As i'm working right now, i can't gather more data. But will do it later.
Code:Container Pointer: 0x006771D8; Battlelist_Start: 0x62B7A0; Battlelist_Step: 0xDC; //Nothing new on the battlelist structure
As i'm working right now, i can't gather more data. But will do it later.
Code:Container Pointer: 0x006771D8; Battlelist_Start: 0x62B7A0; Battlelist_Step: 0xDC; //Nothing new on the battlelist structure
so far i found these:
Anyone have other addresses? I can't find anything else.Experience = 008370A0
Fist Fighting = 009D4008
Club Fighting = 009D400C
Sword Fighting = 009D4010
Axe Fighting = 009D4014
Distance Fighting = 009D4018
Shielding = 009D401C
Fishing = 009D4020
I will give you a couple of sample
Code:Player_Id = 0x9D4034 - 0x400000; //10.74 BattleList_Start = 0xA2B7A0 - 0x400000; //10.74 Map_Start = 0xA71828 - 0x400000; //10.74 Containers_Start = 0xA771D8 - 0x400000; //10.74 GUI_Start = 0x8376C0 - 0x400000; //10.74 //packet AddPacketType = 0x5401D0 - 0x400000; //10.74 AddUint16 = 0x540740 - 0x400000; //10.74 AddUint32 = 0x5408F0 - 0x400000; //10.74 AddByte = 0x540590 - 0x400000; //10.74 AddString = 0x540AA0 - 0x400000; //10.74 SendPacket = 0x5410A0 - 0x400000; //10.74
I do like
For me with 0x400000 pointer is easier to find new address when ASLR has disabled.Code:Player_Id + BaseAddress //also working when ASLR is disabled because Base will 0x400000 so program will add base(0x400000) again to pointer.
If you don't support base address you need remove (-0x400000) for correct pointer.
http://tpforums.org/forum/threads/61...ll=1#post54020
http://tpforums.org/forum/threads/55...torial-revised
Last edited by wgrzelak; 02-07-2015 at 10:50 PM.
I see, i am disabling ASLR in my Programm so i don't need to add BaseAddress to my addresses
Also i have a little problem with OLD BattleList functions, they are outdated, Do you have new BattleList function to get all mobs, count, hp's, names etc? Trying to figure this function in Cheat Engine but its a bit complicated ^^
-edit-
Nevermind, made my own function in C# and found BlStep offset
Last edited by Wiw3K; 02-08-2015 at 01:13 PM.
you can find a bunch 10.74 of addresses here https://github.com/blackdtools/Black...onfig.ini#L100
version=10.74
DefaultTibiaFolder=Tibia
LoadedUseDynamicOffset=1
useDynamicOffset=yes
tibiaclassname=TibiaClient
tibiaModuleRegionSize=&H355000
LoginServerStartPointer=&H88E5C4
LoginServerStep=&H30
HostnamePointerOffset=&H4
IPAddressPointerOffset=&H20
PortOffset=&H28
adrMulticlient=&H557D45
PLAYER_Z=&H9D4040
LEVELSPY_NOP=&H516700
LEVELSPY_ABOVE=&H5166FC
LEVELSPY_BELOW=&H516704
LIGHT_TRICK_ADR=&H536772
LIGHT_TRICK_CODE=BBFF000000EB11909090
tibiachatlog_struct=&H8376C0>&H40>&H3C
tibiachatlog_selchannel=&H8376C0>&H40>&H30>&H30
tibia_popup_title=&H8376AC>&H54
MAP_POINTER_ADDR=&HA71828
OFFSET_POINTER_ADDR=&HA76350
adrConnectionKey=&H82A9C4
adrXOR=&H837090
adrMyHP=&H9D4000
adrMyMaxHP=&H9D402C
adrMyMana=&H8370E4
adrMyMaxMana=&H837094
adrMySoul=&H8370D0
adrNameStart=&HA2B7A0
adrNChar=&HA2B7A0
CharDist=&HDC
LAST_BATTLELISTPOS=1299
adrNum=&H9D4034
adrXPos=&H9D4038
adrYPos=&H9D403C
adrZPos=&H9D4040
adrConnected=&H848ED0
RedSquare=&H8370E0
adrLastPacket=&H847B12
adrSelectedCharIndex=&H9D13FC
adrCharListPtr=&H9D1370
adrCharListPtrEND=&H9D1374
adrXgo=&H9D4030
adrYgo=&H9D4028
adrZgo=&H9D4004
adrGo=&HA2B7F0
adrPointerToInternalFPSminusH5D=&HA1D268
adrNumberOfAttackClick=&H9D6DC8
can't believe otfans died.. and otserv project.. both OT and RL tibia is declining in active players