# Forum > World of Warcraft > World of Warcraft Bots and Programs > WoW Memory Editing >  [Guide] How to make a Wow bot for complete newbs!

## gononono64

Hi! My name is Devon and I’m an alcoholic.
Actually I have about 10 days off work and my choices of entertainment was drinking my life away or writing an guide for complete newbs on how to make a bot. So I decided to do both. 

Moving on… 

--Pre Introduction:--

I have spent a long time hopelessly searching the internet to learn everything I needed to know to make a bot. Well I failed miserably. But to my rescue came a kind person and helped me in my adventure to the stars (or at least the addresses of world of warcraft). He not only spent his time helping me by showing me stuff in the code I knew best but he also gave me great direction in where/what to search on the forums . Because of him I have this knowledge. Thank you ^_^ 

(I do not know if he wants to be named or not.)

--Introduction:--
Okay so many of you newbies (such as myself) are probably wondering “How the **** do I make a bot”. Well let me start out by saying, you need to know at least some sort of computer language, whether it be C++, C#, Java, or the shit language I use Autoit (yeah, yeah …Scripting blah, blah, blah… Its shitty blah, blah, blah…Learn a real language blah, blah, blah. All in due time). If you do not know a language then you will not understand this at all. So please go learn a language. 

On top of needing to know a language, you need to have a function that can read memory addresses. Whether you make it yourself or not is up to you.

One last thing, I personally do not know everything as I have just started out. For example, I do not know very much about dlls, therefore I copy the memory function (from nomadmemory.au3) and a “getwowbase” function provided by my dear ol’ champ I spoke about in the Pre Introduction.

Also, I will be using Autoit seeing as it is the code I am currently most skilled in and it is a fairly simple language so it should be simple enough to translate into your preferred code, but I will explain what is happening when necessary.

So let’s get down to it.

--Analogy (sounds like a good time to me)/Terms:--

So …*Deep Breath*… We can compare how we get info from World of Warcraft to our real world. Just like in real life, where there are many objects and creatures, there are many objects and creatures in Wow. We call these (because programmers aren’t creative) “WowObjects”. 

So we say to ourselves we want something from this world and we want to know a characteristic of this “something”. I would first need to know what kind of thing this something is. For example, is it a person or is it a table? Is it human or is it a dog or a cat? Similar concept applies to Wow. We call this an “ObjectType”. There are 7 types of objects in Wow, listed below:



```
1 - Items
2 - Contains
3 - NPC's
4 - Players
5 - GameObjects (Nodes etc)
6 - DynamicObjects (Spells and stuff)
7 - Corpses
```

From: http://www.mmowned.com/forums/world-...e-objects.html (Excellent guide. After you’re done, go check it out)

After we find out our type of world object (say for example a human) how would we know which human it is seeing as there are billions in the world. Well, as I’m sure you already know, this is the reason people have names. So this means if we know a person’s name we can find even more details about that person. Names in Wow memory are called “GUIDs” (Globally Unique Id) which is in sense a tag to identify an object. 

After this we have “Descriptors” which Describe (man these programmers are so clever) a WowObject. They kind of act like adjectives in the real world. For example in the real world if you asked someone how they’re health was they would say “good” or “bad”. Well in the programming world we don’t use adjectives, we use numbers. So if we had a Descriptor offset for our health it would tell us “health = 100%” or “health = 0% (you dead!)”

So for good measure and a little over kill I bring you another example analogy.
WorldObject - Rick is describing an “object” that he says is a part of this world. 
ObjectType - He says it’s a dog.
Guid - The dog’s name is Alfred 
Descriptor – Alfred is happy


(I will go into further detail about these things later)

So now that you get the idea behind it let’s see how they actually work in programming. 

--Memory:--

Now to be thorough, I’m going to explain a little bit about how memory works. Memory or RAM (Random Access Memory) or the little stick you shove into your motherboard to make your computer run, acts as a way to store information from running programs. Think of it as like little cubby holes that stores 1byte of information (generally an regular int is 4 bytes) that your program might need later. 

Well, each little cubby hole has an address so that the program can find that information. This address is called a hexadecimal (or hex for short) and it looks something like this “ 0x000000”. This address uses 16 symbols for each digit (0-9 and A-F), so if we increment 0x000009 by 1 it would be 0x00000A. 

Memory Cubby Hole picture:
ImageShack&#174; - Online Photo and Video Hosting


Example math: 

1. 0xF + 0xF = 0x1E 

2. 0x5 * 0x5 = 0x19

3. 0xBEAD – 0x4321 = 0x7B8C 

4. 0xBEAD + 0x4321 = 0x101CE 

5. 0x10000 – 0x1 = 0xFFFF 
--Offsets:--

Offsets in Wow memory reading are used to take an address, change it, and get a new address with (possibly) more information. For example, say I found my player at a dynamic address (the address changes each time the game loads) and I had a function called “GetPlayersAddress()” that returned the dynamic address to me. I could then use a static offset (always stays the same) to get an address that contains the value of, say, my health. 

For Example, say my dynamic address (remember this changes) was 0x000001 and my offset was 0x5. My new address would be 0x000006.

Now the nice thing about this forum is they have a little area called the dump thread which we will be using since I will not be going into how to actually get these offsets for yourself by reverse engineering Wow. It’s a little too complicate for me at this time.

--GettingWowBase:—

Now for any bot reading the memory that Wow uses, you will need to know the base address. This is done (from what I’ve seen) by calling a function that uses a couple of dlls to check the memory for wow.exe. I do understand how this works, I just don’t know enough about dlls to be able to code it myself. ^_^

So my recommendation would be to search google for a function to get base address of wow in your language of choice.

