-
Member
[C#][3.3.5][Help] Reversing GetRaidRosterInfo
Hello,
I tryed to revers lua_GetRaidRosterInfo to get subgroup and in pseudocode i see
Code:
v8 = (double)*(int *)(v7[52] + 192);
, where v7 as I understand is a baseaddress
Code:
v7 = ClntObjMgrObjectPtr(*(WGUID *)v2, TYPEMASK_UNIT);
I cant understan what [52] is mean? As for 192 i think it is offset ->
Code:
double index = BlackMagic.ReadDouble(unit.BaseAddress + 0x192);
Last edited by Borg333; 07-28-2022 at 03:00 AM.
-
Contributor
Code:
v7 = ClntObjMgrObjectPtr(*(WGUID *)v2, TYPEMASK_UNIT);
v20 = v7;
if ( v7 )
{
UNIT_FIELD_LEVEL = (double)(int)v7->UnitBase.UnitData->UNIT_FIELD_LEVEL;
}
else if ( (*(_BYTE *)(v2 + 24) & 1) != 0 )
{
v21 = *(unsigned __int16 *)(v2 + 40);
UNIT_FIELD_LEVEL = (double)v21;
}
else
{
UNIT_FIELD_LEVEL = 0.0;
}
FrameScript::PushNumber(a1, UNIT_FIELD_LEVEL);
Code:
.text:0057379B 8B 88 D0 00 00 00 mov ecx, [eax+0D0h]
.text:005737A1 DB 81 C0 00 00 00 fild dword ptr [ecx+0C0h]
It's desriptor field. You should read descriptor address first, then read field. Like this:
double UnitLevel = Memory.Read<double>(Memory.Read<IntPtr>(unit.BaseAddress+0x0D0) + 0x0C0);
-
Post Thanks / Like - 1 Thanks
Borg333 (1 members gave Thanks to air999 for this useful post)
-
Member
Thanks! I have mistake with getting arg number for subgroup, it is the third, but looking on fourth. so
subgroup is FrameScript::PushNumber(a1, (double)(unsigned int)v20);
v20 = (_DWORD *)(*(_DWORD *)(v2 + + 1);
v2 is like GUID pointer or baseaddress + guid offset? Dont understand it.
-
Contributor
name, rank, subgroup, level, class, fileName, zone, online, isDead, role, isML = GetRaidRosterInfo(raidIndex);
Code:
CGPartyInfo__s_groups 00BEB568 // pointer to group info
RaidMemberPtr = Memory.Read<IntPtr>(Memory.Read<IntPtr>(CGPartyInfo__s_groups) + (raidIndex-1)*4 )
subgroup = Memory.Read<int>(RaidMemberPtr + 8) + 1
Code:
.text:005736E3 8B 45 EC mov eax, [ebp+a3]
.text:005736E6 83 E8 01 sub eax, 1
.text:005736E9 3B 05 08 B6 BE 00 cmp eax, dword_BEB608
.text:005736EF D9 6D FE fldcw [ebp+var_2]
.text:005736F2 0F 83 EE 02 00 00 jnb loc_5739E6
.text:005736F8 8B 3C 85 68 B5 BE+ mov edi, CGPartyInfo__s_groups[eax*4]
.text:005736F8 00
.text:005736FF 33 C0 xor eax, eax
.text:00573701 3B F8 cmp edi, eax
.text:00573703 0F 84 DD 02 00 00 jz loc_5739E6
.text:00573709 8B 4F 04 mov ecx, [edi+4]
.text:0057370C 8B 17 mov edx, [edi]
.text:0057370E 50 push eax ; a6
.text:0057370F 50 push eax ; a5
.text:00573710 50 push eax ; a4
.text:00573711 89 45 EC mov [ebp+a3], eax
.text:00573714 89 45 F0 mov [ebp+a3+4], eax
.text:00573717 8D 45 EC lea eax, [ebp+a3]
.text:0057371A 50 push eax ; a3
.text:0057371B 51 push ecx
.text:0057371C 52 push edx ; a2
.text:0057371D B9 38 D9 C5 00 mov ecx, offset WDB_CACHE_NAME ; this
.text:00573722 E8 49 A0 10 00 call DBCache_NameCache_GetRecord
.text:00573727 8B D8 mov ebx, eax
.text:00573729 85 DB test ebx, ebx
.text:0057372B 0F 84 B5 02 00 00 jz loc_5739E6
.text:00573731 68 31 01 00 00 push 131h
.text:00573736 8D 85 B8 FE FF FF lea eax, [ebp+var_148]
.text:0057373C 50 push eax
.text:0057373D 8B CB mov ecx, ebx
.text:0057373F E8 DC 9A F8 FF call NameCache__FullName
.text:00573744 50 push eax
.text:00573745 56 push esi ; double
.text:00573746 E8 05 AC 2D 00 call FrameScript__PushString
.text:0057374B DB 47 0C fild dword ptr [edi+0Ch]
.text:0057374E DD 1C 24 fstp [esp+15Ch+var_15C]
.text:00573751 56 push esi ; int
.text:00573752 E8 49 AB 2D 00 call FrameScript__PushNumber
.text:00573757 8B 4F 08 mov ecx, [edi+8]
.text:0057375A 83 C1 01 add ecx, 1
.text:0057375D 85 C9 test ecx, ecx
.text:0057375F 89 4D F4 mov [ebp+var_C], ecx
.text:00573762 DB 45 F4 fild [ebp+var_C]
.text:00573765 7D 06 jge short loc_57376D
.text:00573767 DC 05 B8 56 9E 00 fadd ds:dbl_9E56B8
.text:0057376D
.text:0057376D loc_57376D: ; CODE XREF: Lua_GetRaidRosterInfo+D5↑j
.text:0057376D 83 C4 04 add esp, 4
.text:00573770 DD 1C 24 fstp [esp+15Ch+var_15C]
.text:00573773 56 push esi ; int
.text:00573774 E8 27 AB 2D 00 call FrameScript__PushNumber
-
Post Thanks / Like - 1 Thanks
Borg333 (1 members gave Thanks to air999 for this useful post)