEFIELD_STATUS
.text:008939F0 PH_SMSG_GROUP_JOINED_BATTLEGROUND_2
.text:008970F0 PH_SMSG_BATTLEFIELD_LIST
.text:00893B60 PH_MSG_BATTLEGROUND_PLAYER_POSITIONS
.text:00893C80 PH_SMSG_BATTLEGROUND_PLAYER_JOINED
.text:00893CE0 PH_SMSG_BATTLEGROUND_PLAYER_LEFT
.text:008959E0 sub_8959E0
.text:00895A10 PH_SMSG_BATTLEFIELD_MGR_ENTRY_INVITE
.text:00893D70 PH_SMSG_BATTLEFIELD_MGR_ENTERED
.text:00895B10 PH_SMSG_BATTLEFIELD_MGR_QUEUE_REQUEST_RESPONSE
.text:00895C50 PH_SMSG_BATTLEFIELD_MGR_EJECT_PENDING
.text:00895C90 PH_SMSG_BATTLEFIELD_MGR_EJECTED
.text:00895D50 PH_SMSG_BATTLEFIELD_MGR_QUEUE_INVITE
.text:00893E30 PH_SMSG_BATTLEFIELD_MGR_STATE_CHANGE
.text:0055DF10 sub_55DF10
.text:005667D0 sub_5667D0
.text:00566830 PH_EVENT_REQUEST_CEMETERY_LIST_RESPONSE
.text:008D5D00 sub_8D5D00
.text:00893940 PH_EVENT_WARGAME_REQUESTED
.text:00492B10 sub_492B10
.text:00492AD0 sub_492AD0
.text:008938E0 PH_SMSG_BATTLEFIELD_STATUS_4
.text:00890AC0 PH_EVENT_GUILD_NEWS_UPDATE
.text:008940B0 PH_EVENT_PVP_RATED_STATS_UPDATE
.text:008EE6C0 sub_8EE6C0
.text:008F0A70 sub_8F0A70
.text:008EEA80 sub_8EEA80
.text:008EE840 sub_8EE840
.text:008F3C10 sub_8F3C10
.text:00562610 PH_SMSG_ARENA_TEAM_COMMAND_RESULT
.text:008B75A0 PH_STABLE_UNK_PACKET_2
.text:008886A0 PH_EVENT_GUILD_RANKS_UPDATE
.text:00889950 PH_COMBATLOG_GUILD_XPGAIN
.text:00403A60 sub_403A60
.text:008899E0 PH_EVENT_GUILD_ROSTER_UPDATE
.text:00889AB0 PH_EVENT_GUILD_INVITE_REQUEST
.text:00831F10 PH_ERR_QUEST_REWARD_MONEY_S
.text:00579690 PH_SMSG_QUESTGIVER_QUEST_COMPLETE
.text:00579650 PH_SMSG_ITEM_REFUND_RESULT
.text:00579610 PH_SMSG_ITEM_REFUND_INFO_RESPONSE
.text:008C5310 PH_MSG_INSPECT_HONOR_STATS
.text:00889420 PH_EVENT_GUILD_PARTY_STATE_UPDATED
.text:00895790 PH_MSG_PVP_LOG_DATA
.text:00894050 PH_EVENT_PVP_RATED_STATS_UPDATE_2
.text:00892AB0 sub_892AB0
.text:00831F60 PH_GAMEUI_DISPLAY_ERROR
.text:00893E00 PH_EVENT_PVP_TYPES_ENABLED
.text:008E70F0 sub_8E70F0
.text:008872D0 sub_8872D0
.text:0088C500 sub_88C500
.text:0048FB90 PH_SMSG_AUTH_CHALLENGE
.text:0048FAD0 PH_sub_48FBC0
.text:00490C20 PH_SMSG_FORCE_SEND_QUEUED_PACKETS
.text:00490370 PH_sub_490460
.text:0048F750 PH_SMSG_REDIRECT_CLIENT
.text:00490070 PH_SMSG_PING
.text:0055E950 Packet_PACKET_SMSG_ARENA_ERROR
.text:0056A840 sub_56A840
.text:005706B0 sub_5706B0
.text:0056D290 Packet_PACKET_SMSG_TIME_SYNC_REQ
.text:0055E9D0 PH_SMSG_VOICE_SESSION_ROSTER_UPDATE
.text:0055ECB0 Packet_PACKET_SMSG_VOICE_SESSION_LEAVE
.text:0055ED10 Packet_PACKET_SMSG_VOICE_SET_TALKER_MUT
.text:005628D0 Packet_PACKET_SMSG_VOICE_PARENTAL_CONTR
.text:005776E0 Packet_PACKET_SMSG_CROSSED_INEBRIATION_
.text:0055DAF0 sub_55DAF0
.text:0055DB70 sub_55DB70
.text:0055EBE0 Packet_PACKET_SMSG_AVAILABLE_VOICE_CHAN
.text:0055EE80 PH_SMSG_CALENDAR_COMMAND_RESULT
.text:00561E30 sub_561E30
.text:0055DEF0 sub_55DEF0
.text:00573E70 PH_SMSG_SEND_UNLEARN_SPELLS
.text:0055DBB0 sub_55DBB0
.text:00574AF0 PH_GROUP_9
.text:00574AF0 PH_GROUP_9
.text:0055F270 PH_SMSG_BATTLEGROUND_INFO_THROTTLED
.text:00574AF0 PH_GROUP_9
.text:0055DD40 PH_SMSG_QUEST_POI_QUERY_RESPONSE
.text:00574AF0 PH_GROUP_9
.text:0056ADB0 PH_SMSG_QUEST_FORCE_REMOVE
.text:0056A910 sub_56A910
.text:00576D90 PH_GROUP_ITEM_TIME
.text:00566580 PH_SMSG_COMBAT_LOG_MULTIPLE
.text:0055DC70 sub_55DC70
.text:005C5930 sub_5C5930
.text:005C5980 sub_5C5980
.text:005B7820 sub_5B7820
.text:005B7880 sub_5B7880
.text:005B78F0 sub_5B78F0
.text:005B7950 sub_5B7950
.text:005B79B0 sub_5B79B0
.text:0085BDA0 PH_SMSG_TUTORIAL_FLAGS
.text:00401380 PH_SMSG_NOTIFICATION
.text:00401470 Packet_PACKET_SMSG_PLAYED_TIME
.text:00401560 Packet_PACKET_SMSG_TRANSFER_PENDING
.text:004035A0 PH_SMSG_TRANSFER_ABORTED
.text:00403AF0 Packet_PACKET_SMSG_LOGIN_VERIFY_WORLD
.text:00763EE0 Packet_PACKET_SMSG_KICK_REASON
.text:0049F940 PH_SMSG_CREATURE_QUERY_RESPONSE
.text:0049F960 PH_SMSG_GAMEOBJECT_QUERY_RESPONSE
.text:0049F980 PH_SMSG_NPC_TEXT_UPDATE
.text:0049FE50 PH_SMSG_NAME_QUERY_RESPONSE
.text:004A0080 PH_SMSG_GUILD_QUERY_RESPONSE
.text:0049F9A0 Packet_PACKET_SMSG_QUEST_QUERY_RESPONSE
.text:0049FA10 PH_SMSG_PAGE_TEXT_QUERY_RESPONSE
.text:0049FA30 Packet_PACKET_SMSG_PET_NAME_QUERY_RESPO
.text:0049FB00 Packet_PACKET_SMSG_PETITION_QUERY_RESPO
.text:004A00E0 PH_SMSG_ITEM_TEXT_QUERY_RESPONSE
.text:0049FB70 Packet_PACKET_SMSG_INVALIDATE_PLAYER
.text:0049FBF0 PH_SMSG_ARENA_TEAM_QUERY_RESPONSE
.text:0049FC40 Packet_PACKET_SMSG_INVALIDATE_DANCE
.text:004A0150 Packet_PACKET_SMSG_DANCE_QUERY_RESPONSE
.text:004DB8F0 PH_SMSG_WHO
.text:004D6730 Packet_PACKET_SMSG_WHOIS
.text:004D6770 Packet_PACKET_SMSG_RWHOIS
.text:004DB8D0 Packet_PACKET_SMSG_CONTACT_LIST
.text:004DB880 Packet_PACKET_SMSG_FRIEND_STATUS
.text:004DD510 Packet_PACKET_SMSG_WARDEN_DATA
.text:004DD9A0 Packet_PACKET_SMSG_GAMESPEED_SET
.text:004DDA40 Packet_PACKET_SMSG_LOGIN_SETTIMESPEED
.text:004DDB20 Packet_PACKET_SMSG_GAMETIME_UPDATE
.text:004DDBB0 Packet_PACKET_SMSG_SERVERTIME
.text:004DDCA0 Packet_PACKET_SMSG_GAMETIME_SET
.text:00574AF0 PH_GROUP_9
.text:00573480 sub_573480
.text:00574AF0 PH_GROUP_9
.text:00576C90 sub_576C90
.text:00570B00 PH_GROUP_VENDOR
.text:00570B00 PH_GROUP_VENDOR
.text:00570B00 PH_GROUP_VENDOR
.text:0056AEF0 PH_GROUP_LOOT
.text:0056AEF0 PH_GROUP_LOOT
.text:0056AEF0 PH_GROUP_LOOT
.text:0056AEF0 PH_GROUP_LOOT
.text:0056AEF0 PH_GROUP_LOOT
.text:0056AEF0 PH_GROUP_LOOT
.text:0057B8C0 PH_SMSG_LEARNED_SPELL
.text:0057B360 PH_SMSG_REMOVED_SPELL
.text:0057B9B0 Packet_PACKET_SMSG_SUPERCEDED_SPELL
.text:00570B80 Packet_PACKET_SMSG_INITIAL_SPELLS
.text:0056B160 Packet_PACKET_SMSG_ACTION_BUTTONS
.text:00570CD0 Packet_PACKET_SMSG_GROUP_INVITE
.text:0055DD80 Packet_PACKET_SMSG_GROUP_CANCEL
.text:0055DDB0 PH_SMSG_GROUP_DECLINE
.text:0055DE80 sub_55DE80
.text:0055DDE0 PH_SMSG_GROUP_SET_LEADER
.text:0055DEB0 sub_55DEB0
.text:0055DF20 PH_SMSG_PARTY_COMMAND_RESULT
.text:00575B60 PH_SMSG_GROUP_LIST
.text:0055E380 Packet_PACKET_SMSG_REAL_GROUP_UPDATE
.text:0056AA10 PH_GROUP_QUESTS
.text:0056AA10 PH_GROUP_QUESTS
.text:0056AA10 PH_GROUP_QUESTS
.text:0056AA10 PH_GROUP_QUESTS
.text:0056AA10 PH_GROUP_QUESTS
.text:0056AA10 PH_GROUP_QUESTS
.text:0056AA10 PH_GROUP_QUESTS
.text:0056AA10 PH_GROUP_QUESTS
.text:0056AE30 Packet_PACKET_SMSG_TRAINER_BUY_FAILED
.text:0055FB10 Packet_PACKET_SMSG_SET_PROFICIENCY
.text:0056CEE0 sub_56CEE0
.text:0055FB60 PH_SMSG_PLAYER_SKINNED
.text:0055FD80 PH_SMSG_INSPECT
.text:0055FDE0 Packet_PACKET_MSG_INSPECT_HONOR_STATS
.text:0056D000 PH_GROUP_READ_ITEM
.text:00573CD0 sub_573CD0
.text:00574AF0 PH_GROUP_9
.text:00574AF0 PH_GROUP_9
.text:00574AF0 PH_GROUP_9
.text:0055E430 PH_SMSG_GUILD_DECLINE
.text:0055E490 sub_55E490
.text:0055E4A0 PH_SMSG_GUILD_INFO
.text:00570DE0 PH_SMSG_GUILD_EVENT
.text:0055E890 PH_SMSG_GUILD_COMMAND_RESULT_2
.text:0056B380 PH_MSG_SAVE_GUILD_EMBLEM
.text:0055E580 Packet_PACKET_MSG_TABARDVENDOR_ACTIVATE
.text:00570730 PH_GROUP_PETITION
.text:00570730 PH_GROUP_PETITION
.text:00570730 PH_GROUP_PETITION
.text:00570730 PH_GROUP_PETITION
.text:00570730 PH_GROUP_PETITION
.text:00574AF0 PH_GROUP_9
.text:004DC1E0 Packet_PACKET_SMSG_UPDATE_ACCOUNT_DATA_
.text:00562370 PH_SMSG_EMOTE
.text:00561C30 sub_561C30
.text:00574AF0 PH_GROUP_9
.text:00574AF0 PH_GROUP_9
.text:0055D480 sub_55D480
.text:0056A6C0 sub_56A6C0
.text:00576F10 PH_SMSG_PARTY_MEMBER_STATS
.text:0056AB10 PH_GROUP_QUEST_UPDATE
.text:0056AB10 PH_GROUP_QUEST_UPDATE
.text:0056AB10 PH_GROUP_QUEST_UPDATE
.text:0056AB10 PH_GROUP_QUEST_UPDATE
.text:0055DCE0 Packet_PACKET_SMSG_QUEST_CONFIRM_ACCEPT
.text:00574AF0 PH_GROUP_9
.text:0055D530 sub_55D530
.text:0056A500 sub_56A500
.text:0055D570 sub_55D570
.text:00574AF0 PH_GROUP_9
.text:00574AF0 PH_GROUP_9
.text:00576D90 PH_GROUP_ITEM_TIME
.text:00576D90 PH_GROUP_ITEM_TIME
.text:0055D600 sub_55D600
.text:00574AF0 PH_GROUP_9
.text:00574AF0 PH_GROUP_9
.text:0055D450 sub_55D450
.text:00574AF0 PH_GROUP_9
.text:00574AF0 PH_GROUP_9
.text:00574AF0 PH_GROUP_9
.text:00574AF0 PH_GROUP_9
.text:00574AF0 PH_GROUP_9
.text:00574AF0 PH_GROUP_9
.text:0055D6F0 sub_55D6F0
.text:0055D740 sub_55D740
.text:0055D780 sub_55D780
.text:0055D810 sub_55D810
.text:00574AF0 PH_GROUP_9
.text:005705E0 sub_5705E0
.text:00570630 sub_570630
.text:0056A7F0 sub_56A7F0
.text:00565900 PH_SMSG_SPELLLOGEXECUTE
.text:005653B0 PH_SMSG_SPELLLOGMISS
.text:00565920 PH_SMSG_SPELLDAMAGESHIELD
.text:00565A30 PH_SMSG_SPELLINSTAKILLLOG
.text:00565E70 PH_SMSG_SPELLNONMELEEDAMAGELOG
.text:00566010 PH_SMSG_SPELLHEALLOG
.text:00566120 PH_SMSG_SPELLENERGIZELOG
.text:005662C0 PH_GROUP_SPELL_REMOVE
.text:005662C0 PH_GROUP_SPELL_REMOVE
.text:005600D0 sub_5600D0
.text:005662E0 PH_SMSG_SPELLORDAMAGE_IMMUNE
.text:0055D8B0 PH_SMSG_RESURRECT_REQUEST
.text:005663A0 PH_SMSG_DAMAGE_CALC_LOG
.text:0055DA60 sub_55DA60
.text:0055DBF0 sub_55DBF0
.text:0056AEF0 PH_GROUP_LOOT
.text:0056AEF0 PH_GROUP_LOOT
.text:0056AEF0 PH_GROUP_LOOT
.text:0056AEF0 PH_GROUP_LOOT
.text:0056AEF0 PH_GROUP_LOOT
.text:0056AEF0 PH_GROUP_LOOT
.text:0056B090 Packet_PACKET_SMSG_SUMMON_REQUEST
.text:0055DD60 sub_55DD60
.text:0055ED70 PH_SMSG_PLAY_TIME_WARNING
.text:0055E8E0 Packet_PACKET_SMSG_ARENA_TEAM_INVITE
.text:00562450 Packet_PACKET_SMSG_ARENA_TEAM_EVENT
.text:006343B0 Packet_PACKET_SMSG_UNKNOWN_1276
.text:005A5A50 sub_5A5A50
.text:005A5AB0 sub_5A5AB0
.text:005A5B10 Packet_PACKET_SMSG_GAMEOBJECT_DESPAWN_A
.text:005E8900 sub_5E8900
.text:005E8900 sub_5E8900
.text:005E8900 sub_5E8900
.text:005E8900 sub_5E8900
.text:005E8900 sub_5E8900
.text:005E8900 sub_5E8900
.text:005E8900 sub_5E8900
.text:005E8900 sub_5E8900
.text:005E8900 sub_5E8900
.text:005E8900 sub_5E8900
.text:005E8900 sub_5E8900
.text:005E8900 sub_5E8900
.text:005E8900 sub_5E8900
.text:005E8900 sub_5E8900
.text:005E8900 sub_5E8900
.text:005E8900 sub_5E8900
.text:005E8900 sub_5E8900
.text:005E8900 sub_5E8900
.text:005E8900 sub_5E8900
.text:005E8900 sub_5E8900
.text:005E8900 sub_5E8900
.text:005E8900 sub_5E8900
.text:005E8900 sub_5E8900
.text:005E8900 sub_5E8900
.text:005E88A0 sub_5E88A0
.text:005E88A0 sub_5E88A0
.text:005E88A0 sub_5E88A0
.text:005E88A0 sub_5E88A0
.text:005E88A0 sub_5E88A0
.text:005E88A0 sub_5E88A0
.text:005E88A0 sub_5E88A0
.text:005E88A0 sub_5E88A0
.text:005E88A0 sub_5E88A0
.text:005E88A0 sub_5E88A0
.text:005E8900 sub_5E8900
.text:005E8900 sub_5E8900
.text:005E8900 sub_5E8900
.text:005E8900 sub_5E8900
.text:005E8900 sub_5E8900
.text:005E8900 sub_5E8900
.text:005E8900 sub_5E8900
.text:005E8900 sub_5E8900
.text:005E8900 sub_5E8900
.text:005E8900 sub_5E8900
.text:005E8900 sub_5E8900
.text:005E8900 sub_5E8900
.text:005BE900 Packet_PACKET_SMSG_LOOT_LIST
.text:005E5EB0 Packet_PACKET_SMSG_MONSTER_MOVE_TRANSPO
.text:005D6650 sub_5D6650
.text:005D6650 sub_5D6650
.text:005D6650 sub_5D6650
.text:005D6650 sub_5D6650
.text:005D6650 sub_5D6650
.text:005D6650 sub_5D6650
.text:005D6650 sub_5D6650
.text:005D6650 sub_5D6650
.text:005D6650 sub_5D6650
.text:005D6650 sub_5D6650
.text:005D6650 sub_5D6650
.text:005D6650 sub_5D6650
.text:005D6650 sub_5D6650
.text:005D6650 sub_5D6650
.text:005D6650 sub_5D6650
.text:005D6650 sub_5D6650
.text:005D6650 sub_5D6650
.text:005D6650 sub_5D6650
.text:005D6650 sub_5D6650
.text:005D6650 sub_5D6650
.text:005D6650 sub_5D6650
.text:005D6650 sub_5D6650
.text:005D6650 sub_5D6650
.text:005D6650 sub_5D6650
.text:005D6650 sub_5D6650
.text:005D6650 sub_5D6650
.text:005D6650 sub_5D6650
.text:005D6650 sub_5D6650
.text:005BE980 sub_5BE980
.text:005B74E0 Packet_PACKET_SMSG_AI_REACTION
.text:005E8900 sub_5E8900
.text:005E8900 sub_5E8900
.text:005E8900 sub_5E8900
.text:005E8900 sub_5E8900
.text:005B7560 Packet_PACKET_SMSG_PET_ACTION_SOUND
.text:005B75D0 sub_5B75D0
.text:005E89D0 sub_5E89D0
.text:005E89D0 sub_5E89D0
.text:005E89D0 sub_5E89D0
.text:005E89D0 sub_5E89D0
.text:005E89D0 sub_5E89D0
.text:005E89D0 sub_5E89D0
.text:005E89D0 sub_5E89D0
.text:005E89D0 sub_5E89D0
.text:005E89D0 sub_5E89D0
.text:005E89D0 sub_5E89D0
.text:005E89D0 sub_5E89D0
.text:005E89D0 sub_5E89D0
.text:005E89D0 sub_5E89D0
.text:005E89D0 sub_5E89D0
.text:005E89D0 sub_5E89D0
.text:005E89D0 sub_5E89D0
.text:005E89D0 sub_5E89D0
.text:005E8960 Packet_PACKET_SMSG_SPLINE_SET_PITCH_RAT
.text:005E8960 Packet_PACKET_SMSG_SPLINE_SET_PITCH_RAT
.text:005E8960 Packet_PACKET_SMSG_SPLINE_SET_PITCH_RAT
.text:005E8960 Packet_PACKET_SMSG_SPLINE_SET_PITCH_RAT
.text:005E8960 Packet_PACKET_SMSG_SPLINE_SET_PITCH_RAT
.text:005E8960 Packet_PACKET_SMSG_SPLINE_SET_PITCH_RAT
.text:005E8960 Packet_PACKET_SMSG_SPLINE_SET_PITCH_RAT
.text:005E8960 Packet_PACKET_SMSG_SPLINE_SET_PITCH_RAT
.text:005E8960 Packet_PACKET_SMSG_SPLINE_SET_PITCH_RAT
.text:005E5E50 sub_5E5E50
.text:005B7420 sub_5B7420
.text:005D1190 Packet_PACKET_SMSG_CLIENT_CONTROL_UPDAT
.text:005B73C0 sub_5B73C0
.text:005D43C0 sub_5D43C0
.text:005E87D0 Packet_PACKET_SMSG_DISMOUNT
.text:005B7360 Packet_PACKET_MSG_MOVE_TIME_SKIPPED
.text:005D66B0 Packet_PACKET_SMSG_MIRRORIMAGE_DATA
.text:005B76E0 sub_5B76E0
.text:005D1210 Packet_PACKET_SMSG_CANCEL_AUTO_REPEAT
.text:005B7730 sub_5B7730
.text:005C5820 sub_5C5820
.text:005E8A30 sub_5E8A30
.text:005DCCB0 Packet_PACKET_SMSG_THREAT_REMOVE
.text:005D9300 Packet_PACKET_SMSG_THREAT_CLEAR
.text:005B7790 Packet_PACKET_SMSG_PRE_RESURRECT
.text:005B77C0 sub_5B77C0
.text:005B42F0 Packet_PACKET_SMSG_UNKNOWN_1229
.text:005B4340 Packet_PACKET_SMSG_UNKNOWN_1240
.text:005C58C0 sub_5C58C0
.text:00606FC0 sub_606FC0
.text:00606FC0 sub_606FC0
.text:00606FC0 sub_606FC0
.text:00606FC0 sub_606FC0
.text:00606FC0 sub_606FC0
.text:00606FC0 sub_606FC0
.text:00606FC0 sub_606FC0
.text:00606FC0 sub_606FC0
.text:00606FC0 sub_606FC0
.text:00606FC0 sub_606FC0
.text:007659E0 Packet_PACKET_SMSG_CHAR_RENAME
.text:00765AE0 Packet_PACKET_SMSG_SET_PLAYER_DECLINED_
.text:00763B60 Packet_PACKET_SMSG_CHAR_CUSTOMIZE
.text:00762540 Packet_PACKET_SMSG_REALM_SPLIT
.text:00763EE0 Packet_PACKET_SMSG_KICK_REASON
.text:00763CA0 Packet_PACKET_SMSG_CHAR_FACTION_CHANGE
.text:00819620 sub_819620
.text:00819620 sub_819620
.text:00811C10 sub_811C10
.text:00811D60 sub_811D60
.text:0080DB10 sub_80DB10
.text:0080DC00 sub_80DC00
.text:00811EC0 sub_811EC0
.text:0080DD70 sub_80DD70
.text:0080B590 sub_80B590
.text:0080B590 sub_80B590
.text:0080B690 Packet_PACKET_SMSG_COOLDOWN_CHEAT
.text:00809A10 sub_809A10
.text:008065E0 sub_8065E0
.text:008066D0 sub_8066D0
.text:00806820 sub_806820
.text:00806F50 Packet_PACKET_SMSG_PLAY_SPELL_IMPACT
.text:00807000 Packet_PACKET_SMSG_PLAY_SPELL_VISUAL
.text:00805020 sub_805020
.text:00804F60 sub_804F60
.text:00804FB0 loc_804FB0
.text:00806DF0 Packet_PACKET_SMSG_SPELL_UPDATE_CHAIN_T
.text:00819710 sub_819710
.text:00806E90 loc_806E90
.text:00806ED0 sub_806ED0
.text:0080DED0 sub_80DED0
.text:008070B0 sub_8070B0
.text:00833BF0 GameUIPacketHandlers
.text:00833BF0 GameUIPacketHandlers
.text:00833BF0 GameUIPacketHandlers
.text:00833BF0 GameUIPacketHandlers
.text:00833BF0 GameUIPacketHandlers
.text:00833BF0 GameUIPacketHandlers
.text:00833BF0 GameUIPacketHandlers
.text:00833BF0 GameUIPacketHandlers
.text:00833BF0 GameUIPacketHandlers
.text:00833BF0 GameUIPacketHandlers
.text:00833BF0 GameUIPacketHandlers
.text:00833BF0 GameUIPacketHandlers
.text:00833BF0 GameUIPacketHandlers
.text:00833BF0 GameUIPacketHandlers
.text:00833BF0 GameUIPacketHandlers
.text:00833BF0 GameUIPacketHandlers
.text:00833BF0 GameUIPacketHandlers
.text:00833BF0 GameUIPacketHandlers
.text:00833BF0 GameUIPacketHandlers
.text:00833BF0 GameUIPacketHandlers
.text:00833BF0 GameUIPacketHandlers
.text:00827A50 MirrorTimerPacketHandlers
.text:00827A50 MirrorTimerPacketHandlers
.text:00833BF0 GameUIPacketHandlers
.text:00833BF0 GameUIPacketHandlers
.text:00833BF0 GameUIPacketHandlers
.text:00833BF0 GameUIPacketHandlers
.text:00833BF0 GameUIPacketHandlers
.text:00833BF0 GameUIPacketHandlers
.text:00833BF0 GameUIPacketHandlers
.text:008553F0 PH_SMSG_CHANNEL_NOTIFY
.text:008413F0 PH_SMSG_COMSAT_CONNECT_FAIL
.text:008413F0 PH_SMSG_COMSAT_CONNECT_FAIL
.text:00846B30 PH_CHAT_SERVER_RECONNECTED
.text:0084CED0 Packet_PACKET_SMSG_CHANNEL_LIST
.text:00856320 PH_SMSG_MESSAGECHAT
.text:0084B050 Packet_PACKET_SMSG_TEXT_EMOTE
.text:00853900 Packet_PACKET_SMSG_ZONE_UNDER_ATTACK
.text:00853DE0 PH_SMSG_DEFENSE_MESSAGE
.text:00853F40 PH_SMSG_SERVER_MESSAGE
.text:00856C50 Packet_PACKET_SMSG_INSTANCE_SAVE_CREATE
.text:00857640 Packet_PACKET_SMSG_PLAYER_DIFFICULTY_CH
.text:0085AB10 sub_85AB10
.text:008596B0 Packet_PACKET_SMSG_BARBER_SHOP_RESULT
.text:00881600 Packet_PACKET_SMSG_COMMENTATOR_PLAYER_I
.text:00882360 Packet_PACKET_SMSG_COMMENTATOR_MAP_INFO
.text:00881C60 Packet_PACKET_SMSG_COMMENTATOR_STATE_CH
.text:00881F30 sub_881F30
.text:0087E5B0 sub_87E5B0
.text:00884EF0 PH_MSG_RAID_TARGET_UPDATE
.text:00885D50 Packet_PACKET_MSG_RAID_READY_CHECK
.text:00885030 Packet_PACKET_MSG_RAID_READY_CHECK_CONF
.text:00882750 loc_882750
.text:00882790 loc_882790
.text:008827B0 Packet_PACKET_MSG_NOTIFY_PARTY_SQUELCH
.text:00882800 Packet_PACKET_SMSG_ECHO_PARTY_SQUELCH
.text:00885C30 Packet_PACKET_SMSG_RAID_INSTANCE_INFO
.text:008894B0 PH_MSG_GUILD_PERMISSIONS
.text:00888000 Packet_PACKET_MSG_GUILD_EVENT_LOG_QUERY
.text:00893D40 Packet_PACKET_SMSG_ARENA_OPPONENT_UPDAT
.text:0089B7E0 Packet_PACKET_SMSG_GAMEOBJECT_SPAWN_ANI
.text:008A9B30 Packet_PACKET_SMSG_QUERY_TIME_RESPONSE
.text:008B7310 PH_MSG_LIST_STABLED_PETS
.text:008B78D0 PH_SMSG_STABLE_RESULT
.text:008BFFD0 Packet_MSG_AUCTION_HELLO
.text:008C0040 Packet_SMSG_AUCTION_COMMAND_RESULT
.text:008C2360 PH_SMSG_AUCTION_BIDDER_LIST_RESULT
.text:008C2680 PH_SMSG_AUCTION_OWNER_LIST_RESULT
.text:008C2F10 PH_SMSG_AUCTION_LIST_RESULT
.text:008C0BE0 Packet_PACKET_SMSG_AUCTION_BIDDER_NOTIF
.text:008C0F30 PH_SMSG_AUCTION_OWNER_NOTIFICATION
.text:008C12A0 Packet_PACKET_SMSG_AUCTION_REMOVED_NOTI
.text:008C2A90 Packet_PACKET_SMSG_AUCTION_LIST_PENDING
.text:008C5380 Packet_PACKET_MSG_INSPECT_ARENA_TEAMS
.text:008E9BF0 Packet_PACKET_SMSG_EQUIPMENT_SET_LIST
.text:008E9E20 Packet_PACKET_SMSG_EQUIPMENT_SET_SAVED
.text:008E9E70 Packet_PACKET_SMSG_EQUIPMENT_SET_USE_RE
.text:008F0960 Packet_PACKET_SMSG_ACHIEVEMENT_EARNED
.text:008EE530 Packet_PACKET_SMSG_CRITERIA_UPDATE
.text:008EEDA0 Packet_PACKET_SMSG_CRITERIA_DELETED
.text:008EECC0 Packet_PACKET_SMSG_ACHIEVEMENT_DELETED
.text:008F14F0 Packet_PACKET_SMSG_QUERY_QUESTS_COMPLET
.text:008F7500 Packet_PACKET_SMSG_INITIALIZE_FACTIONS
.text:008F4D70 Packet_PACKET_SMSG_SET_FACTION_ATWAR
.text:008F7580 PH_SMSG_SET_FACTION_VISIBLE_and_some_new_opcode
.text:008F6640 Packet_PACKET_SMSG_SET_FACTION_STANDING
.text:008F5C00 PH_SMSG_SET_FORCED_REACTIONS
.text:008F8C60 Packet_PACKET_SMSG_ARENA_TEAM_ROSTER
.text:008F7BF0 Packet_PACKET_SMSG_ARENA_TEAM_STATS
.text:00905D30 sub_905D30
.text:00905D30 sub_905D30
.text:00905D30 sub_905D30
.text:00905D30 sub_905D30
.text:00905D30 sub_905D30
.text:00905D30 sub_905D30
.text:00905D30 sub_905D30
.text:00905D30 sub_905D30
.text:00905D30 sub_905D30
.text:00905D30 sub_905D30
.text:00905D30 sub_905D30
.text:00905D30 sub_905D30
.text:00905D30 sub_905D30
.text:00905D30 sub_905D30
.text:00905D30 sub_905D30
.text:00905D30 sub_905D30
.text:00905D30 sub_905D30
.text:00905D30 sub_905D30
.text:00905D30 sub_905D30
.text:009064B0 Packet_PACKET_SMSG_PLAY_DANCE
.text:00906250 PH_SMSG_STOP_DANCE
.text:00907220 Packet_PACKET_SMSG_NOTIFY_DANCE
.text:009062A0 Packet_PACKET_SMSG_LEARNED_DANCE_MOVES
.text:0090EA80 Packet_PACKET_SMSG_GUILD_BANK_LIST
.text:00910040 Packet_PACKET_MSG_GUILD_BANK_LOG_QUERY
.text:0090D0B0 Packet_PACKET_MSG_GUILD_BANK_MONEY_WITH
.text:0090D0E0 sub_90D0E0
.text:00923FC0 PH_SMSG_OFFER_PETITION_ERROR
.text:00925C60 Packet_PACKET_SMSG_GOSSIP_MESSAGE
.text:00925120 Packet_PACKET_SMSG_GOSSIP_COMPLETE
.text:00925150 Packet_PACKET_SMSG_GOSSIP_POI
.text:0092B910 Packet_PACKET_SMSG_DUEL_REQUESTED
.text:0092B4E0 loc_92B4E0
.text:0092B500 loc_92B500
.text:0092B6B0 Packet_PACKET_SMSG_DUEL_COUNTDOWN
.text:0092B6F0 Packet_PACKET_SMSG_DUEL_COMPLETE
.text:0092B780 Packet_PACKET_SMSG_DUEL_WINNER
.text:00936E30 sub_936E30
.text:009414F0 sub_9414F0
.text:009414F0 sub_9414F0
.text:009414F0 sub_9414F0
.text:009414F0 sub_9414F0
.text:009414F0 sub_9414F0
.text:009414F0 sub_9414F0
.text:009414F0 sub_9414F0
.text:009414F0 sub_9414F0
.text:00941D30 Packet_PACKET_SMSG_MINIGAME_SETUP
.text:00941B40 Packet_PACKET_SMSG_MINIGAME_STATE
    Reply With Quote Reply With Quote
    [IDA] Dumping Packet Handlers
  2. 12-28-2010 #2
    Cypher's Avatar
    Cypher
    Cypher is offline
    Kynox's Sister's Pimp
    Reputation
    1358
    Join Date
    Apr 2006
    Posts
    5,368
    Thanks G/R
    0/6
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Nice work.
    My Website | HadesMem Project Page

