Page 1 of 1
HP and Mana Memory Offsets?
Posted: Sun May 31, 2009 10:49 am
by xxsinz
I was wondering if anyone knew the Memory Offsets for HP / Mana, and if they are Bytes, Int, etc...
Thank You
Re: HP and Mana Memory Offsets?
Posted: Sun May 31, 2009 11:04 am
by Administrator
Code: Select all
staticcharbase_address = 0x88EF20;
charPtr_offset = 0x580;
castbar_offset = 0x248;
charX_offset = 0x2C;
charY_offset = 0x30;
charZ_offset = 0x34;
charAlive_offset = 0x210;
charHP_offset = 0x344;
charMaxHP_offset = 0x34C;
charMP_offset = 0x350;
charMaxMP_offset = 0x354;
charMP2_offset = 0x358;
charMaxMP2_offset = 0x35C;
charLevel_offset = 0x37C;
charLevel2_offset = 0x384;
charName_offset = 0x278;
charTargetPtr_offset = 0x260;
pawnAttackable_offset = 0x3F6;
inBattle_offset = 0x572;
camUVec1_offset = 0x38;
camUVec2_offset = 0x40;
They are double pointers. First, read the address (4 byte, int) from staticcharbase_address + charPtr_offset. Now read address + charHP_offset to get HP. Almost everything in the list above is 4 bytes.
Re: HP and Mana Memory Offsets?
Posted: Sun May 31, 2009 11:09 am
by xxsinz
Thank you very much. For reading staticcharbase_address and charPtr_offset would I use memoryReadIntPtr?
Re: HP and Mana Memory Offsets?
Posted: Sun May 31, 2009 12:05 pm
by Administrator
Yes, you would.
Code: Select all
playerAddress = memoryReadIntPtr(romProcess, staticcharbase_address, charPtr_offset);
playerHP = memoryReadInt(romProcess, playerAddress + charHP_offset);
Re: HP and Mana Memory Offsets?
Posted: Sun May 31, 2009 12:09 pm
by xxsinz
That's what I was missing, I was trying to + the first two offsets with the HP one in a var before I did memoryReadInt, going to give it a try now, see what happens.
Update**
Awesome, got it working, now just have to figure out how to make it into a percent, and then press a key.
Thank You Again!
Re: HP and Mana Memory Offsets?
Posted: Wed Jun 03, 2009 7:35 pm
by srounet
I have found Player current gold on static address : 0x89EB00 if it can helps.
Actually here is what i got from the game :
Player name : <Removed to protect the user>
Player class lvl 1 : 13
Player class lvl 2 : 0
Player position : (-1017133707.1097680790.-976346039)
Player hp : (483/483)
Player mp : (100/100)
Player mp2 : (0/0)
Player gold : 7496
Target name : Wolf
Target class lvl 1 : 4
Target class lvl 2 : 0
Target position : (-1024886700.1107867816.-975891738)
Target hp : (232/232)
Target mp : (0/0)
Target mp2 : (0/0)
Re: HP and Mana Memory Offsets?
Posted: Wed Jun 03, 2009 10:10 pm
by Administrator
Thanks for the input. I removed your character name for you. Are you sure those positions are right? They seem kind of awkward to me... What type are you reading? Int? Float?
Re: HP and Mana Memory Offsets?
Posted: Thu Jun 04, 2009 5:37 am
by srounet
I'm not sure of the position it's kinda weird but when i compare the Target position and the Player position it was more or less possible.
Anyway i'm reading int on 4 byte, and it's (x.y.z).
Re: HP and Mana Memory Offsets?
Posted: Thu Jun 04, 2009 5:53 am
by srounet
I'm not sure of the position it's kinda weird but when i compare the Target position and the Player position it was more or less possible.
Anyway I'm reading int on 4 byte, and it's (x.y.z).
I was wondering about how to get informations about radar and how to hook casts to send information to the server.
Re: HP and Mana Memory Offsets?
