well finding those lists isnt as easy as finding values like hp. the basic idea i used is to always search for the length of a list and then use a loop to find the list offsets.
step 0:
so for the itemID u can teleport to an instance without any drops on the ground (e.g. HH). u drop 2 items... search for 2... u drop another search for 3 (next scan button) till u find this value (dont use only coins, use also items like potions or whatever). this value would be the ItemCounter:
[Only registered and activated users can see links. Click Here To Register...]
step 1:
the next step would be to get the pointer and the offset to this ItemCounter (see picture below):
ItemCounter := ReadMemoryUint(ItemBase_Pointer + ItemCounterOffset, processID)
[Only registered and activated users can see links. Click Here To Register...]
red = e.g. the EDI value in hex, green the ItemCounterOffset (ItemCounter = EDI + green)
step 2:
to get the other offsets search for the ItemBase_Pointer (make sure the use hexa) and u get:
ItemBase_Pointer := ReadMemoryUint(SortedList_Pointer + ItemListOffset, processID)
[Only registered and activated users can see links. Click Here To Register...]
step 3:
search for the SortedList_Pointer and u get:
SortedList_Pointer := ReadMemoryUint(structurePointer + ListOffset, processID)
[Only registered and activated users can see links. Click Here To Register...]
step 4:
search for the structurePointer and so on till u reach the base (or skip this if u know the offsets already)
step 5:
now u already know the ItemBase_Pointer ... for the next two offsets (green) i simply search with a double loop. ofc u can name those offsets and pointer however u want^^
ItemList_Pointer := ReadMemoryUint(ItemBase_Pointer + sortedItemListOffset, processID)
ItemBase := ReadMemoryUint(ReadMemoryUint(ItemList_Pointer + (A_Index-1)*0x4, processID) + 0x4, processID)
ItemID := ReadMemoryUint(ItemBase + ItemIDOffset, processID)
script could look like this - drop an item with known itemID (search in database) and use the loop to find the offsets - 3044 is a coin:
Code:
BaseAddress := ReadMemoryUint(realBaseAddress, processID) ; 0xE5B2A4 version 938
structurePointer := ReadMemoryUint(BaseAddress + baseOffset, processID) ; + 0x1C
SortedList_Pointer := ReadMemoryUint(structurePointer + ListOffset, processID) ; + 0x1C
ItemBase_Pointer := ReadMemoryUint(SortedList_Pointer + ItemListOffset, processID) ; + 0x24
ItemCounter := ReadMemoryUint(ItemBase_Pointer + ItemCounterOffset, processID) ; + 0x14
;~ search unknown offsets: sortedItemListOffset for the ItemList_Pointer (to get the ItemBase) and ItemIDOffset for the itemID
SetFormat, IntegerFast, hex
sortedItemListOffset := 0
Loop, 300
{
ItemIDOffset := 0
sortedItemListOffset := sortedItemListOffset + 0x2
ItemList_Pointer := ReadMemoryUint(ItemBase_Pointer + sortedItemListOffset, processID)
;~ loop to 1000 till ItemBase > 0 because it doesnt start at A_index = 1
Loop, 1000
{
ItemBase := ReadMemoryUint(ReadMemoryUint(ItemList_Pointer + (A_index-1)*0x4, processID) + 0x4, processID)
if !(ItemBase = 0)
break
}
Loop, 500
{
ItemIDOffset := ItemIDOffset + 0x2
ItemID := ReadMemoryUint(ItemBase + ItemIDOffset, processID)
if (ItemID = 3044)
MsgBox % "sortedItemListOffset: " . sortedItemListOffset . " , ItemIDOffset: " . ItemIDOffset
}
}
MsgBox , end of script
return
u would get for v.938:
sortedItemListOffset = 0x1C
ItemIDOffset = 0x114
not sure if this helps... but u can find prety much every list this way... and to save time for upcoming updates try to make a script to search them for u via RegExp -> i myself never understood how Jasty made this awesome offset retriever but there is a way to get thos opcodes (if anyone knows how to get e.g. the opcode A1(.{8})5332DB8B48.{2} to search for the base, i would love to learn about it :P)
also once u have the ItemBase its nice to use ReClass and search for this address... near it u can find other offsets like the UID or Name and stuff like this very easy