    Reply With Quote Reply With Quote
  3. 12-28-2010 #3
    TOM_RUS's Avatar
    TOM_RUS
    TOM_RUS is offline
    Legendary
    Reputation
    914
    Join Date
    May 2008
    Posts
    699
    Thanks G/R
    0/52
    Trade Feedback
    0 (0%)
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)
    You can easily dump most of handlers except those that initialized like this:
    Code:
    mov dword_XXXXXX, offset sub_XXXXXX
    with simple memory reading.

    Some example C# code (ClientConnection struct may have changed since build 13205, I haven't checked):
    Code:
    Console.Write("Enter connection offset: ");
var address = Console.ReadLine();
var intAddress = Convert.ToUInt32(address, 16); // 0x00CA5C34 - 13205

using (var pm = new ProcessMemory(GetProcess("Wow")))
{
    var conn = pm.Read<ClientConnection>(pm.Read<uint>(intAddress));

    //Console.WriteLine(conn.unk1.HexLike());

    //Console.WriteLine(conn.SessionKey.HexLike());

    for (var i = 0; i < conn.Handlers.Length; ++i)
    {
        if (conn.Handlers[i] != 0 || conn.HandlersState[i] != 0)
            Console.WriteLine("{0:X4} - {1:X8} - {2:X8}", i, conn.Handlers[i], conn.HandlersState[i]); // condensedID - address - some shit
    }
}

[StructLayout(LayoutKind.Sequential)]
struct ClientConnection
{
    public int vTable;
    [MarshalAs(UnmanagedType.ByValArray, SizeConst = 1280)]
    public byte[] unk1;
    public int field_504;
    [MarshalAs(UnmanagedType.ByValArray, SizeConst = 40)]
    public byte[] SessionKey;
    public int field_530;
    [MarshalAs(UnmanagedType.ByValArray, SizeConst = 6)]
    public int[] field_534; // struct _RTL_CRITICAL_SECTION
    public int field_054C;
    public int field_0550;
    public int field_0554;
    public int field_0558;
    public int State;
    [MarshalAs(UnmanagedType.ByValArray, SizeConst = 2048)]
    public int[] Handlers;
    [MarshalAs(UnmanagedType.ByValArray, SizeConst = 2048)]
    public int[] HandlersState;
}
    Note: you have to be in world, because most of the handlers are initialized when you enter game world.
    Last edited by TOM_RUS; 12-28-2010 at 04:49 AM.
    Reply With Quote Reply With Quote
  4. 12-28-2010 #4
    jjaa's Avatar
    jjaa
    jjaa is offline
    Contributor
    Reputation
    245
    Join Date
    Dec 2006
    Posts
    562
    Thanks G/R
    0/0
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Originally Posted by TOM_RUS View Post
    You can easily dump most of handlers except those that initialized like this:
    Code:
    mov dword_XXXXXX, offset sub_XXXXXX
    with simple memory reading.

    Some example C# code (ClientConnection struct may have changed since build 13205, I haven't checked):
    Code:
    Console.Write("Enter connection offset: ");
var address = Console.ReadLine();
var intAddress = Convert.ToUInt32(address, 16); // 0x00CA5C34 - 13205

using (var pm = new ProcessMemory(GetProcess("Wow")))
{
    var conn = pm.Read<ClientConnection>(pm.Read<uint>(intAddress));

    //Console.WriteLine(conn.unk1.HexLike());

    //Console.WriteLine(conn.SessionKey.HexLike());

    for (var i = 0; i < conn.Handlers.Length; ++i)
    {
        if (conn.Handlers[i] != 0 || conn.HandlersState[i] != 0)
            Console.WriteLine("{0:X4} - {1:X8} - {2:X8}", i, conn.Handlers[i], conn.HandlersState[i]); // condensedID - address - some shit
    }
}

[StructLayout(LayoutKind.Sequential)]
struct ClientConnection
{
    public int vTable;
    [MarshalAs(UnmanagedType.ByValArray, SizeConst = 1280)]
    public byte[] unk1;
    public int field_504;
    [MarshalAs(UnmanagedType.ByValArray, SizeConst = 40)]
    public byte[] SessionKey;
    public int field_530;
    [MarshalAs(UnmanagedType.ByValArray, SizeConst = 6)]
    public int[] field_534; // struct _RTL_CRITICAL_SECTION
    public int field_054C;
    public int field_0550;
    public int field_0554;
    public int field_0558;
    public int State;
    [MarshalAs(UnmanagedType.ByValArray, SizeConst = 2048)]
    public int[] Handlers;
    [MarshalAs(UnmanagedType.ByValArray, SizeConst = 2048)]
    public int[] HandlersState;
}
    Note: you have to be in world, because most of the handlers are initialized when you enter game world.
    Nice, i figured it would be easier to do those handlers dynamically, however my goal was to try do it statically. Also i cbf reversing the struct
    Reply With Quote Reply With Quote
  5. 12-29-2010 #5
    jjaa's Avatar
    jjaa
    jjaa is offline
    Contributor
    Reputation
    245
    Join Date
    Dec 2006
    Posts
    562
    Thanks G/R
    0/0
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I made a quick script using your method. Looks like the struct is the same. Of course this method does not get the ones set directly. But you can use the other script for that.

