Results 1 to 4 of 4
  1. #1
    sullx
    sullx is offline
    New member
    Join Date
    2013 Jun
    Posts
    6
    Thanks Thanks Given 
    1
    Thanks Thanks Received 
    3
    Thanked in
    1 Post
    Rep Power
    0

    Search for an object list

    As I describe here my aim currently is to see if I can't find some sort of standard container with all of the world objects in a way that hopefully let's me access their member variables (such as coordinates, health etc).

    I have made a promising first step, although it wasn't really much of my doing. I have found that

    TERA.exe+1A1DB34 +f 0x14 + 0x44 + 0x10 gives some sort of integer ID to npc's in the world. This only works for npc's such as towns folk, farm animals, gathering points, but not enemies. I have yet to get any other good information out of it, but I am searching.

    Is there a usual prescription for finding what I am describing? 'Object lists' might not be exactly the right keyword, but I assume every game has some type of object manager that utilizes some type of container.

  2. #2
    AikaMaster
    AikaMaster is offline
    Senior Member AikaMaster's Avatar
    Join Date
    2012 May
    Location
    Inside you mind!
    Posts
    245
    Thanks Thanks Given 
    58
    Thanks Thanks Received 
    642
    Thanked in
    68 Posts
    Rep Power
    0
    Can you add me to Skype sullx? So we can talk better.

  3. #3
    rpm23
    rpm23 is offline
    New member
    Join Date
    2012 Sep
    Posts
    14
    Thanks Thanks Given 
    0
    Thanks Thanks Received 
    2
    Thanked in
    2 Posts
    Rep Power
    0
    0x14 -> 0x44 -> 0x10 = Interact ID # of the interactable entity/object that has the blue highlight circle around its base. that is in front of you prompting for the "F" to be pushed.

    the 0x14 that you started in is the Local Player entity, you will not find the object list in there.

  4. #4
    juppie7
    juppie7 is offline
    New member
    Join Date
    2014 Mar
    Posts
    5
    Thanks Thanks Given 
    0
    Thanks Thanks Received 
    0
    Thanked in
    0 Posts
    Rep Power
    0
    Any information on locating it would be helpful. I was really hoping to find it using cheat engine, because it's significantly less work than Olly or IDA; with the obvious downside of being practically useless for tracking down dynamic stack data that is possibly encrypted as well.

    The way I went about it is using the target structure. When you target an entity, it pulls it's location, id, distance in meters, etc. That data came from somewhere, it is stored somewhere. That much is true. Following it back, I find that it's a volatile value at a semi-constant address pointer; and it actually uses the TERA base same with the other structures. Which is good news. However, that data only persists in the single run of that function's registers. Then it is gone. There are no other copies in RAM by the same value or near same value. It looks like a stack region, push and pop allover the place.
    The asm shows that it converts the meters distance into an int from a float. So it's stored as a float somewhere. This is why I think it is encrypted. Because how else can it obtain that float value from a volatile location, and in that single microsecond that that value is available, it not too be elsewhere in memory. It means that float value is converted from something else.
    So that means not only do I need to find the functions that write this intermediate value, but I need to find the functions that encrypt & decrypt. And only after that can I hope to find any translatable data regarding entities. Maybe it's just a simple XOR to tweak it out of the range of memory scanning , i don't know. But it sucks because there is a VERY brief millisecond window that it can be done. And the time it takes to track backwards exceeds the amount of time allowed by TERA.exe until it disconnects from the server. Which makes this just that much harder.

    And so obviously, I would really appreciate any insight or advice from the more experienced hackers out there. Unfortunately, I am still awaiting moderator approval for some reason. Guess I am stuck with my own brain for now. Perhaps that will be enough given enough time....

Similar Threads

  1. [Delphi] Memory Search Function
    By RiiStar in forum Delphi
    Replies: 20
    Last Post: 2022-02-10, 10:42 PM
  2. Replies: 0
    Last Post: 2013-05-02, 02:57 AM
  3. [Tutorial] Read/Post Value From/To Flash Object in webpage
    By jeremy5189 in forum Web, PHP
    Replies: 0
    Last Post: 2013-02-05, 02:09 PM
  4. Search Grand Fantasia Server fiels
    By SkreaM in forum Grand Fantasia
    Replies: 1
    Last Post: 2012-12-15, 03:28 AM
  5. [Tutorial] How to search base address of Aika
    By codename209 in forum Aika Guides, Tutorials
    Replies: 22
    Last Post: 2012-02-22, 12:16 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •