Help CastBarFrame

[kosacid]

CastBarFrame im wondering if anyone can tell me if there a flag or a timer, i just want to know if its up

[JuJuBoSc]

Look for UnitCastingInfo / UnitChannellingInfo ?

[kosacid]

call sub_4D1827
pop ecx
pop ecx
test eax, eax
jnz short loc_89CBBA

LOBYTE(v3) = sub_4D1827(a3, 1);
if ( !v3 )
{
sub_4D299B(a1, a3, (int)"Usage: UnitCastingInfo(\"unit\")", v24);
return 0;
}

i know the rules no spoon feeding but i suck at debuging i cant find out where LOBYTE(v3) address is stored because i can use that for the test, is it right the "test eax, eax" is the pointer to LOBYTE(v3) and thats where its stored, the only othere way i can see is to detour sub_4D1827 but i would just like to read a address

and thanks JuJuBoSc

[xalcon]

Did you even looked into sub_4D1827?

• sub_4D1827 calls sub_4D179A which returns a value in eax
• if eax is neither 4 or 3, eax gets xor'ed with eax (effectivly setting eax to 0) and then returns
• if eax is 3 or 4, eax gets xor'ed and then incremented, then returns

Effectivly, this means: if the return value of sub_4D1827 is 0, sub_4D299B will be called with the "how to use"-Message for UnitCastingInfo

Conclusion: You are "debugging" the wrong part of the function.
I currently don't realy know what sub_4D1827 is, but my stomach is telling me, it is something lua related (lua_isstring or however its called?), since UnitCastingInfo needs to be called with a unit parameter.

But why is your error function called with 4 parameters? mine is like

Code:

if ( !sub_4D1827(a1, 1) )
{
    sub_4D299B(a1, "Usage: UnitCastingInfo(\"unit\")");
    return 0;
}

[Mr.Sergey]

Code:

if ( !sub_D1827(a1, 1) )
  {
    sub_D299B(a1, "Usage: UnitCastingInfo(\"unit\")");
    return 0;
  }
  v2 = sub_D1979(a1, 1, 0);
  v3 = sub_4941EC(v2);
  if ( !v3
    || (v4 = sub_4A2BC(), v5 = sub_39D9B5(*(_DWORD *)(v3 + 3248)), v6 = v5, (v27 = v5) == 0)
    || v4 - *(_DWORD *)(v3 + 3268) >= 0 )
    return 0;

where v3 is PlayerBase

CastingSpellId = ReadInt(PlayerBase + 3248) = ReadInt(PlayerBase + 0xCB0);

[kosacid]

@Mr.Sergey nice one one explaining it to me, got it instantly, i dunno why IDA coming up with multi parameters it the current build im using, but this is what i ended up with a thread constantly scanning for next spell

Code:

uint SpellID;
CreateThread(NULL,NULL,Player,NULL,NULL,NULL);

DWORD WINAPI Player(LPVOID arg)
{
	while(true)
	{
	    uint ObjectPointer;
	    ReadProcMem((LPVOID)(Base + 0xEA2388),&ObjectPointer,4);
	    ReadProcMem((LPVOID)(ObjectPointer + 0x462C),&ObjectPointer,4);
	    UINT64 me;
	    ReadProcMem((LPVOID)(ObjectPointer + 0xE0),&me, 8);
	    ReadProcMem((LPVOID)(ObjectPointer + 0xCC),&ObjectPointer,4);
	    while (ObjectPointer != 0 && ObjectPointer % 2 == 0)
	    {
		    UINT64 cobj;
		    ReadProcMem((LPVOID)(ObjectPointer + 0x28),&cobj, 8);
		    if(me == cobj)
		    {
			    ReadProcMem((LPVOID)(ObjectPointer + 0xCB0),&SpellID, 2);
		    }
		    ReadProcMem((LPVOID)(ObjectPointer + 0x34),&ObjectPointer,4);
	    }
	}
}