    Script:
    Code:
    from ctypes import sizeof,addressof,memmove,Structure,c_int, c_byte
import idaapi
import idc

def ReadBytes(address, size):
    byt = ""
    for offs in range(0, size):
        byt += chr(idaapi.get_byte(address + offs))
    return byt

def FormatAddr(addr):
    """Makes the address look pretty!"""
    return "%s:%08X" % (idc.SegName(addr), addr)

def FindDataAddr(name, pattern, offs):
    addr = idc.LocByName(name)
    if addr == BADADDR:
        addr = idc.FindBinary(INF_BASEADDR, SEARCH_DOWN, pattern)
        addr = addr + offs
        addr = idc.Dword(addr)
    if addr != BADADDR and addr != 0:
        return addr
    idc.Warning("Could not find the " + name + " function")

def PacketHandlersAddr():
    return FindDataAddr("PacketHandlers", "55 8B EC 8B 4D 08 8B 15 ? ? ? ? 56 8B C1 ? ? 25 ? ? ? ? 8B F1 81 E6 ? ? ? ? 0B C6 8B F1 C1 E8 ? 83 E6 ?", 6)

class ExtStructure(Structure):
    __address = 0
    def __init__(self,address=None):
        if address != None:
            self.__address = address
            self.receiveBytes(ReadBytes(address, sizeof(self)))

    def receiveBytes(self, bytes):
        fit = min(len(bytes), sizeof(self))
        memmove(addressof(self), bytes, fit)

    @property
    def address(self):
        return self.__address

class ClientConnection(ExtStructure):
    _fields_ = [("vTable",          c_int),
                ("unk1",            c_byte*1280),
                ("field_504",       c_int),
                ("SessionKey",      c_byte*40),
                ("field_530",       c_int),
                ("field_534",       c_int*6),#RTL_CRITICAL_SECTION
                ("field_54C",       c_int),
                ("field_550",       c_int),
                ("field_554",       c_int),
                ("field_558",       c_int),
                ("State",           c_int),
                ("Handlers",        c_int*2048),
                ("HandlersState",   c_int*2048)]

def main():
    if not idaapi.is_debugger_on():
        idc.Warning("Please run the process first! aka Debugger....")
        return
    clientConnection = ClientConnection(idc.Dword(PacketHandlersAddr()))
    for handler in clientConnection.Handlers:
        if handler != 0:
            print "%s    %s" % (FormatAddr(handler), idc.Name(handler))

