Sign in to follow this  
Followers 0
StrategicX

WoW Simple Player pointer and info Scanner...

17 posts in this topic

Hey all, I got a request for a simple memory editing app, from a few people in PM's so i wrote this lil pointer scanner app :)

It gets Player XYZ postitions and updates every second (or more) Also gives you player scale, and player name!

I added Z axis teleport up and down, and Player Scale up and down :) So this is perfect for newer wow Dev's to disect this code and learn to use the player pointers and NomadMemory.au3 ^_^

Screenshot:

Posted Image

Features*

XYZ Position

Z Axis Teleporting

Scale up/down (player size)

Player Name

#include <ButtonConstants.au3>
#include <GUIConstantsEx.au3>
#include <StaticConstants.au3>
#include <WindowsConstants.au3>
#include <NomadMemory.au3>
;====================================================================>
;== WoW Player Pointer Scanner and Z Teleporter :) Open Source
;==  Great Script for new wow devs...  uses player pointers,+ offsets 
;==  This is open source so your welcome to modify,change or use this script in your
;== own projects! :)
;==  Author: Strategic-X
;=====================================================================>

$Form1 = GUICreate("WoW 3.0.9 Player Pointer Scanner v1.0", 432, 364, 261, 154)
$Main = GUICtrlCreateGroup("Main Control", 8, 296, 417, 57)
$scan = GUICtrlCreateButton("Start Scan", 24, 320, 385, 20, 0)
GUICtrlCreateGroup("", -99, -99, 1, 1)
$Group1 = GUICtrlCreateGroup("Player Info", 8, 40, 417, 249)
$Label1 = GUICtrlCreateLabel("Player X:", 24, 72, 46, 17)
$X = GUICtrlCreateLabel("?", 80, 72, 100)
$Label3 = GUICtrlCreateLabel("Player Y:", 24, 104, 46, 17)
$Y = GUICtrlCreateLabel("?", 80, 104, 100)
$Label5 = GUICtrlCreateLabel("Player Z:", 24, 136, 46, 17)
$Z = GUICtrlCreateLabel("?", 80, 136, 100)
$teleup = GUICtrlCreateButton("Tele-Up", 185, 136, 51, 17, 0)
$teledown = GUICtrlCreateButton("Tele-Down", 240, 136, 59, 17, 0)
$Label2 = GUICtrlCreateLabel("You are Logged in As:", 208, 56, 109, 17)
$pname = GUICtrlCreateLabel("?", 328, 56, 100)
$Group2 = GUICtrlCreateGroup("Player Scale", 16, 168, 145, 81)
$Label4 = GUICtrlCreateLabel("Value:", 24, 192, 34, 17)
$scaleval = GUICtrlCreateLabel("?", 64, 192, 40)
$sup = GUICtrlCreateButton("Scale-up", 22, 221, 51, 17, 0)
$sdown = GUICtrlCreateButton("Scale-Down", 83, 221, 67, 17, 0)
GUICtrlCreateGroup("", -99, -99, 1, 1)
GUICtrlCreateGroup("", -99, -99, 1, 1)
$Label6 = GUICtrlCreateLabel("Player Pointer Scanner By Strategic-X", 120, 16, 182, 17)
GUISetState(@SW_SHOW)


$UPDATE = 0
Dim $PLAYERSPEED = 848
Dim $PTRPLAYER = 0x127F13C
Dim $STATEOFFSET = 2048
Dim $DIFFRENCEX2F = 47
Dim $PLAYERSPEED = 848
Dim $INTPLAYERXOFFSET = 2000
Dim $INTPLAYERYOFFSET = 2004
Dim $INTPLAYERZOFFSET = 2008
Global $SCALEOFFSET = 156
Global $PTRPLAYER, $PTRPLAYERX, $PTRPLAYERY, $PTRPLAYERZ, $SCALE, $PlayerMEM, $PLAYERNAME, $PLAYERSPEED
SETPRIVILEGE("SeDebugPrivilege", 1)
Dim $ProPID = WinGetProcess("World of Warcraft");--------FIX THIS---------@SW_MINIMIZE
$HPROCESS = _MemoryOpen($ProPID)


