I have source code for a project that inspects a game's memory values. The thing I don't understand is this: How did the author so precisely determined the type and location of these values? For example, here's a struct he defined:
typedef struct { UInt16 times_used; // 0x0 UInt16 token; // 0x2 SInt16 previous_id; // 0x4 SInt16 next_id; // 0x6 SInt32 model; // 0x8 char unknown00[0x1B]; // 0xC UInt8 player_owner; // 0x27 char unknown01[0x18]; // 0x28 UInt32 position_x; // 0x40 UInt32 position_y; // 0x44 char unknown02[0x1F]; // 0x48 UInt32 death_type; // 0x69 char unknown03[0x7]; // 0x6D UInt32 destination_x; // 0x74 UInt32 destination_y; // 0x78 char unknown04[0x84]; // 0x7C UInt32 health_damage; // 0x100 UInt32 shield_damage; // 0x104 UInt32 energy_damage; // 0x108 char unknown05[0x74]; // 0x10C} Unit;He looks for it at this address 0x3BC2060 and it's size is 0x8B8. I ran the program and watch the memory at this location, and sure, I could identify some things like the name property, but how did he find this out so precisely?
Thanks.