main()
    Output:
    Code:
    .text:005D66B0    Packet_PACKET_SMSG_MIRRORIMAGE_DATA
.text:004DDA40    Packet_PACKET_SMSG_LOGIN_SETTIMESPEED
.text:00606FC0    sub_606FC0
.text:00833BF0    GameUIPacketHandlers
.text:005663A0    PH_SMSG_DAMAGE_CALC_LOG
.text:00806F50    Packet_PACKET_SMSG_PLAY_SPELL_IMPACT
.text:005E89D0    sub_5E89D0
.text:005E89D0    sub_5E89D0
.text:0049F960    PH_SMSG_GAMEOBJECT_QUERY_RESPONSE
.text:009414F0    sub_9414F0
.text:00574AF0    PH_GROUP_9
.text:0056ADB0    PH_SMSG_QUEST_FORCE_REMOVE
.text:005E88A0    sub_5E88A0
.text:005E89D0    sub_5E89D0
.text:005C5930    sub_5C5930
.text:00833BF0    GameUIPacketHandlers
.text:005D6650    sub_5D6650
.text:00936E30    sub_936E30
.text:008D26A0    sub_8D26A0
.text:005D6650    sub_5D6650
.text:005D6650    sub_5D6650
.text:00841430    Packet_PACKET_SMSG_CHANNEL_MEMBER_COUNT
.text:0080DB10    sub_80DB10
.text:00885C30    Packet_PACKET_SMSG_RAID_INSTANCE_INFO
.text:005E8960    Packet_PACKET_SMSG_SPLINE_SET_PITCH_RAT
.text:00833BF0    GameUIPacketHandlers
.text:0056A500    sub_56A500
.text:005E8900    sub_5E8900
.text:005E8900    sub_5E8900
.text:0055ECB0    Packet_PACKET_SMSG_VOICE_SESSION_LEAVE
.text:00576D90    PH_GROUP_ITEM_TIME
.text:008C12A0    Packet_PACKET_SMSG_AUCTION_REMOVED_NOTI
.text:005B7560    Packet_PACKET_SMSG_PET_ACTION_SOUND
.text:005E8900    sub_5E8900
.text:004035A0    PH_SMSG_TRANSFER_ABORTED
.text:009414F0    sub_9414F0
.text:00833BF0    GameUIPacketHandlers
.text:005E8960    Packet_PACKET_SMSG_SPLINE_SET_PITCH_RAT
.text:00631560    Packet_SMSG_CLIENTCACHE_VERSION
.text:00925150    Packet_PACKET_SMSG_GOSSIP_POI
.text:0055D480    sub_55D480
.text:005B7820    sub_5B7820
.text:00905D30    sub_905D30
.text:004DC800    Packet_PACKET_SMSG_CHECK_FOR_BOTS
.text:005D6650    sub_5D6650
.text:0056AB10    PH_GROUP_QUEST_UPDATE
.text:00905D30    sub_905D30
.text:009414F0    sub_9414F0
.text:0056A7F0    sub_56A7F0
.text:004DB8D0    Packet_PACKET_SMSG_CONTACT_LIST
.text:005E8900    sub_5E8900
.text:00574AF0    PH_GROUP_9
.text:00882800    Packet_PACKET_SMSG_ECHO_PARTY_SQUELCH
.text:00574AF0    PH_GROUP_9
.text:00573E70    PH_SMSG_SEND_UNLEARN_SPELLS
.text:005E88A0    sub_5E88A0
.text:005E8900    sub_5E8900
.text:00574AF0    PH_GROUP_9
.text:00941D30    Packet_PACKET_SMSG_MINIGAME_SETUP
.text:00905D30    sub_905D30
.text:005D1190    Packet_PACKET_SMSG_CLIENT_CONTROL_UPDAT
.text:008D26A0    sub_8D26A0
.text:005D6650    sub_5D6650
.text:008D26A0    sub_8D26A0
.text:005E89D0    sub_5E89D0
.text:005A5B10    Packet_PACKET_SMSG_GAMEOBJECT_DESPAWN_A
.text:005D6650    sub_5D6650
.text:005B4340    Packet_PACKET_SMSG_UNKNOWN_1240
.text:005E8900    sub_5E8900
.text:005B78F0    sub_5B78F0
.text:00574AF0    PH_GROUP_9
.text:00854240    PH_SMSG_INSTANCE_RESET
.text:00570CD0    Packet_PACKET_SMSG_GROUP_INVITE
.text:0057B360    PH_SMSG_REMOVED_SPELL
.text:005E89D0    sub_5E89D0
.text:0056AEF0    PH_GROUP_LOOT
.text:00565900    PH_SMSG_SPELLLOGEXECUTE
.text:005600D0    sub_5600D0
.text:00853F40    PH_SMSG_SERVER_MESSAGE
.text:005BE980    sub_5BE980
.text:00833BF0    GameUIPacketHandlers
.text:0055FB60    PH_SMSG_PLAYER_SKINNED
.text:008BAF90    Packet_PACKET_SMSG_RECEIVED_MAIL
.text:0056AE30    Packet_PACKET_SMSG_TRAINER_BUY_FAILED
.text:004DD510    Packet_PACKET_SMSG_WARDEN_DATA
.text:00805020    sub_805020
.text:006343B0    Packet_PACKET_SMSG_UNKNOWN_1276
.text:005E8900    sub_5E8900
.text:005E8900    sub_5E8900
.text:00905D30    sub_905D30
.text:00606FC0    sub_606FC0
.text:0084B2E0    Packet_PACKET_SMSG_USERLIST_REMOVE
.text:0057B9B0    Packet_PACKET_SMSG_SUPERCEDED_SPELL
.text:005E8900    sub_5E8900
.text:00833BF0    GameUIPacketHandlers
.text:0090D0E0    sub_90D0E0
.text:0092B780    Packet_PACKET_SMSG_DUEL_WINNER
.text:00574AF0    PH_GROUP_9
.text:00631560    Packet_SMSG_CLIENTCACHE_VERSION
.text:0080B690    Packet_PACKET_SMSG_COOLDOWN_CHEAT
.text:00856340    PH_SMSG_GM_MESSAGECHAT
.text:008F7580    PH_SMSG_SET_FACTION_VISIBLE_and_some_new_opcode
.text:0055DD40    PH_SMSG_QUEST_POI_QUERY_RESPONSE
.text:008894B0    PH_MSG_GUILD_PERMISSIONS
.text:00827A50    MirrorTimerPacketHandlers
.text:00841530    sub_841530
.text:005E88A0    sub_5E88A0
.text:00570730    PH_GROUP_PETITION
.text:0056AA10    PH_GROUP_QUESTS
.text:0055E9D0    PH_SMSG_VOICE_SESSION_ROSTER_UPDATE
.text:00905D30    sub_905D30
.text:00606FC0    sub_606FC0
.text:00833BF0    GameUIPacketHandlers
.text:00570B00    PH_GROUP_VENDOR
.text:005D6650    sub_5D6650
.text:008C0BE0    Packet_PACKET_SMSG_AUCTION_BIDDER_NOTIF
.text:0090D0B0    Packet_PACKET_MSG_GUILD_BANK_MONEY_WITH
.text:005B73C0    sub_5B73C0
.text:009414F0    sub_9414F0
.text:005B79B0    sub_5B79B0
.text:0055D6F0    sub_55D6F0
.text:004A0080    PH_SMSG_GUILD_QUERY_RESPONSE
.text:005E8900    sub_5E8900
.text:0049F980    PH_SMSG_NPC_TEXT_UPDATE
.text:0055D740    sub_55D740
.text:005E89D0    sub_5E89D0
.text:004D6770    Packet_PACKET_SMSG_RWHOIS
.text:008F6640    Packet_PACKET_SMSG_SET_FACTION_STANDING
.text:00576D90    PH_GROUP_ITEM_TIME
.text:005D6650    sub_5D6650
.text:0055E490    sub_55E490
.text:00763EE0    Packet_PACKET_SMSG_KICK_REASON
.text:004D6730    Packet_PACKET_SMSG_WHOIS
.text:005D6650    sub_5D6650
.text:008BB280    PH_SMSG_MAIL_LIST_RESULT
.text:00566120    PH_SMSG_SPELLENERGIZELOG
.text:005E89D0    sub_5E89D0
.text:00884EF0    PH_MSG_RAID_TARGET_UPDATE
.text:005C5820    sub_5C5820
.text:005E8900    sub_5E8900
.text:00807000    Packet_PACKET_SMSG_PLAY_SPELL_VISUAL
.text:008EE530    Packet_PACKET_SMSG_CRITERIA_UPDATE
.text:00881C60    Packet_PACKET_SMSG_COMMENTATOR_STATE_CH
.text:00565920    PH_SMSG_SPELLDAMAGESHIELD
.text:005E8900    sub_5E8900
.text:00606FC0    sub_606FC0
.text:0055DCE0    Packet_PACKET_SMSG_QUEST_CONFIRM_ACCEPT
.text:0056AA10    PH_GROUP_QUESTS
.text:008413F0    PH_SMSG_COMSAT_CONNECT_FAIL
.text:0056AB10    PH_GROUP_QUEST_UPDATE
.text:005E8900    sub_5E8900
.text:00574AF0    PH_GROUP_9
.text:005E8960    Packet_PACKET_SMSG_SPLINE_SET_PITCH_RAT
.text:0056A910    sub_56A910
.text:005D6650    sub_5D6650
.text:005E8A30    sub_5E8A30
.text:00906250    PH_SMSG_STOP_DANCE
.text:0055DC70    sub_55DC70
.text:00809A10    sub_809A10
.text:00401470    Packet_PACKET_SMSG_PLAYED_TIME
.text:00606FC0    sub_606FC0
.text:0056B160    Packet_PACKET_SMSG_ACTION_BUTTONS
.text:0056AB10    PH_GROUP_QUEST_UPDATE
.text:00574AF0    PH_GROUP_9
.text:00804F60    sub_804F60
.text:008F4D70    Packet_PACKET_SMSG_SET_FACTION_ATWAR
.text:00853A60    PH_SMSG_TITLE_EARNED
.text:00570B00    PH_GROUP_VENDOR
.text:0055D810    sub_55D810
.text:0056AEF0    PH_GROUP_LOOT
.text:00925120    Packet_PACKET_SMSG_GOSSIP_COMPLETE
.text:0056AEF0    PH_GROUP_LOOT
.text:00941B40    Packet_PACKET_SMSG_MINIGAME_STATE
.text:0055EBE0    Packet_PACKET_SMSG_AVAILABLE_VOICE_CHAN
.text:005C58C0    sub_5C58C0
.text:0049FE50    PH_SMSG_NAME_QUERY_RESPONSE
.text:005D6650    sub_5D6650
.text:00905D30    sub_905D30
.text:0056D000    PH_GROUP_READ_ITEM
.text:00833BF0    GameUIPacketHandlers
.text:00570B00    PH_GROUP_VENDOR
.text:005E8A30    sub_5E8A30
.text:005E8900    sub_5E8900
.text:005E8900    sub_5E8900
.text:00905D30    sub_905D30
.text:0087E5B0    sub_87E5B0
.text:005E8960    Packet_PACKET_SMSG_SPLINE_SET_PITCH_RAT
.text:005D6650    sub_5D6650
.text:0055DF20    PH_SMSG_PARTY_COMMAND_RESULT
.text:005D6650    sub_5D6650
.text:00562450    Packet_PACKET_SMSG_ARENA_TEAM_EVENT
.text:0056AEF0    PH_GROUP_LOOT
.text:00882790    loc_882790
.text:00401560    Packet_PACKET_SMSG_TRANSFER_PENDING
.text:00833BF0    GameUIPacketHandlers
.text:005E88A0    sub_5E88A0
.text:0055EE80    PH_SMSG_CALENDAR_COMMAND_RESULT
.text:00811D60    sub_811D60
.text:00570B80    Packet_PACKET_SMSG_INITIAL_SPELLS
.text:0089BAC0    loc_89BAC0
.text:005D43C0    sub_5D43C0
.text:005D6650    sub_5D6650
.text:0092B910    Packet_PACKET_SMSG_DUEL_REQUESTED
.text:0055D530    sub_55D530
.text:0056AEF0    PH_GROUP_LOOT
.text:00570DE0    PH_SMSG_GUILD_EVENT
