[C++] Descriptors dumper & Find descriptor offsets

**Icesythe7** · 01-10-2020

heres an example in c++ btw

Code:

	FileVersion* GetFileVer()
	{
		CHAR dllPath[MAX_PATH] = { 0 };
		GetModuleFileName(GetModuleHandleW(nullptr), reinterpret_cast<LPWSTR>(dllPath), _countof(dllPath));
		DWORD  verHandle = 0;
		UINT   size = 0;
		LPBYTE lpBuffer = nullptr;
		const auto verSize = GetFileVersionInfoSize(reinterpret_cast<LPWSTR>(dllPath), &verHandle);
		if (verSize != NULL)
		{
			const auto verData = new char[verSize];

			if (GetFileVersionInfo(reinterpret_cast<LPWSTR>(dllPath), verHandle, verSize, verData) && VerQueryValue(verData, L"\\", reinterpret_cast<VOID FAR * FAR*>(&lpBuffer), &size))
			{
				if (size)
				{
					const auto verInfo = reinterpret_cast<VS_FIXEDFILEINFO*>(lpBuffer);
					if (verInfo->dwSignature == 0xfeef04bd)
					{
						const auto x = new FileVersion;
						x->major = static_cast<int>(verInfo->dwFileVersionMS) >> 16 & 0xffff;
						x->minor = static_cast<int>(verInfo->dwFileVersionMS) >> 0 & 0xffff;
						x->bug_fix = static_cast<int>(verInfo->dwFileVersionLS) >> 16 & 0xffff;
						x->build_number = static_cast<int>(verInfo->dwFileVersionLS) >> 0 & 0xffff;
						return x;
					}
				}
			}
			delete[] verData;
		}
		return nullptr;
	}

Code:

	struct FileVersion final
	{
		int32_t major;
		int32_t minor;
		int32_t bug_fix;
		int32_t build_number;
	};

Code:

const auto fv = GetFileVer();
		std::stringstream stringStream;
		stringStream << fv->major << "." << fv->minor << "." << fv->bug_fix << "." << fv->build_number;
		const auto version(stringStream.str());
		WowVersion = version.c_str();

would output a string "1.13.3.32887" for example

**NoxiaZ** · 01-10-2020

Originally Posted by Icesythe7

heres an example in c++ btw

Code:

	FileVersion* GetFileVer()
	{
		CHAR dllPath[MAX_PATH] = { 0 };
		GetModuleFileName(GetModuleHandleW(nullptr), reinterpret_cast<LPWSTR>(dllPath), _countof(dllPath));
		DWORD  verHandle = 0;
		UINT   size = 0;
		LPBYTE lpBuffer = nullptr;
		const auto verSize = GetFileVersionInfoSize(reinterpret_cast<LPWSTR>(dllPath), &verHandle);
		if (verSize != NULL)
		{
			const auto verData = new char[verSize];

			if (GetFileVersionInfo(reinterpret_cast<LPWSTR>(dllPath), verHandle, verSize, verData) && VerQueryValue(verData, L"\\", reinterpret_cast<VOID FAR * FAR*>(&lpBuffer), &size))
			{
				if (size)
				{
					const auto verInfo = reinterpret_cast<VS_FIXEDFILEINFO*>(lpBuffer);
					if (verInfo->dwSignature == 0xfeef04bd)
					{
						const auto x = new FileVersion;
						x->major = static_cast<int>(verInfo->dwFileVersionMS) >> 16 & 0xffff;
						x->minor = static_cast<int>(verInfo->dwFileVersionMS) >> 0 & 0xffff;
						x->bug_fix = static_cast<int>(verInfo->dwFileVersionLS) >> 16 & 0xffff;
						x->build_number = static_cast<int>(verInfo->dwFileVersionLS) >> 0 & 0xffff;
						return x;
					}
				}
			}
			delete[] verData;
		}
		return nullptr;
	}

Code:

	struct FileVersion final
	{
		int32_t major;
		int32_t minor;
		int32_t bug_fix;
		int32_t build_number;
	};

Code:

const auto fv = GetFileVer();
		std::stringstream stringStream;
		stringStream << fv->major << "." << fv->minor << "." << fv->bug_fix << "." << fv->build_number;
		const auto version(stringStream.str());
		WowVersion = version.c_str();

would output a string "1.13.3.32887" for example

That's actually a pretty cool way to do it - Think i'm going to use that as well, but i need the memory address to verify version, i have been using regex to see if bot was reading the correct version