While 1
    $nMsg = GUIGetMsg()
    Switch $nMsg
        Case $GUI_EVENT_CLOSE
            Exit
        Case $scan
            GetPointers()
        Case $teleup
            TELEUP()
        Case $teledown
            TELEDOWN()
        Case $sup
            SCALEUP()
        Case $sdown
            SCALEDOWN()

EndSwitch
If $UPDATE = 1 Then
    UPDATE()
EndIf
WEnd

Func GetPointers()
    Global $LVL1POINTER = _MemoryRead($PTRPLAYER, $HPROCESS, "ptr")
    Global $LVL2POINTER = _MemoryRead(($LVL1POINTER + 48), $HPROCESS, "ptr")
    Global $PlayerMEM = _MemoryRead(($LVL2POINTER + 40), $HPROCESS, "ptr")
    $PTRPLAYERX = $PlayerMEM + $INTPLAYERXOFFSET
    $PTRPLAYERY = $PlayerMEM + $INTPLAYERYOFFSET
    $PTRPLAYERZ = $PlayerMEM + $INTPLAYERZOFFSET
    $SCALE = $PlayerMEM + $SCALEOFFSET
    $ROTATE = $PlayerMEM + 0x7DC
    $GLIDEFLY = $PlayerMEM + 2112
    $PTRY = _MEMORYREAD($PTRPLAYERY, $HPROCESS, "float")
    $PLAYERNAME = _MEMORYREAD(0x11cb348, $HPROCESS, "char[12]")
    GUICtrlSetData($pname, $PLAYERNAME)
    $UPDATE = 1
EndFunc  ;==>GetPointers
Func TELEUP()
    $NOWZ = _MEMORYREAD($PTRPLAYERZ, $HPROCESS, "float")
    _MEMORYWRITE($PTRPLAYERZ, $HPROCESS, $NOWZ + 10, "float")
EndFunc
Func TELEDOWN()
    $NOWZ2 = _MEMORYREAD($PTRPLAYERZ, $HPROCESS, "float")
    _MEMORYWRITE($PTRPLAYERZ, $HPROCESS, $NOWZ2 - 10, "float")
EndFunc
Func UPDATE()
    $CURXPOS1 = GUICtrlSetData($X, _MEMORYREAD($PTRPLAYERX, $HPROCESS, "float"))
    $CURYPOS2 = GUICtrlSetData($Y, _MEMORYREAD($PTRPLAYERY, $HPROCESS, "float"))
    $CURZPOS3 = GUICtrlSetData($Z, _MEMORYREAD($PTRPLAYERZ, $HPROCESS, "float"))
    GUICtrlSetData($scaleval, _MEMORYREAD($SCALE, $HPROCESS, "float"))
EndFunc
Func SCALEUP()
    $NOW1 = _MEMORYREAD($SCALE, $HPROCESS, "float")
    _MEMORYWRITE($SCALE, $HPROCESS, $NOW1 + 1, "float")
EndFunc
Func SCALEDOWN()
    $NOW2 = _MEMORYREAD($SCALE, $HPROCESS, "float")
    _MEMORYWRITE($SCALE, $HPROCESS, $NOW2 - 1, "float")
EndFunc

Your all welcome to modify or use this script in your projects! :huh2: Enjoy.

Note: You WILL need NomadMemory.au3 UDF!