This is the code in Autoit:
(created by IceFire32 (unless refuted XD))


```
 
Func GETWOWBASEADDRESS($PID)

	$HSNAP = DllCall("Kernel32.dll", "HANDLE", "CreateToolhelp32Snapshot", "DWORD", 8, "DWORD", $PID)

	$STMODULE = DllStructCreate("DWORD dwSize;DWORD th32ModuleID;DWORD th32ProcessID;" & "DWORD GlblcntUsage;DWORD ProccntUsage;ptr modBaseAddr;" & "DWORD modBaseSize;HANDLE hModule;WCHAR szModule[256];" & "WCHAR szExePath[260]")

	DllStructSetData($STMODULE, "dwSize", DllStructGetSize($STMODULE))

	$RET = DllCall("Kernel32.dll", "BOOLEAN", "Module32FirstW", "HANDLE", $HSNAP[0], "ptr", DllStructGetPtr($STMODULE))

	IF ($RET[0] = False) Then
		DllCall("Kernel32.dll", "BOOLEAN", "CloseHandle", "HANDLE", $HSNAP[0])
		Return 0
	Else
		$RET[0] = True
		Do
			If DllStructGetData($STMODULE, "szModule") = "Wow.exe" Then

				DllCall("Kernel32.dll", "BOOLEAN", "CloseHandle", "HANDLE", $HSNAP[0])

				Return DllStructGetData($STMODULE, "modBaseAddr")
			EndIf
			$RET = DllCall("Kernel32.dll", "BOOLEAN", "Module32NextW", "HANDLE", $HSNAP[0], "ptr", DllStructGetPtr($STMODULE))
		Until $RET[0] = False
	EndIf
EndFunc   ;==>GETWOWBASEADDRESS
```

--ObjectManager:—

This is where we get into the juicy stuff. With an object manager, it will search through the memory to find a player memory location. And using some offsets, we can find most things we want to know about our player or any other object for that matter.

So first thing we need to do is get a couple of addresses and offsets from the latest patch dump thread that the mmowned community was nice enough to share with us.

http://www.mmowned.com/forums/world-...mp-thread.html



```
; We make them Global so that every function can access them and Constant so they cannot be changed by the program

;The first 2 are you create you manager from the baseaddress wow
Global Const $ClientConnection = 0x8BF1A8
Global Const $CurMgrOffset = 0x462C 
;The next one is to get the address of your first object ONLY
Global Const $FirstObjectOffset = 0xB4 
;To cycle through the object you need this offset
Global Const $NextObjectOffset = 0x3C 
Global Const $PlayerGUID = 0xB8 

;This next one is to find the objects type : 1 to 7 
Global Const $GameObjTypeOffset = 0x14
;And this one is to find the objects GUID
Global Const $GameObjGUIDOffset = 0x30
```

With these and the WowBase we can create our GetObject Function.

- We start by getting the Process ID (or PID) from Wow.
- And then getting the BaseAddress from wow.exe using the PID
(dots are there to show that there is code above it)


```
… 
$PID = WinGetProcess("World of Warcraft") 
Global $WowBase = GetWoWBaseAddress($PID)
```




Next we will get a handle from a function in nomadmemory.au3
(Which allows us to use the _MemoryRead function):


```
… 
$hWow = _MemoryOpen($PID)
```

Now that that is done, we can start adding our offsets and addresses together to create our Object Function using the memoryread function provided by Nomad.

But first we need to add the offsets to our base and add an offset to that to get the manager. After that, to get the PlayerGUID (which we will need to find our LocalPlayer) we add the PlayerGUID offset to the current manager:


```
Global Const $ClientConnection = 0x8BF1A8
Global Const $CurMgrOffset = 0x462C 
Global Const $FirstObjectOffset = 0xB4 
Global Const $NextObjectOffset = 0x3C 
;even though this says $playerGUID it is actually the offset to get the player GUID (offsetting the manager and not the object)
Global Const $PlayerGUID = 0xB8 

Global Const $GameObjTypeOffset = 0x14
Global Const $GameObjGUIDOffset = 0x30

$PID = WinGetProcess("World of Warcraft") 
Global $WowBase = GetWoWBaseAddress($PID)


$hWow = _MemoryOpen($PID) 

; Starting Here
; Params for our memoryread func is: _MemoryRead(Address,Handle,Type)

$currMgr_pre = _MemoryRead("0x" & Hex($WowBase + $ClientConnection), $hWow , "dword")
$currMgr = _MemoryRead("0x" & Hex($currMgr_pre + $CurMgrOffset), $hWow , "dword")
$pGUID = _MemoryRead("0x" & Hex($currMgr + $PlayerGUID), $hWow , "UINT64")

; The reason we use hex is to because the _memoryread function needs that value to be in hex format.
; To be honest I don’t think we need to use it but I do it anyways XD
```

For the type param; these are the many different types in programming:’
(From Autoit help)


```
Type	Details
none	no value (only valid for return type - equivalent to void in C)
BYTE	an unsigned 8 bit integer
BOOLEAN	an unsigned 8 bit integer
short	a 16 bit integer
USHORT	an unsigned 16 bit integer
WORD	an unsigned 16 bit integer
int	a 32 bit integer
long	a 32 bit integer
BOOL	a 32 bit integer
UINT	an unsigned 32 bit integer
ULONG	an unsigned 32 bit integer
DWORD	an unsigned 32 bit integer
INT64	a 64 bit integer
UINT64	an unsigned 64 bit integer
ptr	a general pointer (void *)
HWND	a window handle (pointer)
HANDLE	an handle (pointer)
float	a single precision floating point number
double	a double precision floating point number
INT_PTR, LONG_PTR, LRESULT, LPARAM	an integer big enough to hold a pointer when running on x86 or x64 versions of AutoIt.
UINT_PTR, ULONG_PTR, DWORD_PTR, WPARAM	an unsigned integer big enough to hold a pointer when running on x86 or x64 versions of AutoIt.
str	an ANSI string (a minimum of 65536 chars is allocated).
wstr	a UNICODE wide character string (a minimum of 65536 chars is allocated).
*	Add * to the end of another type to pass it by reference. For example "int*" passes a pointer to an "int" type.
```


Finally we can get to our Object Function. Now the Idea behind this is to start at our first address and check it to see if what is in that address = the GUID given. (in this example, the LocalPlayer’s GUID)



Thanks unnamed user that, after posting this, I’ll ask if it’s alright to mention him.


```
Func GetMemLocByGUID($guid)
	;Read the first wow object by adding our current manager address and our first object offset together
	$NextObject = _MemoryRead("0x" & Hex($currMgr + $FirstObjectOffset), $hWow , "dword")	
	
	;next get the object type buy adding our first object and our Objtype offset together  and reading that
	$ObjType = _MemoryRead("0x" & Hex($NextObject + $GameObjTypeOffset), $hWow , "dword")
	
	;If the return of object type is less than or equal to 7 (which it should always be) and more than 0 in the case that we do have an object in the list than do a while loop. 

	while (($ObjType <= 7) And ($ObjType > 0))
		;NOTE: if there is an object in the list, objType will have to be = 1 to 7
		; If our object plus the GUIDoffset = the GUID we are looking for (example our localplayer GUID) …
		
                IF (_MemoryRead("0x" & Hex($NextObject + $GameObjGUIDOffset), $hWow , "UINT64") = $guid) Then ; …then return our object
		
			Return $NextObject ;found what we wanted.
		EndIf


		;if no return happens (stays in the function) then cycle through the objects using our next object offset on our next object (might also be called current object)
		$NextObject = _MemoryRead("0x" & Hex($NextObject + $NextObjectOffset), $hWow , "dword")

 		;We will also need to see the type
		$ObjType = _MemoryRead("0x" & Hex($NextObject + $GameObjTypeOffset), $hWow , "dword")
	Wend

	;if we find nothing Return 0 (address are probably wrong or you messed up code)
	Return 0;
EndFunc
```