**ejt** · 01-11-2020

Originally Posted by Icesythe7

heres an example in c++ btw

Code:

	FileVersion* GetFileVer()
	{
		CHAR dllPath[MAX_PATH] = { 0 };
		GetModuleFileName(GetModuleHandleW(nullptr), reinterpret_cast<LPWSTR>(dllPath), _countof(dllPath));
		DWORD  verHandle = 0;
		UINT   size = 0;
		LPBYTE lpBuffer = nullptr;
		const auto verSize = GetFileVersionInfoSize(reinterpret_cast<LPWSTR>(dllPath), &verHandle);
		if (verSize != NULL)
		{
			const auto verData = new char[verSize];

			if (GetFileVersionInfo(reinterpret_cast<LPWSTR>(dllPath), verHandle, verSize, verData) && VerQueryValue(verData, L"\\", reinterpret_cast<VOID FAR * FAR*>(&lpBuffer), &size))
			{
				if (size)
				{
					const auto verInfo = reinterpret_cast<VS_FIXEDFILEINFO*>(lpBuffer);
					if (verInfo->dwSignature == 0xfeef04bd)
					{
						const auto x = new FileVersion;
						x->major = static_cast<int>(verInfo->dwFileVersionMS) >> 16 & 0xffff;
						x->minor = static_cast<int>(verInfo->dwFileVersionMS) >> 0 & 0xffff;
						x->bug_fix = static_cast<int>(verInfo->dwFileVersionLS) >> 16 & 0xffff;
						x->build_number = static_cast<int>(verInfo->dwFileVersionLS) >> 0 & 0xffff;
						return x;
					}
				}
			}
			delete[] verData;
		}
		return nullptr;
	}

Code:

	struct FileVersion final
	{
		int32_t major;
		int32_t minor;
		int32_t bug_fix;
		int32_t build_number;
	};

Code:

const auto fv = GetFileVer();
		std::stringstream stringStream;
		stringStream << fv->major << "." << fv->minor << "." << fv->bug_fix << "." << fv->build_number;
		const auto version(stringStream.str());
		WowVersion = version.c_str();

would output a string "1.13.3.32887" for example

Looks like you have a memory leak where it doesn't delete the char array because it returns before the delete. Either put a delete before the 'return x' or use std::vector instead.

**Icesythe7** · 01-11-2020

Originally Posted by ejt

Looks like you have a memory leak where it doesn't delete the char array because it returns before the delete. Either put a delete before the 'return x' or use std::vector instead.

ah your right thanks for pointing that out!

**ejt** · 01-11-2020

Originally Posted by Icesythe7

ah your right thanks for pointing that out!

np, usage of 'new' and 'delete' should almost never be used in modern C++. A byte array can be initiated using:

Code:

std::vector<char> bytes;
bytes.resize(my_awesome_size);
some_function_that_takes_byte_array(&bytes[0]);
// or some_function_that_takes_byte_array(bytes.data());

instead as this gives you the benefit of being exception-safe.

**xbec** · 02-01-2020

thank you gread job...very cool!!!!

**Lvv** · 04-13-2020

I've learned here. It's really coooooooooooooooool! bro

**Geneditor** · 04-15-2020

Does anyone have a working "CooldownPtr" pattern? I am not able find the address in IDA

**NoxiaZ** · 04-16-2020

Originally Posted by Geneditor

Does anyone have a working "CooldownPtr" pattern? I am not able find the address in IDA

Have you tried using the cooldown pattern?

**Geneditor** · 04-17-2020

Originally Posted by NoxiaZ

Have you tried using the cooldown pattern?

I have found it myself now, it was a bit tricky since it is only reference via a + 0x10 offset, and hence you will find no direct references to it. It is used both in "GetActionCooldown" and "GetSpellCooldown".

Using the commented out pattern from the WowDumper source, I find an address very close to it, so the pattern should also work (which makes me wonder why it was commented out in the first place).

Since the cooldown list does not seem to be cleared immediately after the cooldown expires, one has to check manually if the cooldown is off.

The timestamp can be found in GetTime().

**Lvv** · 04-27-2020

Sorry English is not my native language. Maybe I can't express my gratitude to you in words

I receive a lot of goods by browsing your articles

At present, I have obtained the addresses of gameversion, objectmgrptr, etc

Next, how can I get information about the player

Enumerate objects?

