Find the char base address

08/23/2009 02:30 Ulfius#1
I'm looking to find the char base address for 5162. What is the simplest method you've found to find it? I have used CE mainly for finding static addresses, so how are you finding dynamic addresses?

p.s. If you also want to p.m. me the base and offsets for 5162 as well, that'd be fine with me. :)
08/23/2009 09:25 Ulfius#2
Well, since there were no quick responses, I stayed up late and did some research. This article helped me find the current char base address.

[Only registered and activated users can see links. Click Here To Register...] xploits.com/perfect-world/hacks/596-how-to-search-for-base-address/

(remove the space to get the link to work)

p.s. I read the rules and could not find where it says no links to "game xploits.com" (again without the space is what I really mean to type) but if I don't put the space in the link, it *********** the domain out. ??
08/23/2009 20:02 InfamousNoone#3
I simply hook a common method call such as casting a spell, jumping walking, and take ECX from this this-call function and I have my base address for the player. This involves either hooking (using a .dll) or using OllyDbg/some kind of disassembler/debugger.
08/23/2009 21:47 IAmHawtness#4
You could use Cheat Engine to find the base address. Search for a value that has something to do with your character, in this example your current x coordinate.
  1. Open up Cheat Engine and attach it to Conquer.exe
  2. Find the address that holds your current x coordinate (in my example it's 02E80A98)
  3. Right-click the address and press "Find out what accesses this address"
  4. Jump and look at the codes that access the address. You'll find something like this:
    Code:
    00532FA9 - ff b1 c8 02 00 00          - push [ecx+00000[I][B][SIZE=4]2c8[/SIZE][/B][/I]]
  5. The 0x2C8 is the offset of the x coordinate, so you subract that from the address and you got your character's base address (in my example it's 02E80A98 - 2C8 = 2E807D0.
  6. Now, that address is not static, so you'll need to find the pointer. To do so, you make a new scan and search for the base address, 2E807D0 in my case (remember to toggle the "Hex" button)
  7. You'll probably see like 10 addresses that has the value, but look for the green one. It's 00691CA0 for patch 5162. Now, to get your character's base address, all you need to do is read the value of 00691CA0. The 00691CA0 address won't change until TQ releases a new Conquer.exe in which case you need to repeat the steps again :)
08/23/2009 21:56 ookamocka#5
^^^^^^^ that's it, couldn't of said it better myself :)... though u could narrow down ur search even more, and just search for 00400000 - 00700000
08/24/2009 00:06 Ulfius#6
Quote:
Originally Posted by IAmHawtness View Post
You could use Cheat Engine to find the base address. Search for a value that has something to do with your character, in this example your current x coordinate.
  1. Open up Cheat Engine and attach it to Conquer.exe
  2. Find the address that holds your current x coordinate (in my example it's 02E80A98)
  3. Right-click the address and press "Find out what accesses this address"
  4. Jump and look at the codes that access the address. You'll find something like this:
    Code:
    00532FA9 - ff b1 c8 02 00 00          - push [ecx+00000[I][B][SIZE=4]2c8[/SIZE][/B][/I]]
  5. The 0x2C8 is the offset of the x coordinate, so you subract that from the address and you got your character's base address (in my example it's 02E80A98 - 2C8 = 2E807D0.
  6. Now, that address is not static, so you'll need to find the pointer. To do so, you make a new scan and search for the base address, 2E807D0 in my case (remember to toggle the "Hex" button)
  7. You'll probably see like 10 addresses that has the value, but look for the green one. It's 00691CA0 for patch 5162. Now, to get your character's base address, all you need to do is read the value of 00691CA0. The 00691CA0 address won't change until TQ releases a new Conquer.exe in which case you need to repeat the steps again :)
Thanks, that's basically what I learned in the article I referenced, but you rephrased it well and it's nice to have it in reference to CO.
12/07/2009 05:52 Ulfius#7
Using x coordinate and MoneyInv, I'm getting the fixed char base address of 11D1E90 and not the dynamic base address. I'm looking for charname, but need the dynamic address to find it.

How are you finding the dynamic address with the latest version?
12/16/2009 02:25 Ulfius#8
Anyone on how to find the char base for 5192?