Excitingly enough, we can actually get the XYZ cords and rotation (in rad) of our player just from the return of this function and a few offsets. Back in the dump thread we can see that:


```
Under : 
internal enum WowObject
  X = 0x898,
  Y = X + 0x4,
  Z = X + 0x8,
  RotationOffset = X + 0x10
```

 (Posted by Arutha532) 

So…


```
…
Global Const $UnitPosXOffset = 0x898
Global Const $UnitPosYOffset = 0x898 + 0x4
Global Const $UnitPosZOffset = 0x898 + 0x8
Global Const $UnitRotationOffset = 0x8A8
…
$pObjectMemLoc = GetMemLocByGUID($pGUID)
; if we add
$pXPos = _MemoryRead("0x" & Hex($pObjectMemLoc + $UnitPosXOffset), $hWow , "float")
$pYPos = _MemoryRead("0x" & Hex($pObjectMemLoc + $UnitPosYOffset), $hWow , "float")
$pZPos = _MemoryRead("0x" & Hex($pObjectMemLoc + $UnitPosZOffset), $hWow , "float")
$pRotation = _MemoryRead("0x" & Hex($pObjectMemLoc + $UnitRotationOffset), $hWow , "float")
…
```

But I’ll go further into details about the XYZ and Rotation later.

--Descriptors:—

Now it is time for our descriptors (as you could probably tell). Remember our descriptors explain to us our object. This would mean that, assuming we have the offsets, it could tell us the health of the object, mana, rage, energy, stats, who it’s targeting (if unit), if it’s being attacked and so much more (check out the dump.) So let us look at a few of the simpler ones such as health. 

Let us, for now, get rid of the XYZR of our object and bring back to focus our Memloc function and its addresses. 



```
Global Const $ClientConnection = 0x8BF1A8
Global Const $CurMgrOffset = 0x462C 
Global Const $FirstObjectOffset = 0xB4 
Global Const $NextObjectOffset = 0x3C 
Global Const $PlayerGUID = 0xB8 

$PID = WinGetProcess("World of Warcraft") 
Global $WowBase = GetWoWBaseAddress($PID)


$hWow = _MemoryOpen($PID) 

; Params for our memoryread func is: _MemoryRead(Address,Handle,Type)

$currMgr_pre = _MemoryRead("0x" & Hex($WowBase + $ClientConnection), $hWow , "dword")
$currMgr = _MemoryRead("0x" & Hex($currMgr_pre + $CurMgrOffset), $hWow , "dword")
$pGUID = _MemoryRead("0x" & Hex($currMgr + $PlayerGUID), $hWow , "UINT64")
$pObjectMemLoc = GetMemLocByGUID($pGUID)
…
```

Okay now that we have our code a little cleaned up, let’s look at the descriptor offset. The descriptor offset is essentially telling the memory that we want to look at its descriptors now, so adding the descriptor offsets to this address will return us an address (if I am correct) and then we will be able to add our offsets to that address.

This address right now is: 0x8
And the address for our health (from the dump thread)is :
So now we can add this to our code : 


```
…
Global Const $PlayerHealthOffset = 0x68
Global Const $DescriptorOffset = 0x8
…
$pDescriptor = _MemoryRead("0x" & Hex($pObjectMemLoc + $DescriptorOffset), $hWow , "dword")
$pHealth = _MemoryRead("0x" & Hex($pDescriptor + $PlayerHealthOffset), $hWow ,"dword")
…
```

That should be enough for descriptors.
Now there is only one last thing I would like to show to all the little newbs that might be reading this.

And this is…..

--XYZR Manipulation:—
Back to this:


```
…
Global Const $UnitPosXOffset = 0x898
Global Const $UnitPosYOffset = 0x898 + 0x4
Global Const $UnitPosZOffset = 0x898 + 0x8
Global Const $UnitRotationOffset = 0x8A8
…
$pObjectMemLoc = GetMemLocByGUID($pGUID)
; if we add
$pXPos = _MemoryRead("0x" & Hex($pObjectMemLoc + $UnitPosXOffset), $hWow , "float")
$pYPos = _MemoryRead("0x" & Hex($pObjectMemLoc + $UnitPosYOffset), $hWow , "float")
$pZPos = _MemoryRead("0x" & Hex($pObjectMemLoc + $UnitPosZOffset), $hWow , "float")
$pRotation = _MemoryRead("0x" & Hex($pObjectMemLoc + $UnitRotationOffset), $hWow , "float")
…
```

This is mostly for people who do not know trigonometry. I’m not going to go into math because your programming language should have a function like this or at least the function to create this function.

This is of course, the ATan2 function. (of course…XD). In order to create this function we will at the very least need the ATan (Arc Tangent) function. But I do not feel like going into math so im going to keep it like this. If your language doesn’t have an ATan func (or ATan2) then go search up the math on google (for the ATan func) and then come meet me back here. 

In Autoit, we have an ATan function not an ATan2 function. With this ATan2 function we will be able to calculate the angle from one point to the other. After that if we use our player rotation and compare it to the angle from ATan2 we will then be able to rotate our player and run to our target point.

