![[HELP] [RETAIL 10.0.7.51536] Reading target GUID from memory](https://www.ownedcore.com/forums/images/styles/OwnedCoreFX/addimg/menu4.svg)
Hello guys! I'm learning world of memory editing right now, but I'm not skilled enough to get the memory addresses myself. Its not that hard on classic or in wotlk but it seems pretty hard for me in retail dragonflight.
I'm currently use the following project to get memory values: GitHub - Razzue/Wow-Dumper: A simple wow offset dumper
Many thanks to Razzue!
I'm getting the following values from World of Warcraft:
I'm using the following code to do memory reading from the game:Code:[9:38 AM] Enter process id you wish to attach to, then press enter. [9:38 AM] Attached to World of Warcraft [9:38 AM] Base Address -> 0x7FF688C40000 [9:38 AM] Proc Handle -> 0x3D4 [9:38 AM] Version -> 10.1.7.51536 [9:38 AM] Loaded 13 classes [9:38 AM] Offsets have been saved to .cs! [9:38 AM] --- Scripts --- [9:38 AM] ScriptIsAutoRepeatSpell -> 0x2037DF0 [9:38 AM] --- Guids --- [9:38 AM] Mouseover Guid -> 0x30096 [9:38 AM] Pet Guid -> 0x30096 [9:38 AM] Player Guid -> 0x37875C8 [9:38 AM] Target Guid -> 0x3008E [9:38 AM] Last Target Guid -> 0x3009E [9:38 AM] Last Enemy Guid -> 0x300AE [9:38 AM] Last Friendly Guid -> 0x300BE [9:38 AM] Focus Guid -> 0x300CE [9:38 AM] DialogWindowOwner Guid -> 0x300DE [9:38 AM] Bag Guid -> 0x30096 [9:38 AM] --- Global Data --- [9:38 AM] In Game Status -> 0x30096 [9:38 AM] Player Name -> 0x3C11018 [9:38 AM] Corpse Position -> 0x37E1390 [9:38 AM] Last Ui Message -> 0x30096 [9:38 AM] Loot Window -> 0x30096 [9:38 AM] --- Quests --- [9:38 AM] Base -> 0x30096 [9:38 AM] NumQuests -> 0x300905F [9:38 AM] CurrentQuest -> 0x3E9EA8C [9:38 AM] QuestTitle -> 0x30096 [9:38 AM] GossipQuests -> 0x30096 [9:38 AM] NumQuestChoices -> 0x300905F [9:38 AM] QuestReward -> 0x30096 [9:38 AM] --- Auto Loot --- [9:38 AM] Base -> 0x3E1CA70 [9:38 AM] Offset -> 0x14 [9:38 AM] --- Click To Move --- [9:38 AM] Base -> 0x3E1CA20 [9:38 AM] Offset -> 0x14 [9:38 AM] --- Chat --- [9:38 AM] Open -> 0x3EF813C [9:38 AM] Start -> 0x3CE6A90 [9:38 AM] Offset -> 0x1888 [9:38 AM] Message -> 0xF6 [9:38 AM] --- Key Bindings --- [9:38 AM] Base -> 0x30096 [9:38 AM] --- Add On --- [9:38 AM] Count -> 0x3ECF268 [9:38 AM] List -> 0x3ECF7B0 [9:38 AM] --- Spellbooks --- [9:38 AM] Count -> 0x3E1BD60 [9:38 AM] Base -> 0x3E1BD68 [9:38 AM] PetBase -> 0x3E1BD90 [9:38 AM] PetCount -> 0x3E1BD88 [9:38 AM] --- Object Manager --- [9:38 AM] Zone ID -> 0x300905F [9:38 AM] Names -> 0x30096 [9:38 AM] Base -> 0x3CE51D0 [9:38 AM] Cooldown -> 0x3C5BCF0 [9:38 AM] --- Battlegrounds --- [9:38 AM] Finished -> 0x3009060 [9:38 AM] Winner -> 0x300905F [9:38 AM] Info -> 0x37EA1F0 [9:38 AM] --- Camera --- [9:38 AM] Base -> 0x3BECBA0 [9:38 AM] Offset -> 0x3930 [9:38 AM] Patterns have been saved to .json! [9:38 AM] Press any key to exit.