.text:00570730    PH_GROUP_PETITION
.text:005E88A0    sub_5E88A0
.text:00806ED0    sub_806ED0
.text:0055DB70    sub_55DB70
.text:005E8900    sub_5E8900
.text:0056AB10    PH_GROUP_QUEST_UPDATE
.text:005E8900    sub_5E8900
.text:0080B590    sub_80B590
.text:009414F0    sub_9414F0
.text:004DDCA0    Packet_PACKET_SMSG_GAMETIME_SET
.text:0089F810    Packet_PACKET_SMSG_PET_SPELLS
.text:00905D30    sub_905D30
.text:0055DD80    Packet_PACKET_SMSG_GROUP_CANCEL
.text:00570730    PH_GROUP_PETITION
.text:008B7310    PH_MSG_LIST_STABLED_PETS
.text:0084B050    Packet_PACKET_SMSG_TEXT_EMOTE
.text:005E8900    sub_5E8900
.text:00805020    sub_805020
.text:00561C30    sub_561C30
.text:00893D40    Packet_PACKET_SMSG_ARENA_OPPONENT_UPDAT
.text:0056AEF0    PH_GROUP_LOOT
.text:0056B090    Packet_PACKET_SMSG_SUMMON_REQUEST
.text:00853DE0    PH_SMSG_DEFENSE_MESSAGE
.text:005D6650    sub_5D6650
.text:008413F0    PH_SMSG_COMSAT_CONNECT_FAIL
.text:0055E8E0    Packet_PACKET_SMSG_ARENA_TEAM_INVITE
.text:008C5380    Packet_PACKET_MSG_INSPECT_ARENA_TEAMS
.text:0080B590    sub_80B590
.text:005E8900    sub_5E8900
.text:00401380    PH_SMSG_NOTIFICATION
.text:005DCCB0    Packet_PACKET_SMSG_THREAT_REMOVE
.text:0055F270    PH_SMSG_BATTLEGROUND_INFO_THROTTLED
.text:00905D30    sub_905D30
.text:005FEF00    sub_5FEF00
.text:00910040    Packet_PACKET_MSG_GUILD_BANK_LOG_QUERY
.text:005E8900    sub_5E8900
.text:008D26A0    sub_8D26A0
.text:008D26A0    sub_8D26A0
.text:005E89D0    sub_5E89D0
.text:00562370    PH_SMSG_EMOTE
.text:005E8900    sub_5E8900
.text:005E8900    sub_5E8900
.text:005B42F0    Packet_PACKET_SMSG_UNKNOWN_1229
.text:00905D30    sub_905D30
.text:00833BF0    GameUIPacketHandlers
.text:005D6650    sub_5D6650
.text:00574AF0    PH_GROUP_9
.text:00905D30    sub_905D30
.text:005D6650    sub_5D6650
.text:0055ED10    Packet_PACKET_SMSG_VOICE_SET_TALKER_MUT
.text:0056D290    Packet_PACKET_SMSG_TIME_SYNC_REQ
.text:0055E430    PH_SMSG_GUILD_DECLINE
.text:00574AF0    PH_GROUP_9
.text:004973B0    Packet_SMSG_DESTROY_OBJECT
.text:00574AF0    PH_GROUP_9
.text:00606FC0    sub_606FC0
.text:008B84B0    Packet_PACKET_MSG_QUERY_NEXT_MAIL_TIME
.text:0084CED0    Packet_PACKET_SMSG_CHANNEL_LIST
.text:005E8900    sub_5E8900
.text:00570730    PH_GROUP_PETITION
.text:00574AF0    PH_GROUP_9
.text:0056AA10    PH_GROUP_QUESTS
.text:00819710    sub_819710
.text:00882360    Packet_PACKET_SMSG_COMMENTATOR_MAP_INFO
.text:0056AEF0    PH_GROUP_LOOT
.text:00576F10    PH_SMSG_PARTY_MEMBER_STATS
.text:00574AF0    PH_GROUP_9
.text:00853CC0    PH_SMSG_LOG_XPGAIN
.text:005FEE90    sub_5FEE90
.text:00574AF0    PH_GROUP_9
.text:0056AEF0    PH_GROUP_LOOT
.text:0089B7E0    Packet_PACKET_SMSG_GAMEOBJECT_SPAWN_ANI
.text:0049F9A0    Packet_PACKET_SMSG_QUEST_QUERY_RESPONSE
.text:005E89D0    sub_5E89D0
.text:005B7730    sub_5B7730
.text:00606FC0    sub_606FC0
.text:005D6650    sub_5D6650
.text:0049FB00    Packet_PACKET_SMSG_PETITION_QUERY_RESPO
.text:00631560    Packet_SMSG_CLIENTCACHE_VERSION
.text:00631560    Packet_SMSG_CLIENTCACHE_VERSION
.text:0049FA10    PH_SMSG_PAGE_TEXT_QUERY_RESPONSE
.text:005E5EB0    Packet_PACKET_SMSG_MONSTER_MOVE_TRANSPO
.text:00833BF0    GameUIPacketHandlers
.text:004A0150    Packet_PACKET_SMSG_DANCE_QUERY_RESPONSE
.text:00574AF0    PH_GROUP_9
.text:00574AF0    PH_GROUP_9
.text:00819620    sub_819620
.text:005C5980    sub_5C5980
.text:0055E4A0    PH_SMSG_GUILD_INFO
.text:0056AA10    PH_GROUP_QUESTS
.text:005E8900    sub_5E8900
.text:0055DBF0    sub_55DBF0
.text:0055DEB0    sub_55DEB0
.text:004DC1E0    Packet_PACKET_SMSG_UPDATE_ACCOUNT_DATA_
.text:0055D450    sub_55D450
.text:00841510    sub_841510
.text:005D6650    sub_5D6650
.text:00631560    Packet_SMSG_CLIENTCACHE_VERSION
.text:00881600    Packet_PACKET_SMSG_COMMENTATOR_PLAYER_I
.text:005D6650    sub_5D6650
.text:00574AF0    PH_GROUP_9
.text:00833BF0    GameUIPacketHandlers
.text:0055DBB0    sub_55DBB0
.text:008F14F0    Packet_PACKET_SMSG_QUERY_QUESTS_COMPLET
.text:00905D30    sub_905D30
.text:005D6650    sub_5D6650
.text:005653B0    PH_SMSG_SPELLLOGMISS
.text:005662E0    PH_SMSG_SPELLORDAMAGE_IMMUNE
.text:008066D0    sub_8066D0
.text:0055FDE0    Packet_PACKET_MSG_INSPECT_HONOR_STATS
.text:00833BF0    GameUIPacketHandlers
.text:0085BDA0    PH_SMSG_TUTORIAL_FLAGS
.text:005E8900    sub_5E8900
.text:005E8960    Packet_PACKET_SMSG_SPLINE_SET_PITCH_RAT
.text:008D26A0    sub_8D26A0
.text:0055FD80    PH_SMSG_INSPECT
.text:008D26A0    sub_8D26A0
.text:00856320    PH_SMSG_MESSAGECHAT
.text:005E8960    Packet_PACKET_SMSG_SPLINE_SET_PITCH_RAT
.text:00841880    PH_SMSG_UPDATE_INSTANCE_OWNERSHIP
.text:005E8900    sub_5E8900
.text:005E89D0    sub_5E89D0
.text:00566010    PH_SMSG_SPELLHEALLOG
.text:00575B60    PH_SMSG_GROUP_LIST
.text:00631560    Packet_SMSG_CLIENTCACHE_VERSION
.text:005D6650    sub_5D6650
.text:0055E380    Packet_PACKET_SMSG_REAL_GROUP_UPDATE
.text:00846F70    Packet_PACKET_SMSG_VOICE_CHAT_STATUS
.text:005E8900    sub_5E8900
.text:0056AEF0    PH_GROUP_LOOT
.text:00833BF0    GameUIPacketHandlers
.text:0092B6B0    Packet_PACKET_SMSG_DUEL_COUNTDOWN
.text:00881F30    sub_881F30
.text:00804FB0    loc_804FB0
.text:00566580    PH_SMSG_COMBAT_LOG_MULTIPLE
.text:00885D50    Packet_PACKET_MSG_RAID_READY_CHECK
.text:008BAD30    Packet_PACKET_SMSG_SEND_MAIL_RESULT
.text:0057B8C0    PH_SMSG_LEARNED_SPELL
.text:005E8900    sub_5E8900
.text:0089BFE0    PH_SMSG_PET_LEARNED_or_REMOVED_SPELL
.text:005E8900    sub_5E8900
.text:009414F0    sub_9414F0
.text:0080B590    sub_80B590
.text:005B7790    Packet_PACKET_SMSG_PRE_RESURRECT
.text:005E8900    sub_5E8900
.text:005D6650    sub_5D6650
.text:005E89D0    sub_5E89D0
.text:008065E0    sub_8065E0
.text:0049FC40    Packet_PACKET_SMSG_INVALIDATE_DANCE
.text:008D26A0    sub_8D26A0
.text:008D26A0    sub_8D26A0
.text:00576D90    PH_GROUP_ITEM_TIME
.text:00833BF0    GameUIPacketHandlers
.text:00606FC0    sub_606FC0
.text:0056B380    PH_MSG_SAVE_GUILD_EMBLEM
.text:00565E70    PH_SMSG_SPELLNONMELEEDAMAGELOG
.text:005E8960    Packet_PACKET_SMSG_SPLINE_SET_PITCH_RAT
.text:0092B500    loc_92B500
.text:008F7BF0    Packet_PACKET_SMSG_ARENA_TEAM_STATS
.text:005662C0    PH_GROUP_SPELL_REMOVE
.text:008441B0    Packet_PACKET_SMSG_UPDATE_LAST_INSTANCE
.text:00574AF0    PH_GROUP_9
.text:005E89D0    sub_5E89D0
.text:005E88A0    sub_5E88A0
.text:00841570    sub_841570
.text:00833BF0    GameUIPacketHandlers
.text:005E89D0    sub_5E89D0
.text:0056A6C0    sub_56A6C0
.text:00833BF0    GameUIPacketHandlers
.text:00848960    PH_SMSG_EXPECTED_SPAM_RECORDS
.text:00833BF0    GameUIPacketHandlers
.text:005706B0    sub_5706B0
.text:005A5AB0    sub_5A5AB0
.text:00565A30    PH_SMSG_SPELLINSTAKILLLOG
.text:005E5EB0    Packet_PACKET_SMSG_MONSTER_MOVE_TRANSPO
.text:005BE900    Packet_PACKET_SMSG_LOOT_LIST
.text:005B77C0    sub_5B77C0
.text:0056A840    sub_56A840
.text:005E89D0    sub_5E89D0
.text:00561E30    sub_561E30
.text:008C8E10    sub_8C8E10
.text:008D26A0    sub_8D26A0
.text:0089C1E0    PH_SMSG_PET_ACTION_FEEDBACK
.text:00856C50    Packet_PACKET_SMSG_INSTANCE_SAVE_CREATE
.text:0056AA10    PH_GROUP_QUESTS
.text:008F8C60    Packet_PACKET_SMSG_ARENA_TEAM_ROSTER
.text:005E88A0    sub_5E88A0
.text:005E8900    sub_5E8900
.text:0056AE30    Packet_PACKET_SMSG_TRAINER_BUY_FAILED
.text:0056AA10    PH_GROUP_QUESTS
.text:008E9E20    Packet_PACKET_SMSG_EQUIPMENT_SET_SAVED
.text:00827A50    MirrorTimerPacketHandlers
.text:00806DF0    Packet_PACKET_SMSG_SPELL_UPDATE_CHAIN_T
.text:004A00E0    PH_SMSG_ITEM_TEXT_QUERY_RESPONSE
.text:008523C0    PH_SMSG_SERVER_FIRST_ACHIEVEMENT
.text:0055DAF0    sub_55DAF0
.text:005E8900    sub_5E8900
.text:00574AF0    PH_GROUP_9
.text:00806E90    loc_806E90
.text:0056CEE0    sub_56CEE0
.text:00570730    PH_GROUP_PETITION
.text:008C2F10    PH_SMSG_AUCTION_LIST_RESULT
.text:00833BF0    GameUIPacketHandlers
.text:004DC1E0    Packet_PACKET_SMSG_UPDATE_ACCOUNT_DATA_
.text:005B7420    sub_5B7420
.text:00833BF0    GameUIPacketHandlers