Posted: Thu Jun 04, 2009 10:58 am
by 3cmSailorfuku
srounet wrote:
I was wondering about how to get informations about radar and how to hook casts to send information to the server.
Map Positions:
You can definately detour this and log the parameters being sent to the function that displays the position on the minimap or via a codecave, but there is an issue which I will talk about in the next one. But if you use this method, you can also create new minimap icons that might be NPC's, Monsters, Players, Minerals, Loot, Chests etc.
Casting Spells without sending keystrokes: (if I assume that is what you meant with casts)
You need to find the original function for casting spells. I would recommend you looking for a String that is being displayed eg. "Casting..." and look for that if its possible,
then you gotta find out if its the right function. You can do that by setting up breakpoints to see if the rights parameters are being passed on. Often you would have to go actually deeper than that to find the original function for casting spells. If you know the adress and the parameters that are passed on, you can write a hook with a bit of inline asm (Providing that you don't know the calling convention, this is easier).
Re: HP and Mana Memory Offsets?
Posted: Thu Jun 04, 2009 11:23 am
by srounet
Well actually I do not use any API (as I'm writting a small C# library).
So I will have to find offsets by myself, it's really new for me so i will try my best and I may return with some new Questions.
I'm using Cheat Engine and Art*Money to find offsets and address.
Re: HP and Mana Memory Offsets?
Posted: Fri Jun 05, 2009 5:01 am
by 3cmSailorfuku
srounet wrote:Well actually I do not use any API (as I'm writting a small C# library).
So I will have to find offsets by myself, it's really new for me so i will try my best and I may return with some new Questions.
I'm using Cheat Engine and Art*Money to find offsets and address.
I rather suggest you using ollydbg for finding function pointers. Cheat engine and ArtMoney can be really akward when you try looking at the stack.
Re: HP and Mana Memory Offsets?
Posted: Thu Jul 09, 2009 7:52 am
by S3v3n11
So has anyone tried changing a characters x,y loc on the client? Does it cause the character to "warp" to a new location in the game? Or are there server side protections against that?
Re: HP and Mana Memory Offsets?
Posted: Sun Sep 27, 2009 6:37 pm
by SkilledWaffle
i need some pointers (no pun intended ;P)
so.. i try to read some addresses ( the current hp ) with delphi and i ran in some problems with the pointers.
like you said these are double pointers eg : [[staticcharbase_address]+charPtr_offset]+charHP_offset
so i have to read the addresses like this (in pseudocode)
Code: Select all
first = read value from address (staticcharbase_address)
first = first + charPtr_offset
second = read value from address (first)
second = second + charHP_offset
finalHP = read value from address (second)
did i got this right? i'm just asking because i get crazy values with this code
Re: HP and Mana Memory Offsets?
Posted: Sun Sep 27, 2009 7:42 pm
by droppen
Code: Select all
first = read value from address (staticcharbase_address + charPtr_offset)
first = first + charHP_offset
finalHP = read value from address (first)
is more like it
Re: HP and Mana Memory Offsets?
Posted: Sun Sep 27, 2009 8:40 pm
by Administrator
Handling double-(or tripple, quadruple, ...) pointers can be a bit annoying to debug. I'd suggest printing out your current address at each step and and comparing it to a chain that you know works (use, say, Cheat Engine).
Here's some pseudo-code:
Code: Select all
printf("Read: 0x%X + 0x%X\n", staticbase, offset1);
address = readMemory(process, staticbase + offset1);
printf("Address (step1): 0x%X\n\n", address);
printf("Read: 0x%X + 0x%X\n", address, offset2);
address = readMemory(process, address + offset2);
printf("Address (step2): 0x%X\n\n", address);
value = readMemory(process, address);
printf("Value: %d\n", value);
I haven't used Delphi/Pascal in years. It will be up to you to figure out the actual function calls that are needed.
Now, if you double-click the address section of the pointer in Cheat Engine, you should see something like this:
Hopefully, you can match up the "This pointer points to address XXXX" with your results from the code printed above. It will help to figure out where you're going wrong.