This is done by doing:_ATan2($targetY - $pYPos, $targetX - $pXPos)

I present to you ATan2:


```
Func _ATAN2(Const $NY, Const $NX)
	Const $NPI = 3.14159265358979 ;Pi
	Local $NRESULT
	If IsNumber($NY) = 0 Then ; Makes sure Y value is a number
		SetError(1)
		Return 0
	ElseIf IsNumber($NX) = 0 Then ; Makes sure X value is a number
		SetError(1)
		Return 0
	EndIf
	If $NX = 0 Then ; we would only need to turn 180 degrees or ½ pi (rad)
		If $NY > 0 Then 
			$NRESULT = $NPI / 2 
		ElseIf $NY < 0 Then
			$NRESULT = 3 * $NPI / 2
		Else ;if both x and y = 0 it would mean we were standing on our target spot
			SetError(2)
			Return 0
		EndIf
	ElseIf $NX < 0 Then
		$NRESULT = ATan($NY / $NX) + $NPI
	Else
		$NRESULT = ATan($NY / $NX)
	EndIf
	While $NRESULT < 0 ;we don’t like negative angles 
		$NRESULT += 2 * $NPI
	WEnd
	Return $NRESULT
EndFunc   ;==>_ATAN2
```

(From(because I was too lazy to make it myself): Atan2 Player Rotation - WoW Development 3.0.9)

After this you could the use a temp variable to store the difference between the player rotation and the angle returned and use it like so:


```
If $tempangle < $pi then
(Turn Left)
Else
(Turn right)
endif
```

The last little function I would like to share with you (it is very simple) is a function used to make sure your program is not comparing variables to closely. For example, the player x coord is a super long float so you would have to be too accurate to be dead on the target x position. This is a simple solution to that.



```
Func Around($sVal, $eVal, $bNum)

	If $sVal - $eVal < $bNum And $sVal - $eVal > (-$bNum) Then
		Return True
	Else
		Return False
	EndIf
EndFunc   ;==>Around
```

So when comparing Player x and y to Target x and y, you would go:


```
If Not Around($pXPos, $targetXY[0], 0.8) Or Not Around($pYPos, $targetXY[1], 0.8) Then
(blah blah bah)
endif
```

--Names (NEW!):—

Getting names from the World of Warcraft memory is relatively simple depending on what type of object you are trying to get it from. For example, getting the names from NPCs and object is pretty simple where as getting it from a player is complicated. In this portion i am not going to go into detail on how to get a players name but i will post code (to be honest i just copied and pasted code and changed things depending on what google and the forum said...porting from one language to another)

So lets start with NPCS. 

First id like to say that the dump unitname is not a descriptor address. I have made this mistake =D. Also id like you to note that instead of 1 offset, there are 2. This is different from all the other offsets we have seen so far but it is not anymore complicated than what we have previously seen. 

Now, you will start by adding your first offset (unitname1) to your objects memory location (returned by ur memloc function). Memory read this to get back an address (preferably store it in a variable maybe called $name1) and then add your 2nd offset to the memory address returned. This will also return an address. If you memory read that 1 more time (read it as a char) then you should get the name of that wow object (NPC)



```
;Declaring our Global Const variables
Global Const $UnitName1 = 0xA24
Global Const $UnitName2 = 0x60

Func _GetUnitName($fGUID)

; adding first name offset to memloc returned by memloc function
	$Name1 = _Memoryread(_GetObjectMemLocByGUID($fGUID) + $UnitName1, $wow, "dword")
;We get an address from this

;Next we add our second offset to our returned address 	
        $Name2 = _Memoryread($Name1 + $UnitName2, $wow, "dword")
;This again returns us an address

;Memory read that again and set the type as char [and an amount of characters]
	Return _MemoryRead($Name2, $wow, "char[20]")
EndFunc   ;==>_GetUnitName

;And you get the npcs name
```

For objects, it is pretty much the same code with different addresses.


```
Global Const $ObjName1 = 0x1CC
Global Const $ObjName2 = 0xB4

Func _GetObjectName($fGUID)
	$Name1 = _Memoryread(_GetObjectMemLocByGUID($fGUID) + $ObjName1, $wow, "dword")
	$Name2 = _Memoryread($Name1 + $ObjName2, $wow, "dword")
	Return _MemoryRead($Name2, $wow, "char[20]")
EndFunc   ;==>_GetObjectName
```

And lastly to get a players name, here is some copy-pasta:


```
;So you know what the hell the offsets are...
;BASE_STATIC_POINTER = 0x89ACC0 + 0x8;
; MASK_OFFSET = 0x024;            
;BASE_OFFSET = 0x01c;            
;STRING_OFFSET = 0x020
;...below

Func _GetPlayerName($fGUID = $pGUID)

	$mask = _MemoryRead($WowBase + 0x89ACC0 + 0x8 + 0x024, $wow)
	$base = _MemoryRead($WowBase + 0x89ACC0 + 0x8 + 0x01c, $wow)

	$shortGUID = BitAND($fGUID, 0xffffffff)
	if ($mask = 0xffffffff) Then
		Return ""
	EndIf

	$offset = 12 * BitAND($mask, $shortGUID)
	$current = _MemoryRead($base + $offset + 8, $wow)
	$offset = _MemoryRead($base + $offset, $wow) 
	if (BitAND($current, 0x1) = 0x1) Then

		Return ""
	EndIf

	$testGUID = _MemoryRead($current, $wow)

	while ($testGUID <> $shortGUID)

		$current = _MemoryRead($current + $offset + 4, $wow)
		if (BitAND($current, 0x1) = 0x1) Then
			Return ""
		EndIf
		$testGUID = _MemoryRead($current, $wow)
	WEnd
	Return _MemoryRead($current + 0x020, $wow, "char[20]")
EndFunc   ;==>_GetPlayerName
```

--Conclusion:—

I hope this has helped at least a few people in their journey to making bots. This took me a few days to make (switching between watching awesome movies/ tv shows to working on this). If you actually took the time to read all this, you are amazing and should have a pretty good idea of whats going on … unless I suck at making guides.

Um… Remember to do some searching on your own and to play around with this stuff. Practice makes perfect and I’m sure we would all like some awesome bots to play this game for us because we are too damn lazy to do it ourselves. Thanks for reading and goodluck! ^_^

If there is anything wrong with any of the information, you have something to add or you need something better explained please let me know and I will correct.

And if I'm totally wrong, laugh and ridicule me until i cry myself to sleep because i could use a good nights rest.

One last thing!... The mystery man that helped me figure all this out is Megamike55. Thanks again man i really appreciate it! Purple just for you!

----------


## Razkaz

Amazing work! +rep!
BTW. what language is best to wright a bot in C++ or C#? [not autoit]

----------


## Cypher

> Amazing work! +rep!
> BTW. what language is best to wright a bot in C++ or C#? [not autoit]


Which fruit tastes better, apples or oranges?

----------


## -Ryuk-

> Which fruit tastes better, apples or oranges?


Oranges ofc  :Big Grin: 

On Topic:

C# and C++ are both good.
I use C# because I prefer it, As Cypher already said, use what you prefer.

----------


## ~OddBall~

amazing job man +Rep x5! (I think)

----------


## teufel123

thanks mate this realy helped me !

----------


## arn

Damn, here I am thinking "I'd love to learn to program a wow bot, but I have no idea where to start!" now I've got no excuses!

Thanks!

----------


## _Mike

Well written informative post. Good job.
Also good to see someone new contributing stuff here instead of just asking for handouts. You have restored my faith in the community a bit with this  :Smile:

----------


## Syltex

great explaination!! +rep
Tip: Make a New row before commenting (makes it more readable)

Offtropic: Aaawh nice chyper just lost the tiny respect i had for you when you -reped me.

----------


## ~OddBall~

> great explaination!! +rep
> Tip: Make a New row before commenting (makes it more readable)
> 
> Offtropic: Aaawh nice chyper just lost the tiny respect i had for you when you -reped me.


umm his response was perfectly valid, it's all a matter of opinion and what you need it for etc. maybe if you want vitamin C you'd go oranges but if you don't need it then you might go Apples.
butt hurt much?

----------


## Baaja

Very nice blog post man. I have always wondered about producing a bot in WoW. Now I understand the basics. +rep

----------


## gononono64

I added more colors and indentations for more ease of reading ^_^

----------


## Syltex

> umm his response was perfectly valid, it's all a matter of opinion and what you need it for etc. maybe if you want vitamin C you'd go oranges but if you don't need it then you might go Apples.
> butt hurt much?


Oh, i explained that horrible sorry.
Chypers statement in this thread was _A+_.
And about the respect thingy, i was referring to another thread when he -reped me.
The tip was ment to thread starters code.

----------


## noctural

Nice job. +rep

----------


## snigelmannen

> Hi! My name is Devon 
> And if I'm totally wrong, laugh and ridicule me until i cry myself to sleep because i could use a good nights rest.[/COLOR]


Get 1 - 2 bottles of Stroh 80 and chug those down or get some Benzo  :Smile:

----------


## Megamike55

gononono64: I had a few doubts about whether I was just feeding a leecher or not when I helped you... but I'm glad I did. Glad I could help. This is a helpful post. Good job

This kind of goes to say, maybe next time you see a newb asking easy questions on here, try and help them out at least a bit. It could turn out that they turn around and do something useful.

----------


## Megamike55

> For example, the player x coord is a super long int so


Actually its a float. Thats the only error I found in your post. Good job again.

----------


## newmerlin

wow it's very awesome guide!!!!

thank you very much!!

----------


## junsen313

You did grate job Devon,thank you so much.and i have a small suggest,can you wirte multi version of the code in your post,like C++,C#,Vb net?because i just konw a little VB,and i think most of other newbs did't know Autoit.or anybody know both Autoit and VB/C#/C++ can help Devon?if it done it's really for newbs!Forgive my poor english.

----------


## Syltex

Getting unit name:


```
$temp_name = _MemoryRead(_Memoryread(_memoryread($curObject + $unitName1,$wow,"uint") + $unitName2,$wow,"uint"), $wow, "char[32]")
```


EDIT:
You forgot to declare " $GameObjGUIDOffset"

----------


## ~OddBall~

> You did grate job Devon,thank you so much.and i have a small suggest,can you wirte multi version of the code in your post,like C++,C#,Vb net?because i just konw a little VB,and i think most of other newbs did't know Autoit.or anybody know both Autoit and VB/C#/C++ can help Devon?if it done it's really for newbs!Forgive my poor english.


At the start of the post he said he only knows Autoit. He also said you need to know your language, if you knew your language even on a basic level this would be very easy to port

----------


## gononono64

lol actually i do know tiny amounts of c++ and when i finish learning it i plan to make a second post with all the autoit converted to c++. But it is true that i did say you need to know at least one language because if you do you should have no trouble translating my code into your own, with a little bit of google if needed.

----------


## Syltex

To complete the guide could you write about getting the names by a certain GUID?

----------


## maxyto

Wow! u are a really nice person! hahaha is very interesting this topic, thanks for share!!!!

----------


## apokalyps

It's not a guide for complete newbs if you have to know the language of a coding, but anyways for those who KNOW a language this may be very helpful.
+rep for that and for the effort.
Sadly I do not know a language yet so this guide didn't help me.

----------


## gononono64

> It's not a guide for complete newbs if you have to know the language of a coding, but anyways for those who KNOW a language this may be very helpful.
> +rep for that and for the effort.
> Sadly I do not know a language yet so this guide didn't help me.


Lmao.. you cant expect to make a program without a language. When i say complete newbs i mean a person who has never dove into world of warcraft memory. A person who has never manipulated memory in anyway. If you expect to be able to make a bot without a language or you don't want to take the time to learn a language than you don't deserve to learn anything from this post.

You cannot just walk into something like this and expect to have it done within a day. Go learn a language then tell me if this is for complete newbs.
On the other hand if you do are serious and want to start somewhere Autoit is a very good beginner language (IMO) and it will allow you to get a lot of concepts down(search youtube for autoit tutorials). After you take some time and you understand what is (for the most part) happening, go learn a oop language such as java, C++(my favorite) C#, etc.

----------


## KlaAz0r

Amezing! really really good

----------


## _Mike

Found some mistakes while reading through this..


```
$pGUID = _MemoryRead("0x" & Hex($currMgr + $PlayerGUID), $wow, "ulong")
...
IF (_MemoryRead("0x" & Hex($NextObject + $GameObjGUIDOffset), $wow, "dword") = $guid) Then ; …then return our object
```

Guids are 64-bit. You're only reading 32.

----------


## gononono64

> Found some mistakes while reading through this..
> 
> 
> ```
> $pGUID = _MemoryRead("0x" & Hex($currMgr + $PlayerGUID), $wow, "ulong")
> ...
> IF (_MemoryRead("0x" & Hex($NextObject + $GameObjGUIDOffset), $wow, "dword") = $guid) Then ; …then return our object
> ```
> 
> Guids are 64-bit. You're only reading 32.


hopefully i got it all. I have not done it this way so this is now untested. But i dont see why it wouldnt work.

----------


## Cypher

> Oranges ofc 
> 
> On Topic:
> 
> C# and C++ are both good.
> I use C# because I prefer it, As Cypher already said, use what you prefer.


Sorry, but apples are definitely the way to go.  :Wink:

----------


## gononono64

> Sorry, but apples are definitely the way to go.


I agree, just like an apple, c++ is delicious.

----------


## xMythx

Thank you for the awsome guide!

