Ok now let's look at making patch transition easier. So lets make up a database of sections of memory that give us the addresses we want. Easiest way to do this is with Ollydbg. The great thing about Olly is you don't need to actually start the client (game) in order to use Olly. So if you have an old version of the game you can search it's memory without starting it, as starting client will no doubt make it patch to latest version.
Ok so what you can do is try this on the existing client 4.0.1
Start Olly then click open and find the client.exe file in runes of magic folder, click Open.
Only window I care about is top left, looks like this, if not then get the newer version of Olly.
Now next step is look up an address we already know for the current client. For this example lets use
actionBarPtr = 0xA1BAFC,
not for any other reason except it's top of the list lol
Right click in the only window I care about (top left) and go to "search for" and then click "Constant..."
Ok add in the address, A1BAFC is enough, don't need the 0x
click entire block and then click ok.
Now you want to save the screen, so click print screen and paste it into an image editor and save the image.
That is all you need to do to make a database of already known addresses.
--=== NOTE ===--
Not all addresses can be found this way, in fact you arn't actually looking at the address you are looking at a pointer to the address but for our purpose that's what we want. Some addresses you will actually need to take an image of the actual address. The way to know which is which is the address itself.
If you scroll that window all the way to the bottom you see the last address is 008D8FFF. Any address you are looking for that is less then that, like for example
staticpattern_char = 0x5E32F7,
you would just go to the actual address without doing the search for constant and take a screen shot of that area, make sure to highlight the address, makes it easier later.
Ok so now we have a folder filled with images of memory spots.
How do we use this to find new addresses after a patch?
Ok well first you have a look at the image, I'll use the same example from above. actionBarPtr = 0xA1BAFC.
The highlighted section is what we are looking at.
You will see lots of stuff, you don't need to understand it but you do need to know a few things.
1. Any number with either 7 or 8 digits and starts with 0 is refering to an address and would have changed in the patch aswell.
2. you want to get a few lines that don't have addresses to reduce the number of results you get from your search.
Ok so lets look closer.
in this example I have highlighted
pop esi
pop edi
pop ebx
retn 14
push 4
5 lines in a row and not one mention of an address, chances are you will only get 1 result from the search.
Ok so now we know what we are looking for lets do the search.
Right click, then go to "Search for" and then click "Sequence of Commands.." and enter in that section we want to look for.
Click search.
--=== Continued next post ===--