[WoW][5.1.0.16357] x86 Info Dump Thread

[zys924]

Anyone knows how to retrieve the current game state. Not only IsInGame which is already solved, but I also need IsInCharSel, IsInLoginScreen, etc..?

[l0l1dk]

Anyone knows how to retrieve the current game state. Not only IsInGame which is already solved, but I also need IsInCharSel, IsInLoginScreen, etc..?

This is the offset you want, I think. It's scanned by Warden, so just don't write to it (no reason to anyway).

Code:

CGlueMgr__m_lastLoginState = 0xAB26F4

[zys924]

This is the offset you want, I think. It's scanned by Warden, so just don't write to it (no reason to anyway).

Code:

CGlueMgr__m_lastLoginState = 0xAB26F4

Thanks for it. And looks like the GlueMgr's member functions have a lot of login info.

Code:

And BTW, CGlueMgr__m_CurrentLoginState = 0xAB26EC, by looking into 6E2C90    CGlueMgr::DisplayLoginStatus

[george2978]

I need help to update this offsets :
internal enum Arena : uint
{
Arena1GUID = 0xB36140,
Arena2GUID = Arena1GUID + 0x8,
Arena3GUID = Arena2GUID + 0x8,
Arena4GUID = Arena3GUID + 0x8,
Arena5GUID = Arena4GUID + 0x8
}

[Master674]

I need help to update this offsets :
internal enum Arena : uint
{
Arena1GUID = 0xB36140,
Arena2GUID = Arena1GUID + 0x8,
Arena3GUID = Arena2GUID + 0x8,
Arena4GUID = Arena3GUID + 0x8,
Arena5GUID = Arena4GUID + 0x8
}

Then do it ?

[george2978]

Then do it ?

Thanks man !

[Frosttall]

Thanks man !

Open the previous version of WoW in IDA, go to 0xF36140, search via cross-references for a function name. Then open a new IDA instance with the latest WoW version, go to the function with the same name you've found in the other instance and follow the path you've found out the functionname - but in reversed order of course - and there you go: You'll have the addresses!

P.S. Needing help at something means that you need a guide and not that you get spoonfeeded. You should leave this section if you expected any offsets!

[george2978]

Open the previous version of WoW in IDA, go to 0xF36140, search via cross-references for a function name. Then open a new IDA instance with the latest WoW version, go to the function with the same name you've found in the other instance and follow the path you've found out the functionname - but in reversed order of course - and there you go: You'll have the addresses!

P.S. Needing help at something means that you need a guide and not that you get spoonfeeded. You should leave this section if you expected any offsets!

Thanks !! you give me what i need rep gg

[berlinermauer]

CGGameUI__Target: 009A4020 Rebased to ImageBase
-> CGameUI__Target = WoWBaseAddress + 5A4020

Special Thanks to dan934 and Frosttall

[Borean]

Getting combo points. targetSpecific is for Slice and Dice, etc

Code:

PlayerComboPoint = 0xCC9FDD,
PlayerComboPointTarget = 0xCCA040,

Code:

        public uint GetComboPoints() { return GetComboPoints(true); }
        public uint GetComboPoints(Boolean targetSpecific)
        {
            ulong CPTarget = Connection.wow.ReadUInt64((uint)Connection.wow.MainModule.BaseAddress + (uint)Pointers.Player.PlayerComboPointTarget);
            if (targetSpecific && CPTarget != Connection.localPlayer.TargetGUID) return 0;
            return Connection.wow.ReadByte((uint)Connection.wow.MainModule.BaseAddress + (uint)Pointers.Player.PlayerComboPoint);
        }

[jack445]

Anyone got NameStore, NameMask, NameBase and NameString ?

EDIT: I'm quite sure that NameStore = 0xBF8508 + 0x8. What about the rest, did they change?

EDIT2: They did not, my code was wrong. Above offset is correct.

[kosacid]

enyone got LastTargetGUID and thanks in advance

[Sacred]

enyone got LastTargetGUID and thanks in advance

0xCC9F28 rebased

[drizz]

Warden Scans (rebased)

Code:

