For external:

Get HWND

hwnd = FindWindow("Qt5QWindowOwnDCIcon", 0);

hwnd = FindWindow(, "Tibia - Charactername");
http://stackoverflow.com/questions/16530871/findwindow-does-not-find-the-a-window#answer-16531276

Get QTCore.dll Base adress.


LPVOID GetModule()
{
HMODULE hMods[1024];
HANDLE pHandle = GetHandle(); //Tibia process Handle
DWORD cbNeeded;
unsigned int i;

if (EnumProcessModules(pHandle, hMods, sizeof(hMods), &cbNeeded))
{
for (i = 0; i < (cbNeeded / sizeof(HMODULE)); i++)
{
TCHAR szModName[MAX_PATH];
if (GetModuleFileNameEx(pHandle, hMods[i], szModName, sizeof(szModName) / sizeof(TCHAR)))
{
string wstrModName = szModName;
string wstrModContain = "Qt5Core.dll";

if (wstrModName.find(wstrModContain) != string::npos)
{
return getBaseAdress(pHandle, hMods[i]);
}
}
}
}
return NULL;
}



Follow offsets chain:



DWORD healthOffset[] = {0x004555C8, 0x8, 0x134, 0x2C, 0x24};

//oLevel = sizeof(healthOffset)/sizeof(DWORD)

DWORD getAdress(int oLevel, HANDLE pHandle, DWORD Offsets[], DWORD BaseAdress){
DWORD CurrentAdress = BaseAdress;
for ( int i = 0; i < oLevel - 1; i++){
cout << "Current: " << CurrentAdress << " adding: " << Offsets[i] << endl;
CurrentAdress = CurrentAdress + Offsets[i];
cout << "Ended in " << CurrentAdress << endl;
if ( ReadProcessMemory(pHandle, (LPVOID)CurrentAdress, &CurrentAdress,sizeof(CurrentAdress),NULL) == 0) {
cout << GetLastError() << endl ;
}
}
return CurrentAdress + Offsets[oLevel - 1] ;
}

hpAdress = getAdress(5, handle, healthOffset, baseAdress) ;

Thank you for sharing! It looks good.
I will build it in Visual Basic soon. Of course, it will be a bit slower. Anyways I will share it as soon I have it working.

Can you tell me how to do this in c#, im trying with TibiaProcess.Modules but qt5core isn't there

_Tibia = value; // 'value' is the tibia Process object
foreach (ProcessModule module in _Tibia.Modules){
string name = module.FileName;
if (name.Contains("Qt5Core.dll"))
{
_BaseAddress = Convert.ToUInt32(module.BaseAddress.ToInt32());
break;
}
}
_Handle = value.MainWindowHandle;


Hope this helps.

For the base address reading, here is a sample code that loops:


// address is the base address (in my case, tibia's base), and offsets is the offset array
// for example, the offset list for HP would be: (values are not up to date)
// public static UInt32[] Hp = { 0x4555C8, 0x8, 0x1D8, 0x60, 0x8 };
private static UInt32 GetUInt32Value(UInt32[] offsets, UInt32 address)
{
for (int i = 0; i < offsets.Length; i++)
{
address = ReadUInt32(address + offsets[i]);
}
return address;
}

If I can, how to turn off BattlEye? I can't use Cheat Engine;/ one week ago i can read all in tibia 10 and something in 11 now I can use CE