Since a lot of peepz asked for the Cheat engine Memory Offsets i looked around and, as always, i found them so im gunna post them here now, but they are NOT found by me, creds go, as far as i know, to ARIGITY from Dsoft.
10B65F4 pPointer
A368DC lua unprotect
9D3BCC AirJumpVelocity
9D3BD0 WaterJumpVelocity
A3E7F0 fall speed
97C7B8 game speed
993D80 wall-climb angle
WOTLK 3.1
offsets changed.
player base is now (((10B65F4)+34h)+24h)
0x7CC movement state
0x7CF movement state 2
0x808 fall time
0x814 points to current speed
0x818 points to walk speed
0x81C points to run(forward)
0x820 points to run(backward)
0x824 points to swim(forward)
0x828 points to swim(backward)
0x82C points to flying speed
0x830 flying speed (backwards)
0x840 jump momentum
0x850 width
0x854 height
0x858 climb offset
0x798 X coord
0x79C Y coord
0x7A0 Z coord
0x7A8 rotation
0x800 movement state
0x803 movement state 2
0x83C fall time
0x840 starting jump position
0x848 points to current speed
0x84C points to walk speed
0x850 points to run(forward)
0x854 points to run(backward)
0x858 points to swim(forward)
0x85C points to swim(backward)
0x860 points to flying speed
0x864 flying speed (backwards)
0x874 jump momentum
0x898 width
0x89C height
0x8A0 climb offset
0x7EC map id? (i still didn't check if this was correct :S )
0x7D0 X coord
0x7D4 Y coord
0x7D8 Z coord
0x7DC rotation
0x808 starting X coord
0x80C starting Y coord
0x810 starting Z coord
0x814 starting orientation
0x9C player scale
0x2648 my GUID
0x26E8 targets GUID
0x2788 player state
0x2778 faction
0x3C78 hunter tracking
[DATA] read 8 bytes at 00A3EC44 // blizz authenticator
[RDATA] read 8 bytes at 00993D80 // wall climb angle
[RDATA] read 8 bytes at 0099B37C // gravity
[RDATA] read 8 bytes at 009D3BE4 // Jump velocity
[TEXT] read 10 bytes at 00460BC9 // call to ws2_32.send
[TEXT] read 11 bytes at 005E18A2 // movement related
[TEXT] read 12 bytes at 006D3CC0 // PrintChatMessage
[TEXT] read 12 bytes at 006D6CF0 // SendChatMessage
[TEXT] read 12 bytes at 0079B40B // movement related?
[TEXT] read 5 bytes at 0049AE4E // DoString lua protection patch
[TEXT] read 5 bytes at 004E0B38 // unknown (camera related?)
[TEXT] read 5 bytes at 006CFADD // language patch/rosetta stone
[TEXT] read 5 bytes at 006F24A4 // FrameXML patch
[TEXT] read 6 bytes at 0056FA20 // Set move state patch
[TEXT] read 6 bytes at 00798AD6 // movement related
[TEXT] read 7 bytes at 005AEA9C // follow unit patch
[TEXT] read 7 bytes at 006E1772 // Lua check patch
[TEXT] read 9 bytes at 0079675C // no fall dmg patch
warden module 3.0.9
2banlist(ignore stack)
// dunno why it does this.
[STACK] read 8 bytes at 001AFB84
[STACK] read 11 bytes at 001AFB84
[STACK] read 7 bytes at 001AFB84
[STACK] read 13 bytes at 001AFB84
[STACK] read 6 bytes at 001AFB84
[TEXT] read 5 bytes at 004B3EB6 // frame xml patch
[TEXT] read 6 bytes at 00613CB0 // Set Move State patch
[TEXT] read 7 bytes at 00670ADC // follow unit check patch
[TEXT] read 7 bytes at 004A4492 // lua protection patch
[TEXT] read 5 bytes at 0077E47E // lua protection patch
[TEXT] read 5 bytes at 006ED528 // unknown (camera related?)
[TEXT] read 8 bytes at 00699FFC // movement related (fall time?)
