AionInterface.dll

[0x00.NiNJA]

I am currently working on the offset list. I have finally grasped how to disassemble DLLs and find memory offsets (thank you PokemonGoDev! subbreddit).

I have edited this post to fit the needs of the nature of this all. I have linked the source code and a link to a GIST ( temporary files used for finding the values)

If anyone has any info in regards to finding, holla at me. I know HOW to get everything, not exactly WHAT entry point I'm looking for!

To further engage this all, I have made a Discord for it:

Aion Script Discord -
and
AionInterface (Github) -

[kakafr60]

Quote:

Originally Posted by 0x00.NiNJA

I am currently working on the offset list. I have finally grasped how to disassemble DLLs and find memory offsets (thank you PokemonGoDev! subbreddit).

Here are the offsets I think are relevant!



If anyone has any info in regards to finding, holla at me. I know HOW to get everything, not exactly WHAT entry point I'm looking for!

hello ninja i don't find where i can change the offsets in the aionscript folder can you help me ?
or if your AS work give a link for download your aionscript folder or your interface.dll because i don't understand anything what is writing on your link xD

[0x00.NiNJA]

I am working on it. I have cleaned up the code and started to edit the XML file. I currently know how to disassemble and disect the HEX values, my only problem is, how to find the EXACT hex value? All the videos show me is how to do it but...



He chooses the second last HEX value, why this one, how does he know its right?

My second problem is OS related. I only have win64, CHeatEngine debugger doesn't work, it crashes, even if i use bin32.

[metsez17]

I'd better hope it would do

[tentrust]

cheatengine 6.6 works with win64 and aion32 bit ... make sure u use int3 and VEH in the settings.

[AionScript]

pathetic xD

[0x00.NiNJA]

I know man but I have to start somewhere
sorry Sir

[nucular1]

I recommend you the following:

Download 4.9 Client / 4.9 Private Server
For 4.9 Emulator/Server check:

Now you have the 4.9 correct offsets and you can start to find them and validate them.
After you understand how to get them, you can start working on Aion 5.1 Offsets.

[fr0zensm0ke]

Quote:

Originally Posted by AionScript

pathetic xD

I know there's a lot of people complaining about the discontinued support of AS, many of whom are impatient and unwilling to do little more than download a couple of files to get their bots/hacks to work properly...

However, I don't really see why you'd be a **** about this in particular. At least this guy is making an effort. What does it matter to you if someone tracks down and updates the offsets?

@ - good luck, wish I could offer more help but I'm pretty novice with cheat engine and know nothing about compiling all files. Thank you for your efforts though!

[0x00.NiNJA]

Its fine ! I have the open source spirit of things! I think I got the hang of it the offset pointers now. so now its a matter of filling the XML. TBH, a few people have come out the shadows to help, at least with linking tutorials!

It wont be long, I would love to ask the PokemonGo Dev team because they are disassembling ARM apks and what not but I can't because they are still trying to reverse engineer the API and as much as they like me, Im not gonna go and sidetrack them.

I was even willing to pay someone to have a teamviewer meeting with to teach me but noone replied but I understand why, so many idiots contacting them with bullshit that they probably think I am the same. I don't even want the offsets, I just wanted a little guide on how to find them!

Anyway I have done what @ said, so its a matter of a few more days at most. Once thats done, EVERYTHING will be on github as an opensource project. so no more of this bullshit!

and tbh @ has helped. He thanked the post with the picture that was linked a few posts ago and using the info on that picture I found the first one. He's helping, just subtly! hehe

[extrasmalll]

Im trying to find ability offset but couldnt achieved.I tried offsets thats in your xml files but it doenst work.I dont want offsets but i want to learn how to find them by myself.I already find character and target offsets but they r easy things

[nussxxx]

press ***

[dada79]

Code:

    <Level>ED90FC</Level>
    <ExperienceMaximum>EE2B20</ExperienceMaximum>
    <ExperienceRecoverable>EE2B28</ExperienceRecoverable>
    <ExperienceCurrent>EE2B30</ExperienceCurrent>
    <HealthMaximum>EE2B3C</HealthMaximum>
    <HealthCurrent>EE2B40</HealthCurrent>
    <ManaMaximum>EE2B44</ManaMaximum>
    <ManaCurrent>EE2B48</ManaCurrent>
    <FlightTimeMaximum>EE2B50</FlightTimeMaximum>
    <FlightTimeCurrent>EE2B54</FlightTimeCurrent>