With the help of this I can retrieve basic informations from world of warcraft like playername:Code:public class Memory { public nint wowProc { get; set; } public Memory(nint wowProc) { this.wowProc = wowProc; } [Flags] public enum SnapshotFlags : uint { HeapList = 0x00000001, Process = 0x00000002, Thread = 0x00000004, Module = 0x00000008, Module32 = 0x00000010, All = (HeapList | Process | Thread | Module), Inherit = 0x80000000, NoHeaps = 0x40000000 } [Flags] public enum ProcessAccessFlags : uint { All = 0x001F0FFF, Terminate = 0x00000001, CreateThread = 0x00000002, VirtualMemoryOperation = 0x00000008, VirtualMemoryRead = 0x00000010, VirtualMemoryWrite = 0x00000020, DuplicateHandle = 0x00000040, CreateProcess = 0x000000080, SetQuota = 0x00000100, SetInformation = 0x00000200, QueryInformation = 0x00000400, QueryLimitedInformation = 0x00001000, Synchronize = 0x00100000 } [DllImport("kernel32.dll", SetLastError = true)] public static extern IntPtr OpenProcess( uint processAccess, bool bInheritHandle, uint processId ); [StructLayout(LayoutKind.Sequential)] public struct PROCESSENTRY32 { public uint dwSize; public uint cntUsage; public uint th32ProcessID; public IntPtr th32DefaultHeapID; public uint th32ModuleID; public uint cntThreads; public uint th32ParentProcessID; public int pcPriClassBase; public uint dwFlags; [MarshalAs(UnmanagedType.ByValTStr, SizeConst = 260)] public string szExeFile; }; [StructLayout(LayoutKind.Sequential, CharSet = System.Runtime.InteropServices.CharSet.Ansi)] public struct MODULEENTRY32 { internal uint dwSize; internal uint th32ModuleID; internal uint th32ProcessID; internal uint GlblcntUsage; internal uint ProccntUsage; internal IntPtr modBaseAddr; internal uint modBaseSize; internal IntPtr hModule; [MarshalAs(UnmanagedType.ByValTStr, SizeConst = 256)] internal string szModule; [MarshalAs(UnmanagedType.ByValTStr, SizeConst = 260)] internal string szExePath; } [DllImport("kernel32.dll", SetLastError = true)] static extern bool ReadProcessMemory( IntPtr hProcess, IntPtr lpBaseAddress, [Out] byte[] lpBuffer, int dwSize, out IntPtr lpNumberOfBytesRead); [DllImport("kernel32.dll", SetLastError = true)] public static extern bool WriteProcessMemory( IntPtr hProcess, IntPtr lpBaseAddress, [MarshalAs(UnmanagedType.AsAny)] object lpBuffer, Int32 nSize, out IntPtr lpNumberOfBytesWritten); [DllImport("kernel32.dll")] static extern bool Process32First(IntPtr hSnapshot, ref PROCESSENTRY32 lppe); [DllImport("kernel32.dll")] static extern bool Process32Next(IntPtr hSnapshot, ref PROCESSENTRY32 lppe); [DllImport("kernel32.dll")] static extern bool Module32First(IntPtr hSnapshot, ref MODULEENTRY32 lpme); [DllImport("kernel32.dll")] static extern bool Module32Next(IntPtr hSnapshot, ref MODULEENTRY32 lpme); [DllImport("kernel32.dll", SetLastError = true)] static extern bool CloseHandle(IntPtr hHandle); [DllImport("kernel32.dll", SetLastError = true)] static extern IntPtr CreateToolhelp32Snapshot(SnapshotFlags dwFlags, int th32ProcessID); public static IntPtr GetModuleBaseAddress(System.Diagnostics.Process proc, string modName) { IntPtr addr = IntPtr.Zero; foreach (ProcessModule m in proc.Modules) { if (m.ModuleName == modName) { addr = m.BaseAddress; break; } else { throw new Exception("Hiba"); } } return addr; } const int INVALID_HANDLE_VALUE = -1; public static IntPtr GetModuleBaseAddress(int procId, string modName) { IntPtr modBaseAddress = IntPtr.Zero; IntPtr hSnap = CreateToolhelp32Snapshot(SnapshotFlags.Module | SnapshotFlags.Module32, procId); if (hSnap.ToInt64() != INVALID_HANDLE_VALUE) { MODULEENTRY32 modEntry = new MODULEENTRY32(); modEntry.dwSize = (uint)Marshal.SizeOf(typeof(MODULEENTRY32)); if (Module32First(hSnap, ref modEntry)) { do { if (modEntry.szModule.Equals(modName)) { modBaseAddress = modEntry.modBaseAddr; break; } else { throw new Exception("Hiba a GetModuleBaseAddress-ben"); } } while (Module32Next(hSnap, ref modEntry)); } } CloseHandle(hSnap); return modBaseAddress; } public static IntPtr FindDMAAddy(IntPtr hProc, IntPtr ptr, int[] offsets) { var buffer = new byte[IntPtr.Size]; foreach (var i in offsets) { ReadProcessMemory(hProc, ptr, buffer, buffer.Length, out var read); var test = read; ; ptr = (IntPtr.Size == 4) ? IntPtr.Add(new IntPtr(BitConverter.ToInt32(buffer, 0)), i) : ptr = IntPtr.Add(new IntPtr(BitConverter.ToInt64(buffer, 0)), i); } return ptr; } public string ReadString(IntPtr address, int maxLength) { byte[] buffer = new byte[maxLength]; IntPtr bytesRead; if (ReadProcessMemory(wowProc, address, buffer, maxLength, out bytesRead) && bytesRead.ToInt32() > 0) { string result = Encoding.UTF8.GetString(buffer, 0, bytesRead.ToInt32()); return result; } else { throw new Exception("Failed to read string from memory."); } } public T Read<T>(IntPtr address) where T : struct { int dataSize = Marshal.SizeOf<T>(); // Size of the data type in bytes byte[] buffer = new byte[dataSize]; IntPtr bytesRead; if (ReadProcessMemory(wowProc, address, buffer, dataSize, out bytesRead) && bytesRead.ToInt32() == dataSize) { T result = ByteArrayToStructure<T>(buffer); return result; } else { throw new Exception("Failed to read data from memory."); } } private static T ByteArrayToStructure<T>(byte[] bytes) where T : struct { GCHandle handle = GCHandle.Alloc(bytes, GCHandleType.Pinned); try { return Marshal.PtrToStructure<T>(handle.AddrOfPinnedObject()); } finally { handle.Free(); } } }
But any other task like retrieving Player or Target GUID is not working for me:Code:System.Diagnostics.Process wow = System.Diagnostics.Process.GetProcessesByName("wow").First(); if (wow == null) throw new Exception("World of warcraft not found!"); IntPtr wowBase = Memory.GetModuleBaseAddress(wow, "Wow.exe"); IntPtr wowProc = Memory.OpenProcess((uint)Memory.ProcessAccessFlags.All, false, (uint)wow.Id); Console.WriteLine("Attached to WoW!"); Console.WriteLine("Base Address: " + wowBase.ToString("X")); Memory wowMemo = new Memory(wowProc); var name = wowMemo.ReadString(wowBase + 0x3BA4048, 50); Console.WriteLine("Playername: " + name);
Output: ef69b667-15d4-4f54-ff41-0f62e262543dCode:var targetGuid = wowMemo.Read<Guid>(wowBase + 0x3008E); Console.WriteLine("Target Guid: " + targetGuid);
But the real target id is (with the help of in-game function: /dump UnitName("target"), UnitGUID("target")) -- > Creature-0-1465-0-2105-448-000043F59F
Am I missing something?
Why my code doesn't return any good values?
Can you guys help me with that?
![[HELP] [RETAIL 10.0.7.51536] Reading target GUID from memory](https://www.ownedcore.com/forums/../images/ba/9/top-1.gif)
![[HELP] [RETAIL 10.0.7.51536] Reading target GUID from memory](https://www.ownedcore.com/assets/mm/images/wits.png "TradeSafe Middleman")
![[HELP] [RETAIL 10.0.7.51536] Reading target GUID from memory](https://www.ownedcore.com/forums/images/styles/OwnedCoreFX/addimg/wicc.png "CoreCoins")
User Tag List
Results 1 to 4 of 4
-
09-29-2023 #1
Member
- Reputation
- 2
- Join Date
- Jul 2023
- Posts
- 10
- Thanks G/R
- 2/1
- Trade Feedback
- 0 (0%)
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
[Question] Retail 10.0.7.51536 Reading target GUID from memory
Last edited by nazmox; 09-29-2023 at 05:26 AM.