[TEXT] read 12 bytes at 00495E60 // PrintChatMessage
[TEXT] read 5 bytes at 00491B6D // Rosetta stone/Language Patch
[TEXT] read 10 bytes at 00420116 // WS2_32.Send
[TEXT] read 12 bytes at 008DB3AB // movement related (set movestate)
[TEXT] read 6 bytes at 008DAA37 // No Fall Damage patch
[TEXT] read 12 bytes at 00498EC0 // SendChatMessage
[TEXT] read 6 bytes at 008D8926 // movement related
[RDATA] read 8 bytes at 00972F88 // wall climb
[RDATA] read 8 bytes at 009A9A7C // jump velocity
[RDATA] read 8 bytes at 0096E180 // gravity
[DATA] read 8 bytes at 00FC194C // blizz authenticator
2.4.3 and below st00fz
camera pointer is a double pointer! first offset is 732c second offset points to what you want with the camera (because i'm lazy i am not going to expand on this, i will leave finding specific offsets to you) one offset i do know (thanks to kyonx) is 100 which is camera Z, if your interested in expanding on it, you might find to be helpful.
0x00C6ECCC camera pointer (2.4.3)
0x00DDEFF4 camera pointer (2.4.2)
0x00DD8BF4 camera pointer (2.4.1)
0x00DD1FB4 camera pointer (2.4.0)
0x00E29D28 2.4.3 player base
0x00E8AA38 2.4.2 player base
0x00E849E0 2.4.1 player base
0x00E7D9E0 2.4.0 player base
2.4.3 static addresses
0x008C8398 Mountain Climb angle default value 0.6427 (float)
0x00BC4AF8 fall speed, 60.1480026245117 default value (float) set to to -1 and you fall up
0x008F7AC8 jump height/velocity -7.955547 default value (float)
0x008C8458 gravity, 19.2911033630371 default value (double)
0x00890608 game speed, 0.00100000004749745 default value (double)
0x0089060B game speed 2, 1.02048421388683E253 default value (double) messing with this will freeze time
0x00890750 speed of time, 1000 default value (double) time moves faster, you appear slower
0x0088D5E8 rendering, 0.5 default value (double) fucks shit up. but fun to screw with, ( 0.2 and 2 D: )
2.4.3 patches
0x006A4B6E walk through GO's (highlight able). (0x968B1D74) default value 4 byte {HEX}. (0x968B1DEB) to walk through!
0x006A49FE walk through GO's (non-highlight). (0x00B3840F) default value 4 byte {HEX}. (0x0000B4E9) to walk through!
0x006AC9EA walk through buildings (0xC0320675) default value 4 byte {HEX}. (0xC0329090) to walk through!
0x007B98DE jump patch (0x46F64175) default value 4 byte {HEX} change to (0x46F60075) for infinite jumps!
2.4.2 static addresses
0x008A00C8 MC angle default value 0.6427 (float)
0x00949694 fall speed 60.148 default value (float)
0x008ADAE0 gravity 19.2911 default value (double)
0x00899900 game speed 0.0010 default value (double)
2.4.2 patches
0x0052312E walk through GO's(highlightable) (0x968B1D74) default value 4 byte {HEX}. (0x968B1DEB) to walk through!
0x00522FBE walk through GO's (non-highlight) (0x00B3840F) default value 4 byte {HEX}. (0x0000B4E9) to walk through!
0x0052A9DA walk through buildings (0xC0320675) default value 4 byte {HEX}. (0xC0329090) to walk through!
0x0076024E jump patch (0x46F64175) default value 4 byte {HEX} change to (0x46F60075) for infinite jumps!
2.4.1 static addresses
0x0089DE50 mc angle default value 0.6427 (float)
0x00946564 fall speed 60.148 default value (float)
0x008A9BB0 gravity 19.29 default value (double)
0x008976E0 game speed 0.0010 default value (double)
2.4.1 patches
0x00522CEE walk through GO's(highlightable) (0x968B1D74) default value 4 byte {HEX}. (0x968B1DEB) to walk through!
0x00522B7E walk through GO's (non-highlight) (0x00B3840F) default value 4 byte {HEX}. (0x0000B4E9) to walk through!
0x0052A56A walk through buildings (0xC0320675) default value 4 byte {HEX}. (0xC0329090) to walk through!
0x0075EDDE jump patch (0x46F64175) default value 4 byte {HEX} change to (0x46F60075) for infinite jumps!
2.4.0 static addresses
0x0089DE50 mc angle default value 0.6427 (float)
0x00946564 fall speed 60.148 default value (float)
0x008AB9D0 gravity 19.29 default value (double)
0x008976D8 game speed 0.0010 default value (double)
2.4.0 patches
0x00522D3E walk through GO's(highlightable) (0x968B1D74) default value 4 byte {HEX}. (0x968B1DEB) to walk through!