----------


## IceFire32

Nice guide, except the point that GETWOWBASEADDRESS wasn't written by your friendly helper, but by me ;p The code you got there seems to be decompiled from WoWtf (capslock variablenames and so on) . I originally wrote this function for jonny when 4.0.1 gone live.

paste-code - easily share snippets. - by Anonymous

Here is the real version, looks ways nicer like this if you ask me  :Wink: 

However, don't wanna cry around for such a basic function, nice guide, +rep!

Edit: Apples > Oranges ;O

----------


## -Ryuk-

> Sorry, but apples are definitely the way to go.


I love you Cypher! xD

+Rep 

or not...

You must spread some Reputation around before giving it to Cypher again.

----------


## gononono64

> Nice guide, except the point that GETWOWBASEADDRESS wasn't written by your friendly helper, but by me ;p The code you got there seems to be decompiled from WoWtf (capslock variablenames and so on) . I originally wrote this function for jonny when 4.0.1 gone live.
> 
> paste-code - easily share snippets. - by Anonymous
> 
> Here is the real version, looks ways nicer like this if you ask me 
> 
> However, don't wanna cry around for such a basic function, nice guide, +rep!
> 
> Edit: Apples > Oranges ;O


Fair enough... it was sent to me from him but if this is your code i give you full credit for it. And thank you for it. It has been a great help to myself and im sure many others aswell  :Big Grin:

----------


## Cypher

> Nice guide, except the point that GETWOWBASEADDRESS wasn't written by your friendly helper, but by me ;p The code you got there seems to be decompiled from WoWtf (capslock variablenames and so on) . I originally wrote this function for jonny when 4.0.1 gone live.
> 
> paste-code - easily share snippets. - by Anonymous
> 
> Here is the real version, looks ways nicer like this if you ask me 
> 
> However, don't wanna cry around for such a basic function, nice guide, +rep!
> 
> Edit: Apples > Oranges ;O


AutoIt is disgusting imo, so I didn't look very closely, but at a glance it seems like your code leaks the snapshot handle if the WoW process isn't found.

Also, in your call to 'CreateToolhelp32Snapshot' you embed the constant 0x8. Give it a damn name! Magic numbers are so annoying when you're reading someone elses code.

----------


## gononono64

K quick fix(to his function):


```
Func GetWoWBaseAddress($PID = 0); <--You do not have to enter a pid at the same time wingetprocess might not necessarily have a failure.
	If $PID = 0 Then
		$PID = WinGetProcess("World of Warcraft", "")
	EndIf

	If $PID <> -1 Then ;<--Failure of wingetprocess is -1
		$hSnap = DllCall("Kernel32.dll", "HANDLE", "CreateToolhelp32Snapshot", "DWORD", 0x8, "DWORD", $PID)

		; Create MODULEENTRY32 structure
		$stModule = DllStructCreate("DWORD dwSize;DWORD th32ModuleID;DWORD th32ProcessID;" & _
				"DWORD GlblcntUsage;DWORD ProccntUsage;ptr modBaseAddr;" & _
				"DWORD modBaseSize;HANDLE hModule;WCHAR szModule[256];" & _
				"WCHAR szExePath[260]")
		DllStructSetData($stModule, "dwSize", DllStructGetSize($stModule)) ; Set size

		$ret = DllCall("Kernel32.dll", "BOOLEAN", "Module32FirstW", "HANDLE", $hSnap[0], "ptr", DllStructGetPtr($stModule))

		If ($ret[0] = False) Then
			DllCall("Kernel32.dll", "BOOLEAN", "CloseHandle", "HANDLE", $hSnap[0])
			Return 0
		Else
			$ret[0] = True

			Do
				If DllStructGetData($stModule, "szModule") = "Wow.exe" Then
					DllCall("Kernel32.dll", "BOOLEAN", "CloseHandle", "HANDLE", $hSnap[0])
					Return DllStructGetData($stModule, "modBaseAddr")
				EndIf

				$ret = DllCall("Kernel32.dll", "BOOLEAN", "Module32NextW", "HANDLE", $hSnap[0], "ptr", DllStructGetPtr($stModule))
			Until $ret[0] = False
		EndIf
	Else
		MsgBox(0, "Error", "Process not found")
		Exit
	EndIf
EndFunc   ;==>GetWoWBaseAddress
```

And your right magic numbers are stupid ^_^

----------


## IceFire32

> AutoIt is disgusting imo, so I didn't look very closely, but at a glance it seems like your code leaks the snapshot handle if the WoW process isn't found.
> 
> Also, in your call to 'CreateToolhelp32Snapshot' you embed the constant 0x8. Give it a damn name! Magic numbers are so annoying when you're reading someone elses code.


You're right (like nearly always ;p), it leaked the handle and au3 is disgusting, I don't use it myself, "apples" ftw. Like I said before, I wrote it for jonny.

paste-code - easily share snippets. - by Ende!

Fixed version.

----------


## gononono64

> You're right (like nearly always ;p), it leaked the handle and au3 is disgusting, I don't use it myself, "apples" ftw. Like I said before, I wrote it for jonny.
> 
> paste-code - easily share snippets. - by Ende!
> 
> Fixed version.


I think my fix is a little more convenient because it can tell the difference between if the process is not found and if you did not put in a PID for the function. It would help with fixing bugs IMO. Either way it fixes the leak XD

And thanks again for the function it's awesome! ^_^

----------


## bad6oy30

> Also, in your call to 'CreateToolhelp32Snapshot' you embed the constant 0x8. Give it a damn name! Magic numbers are so annoying when you're reading someone elses code.


Hooker.cpp - hadesmem - Project Hosting on Google Code:
PVOID pPresent = pSwapChainVMT[8];

I love how it's 8

----------


## namreeb

> Hooker.cpp - hadesmem - Project Hosting on Google Code:
> PVOID pPresent = pSwapChainVMT[8];
> 
> I love how it's 8


Apples and oranges.

----------


## Cypher

> Hooker.cpp - hadesmem - Project Hosting on Google Code:
> PVOID pPresent = pSwapChainVMT[8];
> 
> I love how it's 8


The code you're referencing is part of a PoC project. I use some very nasty very awful hacks in parts of the injected portion of Hades at the moment. The project is in the alpha stage at the moment and so it's alpha quality code, I make no apologies for that.

I was previously using COM interface wrapping, but then ditched that and changed to detours because of problems with IDXGIFactory1 creation. However, you already knew that, because I told you in a PM when you were asking for my help with your DX11 hooking. You obviously just want to be obnoxious.

That being said, the left hand side of the assignment will tell you exactly what that magic number is (Present's VMT index), whereas in the code above I was critiquing the only way to know what the magic number represented was to refer to MSDN.

