blackd
09-20-2016, 13:55
Ok, this is the most weird structure I ever saw, but I finally found a way to deal with it.
First of all, lets understand an element of this structure:
P0 - Pointer - 4 BYTES - Points to other element
P1 - Pointer - 4 BYTES - Points to other element
P2 - Pointer - 4 BYTES - Points to other element
B1 - Boolean - 1 BYTE (limited to only 0 or 1)
B2 - Boolean - 1 BYTE (limited to only 0 or 1)
I1 - Number - 2 BYTES
L1 - Number - 4 BYTES : The internal ID of the skill
S0 - Number - 2 BYTES : Your current effective skill including all skill bonuses
S1 - Number - 2 BYTES : Your base skill
PC - Number - 1 BYTE (represeting a progress percent so it is limited to a value from 0 to 99)
Well, I have no idea why they need a 3 pointers structure, and I don't know why they use P0,P1 OR P2 in each case to follow the path to the next skill. I guess the code will look terrible, but this is what we have in Tibia 11 and we need to deal with it so I have investigated it and I found it follows an static pointer map. I attach it below:
https://blackdtools.net/tibia11skillmap.jpg
How to find the initial pointer?
Well, you only need to find AXE element, by searching in Cheat Engine an array containing 5 bytes:
b0 b1 : your current axe skill
b2 b3 : your base axe skill (the same if you are not wearing axe ring)
b4 : your current axe progress (100 minus your "remaining" % to skil up)
Having an axe ring will help yo to select the right one in case you obtain several results.
After you found the address of such bytes then you can see the start of the element 20 bytes before (-14):
adrSkills_AXE = (obtained address - HEX 14)
adrSkills_AXE_Current = adrSkills_AXE + HEX 14
adrSkills_AXE_Base = adrSkills_AXE + HEX 16
adrSkills_AXE_Progress = adrSkills_AXE + HEX 18
Well, now you that we have adrSkills_AXE, we only need to follow its P1 pointer and we reach the INITIAL element of this weird structure. Then you can use Cheat Engine pointer scan to obtain paths and repeat 1-2 times to filter the paths. The good path should be similar to the paths of the basic stats (health, mana, etc)
First of all, lets understand an element of this structure:
P0 - Pointer - 4 BYTES - Points to other element
P1 - Pointer - 4 BYTES - Points to other element
P2 - Pointer - 4 BYTES - Points to other element
B1 - Boolean - 1 BYTE (limited to only 0 or 1)
B2 - Boolean - 1 BYTE (limited to only 0 or 1)
I1 - Number - 2 BYTES
L1 - Number - 4 BYTES : The internal ID of the skill
S0 - Number - 2 BYTES : Your current effective skill including all skill bonuses
S1 - Number - 2 BYTES : Your base skill
PC - Number - 1 BYTE (represeting a progress percent so it is limited to a value from 0 to 99)
Well, I have no idea why they need a 3 pointers structure, and I don't know why they use P0,P1 OR P2 in each case to follow the path to the next skill. I guess the code will look terrible, but this is what we have in Tibia 11 and we need to deal with it so I have investigated it and I found it follows an static pointer map. I attach it below:
https://blackdtools.net/tibia11skillmap.jpg
How to find the initial pointer?
Well, you only need to find AXE element, by searching in Cheat Engine an array containing 5 bytes:
b0 b1 : your current axe skill
b2 b3 : your base axe skill (the same if you are not wearing axe ring)
b4 : your current axe progress (100 minus your "remaining" % to skil up)
Having an axe ring will help yo to select the right one in case you obtain several results.
After you found the address of such bytes then you can see the start of the element 20 bytes before (-14):
adrSkills_AXE = (obtained address - HEX 14)
adrSkills_AXE_Current = adrSkills_AXE + HEX 14
adrSkills_AXE_Base = adrSkills_AXE + HEX 16
adrSkills_AXE_Progress = adrSkills_AXE + HEX 18
Well, now you that we have adrSkills_AXE, we only need to follow its P1 pointer and we reach the INITIAL element of this weird structure. Then you can use Cheat Engine pointer scan to obtain paths and repeat 1-2 times to filter the paths. The good path should be similar to the paths of the basic stats (health, mana, etc)