*WoW Dev Projects: AFK Tele Bot development journalSimple Player Pointer Scanner + Z-Teleport*My Projects: coming soon.Check out my WoW Dev wiki for patch 3.0.9!http://www.wowdev.wikidot.com

Share this post


Link to post
Share on other sites



Ive just tryed this on a trial account, i have tryed in full and windowed mode, nothing happends, all results are 0


- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Projects: Account Control Wii style gui Bingo Caller - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -Want a website? Click here!- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -I use my Blackberry Storm to browse the forum! Please be patient!- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Share this post


Link to post
Share on other sites

#3 ·  Posted (edited)

run as admin? the script works fine... just used multiple times and 3 others have already added a few things to it, is your computer in a dif. language? like swedish or w.e? could be the prob. other then that its your anti-virus ...turn it off

also... no need to be a on a trial account.. its undetected... all it does it scan for pointers and play with 2 offsets.

Edited by StrategicX

*WoW Dev Projects: AFK Tele Bot development journalSimple Player Pointer Scanner + Z-Teleport*My Projects: coming soon.Check out my WoW Dev wiki for patch 3.0.9!http://www.wowdev.wikidot.com

Share this post


Link to post
Share on other sites

Im on Europe version of WoW. My computer language is english... turned off antivirus, but still not working...

Shall i recorde a small clip and upload it so you can look?


- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Projects: Account Control Wii style gui Bingo Caller - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -Want a website? Click here!- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -I use my Blackberry Storm to browse the forum! Please be patient!- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Share this post


Link to post
Share on other sites

StrategicX post ur nomad memory udf for Ashww, that may be the problem.


"The quieter you are, the more you are able to hear..."

My AppsUSB Finder

Share this post


Link to post
Share on other sites

StrategicX post ur nomad memory udf for Ashww, that may be the problem.

This may be a good idea. i got mine from some file hosting website.

Cheers

Ashww

X)


- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Projects: Account Control Wii style gui Bingo Caller - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -Want a website? Click here!- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -I use my Blackberry Storm to browse the forum! Please be patient!- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Share this post


Link to post
Share on other sites

This may be a good idea. i got mine from some file hosting website.

Cheers

Ashww

X)

Well now he is banned ..lol so i guess he doesnt need it now :P But for others who do not have the updated NomadMemory.au3 UDF (includes SetPrivledge() function VERY useful) Enjoy!

#include-once
#region _Memory
;==================================================================================
; AutoIt Version:   3.1.127 (beta)
;
; Functions:
;
;==================================================================================
; Function:         _MemoryOpen($iv_Pid[, $iv_DesiredAccess[, $iv_InheritHandle]])
; Description:      Opens a process and enables all possible access rights to the
;                   process.  The Process ID of the process is used to specify which
;                   process to open.  You must call this function before calling
;                   _MemoryClose(), _MemoryRead(), or _MemoryWrite().
; Parameter(s):     $iv_Pid - The Process ID of the program you want to open.
;                   $iv_DesiredAccess - (optional) Set to 0x1F0FFF by default, which
;                                       enables all possible access rights to the
;                                       process specified by the Process ID.
;                   $iv_InheritHandle - (optional) If this value is TRUE, all processes
;                                       created by this process will inherit the access
;                                       handle.  Set to 1 (TRUE) by default.  Set to 0
;                                       if you want it FALSE.
; Requirement(s):   None.
; Return Value(s):  On Success - Returns an array containing the Dll handle and an
;                                open handle to the specified process.
;                   On Failure - Returns 0
;                   @Error - 0 = No error.
;                            1 = Invalid $iv_Pid.
;                            2 = Failed to open Kernel32.dll.
;                            3 = Failed to open the specified process.
; Author(s):        Nomad
; Note(s):
;==================================================================================
Func _MemoryOpen($iv_Pid, $iv_DesiredAccess = 0x1F0FFF, $iv_InheritHandle = 1)
    
    If Not ProcessExists($iv_Pid) Then
        SetError(1)
        Return 0
    EndIf
    
    Local $ah_Handle[2] = [DllOpen('kernel32.dll')]
    
    If @Error Then
        SetError(2)
        Return 0
    EndIf
    
    Local $av_OpenProcess = DllCall($ah_Handle[0], 'int', 'OpenProcess', 'int', $iv_DesiredAccess, 'int', $iv_InheritHandle, 'int', $iv_Pid)
    
    If @Error Then
        DllClose($ah_Handle[0])
        SetError(3)
        Return 0
    EndIf
    
    $ah_Handle[1] = $av_OpenProcess[0]
    
    Return $ah_Handle
    
EndFunc

;==================================================================================
; Function:         _MemoryRead($iv_Address, $ah_Handle[, $sv_Type])
; Description:      Reads the value located in the memory address specified.
; Parameter(s):     $iv_Address - The memory address you want to read from. It must
;                                 be in hex format (0x00000000).
;                   $ah_Handle - An array containing the Dll handle and the handle
;                                of the open process as returned by _MemoryOpen().
;                   $sv_Type - (optional) The "Type" of value you intend to read.
;                               This is set to 'dword'(32bit(4byte) signed integer)
;                               by default.  See the help file for DllStructCreate
;                               for all types.  An example: If you want to read a
;                               word that is 15 characters in length, you would use
;                               'char[16]' since a 'char' is 8 bits (1 byte) in size.
; Return Value(s):  On Success - Returns the value located at the specified address.
;                   On Failure - Returns 0
;                   @Error - 0 = No error.
;                            1 = Invalid $ah_Handle.
;                            2 = $sv_Type was not a string.
;                            3 = $sv_Type is an unknown data type.
;                            4 = Failed to allocate the memory needed for the DllStructure.
;                            5 = Error allocating memory for $sv_Type.
;                            6 = Failed to read from the specified process.
; Author(s):        Nomad
; Note(s):          Values returned are in Decimal format, unless specified as a
;                   'char' type, then they are returned in ASCII format.  Also note
;                   that size ('char[size]') for all 'char' types should be 1
;                   greater than the actual size.
;==================================================================================
Func _MemoryRead($iv_Address, $ah_Handle, $sv_Type = 'dword')
    
    If Not IsArray($ah_Handle) Then
        SetError(1)
        Return 0
    EndIf
    
    Local $v_Buffer = DllStructCreate($sv_Type)
    
    If @Error Then
        SetError(@Error + 1)
        Return 0
    EndIf
    
    DllCall($ah_Handle[0], 'int', 'ReadProcessMemory', 'int', $ah_Handle[1], 'int', $iv_Address, 'ptr', DllStructGetPtr($v_Buffer), 'int', DllStructGetSize($v_Buffer), 'int', '')
    
    If Not @Error Then
        Local $v_Value = DllStructGetData($v_Buffer, 1)
        Return $v_Value
    Else
        SetError(6)
        Return 0
    EndIf
    
EndFunc

;==================================================================================
; Function:         _MemoryWrite($iv_Address, $ah_Handle, $v_Data[, $sv_Type])
; Description:      Writes data to the specified memory address.
; Parameter(s):     $iv_Address - The memory address which you want to write to.
;                                 It must be in hex format (0x00000000).
;                   $ah_Handle - An array containing the Dll handle and the handle
;                                of the open process as returned by _MemoryOpen().
;                   $v_Data - The data to be written.
;                   $sv_Type - (optional) The "Type" of value you intend to write.
;                               This is set to 'dword'(32bit(4byte) signed integer)
;                               by default.  See the help file for DllStructCreate
;                               for all types.  An example: If you want to write a
;                               word that is 15 characters in length, you would use
;                               'char[16]' since a 'char' is 8 bits (1 byte) in size.
; Return Value(s):  On Success - Returns 1
;                   On Failure - Returns 0
;                   @Error - 0 = No error.
;                            1 = Invalid $ah_Handle.
;                            2 = $sv_Type was not a string.
;                            3 = $sv_Type is an unknown data type.
;                            4 = Failed to allocate the memory needed for the DllStructure.
;                            5 = Error allocating memory for $sv_Type.
;                            6 = $v_Data is not in the proper format to be used with the
;                                "Type" selected for $sv_Type, or it is out of range.
;                            7 = Failed to write to the specified process.
; Author(s):        Nomad
; Note(s):          Values sent must be in Decimal format, unless specified as a
;                   'char' type, then they must be in ASCII format.  Also note
;                   that size ('char[size]') for all 'char' types should be 1
;                   greater than the actual size.
;==================================================================================
Func _MemoryWrite($iv_Address, $ah_Handle, $v_Data, $sv_Type = 'dword')
    
