Warcraft III, joined players slot info
Posted: Sun Jun 19, 2011 3:42 am
Hello,
I need a program that just gets names of players who joined the game (Dota, BattleNet, ICCup to be clear)
So you can say it is similar to Banlist.
After looking through GHost++ source and some forums I didn't manage to split out some parts from Ghost and write my own small program.
Please help me, in fact I need ridiculously small program that returning
SLOT1 - Mike999
SLOT2 - Gosu89
SLOT3 - CatchMe-
SLOT4 - Vasily
SLOT5 ...
and so on
This is what I have done so far
OK, this is "what accesses" pointer of slot1.
address of pointer for slot1 = 125E78F0+1E8
(look at ESI)
And this is the same, but after Warcraft III reboot
now address of pointer for slot1 = 0D8076A8+1E8
You can see, we have
ESI+1E8 is that pointer for slot1,
But I cannot get it, what it gets value from.
The only thing to do is, to detect, it.
Here is Assembler code from this point 6F611D4D
I need a program that just gets names of players who joined the game (Dota, BattleNet, ICCup to be clear)
So you can say it is similar to Banlist.
After looking through GHost++ source and some forums I didn't manage to split out some parts from Ghost and write my own small program.
Please help me, in fact I need ridiculously small program that returning
SLOT1 - Mike999
SLOT2 - Gosu89
SLOT3 - CatchMe-
SLOT4 - Vasily
SLOT5 ...
and so on
This is what I have done so far
OK, this is "what accesses" pointer of slot1.
address of pointer for slot1 = 125E78F0+1E8
(look at ESI)
- Code: Select all
6F611D4D - 57 - push edi
6F611D4E - E8 13990D00 - call GameMain+6E1E16
6F611D53 - 83 BE E8010000 00 - cmp dword ptr [esi+000001E8],00 <<
6F611D5A - 8B D8 - mov ebx,eax
6F611D5C - 74 2A - je GameMain+608538
EAX=00000000
EBX=127100A9
ECX=00000000
EDX=6F87529C
ESI=125E78F0
EDI=6F87529C
ESP=0018F5C0
EBP=09500090
EIP=6F611D5A
=======================
6F611D6A - E8 11FDFFFF - call GameMain+608230
6F611D6F - 8B 86 E4010000 - mov eax,[esi+000001E4]
6F611D75 - 8B 8E E8010000 - mov ecx,[esi+000001E8] <<
6F611D7B - 83 C0 01 - add eax,01
6F611D7E - 50 - push eax
EAX=00000008
EBX=00000000
ECX=09A92C10
EDX=00000000
ESI=125E78F0
EDI=6F87529C
ESP=0018F5C0
EBP=09500090
EIP=6F611D7B
================================
6F611DF3 - 89 86 EC010000 - mov [esi+000001EC],eax
6F611DF9 - EB 0C - jmp GameMain+6085B7
6F611DFB - 8B 96 E8010000 - mov edx,[esi+000001E8] <<
6F611E01 - 89 96 EC010000 - mov [esi+000001EC],edx
6F611E07 - 6A 01 - push 01
EAX=00000000
EBX=00000000
ECX=00000000
EDX=09A92C10
ESI=125E78F0
EDI=6F87529C
ESP=0018F5C0
EBP=09500090
EIP=6F611E01
And this is the same, but after Warcraft III reboot
now address of pointer for slot1 = 0D8076A8+1E8
- Code: Select all
6F611D4D - 57 - push edi
6F611D4E - E8 13990D00 - call GameMain+6E1E16
6F611D53 - 83 BE E8010000 00 - cmp dword ptr [esi+000001E8],00 <<
6F611D5A - 8B D8 - mov ebx,eax
6F611D5C - 74 2A - je GameMain+608538
EAX=00000000
EBX=064400A9
ECX=00000000
EDX=6F87529C
ESI=0D8076A8
EDI=6F87529C
ESP=0018F5C0
EBP=09110090
EIP=6F611D5A
================================================
6F611D6A - E8 11FDFFFF - call GameMain+608230
6F611D6F - 8B 86 E4010000 - mov eax,[esi+000001E4]
6F611D75 - 8B 8E E8010000 - mov ecx,[esi+000001E8] <<
6F611D7B - 83 C0 01 - add eax,01
6F611D7E - 50 - push eax
EAX=00000008
EBX=00000000
ECX=093E30A8
EDX=00000000
ESI=0D8076A8
EDI=6F87529C
ESP=0018F5C0
EBP=09110090
EIP=6F611D7B
============================================
6F611DF3 - 89 86 EC010000 - mov [esi+000001EC],eax
6F611DF9 - EB 0C - jmp GameMain+6085B7
6F611DFB - 8B 96 E8010000 - mov edx,[esi+000001E8] <<
6F611E01 - 89 96 EC010000 - mov [esi+000001EC],edx
6F611E07 - 6A 01 - push 01
EAX=00000000
EBX=00000000
ECX=00000000
EDX=093E30A8
ESI=0D8076A8
EDI=6F87529C
ESP=0018F5C0
EBP=09110090
EIP=6F611E01
You can see, we have
- Code: Select all
6F611D4D - 57 - push edi
6F611D4E - E8 13990D00 - call GameMain+6E1E16
6F611D53 - 83 BE E8010000 00 - cmp dword ptr [esi+000001E8],00 <<
ESI+1E8 is that pointer for slot1,
But I cannot get it, what it gets value from.
The only thing to do is, to detect, it.
Here is Assembler code from this point 6F611D4D