.text:0055DA60    sub_55DA60
.text:0055E580    Packet_PACKET_MSG_TABARDVENDOR_ACTIVATE
.text:00885030    Packet_PACKET_MSG_RAID_READY_CHECK_CONF
.text:008596B0    Packet_PACKET_SMSG_BARBER_SHOP_RESULT
.text:0055D8B0    PH_SMSG_RESURRECT_REQUEST
.text:0056AEF0    PH_GROUP_LOOT
.text:008D2050    Packet_PACKET_SMSG_UPDATE_LFG_LIST
.text:005D1210    Packet_PACKET_SMSG_CANCEL_AUTO_REPEAT
.text:0056AEF0    PH_GROUP_LOOT
.text:00905D30    sub_905D30
.text:00574AF0    PH_GROUP_9
.text:0055DD60    sub_55DD60
.text:0055DE80    sub_55DE80
.text:0090EA80    Packet_PACKET_SMSG_GUILD_BANK_LIST
.text:0092B4E0    loc_92B4E0
.text:00854450    off_854450
.text:008070B0    sub_8070B0
.text:004DC8C0    Packet_PACKET_SMSG_UPDATE_ACCOUNT_DATA
.text:005D6650    sub_5D6650
.text:0055E890    PH_SMSG_GUILD_COMMAND_RESULT_2
.text:0055DDB0    PH_SMSG_GROUP_DECLINE
.text:0084B110    PH_SMSG_USERLIST_ADD
.text:00827A50    MirrorTimerPacketHandlers
.text:00574AF0    PH_GROUP_9
.text:008EEDA0    Packet_PACKET_SMSG_CRITERIA_DELETED
.text:00606FC0    sub_606FC0
.text:00574AF0    PH_GROUP_9
.text:004DB880    Packet_PACKET_SMSG_FRIEND_STATUS
.text:009414F0    sub_9414F0
.text:00923FC0    PH_SMSG_OFFER_PETITION_ERROR
.text:00570730    PH_GROUP_PETITION
.text:00606FC0    sub_606FC0
.text:0056AA10    PH_GROUP_QUESTS
.text:008C0F30    PH_SMSG_AUCTION_OWNER_NOTIFICATION
.text:0055D570    sub_55D570
.text:005E89D0    sub_5E89D0
.text:00833BF0    GameUIPacketHandlers
.text:008A9B30    Packet_PACKET_SMSG_QUERY_TIME_RESPONSE
.text:0049FBF0    PH_SMSG_ARENA_TEAM_QUERY_RESPONSE
.text:005776E0    Packet_PACKET_SMSG_CROSSED_INEBRIATION_
.text:005E8900    sub_5E8900
.text:0085AB10    sub_85AB10
.text:00574AF0    PH_GROUP_9
.text:008553F0    PH_SMSG_CHANNEL_NOTIFY
.text:005D6650    sub_5D6650
.text:00806820    sub_806820
.text:009064B0    Packet_PACKET_SMSG_PLAY_DANCE
.text:004DDB20    Packet_PACKET_SMSG_GAMETIME_UPDATE
.text:00576F10    PH_SMSG_PARTY_MEMBER_STATS
.text:00905D30    sub_905D30
.text:005A5A50    sub_5A5A50
.text:008D26A0    sub_8D26A0
.text:00833BF0    GameUIPacketHandlers
.text:008D26A0    sub_8D26A0
.text:005D6650    sub_5D6650
.text:005705E0    sub_5705E0
.text:00833BF0    GameUIPacketHandlers
.text:005E8900    sub_5E8900
.text:005E5E50    sub_5E5E50
.text:00631560    Packet_SMSG_CLIENTCACHE_VERSION
.text:00833BF0    GameUIPacketHandlers
.text:0080DC00    sub_80DC00
.text:005E8960    Packet_PACKET_SMSG_SPLINE_SET_PITCH_RAT
.text:004DDBB0    Packet_PACKET_SMSG_SERVERTIME
.text:0056D000    PH_GROUP_READ_ITEM
.text:00631560    Packet_SMSG_CLIENTCACHE_VERSION
.text:005E8900    sub_5E8900
.text:00905D30    sub_905D30
.text:005D43C0    sub_5D43C0
.text:005B7880    sub_5B7880
.text:004DB8F0    PH_SMSG_WHO
.text:00573CD0    sub_573CD0
.text:00811C10    sub_811C10
.text:005662C0    PH_GROUP_SPELL_REMOVE
.text:008BFFD0    Packet_MSG_AUCTION_HELLO
.text:005B74E0    Packet_PACKET_SMSG_AI_REACTION
.text:00925C60    Packet_PACKET_SMSG_GOSSIP_MESSAGE
.text:0056AEF0    PH_GROUP_LOOT
.text:00574AF0    PH_GROUP_9
.text:00573480    sub_573480
.text:00854310    PH_SMSG_INSTANCE_RESET_FAILED
.text:0089C2F0    Packet_PACKET_SMSG_PET_UPDATE_COMBO_POI
.text:00905D30    sub_905D30
.text:005FF140    Packet_PACKET_SMSG_ENCHANTMENTLOG
.text:0080DD70    sub_80DD70
.text:00574AF0    PH_GROUP_9
.text:005D6650    sub_5D6650
.text:0056AB10    PH_GROUP_QUEST_UPDATE
.text:0055E950    Packet_PACKET_SMSG_ARENA_ERROR
.text:005FF000    sub_5FF000
.text:005E8960    Packet_PACKET_SMSG_SPLINE_SET_PITCH_RAT
.text:008EECC0    Packet_PACKET_SMSG_ACHIEVEMENT_DELETED
.text:005628D0    Packet_PACKET_SMSG_VOICE_PARENTAL_CONTR
.text:005E88A0    sub_5E88A0
.text:00846B30    PH_CHAT_SERVER_RECONNECTED
.text:00854040    PH_SMSG_RAID_INSTANCE_MESSAGE
.text:008E9BF0    Packet_PACKET_SMSG_EQUIPMENT_SET_LIST
.text:008C2680    PH_SMSG_AUCTION_OWNER_LIST_RESULT
.text:00905D30    sub_905D30
.text:00576C90    sub_576C90
.text:008C2A90    Packet_PACKET_SMSG_AUCTION_LIST_PENDING
.text:005B76E0    sub_5B76E0
.text:0055D600    sub_55D600
.text:0056AA10    PH_GROUP_QUESTS
.text:0049F940    PH_SMSG_CREATURE_QUERY_RESPONSE
.text:005E89D0    sub_5E89D0
.text:008D26A0    sub_8D26A0
.text:00811EC0    sub_811EC0
.text:008F5C00    PH_SMSG_SET_FORCED_REACTIONS
.text:008827B0    Packet_PACKET_MSG_NOTIFY_PARTY_SQUELCH
.text:0055ED70    PH_SMSG_PLAY_TIME_WARNING
.text:00833BF0    GameUIPacketHandlers
.text:005B7360    Packet_PACKET_MSG_MOVE_TIME_SKIPPED
.text:00819620    sub_819620
.text:0049FA30    Packet_PACKET_SMSG_PET_NAME_QUERY_RESPO
.text:008F7500    Packet_PACKET_SMSG_INITIALIZE_FACTIONS
.text:008B78D0    PH_SMSG_STABLE_RESULT
.text:00907220    Packet_PACKET_SMSG_NOTIFY_DANCE
.text:00631560    Packet_SMSG_CLIENTCACHE_VERSION
.text:008470B0    PH_SMSG_USERLIST_UPDATE
.text:005D9300    Packet_PACKET_SMSG_THREAT_CLEAR
.text:0092B6F0    Packet_PACKET_SMSG_DUEL_COMPLETE
.text:00853DB0    sub_853DB0
.text:00853900    Packet_PACKET_SMSG_ZONE_UNDER_ATTACK
.text:008D26A0    sub_8D26A0
.text:008D26A0    sub_8D26A0
.text:00601190    sub_601190
.text:00403AF0    Packet_PACKET_SMSG_LOGIN_VERIFY_WORLD
.text:005E8900    sub_5E8900
.text:0055DDE0    PH_SMSG_GROUP_SET_LEADER
.text:005D6650    sub_5D6650
.text:005E88A0    sub_5E88A0
.text:00833BF0    GameUIPacketHandlers
.text:005662C0    PH_GROUP_SPELL_REMOVE
.text:0089BAA0    loc_89BAA0
.text:00631560    Packet_SMSG_CLIENTCACHE_VERSION
.text:008C2360    PH_SMSG_AUCTION_BIDDER_LIST_RESULT
.text:005B75D0    sub_5B75D0
.text:00833BF0    GameUIPacketHandlers
.text:005E89D0    sub_5E89D0
.text:005E88A0    sub_5E88A0
.text:008C0040    Packet_SMSG_AUCTION_COMMAND_RESULT
.text:00570630    sub_570630
.text:005E8900    sub_5E8900
.text:00857640    Packet_PACKET_SMSG_PLAYER_DIFFICULTY_CH
.text:009414F0    sub_9414F0
.text:0055FB10    Packet_PACKET_SMSG_SET_PROFICIENCY
.text:00601170    sub_601170
.text:0089BFE0    PH_SMSG_PET_LEARNED_or_REMOVED_SPELL
.text:008B8590    PH_SMSG_MEETINGSTONE_COMPLETE_should_be_SMSG_MAIL_OPEN_FROM_GOSSIP
.text:005E8900    sub_5E8900
.text:0080DED0    sub_80DED0
.text:00841550    sub_841550
.text:008E9E70    Packet_PACKET_SMSG_EQUIPMENT_SET_USE_RE
.text:0056AA10    PH_GROUP_QUESTS
.text:009062A0    Packet_PACKET_SMSG_LEARNED_DANCE_MOVES
.text:005E87D0    Packet_PACKET_SMSG_DISMOUNT
.text:008F7580    PH_SMSG_SET_FACTION_VISIBLE_and_some_new_opcode
.text:00570B00    PH_GROUP_VENDOR
.text:005D6650    sub_5D6650
.text:005E8900    sub_5E8900
.text:005B7950    sub_5B7950
.text:0055D780    sub_55D780
.text:0056AEF0    PH_GROUP_LOOT
.text:0055DEF0    sub_55DEF0
.text:005E8900    sub_5E8900
.text:00905D30    sub_905D30
.text:00833BF0    GameUIPacketHandlers
.text:00882750    loc_882750
.text:008F0960    Packet_PACKET_SMSG_ACHIEVEMENT_EARNED
.text:00497240    Packet_PACKET_SMSG_UPDATE_OBJECT
.text:004DC660    Packet_SMSG_ACCOUNT_DATA_TIMES
.text:005E89D0    sub_5E89D0
.text:00888000    Packet_PACKET_MSG_GUILD_EVENT_LOG_QUERY
.text:00905D30    sub_905D30
.text:0089F1B0    Packet_PACKET_SMSG_PET_GUIDS
.text:0089C170    Packet_PACKET_SMSG_PET_MODE
.text:00905D30    sub_905D30
.text:0049FB70    Packet_PACKET_SMSG_INVALIDATE_PLAYER
.text:004DD9A0    Packet_PACKET_SMSG_GAMESPEED_SET
    Last edited by jjaa; 12-29-2010 at 08:18 PM.
    Reply With Quote Reply With Quote
  6. 12-29-2010 #6
    Flushie's Avatar
    Flushie
    Flushie is offline
    Master Sergeant
    Reputation
    -13
    Join Date
    May 2010
    Posts
    72
    Thanks G/R
    0/0
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    One day I hope to understand what you guys post Untill then Ill keep reading.
    Reply With Quote Reply With Quote
  7. 12-30-2010 #7
    Nesox's Avatar
    Nesox
    Nesox is offline
    ★ Elder ★
    Reputation
    1280
    Join Date
    Mar 2007
    Posts
    1,238
    Thanks G/R
    0/3
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Awesome, i lub you!
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Similar Threads

