[WoW][4.3.3.15354] Info Dump Thread

[Threk]

Anyone please help with AURA offsets! Or confirm please that old one is working?!

You know, there is a edit button under your post, man?

[HexNeo]

Your help was so.... I even did not find any word to describe it.

Still can not find any AURA, except GetAuraCount(), in memory. Any help... Please...

[JuJuBoSc]

According to 000595A0 CGUnit_C__GetAura the offsets is still the same.

Code:

            AURA_COUNT_1 = 0xE90,                                                   // 4.3.3 15354
            AURA_COUNT_2 = 0xC14,                                                   // 4.3.3 15354
            AURA_TABLE_1 = 0xC10,                                                   // 4.3.3 15354
            AURA_TABLE_2 = 0xC18,                                                   // 4.3.3 15354
            AURA_SIZE = 0x28,                                                       // 4.3.3 15354
            AURA_SPELL_ID = 0x8,                                                    // 4.3.3 15354
            AURA_SPELL_DURATION = 0x10,                                             // 4.3.3 15354
            AURA_SPELL_START = 0x14,                                                // 4.3.3 15354
            AURA_STACK = 0xF,                                                       // 4.3.3 15354

[HexNeo]

Thank you for answer, than my method GetAuras() is wrong, may be some body can PM me with working method. I took one from this forum.

Thank you again.

[miceiken]

Can someone get rid of this guy already?

[romb0t]

@JuJuBoSC
AS trying to continue to learn how to look in WoW.exe, I did understand how you have found (disassembly of CGUnit_C__GetAura for the first fifth and CGUnit_C::GetAuraSpellId for the SpellId:

Code:

            AURA_COUNT_1 = 0xE90,                                                   // 4.3.3 15354
            AURA_COUNT_2 = 0xC14,                                                   // 4.3.3 15354
            AURA_TABLE_1 = 0xC10,                                                   // 4.3.3 15354
            AURA_TABLE_2 = 0xC18,                                                   // 4.3.3 15354
            AURA_SIZE = 0x28,                                                       // 4.3.3 15354
            AURA_SPELL_ID = 0x8,                                                    // 4.3.3 15354

But how I did not find any function in regards of:

Code:

            AURA_SPELL_DURATION = 0x10,                                             // 4.3.3 15354
            AURA_SPELL_START = 0x14,                                                // 4.3.3 15354
            AURA_STACK = 0xF,                                                       // 4.3.3 15354

I assume that this need some more reverse engineering but at this stage, I cannot find them.

Any clue to help ?

Regards.

[JuJuBoSc]

@JuJuBoSC
AS trying to continue to learn how to look in WoW.exe, I did understand how you have found (disassembly of CGUnit_C__GetAura for the first fifth and CGUnit_C::GetAuraSpellId for the SpellId:

Code:

            AURA_COUNT_1 = 0xE90,                                                   // 4.3.3 15354
            AURA_COUNT_2 = 0xC14,                                                   // 4.3.3 15354
            AURA_TABLE_1 = 0xC10,                                                   // 4.3.3 15354
            AURA_TABLE_2 = 0xC18,                                                   // 4.3.3 15354
            AURA_SIZE = 0x28,                                                       // 4.3.3 15354
            AURA_SPELL_ID = 0x8,                                                    // 4.3.3 15354

But how I did not find any function in regards of:

Code:

            AURA_SPELL_DURATION = 0x10,                                             // 4.3.3 15354
            AURA_SPELL_START = 0x14,                                                // 4.3.3 15354
            AURA_STACK = 0xF,                                                       // 4.3.3 15354

I assume that this need some more reverse engineering but at this stage, I cannot find them.

Any clue to help ?

Regards.

0005A150 sub_5A150

Came here from LUA UnitAura, it contains everything u need about aura.

[Jadd]

Here's the list of Warden scans. Total of 63 scans. Here's the dumped Warden module.

