"when you finally find the value and your sure its your health , find out what access it
jump to that location ( of the offset that is actually changing it , usually a float store [fstp] sometimes a double , mostly int or dword though warband is uncommon in most aspects actually )
now we have this address that is changing health
fstp [ebx+6000] ( local )
ok now you see the ebx .. ( ignore the + 6000 as its irrelivant at this point )
the ebx is what is known as the base .. or local , or local player pointer , this ebx is pointing to the start of you , ie your player' - mrmedic
this is confusing, looking at the addresses I posted I don't see anything that says this "fstp [ebx+6000] ( local )" there is no ebx+6000, there are ebp and the other prefixes, as well as 00006000 but there is no ebx or +6000
but then worm on the otherhand said "fst dword ptr [esi+00006000] (Static Addr : mb_warband.exe+D25F4)
ESI - > Base
Base + 0x6000 - > Health.
"
005D956D - D9 85 00600000 - fld dword ptr [ebp+00006000] ebp .. points to your local ( base )... the +6000 is the offset from you to health address.
well done btw you are getting there , keep trying.
Thanks. Do you know how to find the X,Y,Z coordinates of my player? I think finding Z would be easy, just go on a flat map and jump on a box and search for a value that increased.
But X and Y seems like itd take a really long time.
just to clarify, 005D956D is the pointer to the dynamic health address right?
btw im doing all of this on a multiplayer server is that alright or should I take it offline?
double edit: just got it down to 19 addresses from moving ot other parts of the map
still stuck at 19 addresses..... but I think this dynamic address might be it 01D9948C
these are what accesses it
0046D3F0 - 89 15 8894D901 - mov [mb_warband.exe+1999488],edx
0046D3F6 - 8B 48 08 - mov ecx,[eax+08]
0046D3F9 - 89 0D 8C94D901 - mov [mb_warband.exe+199948C],ecx <<
0046D3FF - 8B 50 0C - mov edx,[eax+0C]
0046D402 - 8D 44 24 20 - lea eax,[esp+20]
EAX=0314F85C
EBX=0087B3F0
ECX=4023D700
EDX=43A0570A
ESI=00DE0658
EDI=00000000
ESP=0314F850
EBP=00DE0658
EIP=0046D3FF
004E95C7 - 8B 0D 8894D901 - mov ecx,[mb_warband.exe+1999488]
004E95CD - 89 4B 44 - mov [ebx+44],ecx
004E95D0 - 8B 15 8C94D901 - mov edx,[mb_warband.exe+199948C] <<
004E95D6 - 89 53 48 - mov [ebx+48],edx
004E95D9 - A1 9094D901 - mov eax,[mb_warband.exe+1999490]
EAX=43ABA666
EBX=52825E18
ECX=43A0570A
EDX=4023D700
ESI=0763B600
EDI=0005BE00
ESP=0314F7D0
EBP=0314F85C
EIP=004E95D6
triple editI just found 4 dynamic addresses that decrease when I crouch are these the ones I need for the Z coordinate? The address I posted above I think had to do with how high I was on the mapThese are from the 4 dynamic addresses that decreased when I crouched
00473F54 - 05 28020000 - add eax,00000228
00473F59 - B9 8A000000 - mov ecx,0000008A
00473F5E - 81 C2 28020000 - add edx,00000228 <<
00473F64 - F3 A5 - repe movsd
00473F66 - 3B C5 - cmp eax,ebp
EAX=4F9C6700
EBX=00DD8DF0
ECX=00000078
EDX=4F9C64D8
ESI=4F9C6520
EDI=4F9C62F8
ESP=0314F85C
EBP=4F9C6700
EIP=00473F64
00473F54 - 05 28020000 - add eax,00000228
00473F59 - B9 8A000000 - mov ecx,0000008A
00473F5E - 81 C2 28020000 - add edx,00000228 <<
00473F64 - F3 A5 - repe movsd
00473F66 - 3B C5 - cmp eax,ebp
EAX=4F9C6700
EBX=00DD8DF0
ECX=00000074
EDX=4F9C64D8
ESI=4F9C6530
EDI=4F9C6308
ESP=0314F85C
EBP=4F9C6928
EIP=00473F64
00473249 - 56 - push esi
0047324A - 8B 74 24 10 - mov esi,[esp+10]
0047324E - B9 8A000000 - mov ecx,0000008A <<
00473253 - F3 A5 - repe movsd
00473255 - 5E - pop esi
EAX=0314F054
EBX=00DE807C
ECX=00000078
EDX=0314F054
ESI=0314F09C
EDI=4F9C6520
ESP=0314E994
EBP=0314E9C4
EIP=00473253
00473F54 - 05 28020000 - add eax,00000228
00473F59 - B9 8A000000 - mov ecx,0000008A
00473F5E - 81 C2 28020000 - add edx,00000228 <<
00473F64 - F3 A5 - repe movsd
00473F66 - 3B C5 - cmp eax,ebp
EAX=4F9C6700
EBX=00DD8DF0
ECX=00000074
EDX=4F9C64D8
ESI=4F9C6530
EDI=4F9C6308
ESP=0314F85C
EBP=4F9C6700
EIP=00473F64
00473249 - 56 - push esi
0047324A - 8B 74 24 10 - mov esi,[esp+10]
0047324E - B9 8A000000 - mov ecx,0000008A <<
00473253 - F3 A5 - repe movsd
00473255 - 5E - pop esi
EAX=0314F054
EBX=00DE807C
ECX=00000074
EDX=0314F054
ESI=0314F0AC
EDI=4F9C6530
ESP=0314E994
EBP=0314E9C4
EIP=00473253
These are all that access the addresses
so when standing on completley flat land, my player height is set at 77, if I go up a hill, 2 of the dynmaic address values will change slightly to 78 or 79.
but no matter where I am, when i crouch, two addresses go to 4 and two go to 6