[C++] Descriptors dumper & Find descriptor offsets

[pchzpchz]

Obviously download at own risk but I checked out the binary and it looks good.

Thanks for your work by the way, awesome tool.
If you don't trust it just do a simple entire solution search and replace "Wow.exe" to "WowClassic.exe". Takes about 10sec.

[ejt]

I just updated the repo with new version that has better support for both retail, classic and possibly other games as well. Swapped to MSVC generator instead of ninja too so its easier to build, just need VS2019 with CMake installed and should be easy to build.

[NoxiaZ]

I just updated the repo with new version that has better support for both retail, classic and possibly other games as well. Swapped to MSVC generator instead of ninja too so its easier to build, just need VS2019 with CMake installed and should be easy to build.

Cool with an update, think you should update repo with these patterns:

Code:

	{ "NameCacheBase",{ "48 8D 3D ? ? ? ? 48 8B DF 48 8D 0D ? ? ? ? 48 83 CB 01 48 89 1D ? ? ? ? E8 ? ? ? ? 33 C9 48 89 1D ? ? ? ?", clepta::pattern::deference, 0x3  } },
		{ "SpellBook",  { "4C 8B 0D ? ? ? ? 0F 1F 44 00 ? 8B C2 49 8B 0C C1 8B 41 04 3B D8 75 05 83 39 01 74 5A 83 39 03", clepta::pattern::deference, 0x3 } },
		{ "RedMessage",  { "48 8D 15 ? ? ? ? 41 B8 ? ? ? ? 48 8D 8D ? ? ? ? 90 0F B6 01", clepta::pattern::deference, 0x3 } },

They are made from old patch, and still work in this patch - So for me they seems to be working well.


Also it seems that when you read string for the version, you read one byte too much. - It seems to be the missing if i have added in the do-while looop - I know its not a big thing, but ye always nice to have it perfect

Code:

struct reader<std::string, false>
{
	std::string read(process_state* state, ptr_t addr, int16_t max_length = 32)
	{
		char c = '\0';
		std::string ret = "";

		do
		{
			memory::read(state, addr + (sizeof(char) * ret.size()), sizeof(char), &c);
			if (c != '\0')
				ret += c;
		} while (c != '\0' && ret.size() < max_length);

		return ret;
	}
};

Another thing:
When its done, creating all the files with both offsets and descriptors it end up saying:

Error: Could not find process.

D:\Temp\WoW\WoWOffsetDumper-master\install\Debug\WoWOffsetDumper.exe (process 18316) exited with code 0.

Is that Retail WoW its trying to find?

[ejt]

Glad you like the update, when I have some time over I can add the patterns for those 3, however its not something I currently use so I may not keep them updated if they fall out-of-date.

The string reading seems good, the problem (i think) is that in memory the version is ending with a space ' ' and then a null-terminator '\0' and thats why it has a space at the end. I may look at the function in the future as I continue on my memory library.

EDIT: just re-read your post and if the extra 'if' fixed it for you maybe it is a bug, will have to look at it sometime after new-years.

The "Could not find process." is indeed it trying to find Wow.exe (or retail), change the code in main.cpp to only search classic, or make something that detects what processes are active or something like that. I cba while writing the update to do it.

[NoxiaZ]

Glad you like the update, when I have some time over I can add the patterns for those 3, however its not something I currently use so I may not keep them updated if they fall out-of-date.

i'll gladly keep them updated and provide you with more patterns i get created/come by, so you don't have to do it by you self.

The string reading seems good, the problem (i think) is that in memory the version is ending with a space ' ' and then a null-terminator '\0' and that's why it has a space at the end. I may look at the function in the future as I continue on my memory library.

EDIT: just re-read your post and if the extra 'if' fixed it for you maybe it is a bug, will have to look at it sometime after new-years.

It's the '\0' it read to much, the reason must be that it add to the string and after in the 'while-if' it stop when c == '\0' but then its already added. - Visual Studio Code or another editor like that shows '\0'

The "Could not find process." is indeed it trying to find Wow.exe (or retail), change the code in main.cpp to only search classic, or make something that detects what processes are active or something like that. I cba while writing the update to do it.

I'ts fine ill fix it, my C++ isn't the strongest so wasn't totally sure. - I find it hard to read compared to C#

Anyways, thank for the update, keep up the good work.

[ejt]

It's the '\0' it read to much, the reason must be that it add to the string and after in the 'while-if' it stop when c == '\0' but then its already added. - Visual Studio Code or another editor like that shows '\0'.

I checked out the function and it seems to be working as it should. The reason for the '\0' is because its a null-terminated string, std::string handles those characters automatically so even if an extra '\0' slips into the end it doesn't matter.

When debugging it was reason the descriptor strings just fine, no extra characters, I did this at 6 AM in the morning after just woken up so I could still be wrong but wont put any more effort unless it starts bugging out in the future.

[NoxiaZ]

I checked out the function and it seems to be working as it should. The reason for the '\0' is because its a null-terminated string, std::string handles those characters automatically so even if an extra '\0' slips into the end it doesn't matter.

When debugging it was reason the descriptor strings just fine, no extra characters, I did this at 6 AM in the morning after just woken up so I could still be wrong but wont put any more effort unless it starts bugging out in the future.

Ye true it wouldn't matter with the description strings.
The problem i'm talking about are shown here:

Code:

<< "// " << clepta::memory::read<std::string, true>(process.state(), offset_results["GameVersion"][0]);

Its when it print out the version number.

Anyways not a big deal as i said, i just wanted to mention it.

[ejt]

Ye true it wouldn't matter with the description strings.
The problem i'm talking about are shown here:

Code:

<< "// " << clepta::memory::read<std::string, true>(process.state(), offset_results["GameVersion"][0]);

Its when it print out the version number.

Anyways not a big deal as i said, i just wanted to mention it.

yes, this is most likely because wow stores the version number with a ' ' space at the end of the version, hence why it ends with a ' ' space.

Therefore it is not a bug but something that needs to be tailored for wow version reads itself, therefore there is no need to add the extra "if" as you did. Just saying, to each their own.

[chlycooper]

help make a .exe file ? I don't know how to use C

[ejt]

help make a .exe file ? I don't know how to use C

For obvious reasons, I will not be releasing any executable and I recommend not downloading any from this site or anywhere for that matter. All you need to build the source is Visual Studio 2019 and CMake (an optional package when installing VS2019) then you can download the source and build yourself in minutes.

If you can't figure out how to build this source into an executable, you probably don't need to offsets.

Edit: As a side note, the InGameFlag offset had a duplicate in the latest rev so I will be pushing an update with the correct pattern for this in a moment.

[chlycooper]

thank you so much, i bot use Autoit(3years ago) , i use:

Global Const $ClientConnection = 0x1c793c0
Global Const $CurMgrOffset = 0x2897FE0
Global Const $FirstObjectOffset = 0x130
Global $WowBase = GETWOWBASEADDRESS($PID)
$currMgr_pre = _MemoryRead($WowBase + $ClientConnection, $hWow, "dword")
$currMgr = _MemoryRead($currMgr_pre + $CurMgrOffset, $hWow, "dword")
Global $ObjectZero = _MemoryRead($currMgr + $FirstObjectOffset, $hWow, "dword")

to get my Objectmanage and firstobj, now i want rewrite them in python , i have a question.

there is a "ObjectMgrPtr = 0x2897FE0" in WoWOffsetDumper's output , is it the "$ClientConnection" or "$CurMgrOffset"?

[NoxiaZ]

thank you so much, i bot use Autoit(3years ago) , i use:

Global Const $ClientConnection = 0x1c793c0
Global Const $CurMgrOffset = 0x2897FE0
Global Const $FirstObjectOffset = 0x130
Global $WowBase = GETWOWBASEADDRESS($PID)
$currMgr_pre = _MemoryRead($WowBase + $ClientConnection, $hWow, "dword")
$currMgr = _MemoryRead($currMgr_pre + $CurMgrOffset, $hWow, "dword")
Global $ObjectZero = _MemoryRead($currMgr + $FirstObjectOffset, $hWow, "dword")

to get my Objectmanage and firstobj, now i want rewrite them in python , i have a question.

there is a "ObjectMgrPtr = 0x2897FE0" in WoWOffsetDumper's output , is it the "$ClientConnection" or "$CurMgrOffset"?

It's the $CurMgrOffset

[chlycooper]

thanks, don't need $ClientConnection now? i saw some coding just use"wow.exe+ObjectMgrPtr"

[NoxiaZ]

thanks, don't need $ClientConnection now? i saw some coding just use"wow.exe+ObjectMgrPtr"

That's correct its only "wowclassic.exe+ObjectMgrPtr"

[Icesythe7]

@NoxiaZ just read the pe header of wow to get version number instead that way you will never need any addresses and it will never need an update