guessing that the targetAddr offset is out of the range 0x899f64 to 0xa99f64 that is being scanned?
guessing that the targetAddr offset is out of the range 0x899f64 to 0xa99f64 that is being scanned?
Found the offset manually. Posted offsets in a new thread.
i tried to find it manually but was unsuccessful.
I'll post a new version soon, it was just a simple mistake in my mask value. I was hoping the next patch wouldn't bork it, since it worked fine on the test server, but I guessed wrong heh.
The new version will have some of the changes I mentioned awhile ago, the biggest is that it will use a filestream instead of memory from now. If I can find time, I'd also like to see the struct code added in for this release also...
And finally, since my playtime/interest for EQ is next to nil, I plan to release the source-code under the GPL. Hopefully someone else will be able to learn something from it, its been an intersting project for me at least.
awesome, I look forward to it!
Nice Carp. Thanks.
I will add it to the File section of SF when you get time to post it.
Filters for ShowEQ can now be found here. filters-5xx-06-20-05.tar.gz
ShowEQ file section is here. https://sourceforge.net/project/show...roup_id=10131#
Famous Quotes:
Ratt: WTF you talkin' about BA? (Ok.. that sounds like a bad combo of Diffrent Strokes and A-Team)
Razzle: I showeq my wife
Neat Carp.
My interest in EQ has been nil since the release of SoD. They just added so much stuff, it seems like I will never catch up. I do some casual play on twinks now, and that is about it. I am thinking of totally starting over on FV.
It has been entertaining to work with the 1.19 code of MySEQ. I should get another 2-3 months of fun out of doing that, and then I might be interested in EQ. But in the meantime, I will just learn more C#. Might be fun to roll the code into the MySEQ server.
Razzle
Finally found some time to fix the Smart EQ Offset Finder. There are two major changes with this version of the offset finder. The first is that instead of reading memory it simply reads the eqgame.exe file. It defaults to eqgame.exe but you can provide your own filename as the first argument.
The second big change is that it is completely GPL now. So enjoy the source code! ;-)
http://rapidshare.com/files/23653656...ffsets-0.9.zip
http://rapidshare.com/files/23641183...ffsets-src.zip
Almost forgot, I also added the WorldAddr offset too.
Last edited by Carpathian; 05-23-2009 at 08:11 PM.
This looks like a variation of the FindPattern functions originally posted on GameDeception.
Rather than run a program to find these, why not make the MySEQ server find them automatically, eliminating the need to even use the offset ini file. I do this in several of my MQ2 plugins.
Here's an example for finding an offset I use for detecting mouse movement on the screen's X axis:
Basically GetOffsets() gets called during initialization and if there's a problem locating an offset it spits out an error message and exits.Code:// this will get filled with the pointer address DWORD *gMouseRelX = 0; . . . // patterns for the scan function - these all get saved in "patterns.h" unsigned char *mouseRelXPattern = (unsigned char*)"\x89\x0D\x00\x00\x00\x00\x89\x15\x00\x00\x00\x00\x74\x00\xA1\x00\x00\x00\x00\x8B\x80\x00\x00\x00\x00\x83\xF8\x00\x74\x00\x83\xF8\x00\x74\x00\x83\xF8\x00\x75"; char mouseRelXMask[] = "xx????xx????x?x????xx????xx?x?xx?x?xx?x"; // this pattern brings us to this address in eqgame.exe. our pointer address (0xAC95A8) starts at byte 2 (0x89 being byte zero) // .text:005638ED A0C 89 0D A8 95 AC 00 mov int RelX, ecx . . . // function for loading offsets (the "return 4" is for an error message. other offset scans have been snipped out) DWORD GetOffsets() { DWORD n = 0; . . . if(n = FindPattern(0x500000, 0x100000, mouseRelXPattern, mouseRelXMask)) // this returns address 0x5638ED gMouseRelX = (DWORD*)GetDWordAt(n, 2); // this adds two bytes and returns the pointer address at that location else return 4; . . . return 0; } . . . // detect mouse movement if(*gMouseRelX || *gMouseRelY) { // do stuff }
FindPattern files that I use:
