Explanation of release info dumps

[kakin]

Hi, new to this site and wow memory stuff in general, got a question:

Does anyone mind explaining or linking to a explanation of info dumps? Even some code snippets illustrating how to get player xyz,hp,mana values static pointers etc? I am familiar with pointers, c/c# etc and have read the two tutorials from 2009/2010 however it is almost impossible to make them work or learn much from them when the offsets are way out of date and there is no decent explanation on how they are worked out

eg, http://www.ownedcore.com/forums/worl...g-writing.html ((Tutorial) Starting WoW-Memory Reading/Writing) , how does he know what offset to use for for getting the xyz, and then writing to click to move? I dont see anything resembling either offset in the 6.2.3 info dump

Thanks for any contribution

[aeo]

GGo look at tom_rus88 on github.com . He has a project called wowaddin and mopobjectmgr both are great examples of how to use the basics. Also ohack source on github from l0l1dk.

[Jadd]

GGo look at tom_rus88 on github.com . He has a project called wowaddin and mopobjectmgr both are great examples of how to use the basics. Also ohack source on github from id10k.

Where on earth did you get "id10k"? I think you mean l0l1dk (I think it stands for LOL + IDK.)

[Filint]

+1 for OHack, a good 30% of my program was developed using OHack as a reference. Another great option to look into is Wildbreath's Offspring; it's outdated but still available - shows some basic ideas of hooking, delegates, etc. written in .NET so you'll need to open it up in reflector. I found it really helpful. At the end of the day, the best thing to do is just get stuck in and try stuff out - if you're worried about your account (you should be when messing around with memory editing if you're not 100% confident in what you're doing), grab a named IDB from an old build (e.g. 3.3.5) and develop some bits on a private server. That's what I did, anyway. It's then fairly easy to move to a more recent patch.

Jadd, I suspect id10k was some sort of autocorrect or other unintentional error. Or ace is blind as a bat :P

[aeo]

Where on earth did you get "id10k"? I think you mean l0l1dk (I think it stands for LOL + IDK.)

Hahaha mobile and I couldn't look it up. To my credit I got 4 out of 6 letter right just wrong order hah

[kakin]

Thanks for the input guys, found wowaddin to be the simplest out of the three to learn from tbh. I think my problem or at least part of it is caused by not knowing exactly what the offsets obtained from ida do in regards to reading from the memory location. for example:

from http://www.ownedcore.com/forums/worl...mp-thread.html ([WoW] [6.2.3.20726] Release Info Dump Thread)

CGPlayer_C__m_activePlayerPtr = 0xE379B0,
MaxHealth = 0x10C, // Size: 0x1, Flags: 0x1


I'm understanding(probably wrong) these as 0xE379B0 to be pointer offset to the 'player object' and 0x10c to be the offset within the player object that points to the maxhealth value

I then attempt to use this in a program:

Code:

            BlackMagic wow = new BlackMagic();
            wow.OpenProcessAndThread(SProcess.GetProcessFromProcessName("Wow")); //get process name
            IntPtr baseWoW = wow.MainModule.BaseAddress; //get base addr
            int hp = wow.ReadByte((uint)baseWoW + 0xE379B0 + 0x10C);  
            listBox1.Items.Add("max hp:" + hp);

My thinking is get the base address for wow, offset by player pointer to get base address of player, offset again by maxhp pointer to get the address where max hp is stored. then read the byte there and display it because maxhealth size=0x1

However it shows max hp:0 when ingame hp says 155/155 so something went wrong

I'm guessing I'm either using the wrong offsets or something because I've spent some time trying to find info on what each offset is for and failed to really find any info

Reckon anyone can correct me on whatever I did wrong? I feel like this is probably the equivalent of failing to make a hello world application when starting out

[Jadd]

Seems like you have a pretty good basic understanding of pointers already, so congrats to you.

My thinking is get the base address for wow, offset by player pointer to get base address of player, offset again by maxhp pointer to get the address where max hp is stored.

Your thinking is correct, but your implementation is wrong. It sounds like you're wanting to read [[base + player pointer] + max HP pointer] but you actually ended up reading [base + player pointer + max HP pointer]. What you were looking for was two separate reads:

Code:

uint playerPtr = wow.ReadUInt32((uint)baseWoW + 0xE379B0);
int hp = wow.ReadByte(playerPtr + 0x10C);

BUT this is wrong, for a couple of reasons - not because you ****ed something up but because you're inexperienced with the structure of a WoW object... so don't worry about it.

MaxHealth = 0x10C, // Size: 0x1, Flags: 0x1
This is a descriptor. Descriptors reside at a dynamic address which is pointed to from +0x04 in the object base (as of 6.2.3 - susceptible to change). They are the variables which are only set by the server and are shared to different players depending on the variable's flags ("Flags: 0x1" indicates that it is shared with all other players, some variables are only sent to party members, to the owner of the unit ie. pets, etc.) This is kind of irrelevant for you right now, but you might be interested to know anyway.

These descriptors are few of the variables that remain to have their names intact in the client, which is very useful when reversing and extracting information from WoW. Having to find the meaning of all these variables would be painful to do manually so descriptors are quite popular to use among bot developers. The information about these descriptor variables available is their name, flags, and size - for whatever reason, the offsets for these variables are nowhere to be found. So to put an offset to these variables, we simply start at 0 and count upwards using the size. The descriptor sizes are divisions of four (no idea why) so the actual size of the field should always be multiplied by four - MaxHealth, for example, is actually four bytes. Yep, it's a standard 32-bit integer.

So, with all that rambling, hopefully you ended up with something like this:

Code:

uint playerPtr = wow.ReadUInt32((uint)baseWoW + 0xE379B0);
uint descriptorsPtr = wow.ReadUInt32(playerPtr + 0x04);
int hp = wow.ReadInt32(descriptorsPtr + 0x10C);

Hope that helps!

[kakin]

Thanks a lot, this is exactly the kind of info I was looking for. Really saved me a lotta time

EDIT: Followup, is there any guide on how to use the other info in release dumps? stuff like what to do with the scrips/events, how to get xyz coords,buffs etc?