[WoW] [5.3.0 17055] Release x86 Info Dump Thread

[hamburger12]

well i got: 0xE3CB00 for CurMgr ....

[-Ryuk-]

well i got: 0xE3CB00 for CurMgr ....

This works fine for me also

[VesperCore]

well i got: 0xE3CB00 for CurMgr ....

It's just the first offset I posted in the thread, but well, they definitly don't know how to read :/ (not you)

public static uint clientConnection = 0x0; // 0xE3CB00

[Empted]

It's just the first offset I posted in the thread, but well, they definitly don't know how to read :/ (not you)

You are way too agressive. "My thread", "they don't know". So I can inform you that you've given not CurMgr offset, but a ClientConnection one. To get CurMgr you read pointer and then add another offset to that, then read again. What I've posted above is direct pointer.

[VesperCore]

It's just the first offset I posted in the thread, but well, they definitly don't know how to read :/ (not you)

You are way too agressive. "My thread", "they don't know". So I can inform you that you've given not CurMgr offset, but a ClientConnection one. To get CurMgr you read pointer and then add another offset to that, then read again. What I've posted above is direct pointer.

I don't want to be mean, but in your quote, there is "the thread", and not "my"..

clientConnection is just the same, don't be missleaded because of the name I gave to it, that guy asked for this "clientConnection" offset (old: 0xE416A0, new: 0xE3CB00) 'CurMgrPointer'.

Here a very basic implementations for a ObjectManager class.

Code:

        public enum ObjectManager
        {
            clientConnection = 0xE3CB00,
            objectManager = 0x462C,
            firstObject = 0xCC,
            nextObject = 0x34,
            localGuid = 0xE0,
            objectGUID = 0x28,
            objectTYPE = 0xC,
       }
                ObjectManagerAddress = Memory.WowMemory.Memory.ReadUInt(Memory.WowMemory.Memory.ReadUInt(Memory.WowProcess.WowModule + Addresses.ObjectManagerClass.clientConnection) + (uint) Addresses.ObjectManager.objectManager);
                const uint firstObject = (uint) Addresses.ObjectManager.firstObject;
                const uint nextObject = (uint) Addresses.ObjectManager.nextObject;
                ulong localPlayerGuid = Memory.WowMemory.Memory.ReadUInt64(ObjectManagerAddress + (uint) Addresses.ObjectManager.localGuid);
                int currentObject = Memory.WowMemory.Memory.ReadInt(ObjectManagerAddress + firstObject);
while (currentObject != 0)
{
                        ulong objGuid = Memory.WowMemory.Memory.ReadUInt64((uint) currentObject + (uint) Addresses.ObjectManager.objectGUID);
                            WoWObjectType objType = (WoWObjectType) Memory.WowMemory.Memory.ReadInt((uint) currentObject + (uint) Addresses.ObjectManager.objectTYPE);

************** YOUR NEEDS, save it or whatever for your object manager ************** 

                   Int32 currentObjectNew = Memory.WowMemory.Memory.ReadInt((uint) currentObject + nextObject);
                    if (currentObjectNew == currentObject)
                    {
                        break;
                    }
                    currentObject = currentObjectNew;

}

You gave a wrong offset than the one asked, that's it, no biggies, that guy asked for 0xE3CB00 as the previous were 0xE416A0.

When I say, "they don't know how to read", I think about him, asking for an offset already posted when it's forbidden to ask for an offset, but can also work for you, you want to help someone but you don't read its need and give him something he is not looking for.

Anyone got CurMgrPointer?
(16992 : 0xE416A0)

rebased:
CurMgr = 0xC30974, //55 8B EC A1 ?? ?? ?? ?? 8B 88 ?? 00 00 00 PATTERN

Code:

  *(_DWORD *)(dword_E3CB00 + 0x462C) = v3;
  *(_DWORD *)(v3 + 0xF0) = dword_E3CB00;
  dword_C30974 = v3;

Code:

ObjectManagerAddress = Memory.WowMemory.Memory.ReadUInt(Memory.WowMemory.Memory.ReadUInt(Memory.WowProcess.WowModule + Addresses.ObjectManagerClass.clientConnection) + (uint) Addresses.ObjectManager.objectManager);
ObjectManagerAddress = Memory.WowMemory.Memory.ReadUInt(Memory.WowProcess.WowModule + 0xC30974);

Use the implementation you want, but he asked for the first one and you gave him the second one.

Don't blame me for being aggressive, I haven't even been.

I don't understand, how would you define the sub_#'s to what function it is ? That's the problem i have by digging current offsets, i'm new to this. Any advice would be highly appreciated.

Simply right clic on any offset in IDA => Rename, put a name there.

For function, right clic on the function at the top of the current graph, all that also work in PseudoCode mode.

[iceblockman]

who know this offset UnitSpeed = 0x788 or movestate = 0x788 posted previously. How can I read it ? I tried

Console.WriteLine(Memory.Read<byte>(ObjectManager.LocalPlayer.Pointer + 0x78);
Console.WriteLine(Memory.Read<byte>(Memory.BaseAddress + 0x78);
or change byte to int , none give meaningful data.

