The aim of this thread is to collect valuable data of the Forsaken World client memory structure. It means: offsets, base address and so on, - information which maybe need for ingame bot creation.
If someone is familiar with Perfect World, so you will not find big differences between these games (at the beginning
So, I spent some of my “coffee time” to collect useful information about FW memory structure, offsets and so on. And ask everyone who interested in this field to continue this work Reason? To “improve” your future bot functionality
About Base Address (BA).
For current version (), it’s
BA = 0xD37B10
How to find… you can check something like this
8B0D 107BD300 mov ecx, dword ptr [0xD37B10]
6A 06 push 0x6
56 push esi
8B49 24 mov ecx, dword ptr [ecx+0x24]
E8 32880200 call 007A9E20
56 push esi
E8 EC9B2600 call 009EB1E0
83C4 04 add esp, 0x4
5E pop esi
C3 retn
[[BA] + 0x20] - Main game structures
[[BA] + 0x20] + 0x24] - Player structure
[[BA] + 0x20] + 0x0C] - Base world lists
[[[BA + 0x20] + 0x0C] + 0x1C] - Players list
[[[BA + 0x20] + 0x0C] + 0x20] - Mob/Pet/NPC list
[[[BA + 0x20] + 0x0C] + 0x24] - Loot/Mine/Herb list
Draft table of the players’ memory structure. I didn’t check all of 0x1200 values but after 20 min I got this:
Player structure: [[[BA] + 0x20] + 0x24]
Player structure: [[[BA] + 0x20] + 0x24]
+0590: HP current (dword,4)
+0594: MP current (dword,4)
+05B4: HP max (dword,4)
+05B8: MP max (dword,4)
+00C0: orientation (float)
+0128: camera (float)
+08C0: camera (float)
+08C4: camera (float)
+08C8: camera (float)
+0A5C: camera (float)
+0A60: camera (float)
+0A64: camera (float)
+0A6C: camera (float)
+0A70: camera (float)
+0A74: camera (float)
+0A7C: camera (float)
+0A80: camera (float)
+0A84: camera (float)
+0A8C: camera (float)
+0A90: camera (float)
+0A94: camera (float)
+0A9C: camera (float)
+0AA0: camera (float)
+0AA4: camera (float)
+0AAC: camera (float)
+0AB0: camera (float)
+0AB4: camera (float)
+0ABC: camera (float)
+0AC0: camera (float)
+0AC4: camera (float)
+0ACC: camera (float)
+0AD0: camera (float)
+0AD4: camera (float)
+0B18: camera (float)
+0B1C: camera (float)
+0B20: camera (float)
+0B24: camera (float)
+0B28: camera (float)
+0B2C: camera (float)
+0B30: camera (float)
+0B34: camera (float)
+0B38: camera (float)
+0B3C: camera (float)
+0B90: camera (float)
+0B98: camera (float)
+0C7C: camera (float)
+0C80: camera (float)
+018C: (pointer)
+01D4: (pointer)
+0278: Pants ID (dword)
+0284: Helm Id
+03B0: Pants ID (dword)
+03BC: Helm Id
+07B4: Attack min
+07B8: Attack max
+07BC: defence
+07c0: Crit chance (float)
+07c4: Crit damage (float)
+07c8: Crit dodge (float)
+07cC: Crit defence (float)
+07d0: Accuracy
+07d4: Evasion
+07d8: (float)
+01A0: Hekm (pointer)
+01E8: Show helm (pointer)
+0A24: Show helm (pointer)
+0F0C: toggle show hekm (dword)
+00C8: coord?
+00D0: coord?
+00D8: coord?
+00E0: coord?
+00F4: coord?
+00F8: coord?
+00FC: coord?
+0100: coord?
+0104: coord?
+0108: coord?
+0820: coord?
+0840: coord?
+0844: coord?
+0848: coord?
+0858: coord?
+085C: coord?
+0860: coord?
+0864: coord?
+0868: coord?
+086C: coord?
+0870: coord?
+0874: coord?
+0878: coord?
+0888: coord?
+088C: coord?
+0890: coord?
+0894: coord?
+0898: coord?
+089C: coord?
+08C8: coord?
+0B90: coord?
+0B98: coord?
+0BF0: coord?
+0BF4: coord?
+0BF8: coord?
+0C00: coord?
+0C04: coord? (dword)
+0C08: coord? (float)
+0C0C: coord? (float)
+0F6C: coord? (float)
+0f70: coord? (float)
+0F74: coord? (float)
+0F78: coord? (float)
+0F7C: coord? (float)
+0BCC: Is move (bool)
+0F80: is jump? (bool) =1
+0F90: is jump? (bool) =0
+08FC: Action ID?
+0900: Action ID?
+0C9C: Cooldown for cuurent spell
+0CA0: Cooldown for cuurent spell
+0A08: Target Id
+0A0C: Is target?
+1230: Is target? Valid only 1 second, only if Tab pressed
+1234: Dist to target? Valid only 1 second, only if Tab pressed
+1238: Dist to target? Valid only 1 second, only if Tab pressed
+123C: Dist to target? Valid only 1 second, only if Tab pressed
+1240: Dist to target? Valid only 1 second, only if Tab pressed
+1244: Dist to target? Valid only 1 second, only if Tab pressed
+1248: Dist to target? Valid only 1 second, only if Tab pressed
+124C: Dist to target? Valid only 1 second, only if Tab pressed
+0234: Soul coins
+05A4: Exp (float)
+08AC:
+0988:
+0C44:
+0FE8: Is attack?
If you like visual representation of memory block with colorful cells.. excel table is in attachment
Please register or login to download attachments.