Memory Hacking Software

[Ereb]

I don't know if there is such a thing but it is the only explanation i have atm. I am working with Rappelz. I have found a struct to the player data and can do a pointer search and sucessfully find pointers that are very close to the data (-8 to -50). I reload and see if they still work... none do. So i've decided to look for the base by using the debugger. I use the health address as my starting point and then find the base from there. This is where it gets strange. The first time i found the base at [EAX + 12]. I logged out and logged back in to change the location of the structure. I repeated the steps to find the base and now it was at [EAX + 10]. The next three tries resulted in [EAX + 20], but the structure location oddly didn't change. How in the world do i figure out what the offset is going to be so i can find the next level of pointers ?

[L. Spiro]

They are all correct and usable offsets.
Virtual inheritance causes the same structure/class to have multiple base addresses on some compilers depending on how it is cast.


L. Spiro

[Ereb]

Oh ok so then if i find a pointer to one of these pointers how would i determine the offset to the value? Would i need to make a short search script or would the offset be indicated somewhere else?

[L. Spiro]

The same way you found these offsets.


L. Spiro

[Ereb]

ok i guess i didn't make myself clear. I'm looking for a static pointer to the structure for player data. I plan on using this address in a bot-like script but if the offsets change dynamically then how would i (the script) be able to determine them? The other alternative is making a function that finds the player struct and just call that function every time the player dies or is changed in some way. Which is simpler for a noob coder like myself?

[L. Spiro]

I guess I didn’t make myself clear.
#1: There is no such thing as dynamic pointer offsets. The game has a hard-coded, pure, and never-changing method (or methods) for finding the target structure.
#2: You already found one layer of pointers using the debugger and studying the disassembly. You got a pointer and an offset. I told you to repeat the same process from there, to get the pointer to the pointer, and repeat until you find a static address. This is the answer to your question.

There are plenty of tutorials and walkthroughs on this very site.
Maybe you should look at WhiteHat’s tutorial, and look at Complex Addresses people have already posted.
Obviously they didn’t just stop at [XXX+Y]+ZZ.


L. Spiro

[Ereb]

Heh figured out my mistake. I had found static addresses before but i kept getting two different addresses. Low and behold, there were two structs with the player data. I'm not sure why this is, but they arrange the data in different ways but they seem contain all the same information. The reason this messed me up was both structs stored the (max / current) health and (max / current) mana in the exact same way so when i did a group search i just found one that looked similar to what i knew the struct was supposed to look like. Sorry for the hassels.