Target Mob HP Pattern

07/13/2019 12:46 LastKingOfHell#1
Hey guys,

i am currently looking for the memory pattern for the current HP of the targeted mob after i pressed TAB inside of the game. I already found the PlayerHP and Coordinates patterns in old sources and got that to work.

Unfortunately i was not able to get the target mob current hp yet because of XTrap. Does anyone by any chance have the pattern somewhere and might post it for me?

Thanks very much for your help!

Kind regards!
07/14/2019 00:01 HighGamer.#2
I know the best person to ask

Add on Discord:
awwy#5877

tell him HighGamer.com sent you lol he is a master at memory patterns in kalonline he knows all of them he will tell you.

If you run the Experimental bot i released in the release section it generates a dinput8.log file with the current offsets

Code:
Detected KGameSysAddChattingMessage = 6DF2A0
Detected SetTargetById = 70BD30
Detected SetTargetAuto = 70BDE0
Detected FindCharacterInfo = 428460
Detected Send_Skill = 42E2A0
Detected Send_Item = 4321A0
Detected WritePacket = 64D480
Detected InitReactBattle m_byStart Address = 9EBE89
Detected InitReactBattle bLock Address = 9EBEB0
Detected InitReactBattle nTickCount Address = 9EBEAC
Detected MainBaseAddress = 901184
Detected PlayerXOffset = 46E0
Detected PlayerYOffset = 46E8
Detected PlayerZOffset = 46E4
Detected MonsterArray 0x8E81B8 = 9011B8
Detected IsMonsterAddressOffset = 46D8
Detected MonsterMinHPOffset = 475C
Detected MonsterMaxHPOffset = 4760
Detected MonsterXCoordinateOffset = 46E0
Detected MonsterYCoordinateOffset = 46E8
InventoryItemsArray = 9EA418
Detected myPlayerCurrentHealthXorKey1 = 9EA560
Detected myPlayerCurrentHealthXorKey2 = 901218
Detected myPlayerCurrentHealthMax = 9EA284
You will need to get the index of Current Targetted monster yourself it always changes the address of the current monster if you add to it 0x475C that will be the current health

The current targetted monster addresses are found in the MonsterArray address if you look in memory view you will see a bunch of monster addresses there.. you'll find the first 3 by doing 0xC offset and the rest are seperated by 0x20 offset.

Code:
int GetMonsterIdByIndex(int index)
{
	int id = 0;
	__try {
		int pMonsterArray = *(unsigned int *)MonsterArray;
		if (pMonsterArray) {
		        if(index < 3) {
				int firstMob = *(unsigned int*)(pMonsterArray + (index * 4));
				if (firstMob) {
					id = *(unsigned int *)(firstMob + 0xC);
				}
			} else {
				unsigned int firstMob = *(unsigned int*)(pMonsterArray + (0 * 4));
				
				if (firstMob) {
					id = *(unsigned int *)(firstMob + (0x0C) + ((index-3) * 0x20));
				}
			}
		}
	}
	__except (EXCEPTION_EXECUTE_HANDLER)
	{
		id = 0;
	}
	return id;
}
Code:
int GetMonsterMinHP(int byMonsterId)
{
	__try {
		int newid = FindCharacterInfo(byMonsterId, 0);
		if (newid > 0) {
			return *(DWORD *)(newid + MonsterMinHPOffset);
		}
	}
	__except (EXCEPTION_EXECUTE_HANDLER)
	{
		return 0;
	}
	return 0;
}

int GetMonsterMaxHP(int byMonsterId)
{
	__try {
		int newid = FindCharacterInfo(byMonsterId, 0);
		if (newid > 0) {
			return *(DWORD *)(newid + MonsterMaxHPOffset);
		}
	}
	__except (EXCEPTION_EXECUTE_HANDLER)
	{
		return 0;
	}
	return 0;
}

int GetMonsterXCoordinate(int byMonsterId)
{
	__try {
		int newid = FindCharacterInfo(byMonsterId, 0);
		if (newid > 0) {
			return *(DWORD *)(newid + MonsterXCoordinateOffset);
		}
	}
	__except (EXCEPTION_EXECUTE_HANDLER)
	{
		return 0;
	}
	return 0;
}

int GetMonsterYCoordinate(int byMonsterId)
{
	__try {
		int newid = FindCharacterInfo(byMonsterId, 0);
		if (newid > 0) {
			return *(DWORD *)(newid + MonsterYCoordinateOffset);
		}
	}
	__except (EXCEPTION_EXECUTE_HANDLER)
	{
		return 0;
	}
	return 0;
}

void SetMonsterXYCoordinateMyPlayer(int byMonsterId)
{
	__try {
		int newid = FindCharacterInfo(byMonsterId, 0);
		if (newid > 0) {
			*(float *)(newid + ScreenMonsterXCoordinateOffset) = GetPlayerScreenCoordinateX();
			*(float *)(newid + ScreenMonsterYCoordinateOffset) = GetPlayerScreenCoordinateY();
			*(DWORD *)(newid + MonsterXCoordinateOffset) = GetPlayerCoordinateX();
			*(DWORD *)(newid + MonsterYCoordinateOffset) = GetPlayerCoordinateY();
		}
	} __except (EXCEPTION_EXECUTE_HANDLER) {}
}
Code:
	MonsterArray = PointerFindPattern(0x400000, 0x400000, (PBYTE)"\xa1\x00\x00\x00\x00\x89\x45\xec\x8b\x4d\xec\x8b\x11\x89\x55\xe8\xc7\x45\xf8\x00\x00\x00\x00", "x????xxxxxxxxxxxxxxxxxx", 1, true);
	if (MonsterArray) {
#ifdef DEBUGMODE
		Log("Detected MonsterArray 0x8E81B8 = %X\n", MonsterArray);
#endif
	}