0x00522BCE walk through GO's (non-highlight) (0x00B3840F) default value 4 byte {HEX}. (0x0000B4E9) to walk through!
0x0052A5BA walk through buildings (0xC0320675) default value 4 byte {HEX}. (0xC0329090) to walk through!
0x0075F29E jump patch (0x46F64175) default value 4 byte {HEX} change to (0x46F60075) for infinite jumps!
Most movement related offsets *grey ones have a decent use*
C00 points to vertical orientation, no default value (float) C20 points to movement state 0 default value (4 byte) {HEX}
C23 points to movement type 128 default value (4 bytes)
C28 points to starting X point, X coord default value (float)
C2C points to starting Y point, Y coord default value (float)
C30 points to height in water, no default value (float)
C34 points to starting orientation , no default value (float) *point at which you start*
C38 points to starting V orientation, no default value (float) *point at which you start*
C3C points to odd movement thing, no default value (double)
C40 points to forward movement angle, no default value (float)
C44 points to forward movement angle, no default value (float)
C48 points to turning movement angle, no default value (float)
C4C points to turning movement angle, no default value (float)
C50 points to turning movement angle, no default value (float)
C54 points to allowed to turn while moving, no default value (float) *test* C5C points to fall time, 824 default value (4 byte) *effects how much fall damage you take*
C60 points to starting Z point, Z coord, default (float) *jump starting position*
C68 points to current speed, no default value (float) *effects all other speeds also while moving!*
C6C points to walk speed 2.5 default value (float)
C70 points to run(forward) 7 default value (float)
C74 points to run(backward) 4.5 default value (float)
C78 points to swim(forward) 4.72222185134888 default value (Float)
C7C points to swim(backward) 2.5 default value (float)
C80 points to flying speed 7 default value (float) *changes forward and backward*
C84 points to flying speed(backward) 4.5 default value (float)
C88 points to turning speed, 3.14 default value (float)
C8C points to jump height, -7.955547 default value *after jump* (float)
CB0 points to player... thing, 1 default value (float) *set to 200 to climb most things similar to wall climb* (still tryin ta figure this 1 out)
player size
CA8 points to width (as in how fat), 0.2777 default value (float) *set it to 0 to noclip through ANYTHING (includes floor XD)*
CAC points to height (as in how tall), 2.25 default value (float)
9C points to player scale, 1 default value (float)
location
BEC points to map ID, no default value (4 byte) *not entirely sure*
BF0 points to X coord, no default value (float)
BF4 points to Y coord, no default value (float)
BF8 points to Z coord, no default value (float)
BFC points to orientation, no default value (float)
MISC
3AC8 points to hunter tracking, 0 default value (byte)
28E4 points to emote state, 0 default value (4 byte)
26CC points to player faction, no default value (4 byte)
F40 points to casting spell, 0 default value (4 byte)
2640 points to my GUID, no default value (4/8 byte) {HEX}
2680 points to target GUID, no default value (4/8 byte) {HEX}
26D0 points to player race, no default value (byte)
26D1 points to player class, no default value (byte)
26D2 points to player sex, no default value (byte)
26D3 points to power type, no default value (byte)
26F8 points to playerState, 8 default value (4 byte) {HEX}
0x00DA563C address
80 points to can mount, no default value (byte)
2.4.3 VMT pointers
although these address aren't constant through patches they will always be at the start of the specific structure in memory (ie, if you searched for the player constant in CE or some other debugger, all the addresses that appear will be players around you *or you*)
to use these simply open up CE, click the add address manually button, select pointer and use the base address (which i posted at the top) as the address and these number/letter combo's (such as C6C for walk speed) to get the actual value.
here are also some notes i took on it.
