[Nesox]

Quote:

Originally Posted by Cypher

Errr. Thats exactly the way we're talking about Nesox.

Both the OP and I posted it.

i know.. btw. to get curObj and localGUID
the offsets seems to have changed i used to be able to get them with theese:

Code:

localGUID = Memory.ReadUInt64(hProcess, (ObjectManager.s_curMgr + 0xC0));
curObj = Memory.ReadUInt(hProcess, (ObjectManager.s_curMgr + 0xAC));

did it change?

[Cypher]

Neither have changed.

[Nesox]

Quote:

Originally Posted by Cypher

Neither have changed.

ah ok, my bad cant login right now so ill try again tomorrow

[Cypher]

Also. The GUID is 8 bytes and stored at 0xC0 and 0xC4.

And the second offset isn't "curobj" it's the pointer to the first object.

[Dearleader]

Quote:

Originally Posted by Cypher

Also. The GUID is 8 bytes and stored at 0xC0 and 0xC4.

And the second offset isn't "curobj" it's the pointer to the first object.

So you mean [ [g_clientConnection] + 0x285C ] + 0xAC = First Object Ptr?

[kynox]

Quote:

Originally Posted by Dearleader

So you mean [ [g_clientConnection] + 0x285C ] + 0xAC = First Object Ptr?

Yes, its a linked list.

[Cypher]

Quote:

Originally Posted by kynox

Yes, its a linked list.

^ This .

[luciferc]

Charmander be a trollin the front lawn...

[RoKFenris]

Quote:

Originally Posted by kynox

Yes, its a linked list.

BTW, it's a double linked list:

[currObjPtr + 0x38] = prevObjPtr + 0x38
[firstObjPtr + 0x38] = [ [g_clientConnection] + 0x285C ] + 0xA8
[ [ [g_clientConnection] + 0x285C ] + 0xA8] = lastObjectPtr + 0x38

You can iterate over the whole list from any one object. Of course, with the ease of finding g_clientConnection, it's not really needed.

I also found the adresses I was looking for, thanks to Cypher's info (and finally learning how to reverse a VMT). The object name is found at [ [currObj + 0x1f4] + 0x078 ], and the object type is now the second byte of GAMEOBJECT_BYTES_1 (offset 0x045 from the start of the gameObject structure).

[Cypher]

Quote:

Originally Posted by RoKFenris

BTW, it's a double linked list:

[currObjPtr + 0x38] = prevObjPtr + 0x38
[firstObjPtr + 0x38] = [ [g_clientConnection] + 0x285C ] + 0xA8
[ [ [g_clientConnection] + 0x285C ] + 0xA8] = lastObjectPtr + 0x38

You can iterate over the whole list from any one object. Of course, with the ease of finding g_clientConnection, it's not really needed.

I also found the adresses I was looking for, thanks to Cypher's info (and finally learning how to reverse a VMT). The object name is found at [ [currObj + 0x1f4] + 0x078 ], and the object type is now the second byte of GAMEOBJECT_BYTES_1 (offset 0x045 from the start of the gameObject structure).

Oh nice. You found where GOT is located! Thats what I was gonna do after I sorted this DBC stuff. Nice work.

[crazyelfjj]

....ok i dont know about all this coding stuff or what it is for...someone on XYZ page 33 told us to come here for the new pointers of XYZ....can someone below me post all of it??i wanna get to ebon hold lol...

[Nesox]

Quote:

Originally Posted by crazyelfjj

....ok i dont know about all this coding stuff or what it is for...someone on XYZ page 33 told us to come here for the new pointers of XYZ....can someone below me post all of it??i wanna get to ebon hold lol...

it has already been posted, take a look at the frst page.

0x012DF9E4 : Static X
0x012DF9E8 : Static Y
0x012DF9EC : Static Z

[RoKFenris]

Quote:

Originally Posted by Cypher

Oh nice. You found where GOT is located! Thats what I was gonna do after I sorted this DBC stuff. Nice work.

Found it by accident. I was looking at the GetModel function for game objects, and some types of game objects can't have models
If GOT vanishes again, looking at this function should be enough to find it.

[Cursed]

I dont have an account atm, so I cant test this but you can try if you want:

Code:

Hours (Time):   	0x0E11ABC
__________________________________________________________________
Minutes (Time): 	0x0E11AB8
__________________________________________________________________
Fall Speed:		0x1009560
__________________________________________________________________
Game Speed:		0x095A320
__________________________________________________________________
Unlimited Jumping:	0x08D53E1 

[UnknOwned]

Quote:

Originally Posted by Nesox

it has already been posted, take a look at the frst page.

0x012DF9E4 : Static X
0x012DF9E8 : Static Y
0x012DF9EC : Static Z

Guess the guy means modifiable pointers.

Quote:

Originally Posted by crazyelfjj

....ok i dont know about all this coding stuff or what it is for...someone on XYZ page 33 told us to come here for the new pointers of XYZ....can someone below me post all of it??i wanna get to ebon hold lol...

You don't just need the pointers for this patch. You need to re-write or atleast add a few lines of code to make it work since its no longer just one level to get to $base.

Just add it to the pointers.ini
and add the code to part before:

Code:

$base = _memoryread($pointer ,$wow,'dword')
$Y = "0x" & hex($base + 0xBF0)