[ingrey12]

Target offsets
TargetID: Game.dll+AE01BC + 240 + 28
Target Level: Game.dll+AE01BC + 240 + 3A (1byte)
Target HP: Game.dll+AE01BC + 240 + 3C (1byte)
Target Name: Game.dll+AE01BC + 240 + 3E (unicode)

[xmast]

Okay, I will tell you a secret. It's very easy to find the ability address. Just search for your current available inventory space. It's a none static 4 byte address. Add a new item into your inventory and repeat, until you only have a few of them left.

Next step is just adding this addresses into your list and make a pointer scann on each address.

Set the max. offset value to: 10048 and max level: 1

You can also set "Base address must be in specific range". You just have to find there the game.dll begin and end. For this you can use this script:

 Spoiler

local module = "Game.dll"
local base = getAddress(module)
local size = getModuleSize(module)
print(string.format("%X",base))
print(string.format("%X",base+size))

The first offset of the inventory space address will start with a nine - this can change after time.

The current current cube space address is:
"Game.dll"+ECEDF8 + 0x94c

But this is also the address for all the abilites: "Game.dll"+ECEDF8
Now you have to find the ability offset for this. It's always in the same range: 700 to FFF

But I can't tell you how to find it, because I wrote my own scanner for this and no, I don't scann for a byte pattern. You also need to find the correct multiplier (range 0 - 10), because it's a list and you need to go through all the pointers. I'm sorry, I can't give you my code because I know that a bot creator group will steal it, like they did it on immons bot earlier. And I don't like these people. But if you are smart enough you will just write your own scanner - it's very easy if you just think logically.

Here some other addresses:


Ability name (EU) changed to: 0x18
Ability cooldown (EU): 0x38
Ability cooldown remaining (EU): 3C

Thanks for the source by the way, it's helped me too .

"
UInt32 player_ID_gf = 0xED9048;
UInt32 player_name_gf = 0xED904C;
UInt32 player_level_gf = 0xED90FC;
UInt32 player_class_gf = 0xED9088;
UInt32 player_currenthp_gf = 0xEE2B40;
UInt32 player_maxhp_gf = 0xEE2B3C;
UInt32 player_curmp_gf = 0xEE2B48;
UInt32 player_maxmp_gf = 0xEE2B44;
UInt32 player_curexp_gf = 0xEE2B30;
UInt32 player_maxexp_gf = 0xEE2B20;
UInt32 player_dp_gf = 0xEE2B4E;
UInt32 player_position_x_gf = 0xEDBED0;
UInt32 player_position_y_gf = 0xEDBED4;
UInt32 player_position_z_gf = 0xEDBED8;
UInt32 player_ismoving_gf = 0xED8814;
UInt32 player_havetarget_gf = 0xAE01C4;
UInt32 player_camx_gf = 0xED8830;
UInt32 player_camy_gf = 0xED8828;
UInt32 player_hotbarNr_gf = 0xECE6A8;
UInt32 player_hotbarFirstSlotSkillID_gf = 0xED3FF8;
UInt32 player_reztime_gf = 0xF26518;
UInt32 player_casttime_gf = 0xED6F0C; (Offset: 0x480)
UInt32 player_curcube_gf = 0xECEDF8; (Offset: 0x94c)
UInt32 player_maxcube_gf = 0xED93DC;
UInt32 pet_id_gf = 0xF17AE8;
UInt32 target_base_gf = 0xAE01BC;
UInt32 target_state_gf = 0xAE01CC;
UInt32 cursorx_gf = 0xF2BA40;
UInt32 cursory_gf = 0xF2BA3C;
UInt32 flyTime_gf = 0xEE2B54;
"

Entity: Game.dll + 0xEE3534
EntityArray offset: 0x34
EntityArraycount offset: 0x58

Basically you already found all that stuff . So I'm wondering why do you have problems with some offsets? Could you maybe share how you disassembled the dll? Or just share the link from the pokemon reddit? Would be cool.