*notes*
movement state
movement state can be used to unroot you, if you ever find yourself rooted. just set it to 00000000 (8 0's) and you will be unrooted, this counts for logging out root/gm root/griffen riding root (unrooting yourself while on a griffen has some weird effects,)
0x1 = Moving Forward
0x2 = Moving Backward
0x4 = Strafing Left
0x8 = Strafing Right
0x10 = Turning Left
0x20 = Turning Right
0x100 = Walking
0x400 = floaty thing
0x1000 = falling
0x4000 = Fall Forwards
0x8000 = Fall Backwards
0x2000 = Freefall/Jumping
0x10000 = Strafing while jumping
0x200000 = Swimming
0x10000000 = Spirit Form
0x80000000 = Unknown
*note: 0x400 in particular interests me, it lets you levitate at the same height, you can go up but never down, it basically lets you walk on air at the same height you are at, (example, im on a cliff. i walk off cliff, instead of falling, i still walk at the same height as before)*
movement type
1 = flyhack (can land)
2 = flyhack (can't land *swim-like*)
16 = whisp * walk on water*
64 = floating (levitate)
80 = (floaty dead?)
128 = normal
129 = (flyhack actual gm-like value)
130 = (flyhack *theres alot of different ones heres another, swim-like*)
144 = (dead) *walk on water*
160 = slow fall
notes: playerState *note* this is the real player state.
0x000008 not in combat *can be used to fake not in combat
0x00000C logging out *can be used to wall-climb
0x001008 pvp toggled * can be used to either force others to be pvp toggled >:3
0x080008 in combat
0x10000C on a taxi
0x400008 blinded
0x0C0008 stunned
also, the lower the value of the mountain climb angle the steeper the angle you can climb.
Special thanks to:
Code:
[*]Blizzard Entertainment - for Wow.exe[*]Devalina - for continued help on a gillion things[*]Oleh Yuschuk - for the excellent debugger[*]dark byte - for cheat engine[*]Kynox - for 7 or so addresses posted here[*]the Ascent team[*]the Arcemu team[*]the Mangos team[*]the Wcell team
das zu beschreiben wäre ne Menge arbeit :P Du findest sicher etwas wie du offsets mit nem pointer benutzt (per cheat engine) als turtorial o.Ä per Suchfunktion dieses Forums
hi...vieleicht bekomme ich ja hier ne kleine hilfe..unzwar bin ich schon so weit das ich meine objekte in meinem inv verändern kann sodass er mir einen ganz neuen gegenstand anzeigt...also ich veränder mit CE ne geröstete wachtel in ein reitmount...wird auch alles korrekt angezeigt nur wenn ich es lernen will bleibt es im "inneren" ne geröstete wachtel..es sieht eben nur von aussen aus wie ein reitmount^^ wenn ich es handeln will denn zeigt es bei meinem handelpartner nur das lowie item an und nicht das geile was ich gerne hätte also kann man mit der methode auch net handeln oder so =(
gibt es ne möglichkeit die sachen komplett zu ersetzten oder hab ich irgendwas vergessen?
Suche die Offsets genau für 3.5.5a hat die vllt jemand oder gibt es die hier irgendwo .. ODER sind die codes oben aktuell (was ich sehr bezweifle ^^ ) ..
Suche die Offsets genau für 3.5.5a hat die vllt jemand oder gibt es die hier irgendwo .. ODER sind die codes oben aktuell (was ich sehr bezweifle ^^ ) ..
wäre sehr dankbar...
EDIT:
O.o sry für doppelpost war nicht meine absicht -.-
WTB 98+ ACCOUNT FF OR LOWER LVL WITH SP 06/22/2010 - Silkroad Online Trading - 0 Replies I WILL PAY $100 Bank Transfer Or Western Union We Can Use A MiddleMan Of Your Choice LEAVE UR OFFERS OF WAT YOU GOT TY
WTB lv 5x or lower special... 03/23/2010 - Archlord Trading - 11 Replies CLOSED/
Trade done, thanks for all offer :)
[HELP]Lower the pk 03/06/2010 - EO PServer Hosting - 4 Replies Anyone know a query that I can make an item or npc that can lower the pk?
Lower MS in SEA! 09/24/2008 - Dekaron - 4 Replies Ppl...I want to ask you about ms...My ms is 900(great seconds between skill and effect)How can i lower ms kust a bit...my internet is good..but i live in Russia=) If you will say about proxy,i accept it..But say more than "use proxy"
Hope youll help...Best regards..
Lower Resolution 01/03/2008 - Dekaron - 7 Replies If your computer is to "low" to handle with the graphic settings of 2Moons, u just have to decrease the resolution :D
Go into C:\Programme\Acclaim\2Moons\bin\option.txt and change the settings ;-)
http://img517.imageshack.us/img517/2996/unbenannt ga6.jpg
Just a little tip for the players who don't have a very good computer ^^