Code:

Address: 0x0014DC20 Length: 11 Bytes: 8B C1 33 C9 89 8 89 48 4 89 48 
Address: 0x004D0B92 Length: 7 Bytes: 74 65 83 F9 19 77 60 
Address: 0x0043A82E Length: 5 Bytes: 8B 4D 10 89 D 
Address: 0x0014E721 Length: 1 Bytes: FF 
Address: 0x007080B0 Length: 9 Bytes: 55 8B EC 8B 45 C 8B 4D 8 
Address: 0x001D9A91 Length: 4 Bytes: 74 1C 8B 6 
Address: 0x004D0B81 Length: 6 Bytes: 8B EC 83 3D B4 66 
Address: 0x000544F3 Length: 4 Bytes: 7E B 8B CE 
Address: 0x0033100A Length: 4 Bytes: 75 B 5F 5E 
Address: 0x004DC885 Length: 5 Bytes: 77 34 FF 24 85 
Address: 0x00208DDD Length: 11 Bytes: 1 7E 74 8B CE E8 29 A5 FF FF 8B 
Address: 0x00089920 Length: 9 Bytes: 55 8B EC 83 EC 8 53 56 8B 
Address: 0x00624B10 Length: 12 Bytes: 81 66 38 FF FF 9F FF 8B 46 38 F6 C1 
Address: 0x001D9A8F Length: 4 Bytes: 85 DB 74 1C 
Address: 0x007020B0 Length: 9 Bytes: 55 8B EC 51 53 56 8B 75 8 
Address: 0x0061DBA6 Length: 5 Bytes: 74 65 D9 41 50 
Address: 0x0038B592 Length: 5 Bytes: F6 C3 F 74 21 
Address: 0x00004210 Length: 6 Bytes: E8 EB CD FF FF E8 
Address: 0x0038B595 Length: 5 Bytes: 74 21 8B 4D 18 
Address: 0x003206B8 Length: 5 Bytes: 74 2A F6 40 34 
Address: 0x00088330 Length: 9 Bytes: 55 8B EC 83 EC 18 56 8B F1 
Address: 0x004C3C14 Length: 4 Bytes: 7C 47 5 C0 
Address: 0x00089B00 Length: 9 Bytes: 55 8B EC 53 8B 5D 10 8B 43 
Address: 0x0038B57D Length: 5 Bytes: 74 13 8B 4D 18 
Address: 0x0000E4E0 Length: 6 Bytes: E8 7B 9F FF FF 89 
Address: 0x00624480 Length: 5 Bytes: 75 3E F6 46 3C 
Address: 0x004EB87E Length: 5 Bytes: 72 3B 8B 4D 18 
Address: 0x004F8835 Length: 10 Bytes: 52 57 8B 7D F8 E8 61 EA FE FF 
Address: 0x007B56E8 Length: 8 Bytes: BB 8D 24 3F D4 D0 31 3E 
Address: 0x0000120A Length: 6 Bytes: CC CC CC CC CC CC 
Address: 0x007AF5F8 Length: 8 Bytes: 2F 54 9A 41 77 BE 7F 3F 
Address: 0x0017AE2A Length: 4 Bytes: 50 51 8B CB 
Address: 0x004F4F20 Length: 5 Bytes: 74 E 83 FB 10 
Address: 0x002013A1 Length: 7 Bytes: F 2F 44 8 8 72 6 
Address: 0x0016DA00 Length: 9 Bytes: 55 8B EC 8B 45 C 83 EC 8 
Address: 0x004A09AA Length: 7 Bytes: 83 C4 8 85 C0 74 EF 
Address: 0x0038B51D Length: 5 Bytes: 74 28 8B 4D 18
Address: 0x00204D85 Length: 7 Bytes: A9 0 0 4 74 26
Address: 0x000041F3 Length: 5 Bytes: 6A 0 E8 36 75
Address: 0x0017AE52 Length: 7 Bytes: E8 C9 CE 2F 0 8B F0
Address: 0x0061DB9F Length: 9 Bytes: F7 41 38 0 0 10 1 74 65
Address: 0x004F8287 Length: 7 Bytes: 75 16 68 38 2 0 0
Address: 0x00C16EC4 Length: 8 Bytes: D8 93 FE C0 48 8C 11 C1
Address: 0x0003DE2B Length: 10 Bytes: 76 A5 F3 F 11 8E D4 1 0 0
Address: 0x00004206 Length: 5 Bytes: E8 95 FD 3F 0
Address: 0x00204D8A Length: 5 Bytes: 74 26 A9 0 0
Address: 0x004F4A70 Length: 12 Bytes: 55 8B EC B8 94 42 0 0 E8 A3 9B B1
Address: 0x0038B517 Length: 8 Bytes: F7 C3 0 0 F0 0 74 28
Address: 0x004F4F2E Length: 9 Bytes: 75 A 8B 45 10 C7 40 04 0
Address: 0x00624440 Length: 7 Bytes: A9 0 0 0 10 74 7
Address: 0x00905C44 Length: 7 Bytes: FF FF FF FF 1 0 0 0
Address: 0x001B3ED0 Length: 10 Bytes: 8B 81 B8 7 0 0 25 0 0 80
Address: 0x0017A701 Length: 10 Bytes: 8B EC 81 EC A0 0 0 0 8B 45
Address: 0x0038B577 Length: 8 Bytes: F7 C3 0 1 0 0 74 13
Address: 0x00205A39 Length: 9 Bytes: F7 41 38 00 02 00 20 75 34 F7
Address: 0x0038B54D Length: 8 Bytes: 74 1D 8B 4D 18 8B 55 C
Address: 0x001C863D Length: 7 Bytes: 75 18 68 48 1 0 0
Address: 0x00331032 Length: 13 Bytes: F 85 D8 1 0 0 8D 55 DC 52 8D 45 CC
Address: 0x004F8140 Length: 12 Bytes: 8B EC 81 EC 18 E 0 0 6A A E8 30
Address: 0x00331021 Length: 13 Bytes: 8B 75 C 56 51 8B CB E8 25 E9 FF FF 84
Address: 0x0038B547 Length: 8 Bytes: F7 C3 F0 0 3 0 74 1D
Address: 0x0017A700 Length: 10 Bytes: 55 8B EC 81 EC A0 0 0 0 8B
Address: 0x004A00E4 Length: 7 Bytes: E8 77 78 C1 FF 8B D