	IsMonsterAddressOffset = PointerFindPattern(0x400000, 0x400000, (PBYTE)"\xC7\x81\x00\x00\x00\x00\xFF\xFF\xFF\xFF\x8B\x95\xD4\xFE\xFF\xFF\xC7\x82\x00\x00\x00\x00\x00\x00\x00\x00\x8B\x85\xD4\xFE\xFF\xFF\xC7\x80\x00\x00\x00\x00\x64\x00\x00\x00\x8B\x8D\xD4\xFE\xFF\xFF\xC7\x81\x00\x00\x00\x00\x64\x00\x00\x00\x8B\x95\xD4\xFE\xFF\xFF", "xx????xxxxxxxxxxxx????xxxxxxxxxxxx????xxxxxxxxxxxx????xxxxxxxxxx", 2, true);
	if (IsMonsterAddressOffset) {
#ifdef DEBUGMODE
		Log("Detected IsMonsterAddressOffset = %X\n", IsMonsterAddressOffset);
#endif
	}

	MonsterMinHPOffset = PointerFindPattern(0x400000, 0x400000, (PBYTE)"\xC7\x81\x00\x00\x00\x00\xFF\xFF\xFF\xFF\x8B\x95\xD4\xFE\xFF\xFF\xC7\x82\x00\x00\x00\x00\x00\x00\x00\x00\x8B\x85\xD4\xFE\xFF\xFF\xC7\x80\x00\x00\x00\x00\x64\x00\x00\x00\x8B\x8D\xD4\xFE\xFF\xFF\xC7\x81\x00\x00\x00\x00\x64\x00\x00\x00\x8B\x95\xD4\xFE\xFF\xFF", "xx????xxxxxxxxxxxx????xxxxxxxxxxxx????xxxxxxxxxxxx????xxxxxxxxxx", 34, true);
	if (MonsterMinHPOffset) {
#ifdef DEBUGMODE
		Log("Detected MonsterMinHPOffset = %X\n", MonsterMinHPOffset);
#endif
	}

	MonsterMaxHPOffset = PointerFindPattern(0x400000, 0x400000, (PBYTE)"\xC7\x81\x00\x00\x00\x00\xFF\xFF\xFF\xFF\x8B\x95\xD4\xFE\xFF\xFF\xC7\x82\x00\x00\x00\x00\x00\x00\x00\x00\x8B\x85\xD4\xFE\xFF\xFF\xC7\x80\x00\x00\x00\x00\x64\x00\x00\x00\x8B\x8D\xD4\xFE\xFF\xFF\xC7\x81\x00\x00\x00\x00\x64\x00\x00\x00\x8B\x95\xD4\xFE\xFF\xFF", "xx????xxxxxxxxxxxx????xxxxxxxxxxxx????xxxxxxxxxxxx????xxxxxxxxxx", 50, true);
	if (MonsterMaxHPOffset) {
#ifdef DEBUGMODE
		Log("Detected MonsterMaxHPOffset = %X\n", MonsterMaxHPOffset);
#endif
	}

	MonsterXCoordinateOffset = PointerFindPattern(0x400000, 0x400000, (PBYTE)"\x81\xC2\x00\x00\x00\x00\x89\x0A\x89\x4A\x04\x89\x4A\x08\x33\xC0", "xx????xxxxxxxxxx", 2, true);
	if (MonsterXCoordinateOffset) {
		MonsterYCoordinateOffset = MonsterXCoordinateOffset + 8;
#ifdef DEBUGMODE
		Log("Detected MonsterXCoordinateOffset = %X\n", MonsterXCoordinateOffset);
		Log("Detected MonsterYCoordinateOffset = %X\n", MonsterYCoordinateOffset);
#endif
	}


	ScreenMonsterXCoordinateOffset = PointerFindPattern(0x400000, 0x400000, (PBYTE)"\x81\xC1\x00\x00\x00\x00\x89\x01\x89\x41\x04\x89\x41\x08\x33\xD2", "xx????xxxxxxxxxx", 2, true);
	if (MonsterXCoordinateOffset) {
		ScreenMonsterYCoordinateOffset = ScreenMonsterXCoordinateOffset + 8;
#ifdef DEBUGMODE
		Log("Detected ScreenMonsterXCoordinateOffset = %X\n", ScreenMonsterXCoordinateOffset);
		Log("Detected ScreenMonsterYCoordinateOffset = %X\n", ScreenMonsterYCoordinateOffset);
#endif
	}
Code:
BOOL bCompare(const BYTE* pData, const BYTE* bMask, const char* szMask)
{
	for (; *szMask; ++szMask, ++pData, ++bMask)
	{
		if (*szMask == 'x' && *pData != *bMask)
			return 0;
	}
	return (*szMask) == NULL;
}

DWORD PointerFindPattern(DWORD dwStartAddress, DWORD dwSize, BYTE *bMask, char * szMask, int codeOffset, BOOL extract)
{
	for (DWORD i = 0; i < dwSize; i++)
	{
		__try
		{
			if (bCompare((BYTE*)(dwStartAddress + i), bMask, szMask))
			{
				if (extract)
					return *(DWORD*)(dwStartAddress + i + codeOffset);
				else
					return  (DWORD)(dwStartAddress + i + codeOffset);
			}
		}
		__except (EXCEPTION_EXECUTE_HANDLER) {}
	}
	return NULL;
}
07/15/2019 11:07 LastKingOfHell#3
Thank you very much for your help! It appears that that is a little bit too hard for me. I got my Mob HP Detection to work via Color Identification.

Kind regards :)
07/15/2019 22:34 HighGamer.#4
ya i would talk to

awwy#5877
on discord

pixel color getters isn't that great i would do this with memory editing you already got it done half way just keep at it.