Page 1 of 2 12 LastLast
Results 1 to 10 of 19
  1. #1
    Dwar
    Dwar is offline
    Veteran Dwar's Avatar
    Join Date
    2010 Mar
    Posts
    2,222
    Thanks Thanks Given 
    211
    Thanks Thanks Received 
    2,230
    Thanked in
    292 Posts
    Rep Power
    10

    Forsaken World Offsets, Base Address, Memory Structure

    The aim of this thread is to collect valuable data of the Forsaken World client memory structure. It means: offsets, base address and so on, - information which maybe need for ingame bot creation.
    If someone is familiar with Perfect World, so you will not find big differences between these games (at the beginning

    So, I spent some of my “coffee time” to collect useful information about FW memory structure, offsets and so on. And ask everyone who interested in this field to continue this work Reason? To “improve” your future bot functionality

    About Base Address (BA).
    For current version (), it’s
    BA = 0xD37B10

    How to find… you can check something like this
    8B0D 107BD300   mov     ecx, dword ptr [0xD37B10] 
    6A 06 push 0x6
    56 push esi
    8B49 24 mov ecx, dword ptr [ecx+0x24]
    E8 32880200 call 007A9E20
    56 push esi
    E8 EC9B2600 call 009EB1E0
    83C4 04 add esp, 0x4
    5E pop esi
    C3 retn


    [[BA] + 0x20] - Main game structures
    [[BA] + 0x20] + 0x24] - Player structure
    [[BA] + 0x20] + 0x0C] - Base world lists
    [[[BA + 0x20] + 0x0C] + 0x1C] - Players list
    [[[BA + 0x20] + 0x0C] + 0x20] - Mob/Pet/NPC list
    [[[BA + 0x20] + 0x0C] + 0x24] - Loot/Mine/Herb list


    Draft table of the players’ memory structure. I didn’t check all of 0x1200 values but after 20 min I got this:

    Player structure: [[[BA] + 0x20] + 0x24]



    If you like visual representation of memory block with colorful cells.. excel table is in attachment

    Please register or login to download attachments.

    Please, post your questions on forum, not by PM or mail

    I spend my time, so please pay a little bit of your time to keep world in equilibrium

  2. The Following 3 Users Say Thank You to Dwar For This Useful Post:


  3. #2
    lirikmel
    lirikmel is offline
    New member
    Join Date
    2010 Jul
    Location
    tver
    Posts
    41
    Thanks Thanks Given 
    0
    Thanks Thanks Received 
    67
    Thanked in
    2 Posts
    Rep Power
    0
    cant attach cheat engine ...as I can in the future to follow the change of addresses ?

  4. #3
    fyyre
    fyyre is offline
    New member fyyre's Avatar
    Join Date
    2011 Apr
    Location
    0xfe
    Posts
    21
    Thanks Thanks Given 
    7
    Thanks Thanks Received 
    2
    Thanked in
    2 Posts
    Rep Power
    0
    There are a lot of functions that reference this address (naturally), it is initialized here:

    Code:
    .text:004342BB     mov dword ptr [esi], offset const CECGame::`vftable'
    .text:004342C1     mov off_D37B10, esi
    for latest game.exe:

    Code:
    0x00D37B10
    .data:00D37B10*off_D37B10      dd offset off_D3B5A0
    -Fyyre

  5. #4
    gazapo
    gazapo is offline
    Guest
    Join Date
    2011 Apr
    Posts
    3
    Thanks Thanks Given 
    0
    Thanks Thanks Received 
    0
    Thanked in
    0 Posts
    Rep Power
    0
    Hi, what do you use for getting the base adress ? because like lirikmel i cant attach cheat engine the game, alwas crashes or freezes the game ...

  6. #5
    explosionsinthe
    explosionsinthe is offline
    New member explosionsinthe's Avatar
    Join Date
    2011 Apr
    Posts
    16
    Thanks Thanks Given 
    1
    Thanks Thanks Received 
    1
    Thanked in
    1 Post
    Rep Power
    0
    Dwar has probably bypassed any protection the game has so he can do whatever he wants with whatever he wants to the game.

  7. #6
    Dwar
    Dwar is offline
    Veteran Dwar's Avatar
    Join Date
    2010 Mar
    Posts
    2,222
    Thanks Thanks Given 
    211
    Thanks Thanks Received 
    2,230
    Thanked in
    292 Posts
    Rep Power
    10
    Quote Originally Posted by gazapo View Post
    what do you use for getting the base adress ?
    You can try CE 6 with kernelmode. It should work. Or you can follow instruction from https://progamercity.net/fw-hacks/13...rotection.html to bypass anti-debug protection and then use e.g. olly for retrieving data.
    Please, post your questions on forum, not by PM or mail

    I spend my time, so please pay a little bit of your time to keep world in equilibrium

  8. #7
    Abstract
    Abstract is offline
    New member
    Join Date
    2011 Apr
    Location
    Germany
    Posts
    5
    Thanks Thanks Given 
    2
    Thanks Thanks Received 
    8
    Thanked in
    1 Post
    Rep Power
    0
    Without bypassing, i can attach the latest cheat engine. In windows 7 i have to start is as an administrator.

    I didn't use any of mine bypass code. There is no Memory protection in FW.
    Last edited by Abstract; 2011-05-08 at 11:50 AM.

  9. #8
    fyyre
    fyyre is offline
    New member fyyre's Avatar
    Join Date
    2011 Apr
    Location
    0xfe
    Posts
    21
    Thanks Thanks Given 
    7
    Thanks Thanks Received 
    2
    Thanked in
    2 Posts
    Rep Power
    0
    Quote Originally Posted by Abstract View Post
    There is now Memory protection in FW.
    What type of memory protection? (i.e. PageGuard, NoAccess, ExceptionHandler with mentioned, breakpoints) ?

    GACD enabled yet? =p

  10. #9
    Abstract
    Abstract is offline
    New member
    Join Date
    2011 Apr
    Location
    Germany
    Posts
    5
    Thanks Thanks Given 
    2
    Thanks Thanks Received 
    8
    Thanked in
    1 Post
    Rep Power
    0
    @fyyre omg sorry. Now = No. What a epic fail mistake.

  11. #10
    NaPeK
    NaPeK is offline
    New member
    Join Date
    2011 May
    Posts
    7
    Thanks Thanks Given 
    0
    Thanks Thanks Received 
    0
    Thanked in
    0 Posts
    Rep Power
    0
    Anyone know mob hp possition ?

Page 1 of 2 12 LastLast

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •