I know this is probably the wrong forum to ask about a different game but since they are by the same company, I figured someone might have played this game, is well-versed in offset searching and can help me out.
So basically, if you have played JD, you know about espers. So what I'd like to know is, can anyone share a hint or two on how to go about finding the offset for the "esper slot"? I am not talking about skill slot, I am talking about the slot that you put your esper into. I've already tried several ways to find this address and have not been able to succeed.
So, any suggestion or clue that can shed some light would be appreciated. Thanks.
PS: Simple search by taking out esper and putting it back in with unknown initial value / 4 bytes search using changed/unchanged method does not work. I've attempted this at least a dozen time using different critieria.
Most likely means it is simply in an array with EBX as index. So just first look for whatever item is in slot 0, that makes it easier to search for offsets. In PWI this is the weapon.
Then after you find that, simply fill in whatever was the value of EBX instead of 0 as you found it the first time. EBX is unlikely to ever be different for something as static as an equipment slot.
Naturally this is pure speculation as I have never even downloaded this game, but that's how things tend to work out
I found the esper slot address. But...lol...as I said, game crashed before I could get it's relationship with base address. So I kinda lost all progress. Had to do it again later today.
Hopefully I'll have more success today. Although I'll still have to reverse the mem region so I can figure out what each segment stands for. Sigh....lots to do, lots to do.
Above is what I got. Now how the hell am I supposed to figure out the offset when the registers were all overwritten?
Any help appreciated.
Well, you trace back the opcode further to see what ecx is before this
in PWI ecx would come from the playerPointer + 0xCAC.
mov ecx, [someRegister + someOffset] <-- this might not happen in the same function as your other code, so be sure to check what calls the function containing your opcode
................
some code
................
[ecx + 0x10] <--- contains the size of your inventory
mov ecx,[ecx+0C] <--- sets ecx to the start of a list of pointers, all offset by 4 * index
lea ecx,[ecx+eax*4] <--- eax is the index, it sets ecx equal to the what ecx was + eax * 4. Note that lea means you don't resolve a pointer but simply perform arithmetics on pointers / addresses
mov eax,[ecx] <--- eax now contains the beginning of the item struct
Actually, I figured it out.
I just went and set a BP @ the first line and then just follow the registers.
Thanks for the explanation though. I now see why that lea is there.
I now have the pointer to the Esper slot and the inventory struct.
Unfortunately, PWE took extra care to prevent any change made to the ID of the esper. So I couldn't see the details of the esper on client side. All it does is gives ITEM FAIL msg. Oh well.
[Jade Dynasty]Virtual JAde Dynasty 01/09/2013 - Perfect World - 6 Replies Hi all i am a member in Virtual Jade Dynasty/ Mikes Pro Gamers Community.
This server have
*custom mobs
*custom weapons
*custom armors
*custom fashion
*custom acsesories
*custom pets
*custom mounts
Jade Dynasty Induction (Free stuff on Jade Dynasty Billows Server USA-Eastern) 08/05/2010 - General Gaming Discussion - 0 Replies Hello! If any of you want to play Jade Dynasty, and create an account for the 1st time, you can get a free ticket to 150 by introducing this code 5740093X072406098000843Zfd22be it is case sensitive so be careful
in the upper left corner of the screen when you create your 1st character. If you aren't accustomed with the inductee feature , i'll explain briefly. You will get a along to your . These 2 boxes will allow you to level at a rate of 2-3 times faster than the normal player. They both...
), but is this thing a part of inventory?
