1. Awaken what lies in the heart of your swarm. The 17th Techtree Contest has arrived!
    Dismiss Notice
  2. The Hive Workshop is launching its first HD modelling contest. How HD should it be?
    Dismiss Notice
  3. Check out the Staff Job Openings thread.
    Dismiss Notice
Dismiss Notice
Hive 3 Remoosed BETA - NOW LIVE. Go check it out at BETA Hive Workshop! Post your feedback in this new forum BETA Feedback.
Dismiss Notice
60,000 passwords have been reset on July 8, 2019. If you cannot login, read this.

Finding address offsets for Warcraft 3 1.27b

Discussion in 'Programming' started by ComeWithMe, Jan 20, 2021.

  1. ComeWithMe

    ComeWithMe

    Joined:
    Oct 30, 2020
    Messages:
    18
    Resources:
    0
    Resources:
    0
    Hi there,

    My idea is just to modify old Dota Allstars 6.83d map and inject a kind of anti map hack system inside it.
    There is a lot of source code of map hacks for 1.26 version of the game, where we can see what offsets are changed and that's why this hack works.

    But there are no free information about offsets for 1.27b version.

    So I would like to find a way to get these offsets by myself for 1.27b version.

    Here is known offsets for 1.26 version.

    Code (Text):
    //;~ Warcraft 3:All Offsets for 1.26a

    //;~ Reveal Units on Main Map
    Game.dll + 0x3A14F0 = 0x87
    Game.dll + 0x3A14F1 = 0xDB
    Game.dll + 0x3A159B = 0x87
    Game.dll + 0x3A159C = 0xDB
    //;~ Remove FOG on Main Map
    Game.dll + 0x74CA1A = 0x15
    Game.dll + 0x74CA1B = 0x50
    //;~ Reveal Units on Mini Map
    Game.dll + 0x36143B = 0x33
    Game.dll + 0x36143C = 0xC0
    Game.dll + 0x36143D = 0x90
    Game.dll + 0x36143E = 0x90
    Game.dll + 0x36143F = 0x90
    //;~ Remove FOG on Mini Map
    Game.dll + 0x356525 = 0x87
    Game.dll + 0x356526 = 0xDB
    //;~ Enable Trade
    Game.dll + 0x34DDA2 = 0xB8
    Game.dll + 0x34DDA3 = 0xC8
    Game.dll + 0x34DDA4 = 0x00
    Game.dll + 0x34DDA5 = 0x00
    Game.dll + 0x34DDA7 = 0x90
    Game.dll + 0x34DDAA = 0xB8
    Game.dll + 0x34DDAB = 0x64
    Game.dll + 0x34DDAC = 0x00
    Game.dll + 0x34DDAD = 0x00
    Game.dll + 0x34DDAF = 0x90
    //;~ Make Units Clickable
    Game.dll + 0x28519C = 0x87
    Game.dll + 0x28519D = 0xDB
    Game.dll + 0x93645E = 0x1C
    Game.dll + 0x93645F = 0x45
    //;~ Reveal Illusions
    Game.dll + 0x282A5C = 0x90
    Game.dll + 0x282A5D = 0x40
    Game.dll + 0x282A5E = 0xC3
    //;~ Reveal Invisibles
    Game.dll + 0x399A98 = 0x71
    //;~ Show Runes
    Game.dll + 0x3A14DB = 0x71
    //;~ Show Skills / Cooldowns
    Game.dll + 0x2026DC = 0x87
    Game.dll + 0x2026DD = 0xDB
    Game.dll + 0x2026DE = 0x87
    Game.dll + 0x2026DF = 0xDB
    Game.dll + 0x2026E0 = 0x87
    Game.dll + 0x2026E1 = 0xDB
    Game.dll + 0x28E1DE = 0x71
    Game.dll + 0x34F2A8 = 0x87
    Game.dll + 0x34F2A9 = 0xDB
    Game.dll + 0x34F2E9 = 0x00
    //;~ Bypass -ah in DotA Allstars
    Game.dll + 0x3C639C = 0xB8
    Game.dll + 0x3C63A1 = 0xEB
    Game.dll + 0x3CB872 = 0xEB
    Can anyone help me or suggest any approach how can I find the same offsets but for Warcraft 3 1.27b?

    Thank you in advance.
     
  2. Dr Super Good

    Dr Super Good

    Spell Reviewer

    Joined:
    Jan 18, 2005
    Messages:
    25,169
    Resources:
    3
    Maps:
    1
    Spells:
    2
    Resources:
    3
    Look at the machine code the addresses point to in 1.26. There is a good chance that the machine code of the functions in 1.27b is very similar if not the same. You can then search for chunks of it to see where the new addresses for the functions may be.
     
  3. ComeWithMe

    ComeWithMe

    Joined:
    Oct 30, 2020
    Messages:
    18
    Resources:
    0
    Resources:
    0
    Do you mean OPCODE, assembly code, instructions for specific addresses?
     
  4. Dr Super Good

    Dr Super Good

    Spell Reviewer

    Joined:
    Jan 18, 2005
    Messages:
    25,169
    Resources:
    3
    Maps:
    1
    Spells:
    2
    Resources:
    3
    I mean x86 machine code. The binary form of x86 program in memory that is directly executed by the CPU. Usually the same C++ code compiled will produce the same or very similar machine code, maybe with call addresses having changed.

    You could convert this to x86 assembly to make it more human readable. However the idea is still the same as you are trying to match sequences and patterns as those may represent the same code but now moved to a different address in the DLL.
     
  5. TriggerHappy

    TriggerHappy

    Code Moderator

    Joined:
    Jun 23, 2007
    Messages:
    2,814
    Resources:
    22
    Spells:
    11
    Tutorials:
    2
    JASS:
    9
    Resources:
    22
    Use a decompiler like IDA or Ghidra. Then, find the offsets in 1.26 and look for the updated ones in 1.27b.
     
  6. ComeWithMe

    ComeWithMe

    Joined:
    Oct 30, 2020
    Messages:
    18
    Resources:
    0
    Resources:
    0
    Thank you for your answer.
    Bu this sounds too general for me. Since I have no experience with these programs, it will be very difficult for me.
    I cannot figure out how to accomplish this sequence of actions in these programs.