本文介绍了一种在魔兽世界游戏中定位动态分配内存位置的方法。通过利用静态指针及其偏移量来跟踪玩家位置等数据的变化,实现对动态内存区域的有效定位。文中详细描述了定位流程,并提出可通过追踪内核调用来进一步探索动态数据段。
I think I found a way to track down dynamic allocated data: some static pointers(like player position) are very kindly mirrored by WoW into the dynamic zones, at known offsets.
The routine is pretty simple:
1. Read static pointer
2. Scan memory for that value
3. Move character just a bit
4. Repeat
5. ...
6. Profit? 
Considering they are float and you know their exact value at any time by reading the static pointers, you only need maybe 3 or 4 scans of memory to identify the dynamic allocated memory origins.
Another aproach could be to track down the calls for kernel32.VirtualAlloc (11 calls in WoW) to find the start address of the dynamic data segments when they get allocated by the system.
扫一扫
评论
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
查看更多评论
添加红包