----------


## kynox

> Hooker.cpp - hadesmem - Project Hosting on Google Code:
> PVOID pPresent = pSwapChainVMT[8];
> 
> I love how it's 8





> Pwnage


You know, if you poke a homosexual dinosaur.. it's quite likely that the dinosaur, after years of sexual frustration and accumulated rage may be inclined to anally ravage you.

----------


## Cypher

> You know, if you poke a homosexual dinosaur.. it's quite likely that the dinosaur, after years of sexual frustration and accumulated rage may be inclined to anally ravage you.


Your sister stopped putting out. I think it's her time of the month.

----------


## suicidity

Destroyed.

----------


## TypeForth

You sir have done a Great Job, I bet a lot of people will be redirected to this thread when Cypher rages them.

----------


## Bananenbrot

> You sir have done a Great Job, I bet a lot of people will be redirected to this thread when Cypher rages them.


At first I thought this referred to the start post  :Big Grin:

----------


## gononono64

> At first I thought this referred to the start post


What? am i missing something?

----------


## Bananenbrot

I didn't mean to say anything against you^^ 
Your post is really helpful, but what made me laugh was that TypeForth's post equally applies to your guide as to the conversion on the end of page 3.

----------


## gononono64

> I didn't mean to say anything against you^^ 
> Your post is really helpful, but what made me laugh was that TypeForth's post equally applies to your guide as to the conversion on the end of page 3.


About Kynox's sister not putting out XD? And don't worry im not offended or anything (because there is nothing there to offend). I, however, dont see how his comment related to that but that because im retarded and program in autoit!

----------


## bad6oy30

> However, you already knew that, because I told you in a PM when you were asking for my help with your DX11 hooking. You obviously just want to be obnoxious.


Being (very) grateful for your help and being obnoxious are not mutually exclusive.

----------


## gononono64

> Being (very) grateful for your help and being obnoxious are not mutually exclusive.


What in the hell does that have to do with my thread?

----------


## Cypher

> Being (very) grateful for your help and being obnoxious are not mutually exclusive.


Obviously not, however common courtesy would usually dictate that you should exercise some self-control.

----------


## gononono64

Bump for new stuff (names!!!)

----------


## Bioaim

Hi, i read this tutorial and it's amazing. Thank you for that. + 
But i have a Problem, if i want to read out my players health, i get 0 returned. here is my code:



```
#include <NomadMemory.au3>


;The first 2 are you create you manager from the baseaddress wow
Global Const $ClientConnection = 0x8BF1A8
Global Const $CurMgrOffset = 0x462C 
;The next one is to get the address of your first object ONLY
Global Const $FirstObjectOffset = 0xB4 
;To cycle through the object you need this offset
Global Const $NextObjectOffset = 0x3C 
Global Const $PlayerGUID = 0xB8 
;This next one is to find the objects type : 1 to 7 
Global Const $GameObjTypeOffset = 0x14
;And this one is to find the objects GUID
Global Const $GameObjGUIDOffset = 0x30


Global Const $UnitPosXOffset = 0x898
Global Const $UnitPosYOffset = 0x898 + 0x4
Global Const $UnitPosZOffset = 0x898 + 0x8
Global Const $UnitRotationOffset = 0x8A8



Global Const $PlayerHealthOffset = 0x68
Global Const $DescriptorsOffset = 0x8

$PID = 0
$PID = ProcessExists("wow.exe")

if $PID = 0 Then
	msgBox(1,"Error", "WoW has to be running.")
	Exit
Else
	$WoWBase = GetWoWBaseAddress($PID)
	$Handle = _MemoryOpen($PID)
EndIf

$currMgr_pre = _MemoryRead("0x" & Hex($WoWBase + $ClientConnection), $Handle, "dword")
$currMgr = _MemoryRead("0x" & Hex($currMgr_pre + $CurMgrOffset), $Handle, "dword")
$pGUID = _MemoryRead("0x" & Hex($currMgr + $PlayerGUID), $Handle, "UINT64")

$pObjectMemLoc = GetMemLocByGUID($pGUID)

$pDescriptor = _MemoryRead("0x" & Hex($pObjectMemLoc + $DescriptorsOffset), $Handle, "dword")
$pHealth = _MemoryRead("0x" & Hex($pDescriptor + $PlayerHealthOffset), $Handle, "dword")

MsgBox(1,"Spieler-Status", "Gesundheit :" & $pHealth)






Func GetMemLocByGUID($guid)
	$NextObject = _MemoryRead("0x" & Hex($currMgr + $FirstObjectOffset), $Handle , "dword")	
	$ObjType = _MemoryRead("0x" & Hex($NextObject + $GameObjTypeOffset), $Handle , "dword")
	
	while (($ObjType <= 7) And ($ObjType > 0))
		IF (_MemoryRead("0x" & Hex($NextObject + $GameObjGUIDOffset), $Handle , "UINT64") = $guid) Then 
		
			Return $NextObject ;found what we wanted.
		EndIf
		$NextObject = _MemoryRead("0x" & Hex($NextObject + $NextObjectOffset), $Handle , "dword")
		$ObjType = _MemoryRead("0x" & Hex($NextObject + $GameObjTypeOffset), $Handle , "dword")
	Wend
	Return 0;
EndFunc
```

I hope someon can help me. 

greez

----------


## gononono64

> $PID = ProcessExists("wow.exe")



needs to be this:




> $PID = WinGetProcess("World of Warcraft")


just because autoit is picky XD...

----------


## wag321

How do you get these addresses from the data in the infodump?
Global Const $GameObjTypeOffset = 0x14
Global Const $GameObjGUIDOffset = 0x30
I can't fin them

----------


## xalcon

well, those offsets don't change that often, since they are part of a struct... When you want to find them on your own, you have to learn how to get those struct-layouts (i.e.: use a disassembler, like IDA Free) or look into older postings

----------


## wag321

Thanks Xalcon, and huge thanks gononono64, although my I'm now in process this was a fantastic starting place.

----------


## Robzz

I knew most of that stuff, but you just taught me the few things i needed to actually get things started... Amazing work mate, +rep.