And I reserved the function GetUnitSpeed , I read it like below

Console.WriteLine(Memory.Read<float>(Memory.Read<uint>(ObjectManager.LocalPlayer .Pointer + 0xE4) + 0x80));
it give you the speed in your current state (mounted on ground/or in sky, or not mounted) and the value means how many yards you can move in 1 sec.

I just want to know if my player is moving , get real speed is a little more than what i need.

[rens]

who know this offset UnitSpeed = 0x788 or movestate = 0x788 posted previously. How can I read it ? I tried

Console.WriteLine(Memory.Read<byte>(ObjectManager.LocalPlayer.Pointer + 0x78);
Console.WriteLine(Memory.Read<byte>(Memory.BaseAddress + 0x78);
or change byte to int , none give meaningful data.

And I reserved the function GetUnitSpeed , I read it like below

Console.WriteLine(Memory.Read<float>(Memory.Read<uint>(ObjectManager.LocalPlayer .Pointer + 0xE4) + 0x80));
it give you the speed in your current state (mounted on ground/or in sky, or not mounted) and the value means how many yards you can move in 1 sec.

I just want to know if my player is moving , get real speed is a little more than what i need.

Memory.Read<byte> is where you are going wrong, try float.

[mikeymike]

im kinda new to these offsets ect,how do i take your offsets and make them usable with trinitycore opcodes?

[VesperCore]

im kinda new to these offsets ect,how do i take your offsets and make them usable with trinitycore opcodes?

An offset is not an opcode and you will need many core updates to get a working MoP version out of TrinityCore, basically : forget it.

[Smousseur]

I am new to this forum and memory editing in general, so please excuse me if my questions are obvious or stupid.
I am trying to get the camera pointer.
Here is my approach :
Thanks to the dump, my guess is to reproduce the CGWorldFrame__GetActiveCamera function behavior.
Is it a good idea ?
Basically, i am reading an address somewhere, add a constant and hopefully i am getting the pointer to the camera structure.
First of all, after opening Wow.exe (32 bits ofc) in IDA i am getting a slightly different offset for this function from the dump.
I am pretty sure it is the same function.
As a result, my first read failed.
Here is what I get from the dump :
uint cameraPointer = wow.ReadUInt((uint)baseWoWPtr + 0xCDCECC) + 0x8150
I am not sure about the result but it does not seem to return what I want
Here is what I get from my WoW.exe in IDA :
uint cameraPointer = wow.ReadUInt((uint)baseWoWPtr + 0x10DCECC) + 0x8150
Here, the readUint failed as it seems to point to a null place in memory.
What am I doing wrong ?
Excuse me for my english.

[Frosttall]

I am new to this forum and memory editing in general, so please excuse me if my questions are obvious or stupid.
I am trying to get the camera pointer.
Here is my approach :
Thanks to the dump, my guess is to reproduce the CGWorldFrame__GetActiveCamera function behavior.
Is it a good idea ?
Basically, i am reading an address somewhere, add a constant and hopefully i am getting the pointer to the camera structure.
First of all, after opening Wow.exe (32 bits ofc) in IDA i am getting a slightly different offset for this function from the dump.
I am pretty sure it is the same function.
As a result, my first read failed.
Here is what I get from the dump :
uint cameraPointer = wow.ReadUInt((uint)baseWoWPtr + 0xCDCECC) + 0x8150
I am not sure about the result but it does not seem to return what I want
Here is what I get from my WoW.exe in IDA :
uint cameraPointer = wow.ReadUInt((uint)baseWoWPtr + 0x10DCECC) + 0x8150
Here, the readUint failed as it seems to point to a null place in memory.
What am I doing wrong ?
Excuse me for my english.

http://www.ownedcore.com/forums/worl...ml#post2776469 (Am I doing this correctly... (IDA))

Questions like these fill the dump-threads with useless posts...

[mikeymike]

An offset is not an opcode and you will need many core updates to get a working MoP version out of TrinityCore, basically : forget it.

ive already got a working 5.2 trinitycore, and i have updated about 30 opcodes i got from arctium, then how does one get opcodes?

[Frosttall]

ive already got a working 5.2 trinitycore, and i have updated about 30 opcodes i got from arctium, then how does one get opcodes?

Offsets != Opcodes.....

For getting opcodes just go to the corresponding functions and note the opcode.

Example:
Script_AddFriend, follow the sub-function and at some point you'll see something like this:

Code:

  CDataStore::PutInt32(5558); //Opcode
  CDataStore::PutCString(&v10); //Arg1
  CDataStore::PutCString(&v9); //Arg2

There you go

P.S. 30 Opcodes? That's cute! WoW got a few thousands more

[doityourself]

P.S. 30 Opcodes? That's cute! WoW got a few thousands more

hmm let's say round about 1400-1500

[mikeymike]

Offsets != Opcodes.....

For getting opcodes just go to the corresponding functions and note the opcode.

Example:
Script_AddFriend, follow the sub-function and at some point you'll see something like this:

Code:

  CDataStore::PutInt32(5558); //Opcode
  CDataStore::PutCString(&v10); //Arg1
  CDataStore::PutCString(&v9); //Arg2

There you go

P.S. 30 Opcodes? That's cute! WoW got a few thousands more

correct but not every opcode is changed alot stay the same so those other 1000 didnt change, im sure not many changed from 5.2 to 5.3... connection ones are the only ones im after right now.