![[HELP] [RETAIL 10.0.7.51536] Reading target GUID from memory](https://www.ownedcore.com/images/ba/g/b2.gif)
-
09-29-2023 #2
Contributor Avid Ailurophile
- Reputation
- 379
- Join Date
- Jun 2017
- Posts
- 590
- Thanks G/R
- 188/268
- Trade Feedback
- 2 (100%)
- Mentioned
- 14 Post(s)
- Tagged
- 0 Thread(s)
It's because those patterns seemed to have broken since the last time I updated them. You'll have to find and update them first ð€·
"May all your bacon burn"
-
09-29-2023 #3
Member
- Reputation
- 1
- Join Date
- May 2018
- Posts
- 7
- Thanks G/R
- 0/0
- Trade Feedback
- 0 (0%)
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
Free throw ?Code:public static IntPtr GetModuleBaseAddress(System.Diagnostics.Process proc, string modName) { IntPtr addr = IntPtr.Zero; foreach (ProcessModule m in proc.Modules) { if (m.ModuleName == modName) { addr = m.BaseAddress; break; } else { throw new Exception("Hiba"); } } return addr; }
-
09-30-2023 #4
Active Member
- Reputation
- 28
- Join Date
- Dec 2021
- Posts
- 59
- Thanks G/R
- 18/16
- Trade Feedback
- 0 (0%)
- Mentioned
- 1 Post(s)
- Tagged
- 0 Thread(s)
TargetGUID: "48 39 05 ?? ?? ?? ?? 48 8B FA 48 8B E9 75"
Hello everyone, I'm a newbie~ Recently I'm trying to study how to execute API externally and get the return value of API, as well as the release of aoe spells, come on!
Reply With Quote
Similar Threads
-
Read KnownSpell Array from memory
By Edder in forum WoW Memory EditingReplies: 2Last Post: 05-12-2012, 06:46 AM -
AutoIT Example - Reading a value from memory
By mechtn in forum SWTOR Bots and ProgramsReplies: 10Last Post: 02-01-2012, 11:48 AM -
[Question] Reading DBC's from memory?
By -Ryuk- in forum WoW Memory EditingReplies: 7Last Post: 09-05-2011, 04:52 PM -
[Guide][VB.NET] Read a string from memory
By Gothian in forum ProgrammingReplies: 14Last Post: 08-18-2008, 04:39 PM -
[Guide][VB.NET] Reading a String From Memory
By Gothian in forum WoW Memory EditingReplies: 14Last Post: 01-18-2008, 12:08 PM
-
OwnedCore Forums
casino news World of Warcraft Pokemon GO MMO Overwatch RTS Casino reviews bc game bc game bc game bc game bc game bc game bc game bc game bc game bc game bc game bc game bc game bc game bc game bc game bc game bc game bc game bc game bc game bc game bc game bc game bc game bc game bc game bc game bc game bc game bc game bc game bc game bc game bc game bc game bc game bc game bc game bc game bc game bc game bc game bc game bc game bc game bc game bc game bc game bc game bc game -
casino
Casino Gambling Online casinos Casino en ligne bc game bc game bc game bc game bc game bc game bc game bc game bc game bc game bc game no deposit bonus codes roobet Top 10 Casinos Casino reviews Bitcoin casino Paypal Casino Lucky8 1xbit heycasino Jeux de machines à sous âBet365 Casino - Best â Ruby Fortune Casino - Stake Casino Bonus Sans â ThorCasino Casino - BetPlay.io Casino - Best â Betfred Bookmaker BlackJack Casino Rules - â Madame Destiny -
CoreCoins
CoreCoins CoreCoins FAQ Shout-Out Banner Ads -
My OwnedCore
My Profile Notifications Settings Buy CoreCoins About Us
Privacy Policy | Cookie Policy | Terms | Contact Us
Available Payment Methods:-
![[HELP] [RETAIL 10.0.7.51536] Reading target GUID from memory](https://www.ownedcore.com/images/paybutton/paypal.png)
![[HELP] [RETAIL 10.0.7.51536] Reading target GUID from memory](https://www.ownedcore.com/images/paybutton/skrill.png)
![[HELP] [RETAIL 10.0.7.51536] Reading target GUID from memory](https://www.ownedcore.com/images/paybutton/payop.png)
-
Casino
Oshi Casino | BuzzLuck | USA CASINO | Lucky31 | PalmSlots Casino | Bc Game | No deposit bonus | Dublinbet | Millionz | Rollino Casino | MrGreen | Casino deposit offers | Crypto Casino | Cresus Casino | Casino | Drake Casino | BitCasino | NeedForSpin | Stake Casino | Bovada casino | How to Play BlackJack Online | Welcome Bonuses | Slot machines | Lucky8 | Jackpotcity | Casino Reviews | Sportsbook | Betflip Casino