    If Not IsArray($ah_Handle) Then
        SetError(1)
        Return 0
    EndIf
    
    Local $v_Buffer = DllStructCreate($sv_Type)
    
    If @Error Then
        SetError(@Error + 1)
        Return 0
    Else
        DllStructSetData($v_Buffer, 1, $v_Data)
        If @Error Then
            SetError(6)
            Return 0
        EndIf
    EndIf
    
    DllCall($ah_Handle[0], 'int', 'WriteProcessMemory', 'int', $ah_Handle[1], 'int', $iv_Address, 'ptr', DllStructGetPtr($v_Buffer), 'int', DllStructGetSize($v_Buffer), 'int', '')
    
    If Not @Error Then
        Return 1
    Else
        SetError(7)
        Return 0
    EndIf
    
EndFunc

;==================================================================================
; Function:         _MemoryClose($ah_Handle)
; Description:      Closes the process handle opened by using _MemoryOpen().
; Parameter(s):     $ah_Handle - An array containing the Dll handle and the handle
;                                of the open process as returned by _MemoryOpen().
; Return Value(s):  On Success - Returns 1
;                   On Failure - Returns 0
;                   @Error - 0 = No error.
;                            1 = Invalid $ah_Handle.
;                            2 = Unable to close the process handle.
; Author(s):        Nomad
; Note(s):
;==================================================================================
Func _MemoryClose($ah_Handle)
    
    If Not IsArray($ah_Handle) Then
        SetError(1)
        Return 0
    EndIf
    
    DllCall($ah_Handle[0], 'int', 'CloseHandle', 'int', $ah_Handle[1])
    If Not @Error Then
        DllClose($ah_Handle[0])
        Return 1
    Else
        DllClose($ah_Handle[0])
        SetError(2)
        Return 0
    EndIf
    
EndFunc

;==================================================================================
; Function:         SetPrivilege( $privilege, $bEnable )
; Description:      Enables (or disables) the $privilege on the current process
;                  (Probably) requires administrator privileges to run
;
; Author(s):        Larry (from autoitscript.com's Forum)
; Notes(s):
; http://www.autoitscript.com/forum/index.php?s=&showtopic=31248&view=findpost&p=223999
;==================================================================================