  1. I need some packet dumps !
    By yamashi12 in forum Elder Scrolls Online General
    Replies: 9
    Last Post: 09-13-2013, 03:46 PM
  2. [4.2.2+][mac] IDA Scripts - Dump Descriptors + label DBCs
    By Tanaris4 in forum WoW Memory Editing
    Replies: 5
    Last Post: 09-28-2011, 12:55 AM
  3. Quick little IDA structure dump
    By Apoc in forum WoW Memory Editing
    Replies: 2
    Last Post: 04-24-2010, 04:46 PM
  4. Packet handler functions
    By lanman92 in forum WoW Memory Editing
    Replies: 7
    Last Post: 09-08-2009, 08:15 PM
  5. [IDA Script] Label Packet Handlers
    By kynox in forum WoW Memory Editing
    Replies: 5
    Last Post: 07-26-2009, 08:08 AM
All times are GMT -5. The time now is 12:55 PM. Powered by vBulletin® Version 4.2.3
Copyright © 2025 vBulletin Solutions, Inc. All rights reserved. User Alert System provided by Advanced User Tagging (Pro) - vBulletin Mods & Addons Copyright © 2025 DragonByte Technologies Ltd.
Google Authenticator verification provided by Two-Factor Authentication (Free) - vBulletin Mods & Addons Copyright © 2025 DragonByte Technologies Ltd.
Digital Point modules: Sphinx-based search