**Lvv** · 04-27-2020

Sorry English is not my native language. Maybe I can't express my gratitude to you in words

I receive a lot of goods by browsing your articles

At present, I have obtained the addresses of gameversion, objectmgrptr, etc

Next, how can I get information about the player

Enumerate objects?

**ejt** · 04-28-2020

Originally Posted by Lvv

Sorry English is not my native language. Maybe I can't express my gratitude to you in words

I receive a lot of goods by browsing your articles

At present, I have obtained the addresses of gameversion, objectmgrptr, etc

Next, how can I get information about the player

Enumerate objects?

Search the forum, this has been answered so many times.

**bigofsmall** · 06-05-2021

Hi Guys:

I meet a problem when I compile the source code , it shows "C3861" error for "_state" "_address" in file "object.hpp".

Thanks.

**Reghero** · 08-06-2021

I'm trying to fix the descriptor dump for classic with this. So far I've got it correctly looping the functions using the pattern:

40 53 48 83 EC ? E8 ? ? ? ? E8 ? ? ? ? E8 ? ? ? ? E8 ? ? ? ? E8 ? ? ? ? E8 ? ? ? ? E8 ? ? ? ? E8 ? ? ? ? E8 ? ? ? ? E8 ? ? ? ? E8 ? ? ? ?

Mapping to MirrorInitializeStaticDescriptors

But I'm having issues getting it to actually retrieve the correct number of descriptors for each function. For example:

enum CGContainerData
{
CGContainerData_ = CGItemDataEnd + 0, // size 0 flags: MIRROR_NONE
CGContainerData_ = CGItemDataEnd + 0, // size 0 flags: MIRROR_NONE
CGContainerData_ = CGItemDataEnd + 0, // size 0 flags: MIRROR_NONE
CGContainerData_ = CGItemDataEnd + 0, // size 0 flags: MIRROR_NONE
CGContainerData_ = CGItemDataEnd + 0, // size 0 flags: MIRROR_NONE
CGContainerData_ = CGItemDataEnd + 0, // size 0 flags: MIRROR_NONE
CGContainerData_ = CGItemDataEnd + 0, // size 0 flags: MIRROR_NONE
CGContainerData_ = CGItemDataEnd + 0, // size 0 flags: MIRROR_NONE
CGContainerData_ = CGItemDataEnd + 0, // size 0 flags: MIRROR_NONE
CGContainerData_ = CGItemDataEnd + 0, // size 0 flags: MIRROR_NONE
CGContainerData_ = CGItemDataEnd + 0, // size 0 flags: MIRROR_NONE
CGContainerData_ = CGItemDataEnd + 0, // size 0 flags: MIRROR_NONE
CGContainerData_ = CGItemDataEnd + 0, // size 0 flags: MIRROR_NONE
CGContainerData_ = CGItemDataEnd + 0, // size 0 flags: MIRROR_NONE
CGContainerData_ = CGItemDataEnd + 0, // size 0 flags: MIRROR_NONE
CGContainerData_ = CGItemDataEnd + 0, // size 0 flags: MIRROR_NONE
CGContainerData_ = CGItemDataEnd + 0, // size 0 flags: MIRROR_NONE
CGContainerData_ = CGItemDataEnd + 0, // size 0 flags: MIRROR_NONE
CGContainerData_ = CGItemDataEnd + 0, // size 0 flags: MIRROR_NONE
CGContainerData_ = CGItemDataEnd + 0, // size 0 flags: MIRROR_NONE
CGContainerData_ = CGItemDataEnd + 0, // size 0 flags: MIRROR_NONE
CGContainerData_ = CGItemDataEnd + 0, // size 0 flags: MIRROR_NONE
CGContainerData_ = CGItemDataEnd + 0, // size 0 flags: MIRROR_NONE
CGContainerDataEnd = CGItemDataEnd + 0
};

When IDA shows it as two.

Shout-Out

User Tag List

Thread: [C++] Descriptors dumper & Find descriptor offsets

Thread Tools

Search Thread

Similar Threads

[3.0.9] Descriptors dumper by Kynox [Help]

Descriptors

Help w/ Obj Dumper (3.0.3)

Ultimate Programs for Phishers (Web dumper & Email Extractor)

[SOURCE] WoW Object Dumper

OwnedCore Forums

casino

CoreCoins

My OwnedCore

About Us

Casino