New ZEMs

[Amadeus]

It amazes me how that every time I post on this board someone has to point out the obvious fact that memory structures are different than packet structures.

Welcome to the thread man, we havn't been talking about SEQ or packets ....yea, it's offtopic from the board as a whole, but it's related in a roundabout type of way

[Amadeus]

However, on a related note, we've found in our travels in SEQ/MQ world that almost always the memory structs and the packet structs tend to have the same information...just ordered very differently. And, if you think about it...it makes complete sense

It's always just a matter of finding the information in the packet structures....which is a lot harder to decypher than memory structures.

[Mr. Suspicious]

It's always just a matter of finding the information in the packet structures....which is a lot harder to decypher than memory structures.

IMO they go hand in hand. You can find the structs easier in active memory. Then, when you know what's the contents of the struct, it's much easier to unravel the contents of the packets. I'd even say that first looking at the mem structure and then working on the packet nets faster results then solelly looking at the packets and trying to see what the contents are.

[ThanosOfTitan]

What program are you using to scan memory for the ZEM? I'd love to get a ZEM for some of the zones I visit.

[Amadeus]

MacroQuest would be the most logical...but you'd have to write your own function for doing it.

I use windbg to build structs and so forth..but it takes a "snapshot" of memory really...so, it wouldn't be worthwhile for cataloging ZEMs

[Mr. Suspicious]

What program are you using to scan memory for the ZEM?

Own made, look at the _old_ programs, that were used to scan the EQ memory for the Decrypt key "back when that was needed still", to get the general idea of how to scan memory. As long as you know the structure and the adress where it can be found you'll be able to pull out out of mem.

[Mr. Suspicious]

ThanosOfTitan wrote on 06-22-2003 11:25 PM:

Own made, look at the _old_ programs, that were used to scan the EQ memory for the Decrypt key "back when that was needed still", to get the general idea of how to scan memory. As long as you know the structure and the adress where it can be found you'll be able to pull out out of mem.

Would it be possible to get a copy? I have a character who is flagged up to everything but time, I'd love to explore and record to post.

I'll post it here after I've removed some Server/character/guild related code from it. Just the .cpp and .h file should be enough. It's not pretty code, but should be quite understandable for the layman (it was for me =P)

[junk]

I use OllyDbg.

[Mr. Suspicious]

Here it is, simple, easy to see what it does, but very inefficiently code wise =P

included:

mobgrab.h
mobgrab.cpp

I used it in the past to capture item data, but unfortunally I've been unable to find the memory locations of items (or at least, the offset that points to the memory location)

I know items are somehow managed like mobs: 1st mob found on Mem location X (adress can be found in a "adress register", hey, I'm old skool Assembler) and following mobs are at adresses X + offset found in current mob structure. As said: I haven't been able to find how this works for items. If anyone has the first adress for the first item data, please feel free to share your knowledge.

[ruodrra]

I am very interested in finding out ZEMs in EQ but I know absolutely nothing about programming. I downloaded 'ollydbg' but can't figure out how to find the floating memory address referenced here where ZEM info is supposedly stored.

Could anyone give me a basic step by step on how to find the ZEM using this ollydbg program?

Thanks

[uncleubb]

I don't know anything about the program you downloaded, but the instructions on how to find this were clearly described early in this thread.

However, with the patch I would be surprised if they are in the same memory location (I haven't checked).