Finding address offsets for Warcraft 3 1.27b

[ComeWithMe]

Hi there,

My idea is just to modify old Dota Allstars 6.83d map and inject a kind of anti map hack system inside it.
There is a lot of source code of map hacks for 1.26 version of the game, where we can see what offsets are changed and that's why this hack works.

But there are no free information about offsets for 1.27b version.

So I would like to find a way to get these offsets by myself for 1.27b version.

Here is known offsets for 1.26 version.

//;~ Warcraft 3:All Offsets for 1.26a

//;~ Reveal Units on Main Map
Game.dll + 0x3A14F0 = 0x87
Game.dll + 0x3A14F1 = 0xDB
Game.dll + 0x3A159B = 0x87
Game.dll + 0x3A159C = 0xDB
//;~ Remove FOG on Main Map
Game.dll + 0x74CA1A = 0x15
Game.dll + 0x74CA1B = 0x50
//;~ Reveal Units on Mini Map
Game.dll + 0x36143B = 0x33
Game.dll + 0x36143C = 0xC0
Game.dll + 0x36143D = 0x90
Game.dll + 0x36143E = 0x90
Game.dll + 0x36143F = 0x90
//;~ Remove FOG on Mini Map
Game.dll + 0x356525 = 0x87
Game.dll + 0x356526 = 0xDB
//;~ Enable Trade
Game.dll + 0x34DDA2 = 0xB8
Game.dll + 0x34DDA3 = 0xC8
Game.dll + 0x34DDA4 = 0x00
Game.dll + 0x34DDA5 = 0x00
Game.dll + 0x34DDA7 = 0x90
Game.dll + 0x34DDAA = 0xB8
Game.dll + 0x34DDAB = 0x64
Game.dll + 0x34DDAC = 0x00
Game.dll + 0x34DDAD = 0x00
Game.dll + 0x34DDAF = 0x90
//;~ Make Units Clickable
Game.dll + 0x28519C = 0x87
Game.dll + 0x28519D = 0xDB
Game.dll + 0x93645E = 0x1C
Game.dll + 0x93645F = 0x45
//;~ Reveal Illusions
Game.dll + 0x282A5C = 0x90
Game.dll + 0x282A5D = 0x40
Game.dll + 0x282A5E = 0xC3
//;~ Reveal Invisibles
Game.dll + 0x399A98 = 0x71
//;~ Show Runes
Game.dll + 0x3A14DB = 0x71
//;~ Show Skills / Cooldowns
Game.dll + 0x2026DC = 0x87
Game.dll + 0x2026DD = 0xDB
Game.dll + 0x2026DE = 0x87
Game.dll + 0x2026DF = 0xDB
Game.dll + 0x2026E0 = 0x87
Game.dll + 0x2026E1 = 0xDB
Game.dll + 0x28E1DE = 0x71
Game.dll + 0x34F2A8 = 0x87
Game.dll + 0x34F2A9 = 0xDB
Game.dll + 0x34F2E9 = 0x00
//;~ Bypass -ah in DotA Allstars
Game.dll + 0x3C639C = 0xB8
Game.dll + 0x3C63A1 = 0xEB
Game.dll + 0x3CB872 = 0xEB

Can anyone help me or suggest any approach how can I find the same offsets but for Warcraft 3 1.27b?

Thank you in advance.

 

[Dr Super Good]

Look at the machine code the addresses point to in 1.26. There is a good chance that the machine code of the functions in 1.27b is very similar if not the same. You can then search for chunks of it to see where the new addresses for the functions may be.

 

[ComeWithMe]

machine code

Do you mean OPCODE, assembly code, instructions for specific addresses?

 

[Dr Super Good]

Do you mean OPCODE, assembly code, instructions for specific addresses?

I mean x86 machine code. The binary form of x86 program in memory that is directly executed by the CPU. Usually the same C++ code compiled will produce the same or very similar machine code, maybe with call addresses having changed.

You could convert this to x86 assembly to make it more human readable. However the idea is still the same as you are trying to match sequences and patterns as those may represent the same code but now moved to a different address in the DLL.

 

[TriggerHappy]

Use a decompiler like IDA or Ghidra. Then, find the offsets in 1.26 and look for the updated ones in 1.27b.

 

[ComeWithMe]

Use a decompiler like IDA or Ghidra. Then, find the offsets in 1.26 and look for the updated ones in 1.27b.

Thank you for your answer.
Bu this sounds too general for me. Since I have no experience with these programs, it will be very difficult for me.
I cannot figure out how to accomplish this sequence of actions in these programs.