Func SetPrivilege( $privilege, $bEnable )
    Const $MY_TOKEN_ADJUST_PRIVILEGES = 0x0020
    Const $MY_TOKEN_QUERY = 0x0008
    Const $MY_SE_PRIVILEGE_ENABLED = 0x0002
    Local $hToken, $SP_auxret, $SP_ret, $hCurrProcess, $nTokens, $nTokenIndex, $priv
    $nTokens = 1
    $LUID = DLLStructCreate("dword;int")
    If IsArray($privilege) Then $nTokens = UBound($privilege)
    $TOKEN_PRIVILEGES = DLLStructCreate("dword;dword[" & (3 * $nTokens) & "]")
    $NEWTOKEN_PRIVILEGES = DLLStructCreate("dword;dword[" & (3 * $nTokens) & "]")
    $hCurrProcess = DLLCall("kernel32.dll","hwnd","GetCurrentProcess")
    $SP_auxret = DLLCall("advapi32.dll","int","OpenProcessToken","hwnd",$hCurrProcess[0],   _
            "int",BitOR($MY_TOKEN_ADJUST_PRIVILEGES,$MY_TOKEN_QUERY),"int*",0)
    If $SP_auxret[0] Then
        $hToken = $SP_auxret[3]
        DLLStructSetData($TOKEN_PRIVILEGES,1,1)
        $nTokenIndex = 1
        While $nTokenIndex <= $nTokens
            If IsArray($privilege) Then
                $priv = $privilege[$nTokenIndex-1]
            Else
                $priv = $privilege
            EndIf
            $ret = DLLCall("advapi32.dll","int","LookupPrivilegeValue","str","","str",$priv,   _
                    "ptr",DLLStructGetPtr($LUID))
            If $ret[0] Then
                If $bEnable Then
                    DLLStructSetData($TOKEN_PRIVILEGES,2,$MY_SE_PRIVILEGE_ENABLED,(3 * $nTokenIndex))
                Else
                    DLLStructSetData($TOKEN_PRIVILEGES,2,0,(3 * $nTokenIndex))
                EndIf
                DLLStructSetData($TOKEN_PRIVILEGES,2,DllStructGetData($LUID,1),(3 * ($nTokenIndex-1)) + 1)
                DLLStructSetData($TOKEN_PRIVILEGES,2,DllStructGetData($LUID,2),(3 * ($nTokenIndex-1)) + 2)
                DLLStructSetData($LUID,1,0)
                DLLStructSetData($LUID,2,0)
            EndIf
            $nTokenIndex += 1
        WEnd
        $ret = DLLCall("advapi32.dll","int","AdjustTokenPrivileges","hwnd",$hToken,"int",0,   _
                "ptr",DllStructGetPtr($TOKEN_PRIVILEGES),"int",DllStructGetSize($NEWTOKEN_PRIVILEGES),   _
                "ptr",DllStructGetPtr($NEWTOKEN_PRIVILEGES),"int*",0)
        $f = DLLCall("kernel32.dll","int","GetLastError")
    EndIf
    $NEWTOKEN_PRIVILEGES=0
    $TOKEN_PRIVILEGES=0
    $LUID=0
    If $SP_auxret[0] = 0 Then Return 0
    $SP_auxret = DLLCall("kernel32.dll","int","CloseHandle","hwnd",$hToken)
    If Not $ret[0] And Not $SP_auxret[0] Then Return 0
    return $ret[0]
EndFunc  ;==>SetPrivilege

#endregion

*WoW Dev Projects: AFK Tele Bot development journalSimple Player Pointer Scanner + Z-Teleport*My Projects: coming soon.Check out my WoW Dev wiki for patch 3.0.9!http://www.wowdev.wikidot.com

Share this post


Link to post
Share on other sites

#8 ·  Posted (edited)

This is not working for me.

X: 0

Y: 0

Z: 0

// I think new Adresses?

Edited by Busti

My UDF's : Startet on : 06.06.2006_CaseSearchOrReplaceStr();~> Searches OR Replaces a String,;~> With or Without Casesensivity

Share this post


Link to post
Share on other sites

This is not working for me.

X: 0

Y: 0

Z: 0

// I think new Adresses?

No 3.0.9 addresses are the same.

Are you running script as administrator?


Share this post


Link to post
Share on other sites

It returns 0 or "" whenever i write it to address. I wanted to do some memory scanners before but this was the problem for me too with 3.0.3+ patches.


[font="Courier New"][size="3"]CyRius Developments[/size][/font][list][*]CO Proxy[*]CO Assembly tool[*]CO PacketSniffer[*]Larkinor proxy[*]BoIM Messenger[*]Encrypt/Decrypt[*]Hashtables[*]Slowest, but greatest skins ever xD[/list]

Share this post


Link to post
Share on other sites

pretty neat stuff. but how would one search for the offsets.. say when the 3.1.x comes out, how would I update the offsets so the program doesnt break?