----------


## Require

I really appreciate it. Though I'm going to code in C# this still helped me getting a little familiair with all terms :-)

----------


## cordes96

How do you Coded a Premade bot like Lazybot evo and Change its Wow version like go from 4.3.2 to 4.3.3 because i have some knowledge on VB and C# and alittle C++ just enough to get by. this is my first time in actually wanting to learn how to do this. now would this be the wow base or memory reading. or would i have to recreate everyting

----------


## alkololl

Hey i am new to bot programming, but not to programming (4yrs knowledge)

i have a problem to the following code. It's for getting the client connection, but i dont know if it is right the way i did it, neither what i probably did wrong.
here is my code in c++



```
#include <windows.h>
#include <tlhelp32.h>
#include <iostream>
#include <string>

using namespace std;

const DWORD ClientConnection = 0x625190;//0x9BC9F8
const DWORD CurMgrOffset = 0x463C;

const DWORD FirstObjectOffset = 0xC0;
const DWORD NextObjectOffset = 0x3C;
const DWORD PlayerGUID = 0xC8;

const DWORD GameObjTypeOffset = 0x10;

DWORD GetPidFromProcessName(string szProcessName)
{
	HANDLE hSnap;
	HANDLE hTemp;
	PROCESSENTRY32 pe;
	
	hSnap = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
	pe.dwSize = sizeof(PROCESSENTRY32);
	
	if (Process32First(hSnap, &pe))
	{
		while (Process32Next(hSnap, &pe))
		{
			hTemp = OpenProcess(PROCESS_ALL_ACCESS, 0, pe.th32ProcessID);
			if (hTemp)
			{
				if (strcmp(pe.szExeFile, szProcessName.c_str()) == 0)
				{
					return pe.th32ProcessID;
				}
			}
			CloseHandle(hTemp);
		}
	}
	
	CloseHandle(hSnap);
	return 0;
}

DWORD GetWowBaseAddress(DWORD pid)
{
	HANDLE hSnap;
	HANDLE hTemp;
	MODULEENTRY32 me;
	DWORD baseAddress = 0;
	
	hSnap = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE, pid);
	me.dwSize = sizeof(MODULEENTRY32);
	
	if (Module32First(hSnap, &me))
	{
		baseAddress = (DWORD) me.modBaseAddr;
	}
	
	CloseHandle(hSnap);
	return baseAddress;
}

int main(int argc, char *argv[])
{
	DWORD wowPid;
	DWORD baseAddr;
	
	wowPid = GetPidFromProcessName("Wow.exe");
	if (wowPid != 0)
	{
		HANDLE wowProcess;
		DWORD clientConn;
		
		cout << "wow found: [" << wowPid << "]\n";
		baseAddr = GetWowBaseAddress(wowPid);
		cout << "base address: " << baseAddr << "\n";
		
		wowProcess = OpenProcess(PROCESS_ALL_ACCESS, 0, wowPid);
		ReadProcessMemory(wowProcess, (LPCVOID) (baseAddr + ClientConnection), (void*) clientConn, sizeof(DWORD), 0);
		
		cout << "client conn: " << clientConn << "\n";
	}
	else
	{
		cout << "wow NOT found!\n";
	}
	system("PAUSE");
	return EXIT_SUCCESS;
}
```

----------


## jdphoto28

The best way to learn code if you have never even typed a single line out by yourself and manipulated an object, is to start with excel formulas. It is mostly math, but it quickly teaches you "If...Then" statements and other nifty stuff. You can learn a sufficent amount of excel in a single day. After learning a little excel, the next best way to learn how something works is to read a small portion of a beginner's book that is respective to the language you would like to learn. For example: Visual Basic 2005 edition's beginner book start out with how to make an object interact with you via a button control. ("Hello, World!"). After you get through about 6 chapters in the beginners book, you should then understand quite a bit about the basics. Find code online made from others (code that only runs small programs in a GUI and try to recreate their program by copying and pasting the code into a project. Then look through the code and figure out which objects you need to make the program work and rename the objects so that the code controls them. This is will get you accustomed to reading code and picking stuff out of it. After you can do this, try making a few programs that do small things...such as a calculator (which isn't that advanced if you make a basic calculator). 

In my opinion Visual Basic is by far the easiest language to use and learn. There are far less symbols used ([email protected]#$%^&*`[] :Wink: . Symbols are very intimidating to beginners. 

If you can manipulate excel formulas by using your system's current time, it is probably time to move on from excel to a real language. 

Lastly, all beginners should be highly aware of viruses such as keyloggers. This is the coding world afterall; you're basically bringing your computer into a world of germs.

----------


## harrycarry

> Hey i am new to bot programming, but not to programming (4yrs knowledge)
> 
> i have a problem to the following code. It's for getting the client connection, but i dont know if it is right the way i did it, neither what i probably did wrong.
> here is my code in c++
> 
> 
> 
> ```
> #include <windows.h>
> ...



The client connection is: 0x9BC9F8
The gameobjTypeOffset is: 0x14
The PlayerGUID is a 64 bit int so make sure to put it into the proper size.

So you'd want to go from:

wow's base address + the client connection into a variable.
That variable + the local player's guid offset into another variable.
That new variable + first objects offset ... so on and so on.

----------


## Halfsideways

Hi I have been programming for over 5 years, but I am currently new to bot programming.

I tried to remake the method in the AutoIT example and for some reason I cannot get the memory location by GUID to work... it keeps returning 0 here is my function


```
       
        public uint getMeMLocByGUID(UInt64 guid)
        {
            IntPtr baseWoW = wow.MainModule.BaseAddress;//Gets Base Address
            uint currMgr_pre = wow.ReadUInt((uint)baseWoW + (uint)Offsets.ObjectManagerOffsets.ClientConnection);
            uint currMgr = wow.ReadUInt(currMgr_pre + (uint)Offsets.ObjectManagerOffsets.CurrentManager);
            UInt64 pGUID = wow.ReadUInt(currMgr + (uint)Offsets.Player.MyGUID);

            uint nextObj = wow.ReadUInt(currMgr + (uint)Offsets.ObjectManagerOffsets.FirstObject);
            uint objType = wow.ReadUInt(nextObj + (uint)Offsets.ObjectManagerOffsets.ObjectType);

            while ((objType <= 7) && (objType > 0)) // problems in this loop
            {

                if (wow.ReadUInt64((uint)nextObj + (uint)Offsets.ObjectManagerOffsets.objGUIDOffset) == guid)// <- this line does ever evaluate to true
                {
                    return nextObj;
                }

                nextObj = wow.ReadUInt((uint)nextObj + (uint)Offsets.ObjectManagerOffsets.NextObject);

                objType = wow.ReadUInt((uint)nextObj + (uint)Offsets.ObjectManagerOffsets.ObjectType);

            }
            return 0;
        }
```

Any sugguestions?

----------