Code:// FindPattern.cpp // originally created by: radioactiveman/bunny771/(dom1n1k?) of GameDeception ----------- inline bool DataCompare(const unsigned char* pData, const unsigned char* bMask, const char* szMask) { for(;*szMask;++szMask,++pData,++bMask) if(*szMask=='x' && *pData!=*bMask ) return false; return (*szMask) == 0; } unsigned long FindPattern(unsigned long dwAddress,unsigned long dwLen,unsigned char *bMask,char * szMask) { for(unsigned long i=0; i < dwLen; i++) if( DataCompare( (unsigned char*)( dwAddress+i ),bMask,szMask) ) return (unsigned long)(dwAddress+i); return 0; } // -------------------------------------------------------------------------------------- // ieatacid - 3/11/09 unsigned long GetDWordAt(unsigned long address, unsigned long numBytes) { if(address) { address += numBytes; return *(unsigned long*)address; } return 0; } // ieatacid - 3/11/09 unsigned long GetFunctionAddressAt(unsigned long address, unsigned long addressOffset, unsigned long numBytes) { if(address) { unsigned long n = *(unsigned long*)(address + addressOffset); return address + n + numBytes; } return 0; }Code:// FindPattern.h unsigned long FindPattern(unsigned long dwAddress,unsigned long dwLen,unsigned char *bMask,char * szMask); inline unsigned long GetDWordAt(unsigned long address, unsigned long numBytes); inline unsigned long GetFunctionAddressAt(unsigned long address, unsigned long addressOffset, unsigned long numBytes);
I've also used these successfully to retrieve structure offsets.
Yeah, the pattern functions are derived from those original functions, except I found them at unknown cheats. I'm not 100% on what their licensing is since I've seen them in both open and closed-source projects. Oh well, opensource here now ;-).
I also have a version that can find the structure offsets, but I haven't finished the masks for ground spawns yet. I might go work on finishing that now. Either way, I'm hoping that the source code will encourage someone to move it into MySEQ-Server. The only downside is right now only 2 people here know how to fix this method, where-as multiple people can find the offsets. I could post a tutorial on how to find/create the masks with IDA Pro I suppose.
Releasing a minor, slightly major, update. Some of the structure offset code is in place so others can work on it too if they desire. It also has support for MySEQ styled output, simply add -myseq as the second argument.
http://rapidshare.com/files/23806699...sets-0.9.1.zip
http://rapidshare.com/files/23806708...-0.9.1-src.zip
Weird. Coming up with a different SpawnHeaderAddr again (0xac625c). It is showing (0xa4ea58) for CharInfoAddr which is what the prior one the Offset Finder found for SpawnHeaderAddr and the 2 values are generally the same, although the .ini file names it just CharInfo, so not sure it is meant to be the same value used as an offset.
Great work though.
Last edited by Hidron; 05-28-2009 at 11:14 AM.
Yeah, I changed that on purpose. The pattern I put into 0.9 was actually supposed to be the pattern for CharInfo.
EQGame actually has about three pointers which all point to the same value currently. This is because Sony has chosen to keep the local player spawn data as the head element of the linked list for awhile now. Thus using SpawnHeader or CharInfo interchangeably will currently yield working results. Back in the day, they used to put the local player randomly into the list, so I always find the two independent offsets still... just in case Sony ever decides to change that again ;-).
Thanks for the information about the name being different between the two. It's weird that whomever added the offset used a different naming convention. I also see that "Primary Offsets" is supposed to be "Memory Offsets".
Keep letting me know if you find anything out the ordinary. I don't have an EQ subscription anymore, so its hard to actually verify anything I do now. The only executables I have to test against are the SoF CD, and the two patch servers.
I don't have an active account either, but I do use someone elses info to keep the game patched to save time if I ever do subscribe again. I will not risk someone elses account to test MYSEQ though, so I can't actually test the offsets.
I don't have a live account either, but am hoping SOE gives out free play time again this summer. Then I can play with this more, great work by the way. Until then I will just play on the emulator servers.
Razzle
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions
Reply With Quote