Share this post


Link to post
Share on other sites

First I want to say Strategic... thank you. You provided the key I was looking for for way to long. In the few days after I found this beautiful post I began working on the object manager as well. I am stuck however. Using Shynd's journal I came up with this tasty lick, the first time I ran it I got something out of it, but I have changed a couple things around and now it gives me nothing. There is some key component missing, but I believe I am on the right track. However it has been a long night and I cannot keep my eyes open anymore. I hope this helps others on their way as well, but like I said something is missing and I cannot figure it out. All credits to Shynd and Strategic. (Shynd had this written in C# I did my best to port it over to AutoIt and you can see Strategic's gui modified a bit :P )

#include <GUIConstantsEx.au3>
#include <NomadMemory.au3>
SETPRIVILEGE("SeDebugPrivilege", 1)
HotKeySet("{esc}","Term")
Func Term()
    Exit
EndFunc
Global  $obj[999],$UPDATE
Global $z=0
Dim $PID = WinGetProcess("World of Warcraft")
Global $HPROCESS = _MemoryOpen($PID)
    GUICreate("My GUI list",800,1000,0,0)

    $mylist = GUICtrlCreateList("", 10, 30, 750, 950)
    $go = GUICtrlCreateButton("Go", 10, 10, 20, 20)

    GUISetState()


Example()

Func Example()


    $msg = 0
    While $msg <> $GUI_EVENT_CLOSE
        $msg = GUIGetMsg()

        Select
            Case $msg = $go
                GetPointers()
        EndSelect
        If $update = 1 Then
            Update()
        EndIf
    WEnd
    Exit
EndFunc 

Func GetPointers()
    $gclientconnection=_MemoryRead(0x11cb310,$HPROCESS,"dword");0x11cb310
    $scurmgr=_MemoryRead($gclientconnection+0x28a4,$HPROCESS,"dword");0x28a4
    $curobj=_MemoryRead($scurmgr+0xac,$HPROCESS,"int")
    $localguid=_MemoryRead($scurmgr+0xc0,$HPROCESS,"int64")
    $nextobj=$curobj
    $z=1
    While($curobj<>0 And BitAND($curobj,1)=0)
        $cguid=_MemoryRead($curobj+0x30,$HPROCESS,"int64")
        If $cguid=$localguid Then
            $obj[0]=$curobj
        EndIf
        $nextobj=_MemoryRead($curobj+0x3c,$HPROCESS,"int")
        If $nextobj=$curobj Then
                $UPDATE=1
            Exitloop
        Else
            $obj[$z]=$curobj
            $z+=1
            $curobj=$nextobj
        EndIf
    WEnd

EndFunc
Func Update()
    GUICtrlSetData($mylist, Floor(_MemoryRead($obj[0]+0x7d0,$HPROCESS,"float")));X offset
    GUICtrlSetData($mylist, Floor(_MemoryRead($obj[0]+0x7d4,$HPROCESS,"float")));Y offset
    GUICtrlSetData($mylist, Floor(_MemoryRead($obj[0]+0x7d8,$HPROCESS,"float")));Z offset
    GUICtrlSetData($mylist, Floor(_MemoryRead($obj[0]+0x7dc,$HPROCESS,"float")));R offset
;GUICtrlSetData($mylist,"")
EndFunc

Share this post


Link to post
Share on other sites

Ok after a nap I discovered if I set the update outside of the while loop my numbers pop up. So does that mean I am not getting all the way through the linked list? *scratches chin* Also the x,y coords I get are negative. Should I just Abs() them or is that of some significance?

This one is easier on the eyes lol @ my using Guictrlcreatelist() but I am horrible with guis, plus it works!!