Offset: 0x000701E4	Length: 7	Bytes: E8 57 2A 1F 00 8B 0D
Offset: 0x00070AFA	Length: 7	Bytes: 83 C4 08 85 C0 74 EF
Offset: 0x00075ADD	Length: 5	Bytes: 8B 4D 10 89 0D
Offset: 0x001210C0	Length: 9	Bytes: 55 8B EC 83 EC 48 8B 45 08
Offset: 0x001212C0	Length: 10	Bytes: 55 8B EC 83 EC 64 56 8B 75 08
Offset: 0x00121AD0	Length: 10	Bytes: 55 8B EC 8B 45 0C 83 78 08 06
Offset: 0x00161940	Length: 8	Bytes: 55 8B EC A1 44 42 C8 01
Offset: 0x0042760D	Length: 4	Bytes: 75 27 8B CE
Offset: 0x00434800	Length: 9	Bytes: 55 8B EC 8B 45 0C 83 EC 08
Offset: 0x0045A6F0	Length: 10	Bytes: 55 8B EC 83 EC 34 53 56 8B F1
Offset: 0x0045B880	Length: 10	Bytes: 55 8B EC 81 EC B8 00 00 00 8B
Offset: 0x0045CBE2	Length: 7	Bytes: E8 69 8B D0 FF 8B F0
Offset: 0x004A4440	Length: 10	Bytes: 8B 81 10 08 00 00 25 00 00 80
Offset: 0x004B26E0	Length: 10	Bytes: 55 8B EC 83 EC 18 53 56 8B F1
Offset: 0x004B2768	Length: 4	Bytes: 74 79 F3 0F
Offset: 0x004C0062	Length: 4	Bytes: 74 18 8B C8
Offset: 0x004C0BD2	Length: 7	Bytes: 75 18 68 54 01 00 00
Offset: 0x004C67E4	Length: 4	Bytes: 74 1E F3 0F
Offset: 0x004C79C0	Length: 9	Bytes: 55 8B EC 83 EC 20 56 8B F1
Offset: 0x004C7ADB	Length: 4	Bytes: 85 DB 74 1F
Offset: 0x004C7ADD	Length: 4	Bytes: 74 1F 8B 06
Offset: 0x0050D9B1	Length: 7	Bytes: 0F 2F 44 08 08 72 06
Offset: 0x00510705	Length: 7	Bytes: A9 00 00 00 04 74 24
Offset: 0x0051070A	Length: 7	Bytes: 74 24 A9 00 00 10 00
Offset: 0x00510EA9	Length: 9	Bytes: F7 41 38 00 02 00 20 75 34
Offset: 0x005578F6	Length: 4	Bytes: 7F 1D 8B 86
Offset: 0x00557913	Length: 4	Bytes: 7E 0B 8B CE
Offset: 0x005995B0	Length: 5	Bytes: 6A 01 68 40 EE
Offset: 0x005A1D51	Length: 6	Bytes: 8B EC 83 3D 98 15
Offset: 0x005A1D62	Length: 7	Bytes: 74 65 83 F9 1D 77 60
Offset: 0x005ACAB2	Length: 5	Bytes: 77 34 FF 24 85
Offset: 0x005ACF73	Length: 7	Bytes: 56 57 E8 56 C5 FE FF
Offset: 0x005B3F70	Length: 9	Bytes: 55 8B EC 83 EC 40 0F 57 C0
Offset: 0x005C5380	Length: 12	Bytes: 55 8B EC B8 A0 42 00 00 E8 63 8B 20
Offset: 0x005C5824	Length: 5	Bytes: 74 13 83 F8 10
Offset: 0x005C5837	Length: 9	Bytes: 75 0A 8B 4D 10 C7 41 04 00
Offset: 0x005C8B10	Length: 12	Bytes: 55 8B EC 81 EC 28 0E 00 00 6A 0A E8
Offset: 0x005C8FB4	Length: 5	Bytes: 74 52 83 FF 07
Offset: 0x0071FAA8	Length: 5	Bytes: 74 2A F6 40 34
Offset: 0x007494F1	Length: 4	Bytes: 75 0B 5F 5E
Offset: 0x00749519	Length: 13	Bytes: 0F 85 4E 02 00 00 8D 55 DC 52 8D 45 CC
Offset: 0x00797630	Length: 10	Bytes: 55 8B EC 83 EC 1C 53 8B 5D 1C
Offset: 0x007976EE	Length: 8	Bytes: F7 C3 00 00 F0 00 74 28
Offset: 0x007976F4	Length: 5	Bytes: 74 28 8B 4D 18
Offset: 0x0079771E	Length: 8	Bytes: F7 C3 F0 00 03 00 74 1D
Offset: 0x00797724	Length: 5	Bytes: 74 1D 8B 4D 18
Offset: 0x0079774E	Length: 8	Bytes: F7 C3 00 01 00 00 74 13
Offset: 0x00797754	Length: 5	Bytes: 74 13 8B 4D 18
Offset: 0x00797769	Length: 5	Bytes: F6 C3 0F 74 21
Offset: 0x0079776C	Length: 5	Bytes: 74 21 8B 4D 18
Offset: 0x007CBAF0	Length: 9	Bytes: 55 8B EC 8B 45 0C 8B 4D 08
Offset: 0x008E9D30	Length: 11	Bytes: 55 8B EC 83 EC 20 F3 0F 10 41 4C
Offset: 0x008E9D6F	Length: 9	Bytes: F7 41 38 00 00 10 01 74 65
Offset: 0x008E9D76	Length: 5	Bytes: 74 65 D9 41 50
Offset: 0x008ED7D0	Length: 7	Bytes: A9 00 00 00 10 74 07
Offset: 0x008ED810	Length: 5	Bytes: 75 3E F6 46 3C
Offset: 0x008EDF63	Length: 12	Bytes: 81 66 38 FF FF 9F FF 8B 4E 3C 8B 46
Offset: 0x008F5470	Length: 9	Bytes: 55 8B EC 51 53 56 8B 75 08
Offset: 0x0096C0F8	Length: 8	Bytes: 2F 54 9A 41 43 4D 69 73
Offset: 0x0096FFF4	Length: 4	Bytes: BB 8D 24 3F
Offset: 0x00A4BB78	Length: 8	Bytes: D8 93 FE C0 48 8C 11 C1
Offset: 0x00AB26F4	Length: 6	Bytes: 04 00 00 00 2C 78

Wait, are they no longer scanning NetClient__Send2?

[Pandu91]

Hi,

does someon have: PlayerBasePointer / PlayerBaseOffset1 / PlayerBaseOffset2?
Would be nice

Best regards