brotwurst 0 Posted December 15, 2007 hi there! i tried to get the heakth of my character in World of Warcraft and got 2 problems... 1. the adress in the memory changes every time i start WoW 2. _memoryread returns 0 my script: CODE#include <NomadMemory.au3> global $Memadd="0x0EF12548";<---changes everytime i start WoW SetPrivilege("SeDebugPrivilege", 1) $Memopen=_MemoryOpen(WinGetProcess("World of Warcraft"), 0x1F0FFF) while WinExists("World of Warcraft") sleep(10) $MemRead=_MemoryRead($Memadd, $Memopen) ToolTip($MemRead,0,0) WEnd _MemoryClose($Memopen) some1 got an idea this returns 0?? Share this post Link to post Share on other sites
JustinReno 0 Posted December 16, 2007 Well, what are the 10 or less most common memory address? Share this post Link to post Share on other sites
Delta01 0 Posted December 16, 2007 If it changes everytime it means it's a dynamic address. Search google for a tutorial on reading dynamic memory. Share this post Link to post Share on other sites
galpha 1 Posted December 17, 2007 The health / mana in WoW is always stored in a dynamic memory address. Knowing the player's health and mana are located in the player struct (which contains infos such as X, Y, Z, health, mana, rotation, etc... x 50), you need to have a reliable way to find it everytime. The easiest way to find it would be to get the static X, then do a scan for that X value in the memory (which will be in the player struct like i said). Once found, you need to add the Health offset to it. With that way, you will get it every times. Check the malu's post for an example on how to do it. Note that his script just serves as an example, since the memory addresses are not valid anymore. I can post the good values if you need them or an example script if you need it. Share this post Link to post Share on other sites
DW1 102 Posted December 17, 2007 galpha is correct, you need to be looking for the pointer to the address. Search google for DMA (Dynamic Memory Allocation) and Pointer, and it should get you on your way. AutoIt3 Online Help Share this post Link to post Share on other sites
brotwurst 0 Posted December 20, 2007 (edited) as i undestood from malu's scripts there is a base-address for every creature, object(,player?) around you, and if you have got the offsets you can get LOTS of information... so i got 2 new questions for you(i know, "google is your friend"(but not mine )) 1. what do i have to search for to get these basic addresses? 2. and how can i find the offsets? sry if that sounds like noob... Edited December 21, 2007 by brotwurst Share this post Link to post Share on other sites
galpha 1 Posted December 26, 2007 as i undestood from malu's scripts there is a base-address for every creature, object(,player?) around you, and if you have got the offsets you can get LOTS of information... so i got 2 new questions for you(i know, "google is your friend"(but not mine )) 1. what do i have to search for to get these basic addresses? 2. and how can i find the offsets? sry if that sounds like noob... Basically, all objects in WoW all start by xxx0008. The only way to know if your object is active is to check if it's present in the linked list. Also, each type of objects have a signature (e.g.: 0x867A10 for a player) and a size ( 0x 2470 for a player). So if you want to get a list of all active objects in the WoW's memory, you need to find the ptrBase (pointer base adress) of the linked list. Then you irritate throught the list to get all the objects. This linked list contains a list of pointers to the base address of each objects. To get the base, here's an autoit function that was posted not long ago on the WoWDev forums: expandcollapse popupfunc _getBaseOffset () local $buffer_int = DllStructCreate( 'dword' ) local $buffer_uint64 = DllStructCreate( 'uint64' ) local $tlsSlotPTR = 0x00E530C4 Local $TLS_Slot = 0x0 local $TLS_Offset = 0x0 local $ThreadHandle = 0 local $ThreadEntry = _ThreadEntry32() local $ThreadQueryResult = 0x0 local $BytesRead = 0x0 local $SnapHandle = 0 local $BasicInformation = _BasicInformation() local $BaseObjectPtr = False local $TLS_TargetSlot = 0x0 const $ThreadBasicInformation = 0 _ReadProcess ( $wowProcessHwnd, $tlsSlotPTR, DllStructGetPtr ( $buffer_int ), DllStructGetSize ( $buffer_int ) ) $TLS_Slot = DllStructGetData ( $buffer_int, 1 ) $SnapHandle = _CreateToolhelp32Snapshot ( $TH32CS_SNAPTHREAD, 0 ) if ( _Thread32First ( $SnapHandle, $ThreadEntry ) ) Then Do if ( DllStructGetData ( $ThreadEntry, 4 ) == $wowProcessID ) Then $ThreadHandle = _OpenThread ( $THREAD_QUERY_INFORMATION, 0, DllStructGetData ( $ThreadEntry, 'th32ThreadID' ) ) if ( $ThreadHandle <> 0 ) then $b = 0 $ThreadQueryResult = _NTQueryInformationThread ( $ThreadHandle, $ThreadBasicInformation, $BasicInformation, $buffer_int ) if ( $ThreadQueryResult == 0 ) Then $TIB = DllStructGetData ( $BasicInformation, 'TebBaseAddress' ) _ReadProcess ( $wowProcessHwnd, $TIB + 0x2C, DllStructGetPtr ( $buffer_int ), DllStructGetSize ( $buffer_int ) ) $TLS_Offset = DllStructGetData ( $buffer_int, 1 ) if ( $TLS_Offset <> 0 ) then if ( $TLS_Offset <> 0 ) Then _ReadProcess ( $wowProcessHwnd, $TLS_Offset + ( $TLS_Slot * 4 ), DllStructGetPtr ( $buffer_int ), DllStructGetSize ( $buffer_int ) ) $TargetTLSSLot = DllStructGetData ( $buffer_int, 1 ) $baseOffset = DllStructCreate ( 'dword baseObjectPTR; uint64 GUID' ) _ReadProcess ( $wowProcessHwnd, $TargetTLSSlot + 8, DllStructGetPtr ( $buffer_int ), DllStructGetSize ( $buffer_int ) ) global $baseObjectPTR = DllStructGetData ( $buffer_int, 1 ) ) _ReadProcess ( $wowProcessHwnd, $TargetTLSSlot + 16, DllStructGetPtr ( $buffer_uint64 ), DllStructGetSize ( $buffer_uint64 ) ) global $playerID = DllStructGetData ( $buffer_uint64, 1 ) ) _CloseHandle ( $ThreadHandle ) _CloseHandle ( $SnapHandle ) return true endif endif endif endif endif Until ( _Thread32Next ( $SnapHandle, $ThreadEntry ) < 1 ) return false endif _CloseHandle ( $ThreadHandle ) _CloseHandle ( $SnapHandle ) endfunc PS: Kernel32, Ntdll, and advapi32 implementations are left out so you need to do them before or it won't work. Share this post Link to post Share on other sites