Comparing my new warden system to this, you know that a lot of your bytes are wrong? You should look into this.

[JuJuBoSc]

Comparing my new warden system to this, you know that a lot of your bytes are wrong? You should look into this.

Isn't that due by conditional jump location on different image base ?

[Jadd]

Isn't that due by conditional jump location on different image base ?

No? It's just his code. For example:
"Address: 0x004F8140 Length: 12 Bytes: 8B EC 81 EC 18 E 0 0 6A A E8 30": Missing the first byte, 0x55. Also even though it's listed as 12 bytes, there are only 11 that he displays. Although I think I'm wrong when I say "a lot". I didn't really look at the others.

[MaiN]

No? It's just his code. For example:
"Address: 0x004F8140 Length: 12 Bytes: 8B EC 81 EC 18 E 0 0 6A A E8 30": Missing the first byte, 0x55. Also even though it's listed as 12 bytes, there are only 11 that he displays. Although I think I'm wrong when I say "a lot". I didn't really look at the others.

You may want to recount that.
(Tip: He's not padding with zeros, so 0xA is displayed as "A", not "0A")

[Jadd]

You may want to recount that.

Oh whups. Lol. Better go get my glasses.

(Tip: He's not padding with zeros, so 0xA is displayed as "A", not "0A")

Yeah I got that much. But he is still obviously reading the real bytes from the wrong location (dunno how he would have managed this).

[-Ryuk-]

Oh whups. Lol. Better go get my glasses.



Yeah I got that much. But he is still obviously reading the real bytes from the wrong location (dunno how he would have managed this).

Your right, the correct scan would be:
Offset="4F8140" Length="C" Bytes="55 8B EC 81 EC 18 E 0 0 6A A E8"

[pladi]

IsUsableAction = 0xB42010
IsUsableActionNoMana = 0xB41DD0

[hb123220]

what's "ClickToMove = 0x1C1A10" for????? enable ctm ? I tried and it didnt work~~