#include <GUIConstantsEx.au3>
#include <NomadMemory.au3>
SETPRIVILEGE("SeDebugPrivilege", 1)
HotKeySet("{esc}","Term")
Func Term()
    Exit
EndFunc
Global  $obj[999],$UPDATE
Global $z=0
Dim $PID = WinGetProcess("World of Warcraft")
Global $HPROCESS = _MemoryOpen($PID)
    GUICreate("My GUI list",200,200,0,0)

    $labelx = GUICtrlCreatelabel("", 10, 30, 100, 20)
    $labely = GUICtrlCreatelabel("", 10, 50, 100, 20)
    $labelz = GUICtrlCreatelabel("", 10, 70, 100, 20)
    $labelr = GUICtrlCreatelabel("", 10, 90, 100, 20)
    $go = GUICtrlCreateButton("Go", 10, 10, 20, 20)

    GUISetState()


Example()

Func Example()


    $msg = 0
    While $msg <> $GUI_EVENT_CLOSE
        $msg = GUIGetMsg()

        Select
            Case $msg = $go
                GetPointers()
        EndSelect
        If $UPDATE = 1 Then
            UPDATE()
        EndIf
    WEnd
    Exit
EndFunc 

Func GetPointers()
    $gclientconnection=_MemoryRead(0x11cb310,$HPROCESS,"dword");0x11cb310
    $scurmgr=_MemoryRead($gclientconnection+0x28a4,$HPROCESS,"dword");0x28a4
    $curobj=_MemoryRead($scurmgr+0xac,$HPROCESS,"int")
    $localguid=_MemoryRead($scurmgr+0xc0,$HPROCESS,"int64")
    $nextobj=$curobj
    $z=1
    While($curobj<>0 And BitAND($curobj,1)=0)
        $cguid=_MemoryRead($curobj+0x30,$HPROCESS,"int64")
        If $cguid=$localguid Then
            $obj[0]=$curobj
        EndIf
        $nextobj=_MemoryRead($curobj+0x3c,$HPROCESS,"int")
        If $nextobj=$curobj Then
                $UPDATE=1
            Exitloop
        Else
            $obj[$z]=$curobj
            $z+=1
            $curobj=$nextobj
        EndIf
    WEnd
$UPDATE=1
EndFunc
Func UPDATE()
    GUICtrlSetData($labelx, Floor(_MemoryRead($obj[0]+0x7d0,$HPROCESS,"float")))
    GUICtrlSetData($labely, Floor(_MemoryRead($obj[0]+0x7d4,$HPROCESS,"float")))
    GUICtrlSetData($labelz, Floor(_MemoryRead($obj[0]+0x7d8,$HPROCESS,"float")))
    GUICtrlSetData($labelr, Floor(_MemoryRead($obj[0]+0x7dc,$HPROCESS,"float")))
EndFunc

Share this post


Link to post
Share on other sites

Ok after a nap I discovered if I set the update outside of the while loop my numbers pop up. So does that mean I am not getting all the way through the linked list? *scratches chin* Also the x,y coords I get are negative. Should I just Abs() them or is that of some significance?

This one is easier on the eyes lol @ my using Guictrlcreatelist() but I am horrible with guis, plus it works!!

Coordinates can very well be negative, so don't change that! :P

Also, update the data you read from wow in your while loop, to update it in your code. (I didn't read your code through, just answering the question as I read it:))

Share this post


Link to post
Share on other sites

#15 ·  Posted (edited)

also... no need to be a on a trial account.. its undetected... all it does it scan for pointers and play with 2 offsets.

Just played around with this and got it to stop showing 0s after updating NomadMemory.au3 but when I tried tele up I got disconnected from server and it says that every time I try to log in now, luckily on a trial. Haven't played WoW in ages but last I remember server detects a "warp" type movement.

Oh boy, it says this when I try to log in any account now. Help?

Nevermind, magically working again >.>

Oh yeah I forgot the little jump technique hehe

Edited by idusy

Share this post


Link to post
Share on other sites

Hey, this script doesn't work for me the value is 0.

-Air0x

Share this post


Link to post
Share on other sites

I probably shouldn't respond in this thread since it was a necro but I this kind of scripting would be a violation of Blizzard's ToS for their game and probably not something that is supposed to be posted here.

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.
Sign in to follow this  
Followers 0