|
You last visited: Today at 03:03
Advertisement
PWI Elysium Changes
Discussion on PWI Elysium Changes within the PW Hacks, Bots, Cheats, Exploits forum part of the Perfect World category.
05/16/2016, 20:04
|
#31
|
elite*gold: 0
Join Date: Dec 2009
Posts: 70
Received Thanks: 15
|
Quote:
Originally Posted by jasty
You need to replace a "28" in there with _Hex($Player_Offset, 2), the 28 was hard coded when it should not have been.
|
Ah didn't see that ty
Does anyone by chance have the current Partyinv offset as 0xE67CC8 doesn't seem to work ?
I can't even find it with my old regex....
|
|
|
05/16/2016, 21:54
|
#32
|
elite*gold: 0
Join Date: Sep 2013
Posts: 146
Received Thanks: 84
|
try 0xE67C80
|
|
|
05/16/2016, 22:26
|
#33
|
elite*gold: 0
Join Date: Dec 2009
Posts: 70
Received Thanks: 15
|
Checked the Adress in IDA and tested it, works Tyvm
Apparently there is sometimes an issue when you read an Address lower case like current base address like this "0xe5b2a4" instead of this "0xE5B2A4". Let's the game crash oh well....one reason why Moveto didn't work.
I'm starting to lose my mind...the Moveto function works again, but my character tries to walk to the top end of the map all the time...I checked wrong addresses, different calculations, different variations of x,y,z(in case something changed), Autopath works...., tried revhex, hex etc......
Is anyone facing the same problem ?
|
|
|
05/17/2016, 22:09
|
#34
|
elite*gold: 0
Join Date: Sep 2013
Posts: 146
Received Thanks: 84
|
i changed nothing but the Player_Offset and everything worked as before.
|
|
|
05/17/2016, 22:20
|
#35
|
elite*gold: 0
Join Date: Dec 2011
Posts: 15
Received Thanks: 26
|
click for "Select" serverlist:
Code:
Procedure ClConfurm(pid)
hProcess=OpenProcess_(#PROCESS_ALL_ACCESS, #False, pid)
ReadProcessMemory_(hProcess,($00e5ba4c ) Ibuf,4,***)
ReadProcessMemory_(hProcess,(ibuf+$18) Ibuf,4,***)
ReadProcessMemory_(hProcess,(ibuf+$8) windarr,4,***)
ReadProcessMemory_(hProcess,(WindArr+$8c) Winup,4,***)
While WinUp<>0
ReadProcessMemory_(hProcess,(WinUp+$8) winstruct,4,***)
ReadProcessMemory_(hProcess,(winstruct+$4c) winnameadr,4,***)
ReadProcessMemory_(hProcess,(winnameadr+0) winname,50,***) ;ASCII string
If winname="Win_LoginServerListButton"
ReadProcessMemory_(hProcess,(winstruct+$1c8) Ibuf,4,***)
ReadProcessMemory_(hProcess,(ibuf+$0c) Ibuf,4,***)
ReadProcessMemory_(hProcess,(ibuf+$08) Ibuf,4,***)
ReadProcessMemory_(hProcess,(ibuf+$1c) Ibuf,4,***) ; Commandadr
opcode.s="60"+"B9"+Reverse(winstruct)+"68"+Reverse(ibuf)+"BA"+Reverse($A69A70)+"FFD2"+"61"+"C3"
Inject(pid,opcode)
CloseHandle_(hProcess)
ProcedureReturn 1;click send
EndIf
ReadProcessMemory_(hProcess,(WinUp) Winup,4,***)
Wend
CloseHandle_(hProcess)
ProcedureReturn 0 ;not find window
EndProcedure
* Chance of ReportBug
** addresses are specified for the current version PWI(946)
*** English is not my native language.
|
|
|
05/18/2016, 22:37
|
#36
|
elite*gold: 0
Join Date: Dec 2009
Posts: 70
Received Thanks: 15
|
Quote:
Originally Posted by Stark77
i changed nothing but the Player_Offset and everything worked as before.
|
Found the issue...it was a replaced 24...replace all is not always good...
Went through my whole code to eliminate a lot of things and therefore it happened oh well. Tyvm, this way i knew it still works
|
|
|
05/18/2016, 23:02
|
#37
|
elite*gold: 0
Join Date: Sep 2013
Posts: 146
Received Thanks: 84
|
thats good to hear i acutally also have a question related to this moveto function. for me this function is only working on windows 7 or lower. client will crash with win10.
does anyone have the same issue or maybe even knows how to fix it? the opcode i use is below.
Code:
global realBaseAddress := 0xE5B2A4
global playerOffSet := 0x34
global playerActionStructOffset := 0x1500
global AutoPathAddress := 0x4592F0
global ADDRESS_ACTION1 := 0x4C8480
global ADDRESS_ACTION2 := 0x4CE970
global ADDRESS_ACTION3 := 0x4C8A70
revHex(revX, X)
revHex(revY, Y)
revHex(revZ, Z)
revHex(revBaseAddress, realbaseAddress)
revHex(revPlayerOffSet, playerOffSet,2)
revHex(revADDRESS_ACTION1, ADDRESS_ACTION1)
revHex(revADDRESS_ACTION2, ADDRESS_ACTION2)
revHex(revADDRESS_ACTION3, ADDRESS_ACTION3)
revHex(OFFSET_ACTIONBASE, playerActionStructOffset)
revHex(FLYMODE, flyflag)
func =
func = %func%60
func = %func%B8%revBaseAddress%
func = %func%8B00
func = %func%8B401C
func = %func%8B70%revPlayerOffSet%
func = %func%8B8E%OFFSET_ACTIONBASE%
func = %func%6A01
func = %func%BA%revADDRESS_ACTION1%
func = %func%FFD2
func = %func%8BF8
func = %func%8D442418
func = %func%50
func = %func%BA%FLYMODE%
func = %func%52
func = %func%8BCF
func = %func%BA%revADDRESS_ACTION2%
func = %func%FFD2
func = %func%8B8E%OFFSET_ACTIONBASE%
func = %func%B8%revX%
func = %func%8BD7
func = %func%83C220
func = %func%8902
func = %func%B8%revZ%
func = %func%8BD7
func = %func%83C224
func = %func%8902
func = %func%B8%revY%
func = %func%8BD7
func = %func%83C228
func = %func%8902
func = %func%6A00
func = %func%6A01
func = %func%57
func = %func%6A01
func = %func%BA%revADDRESS_ACTION3%
func = %func%FFD2
func = %func%61
func = %func%C3
injectCode(func)
|
|
|
05/19/2016, 19:04
|
#38
|
elite*gold: 0
Join Date: Dec 2011
Posts: 15
Received Thanks: 26
|
Try it moveto (works for win10, unstable, possible crash client)
Code:
Hex dump Command
60 PUSHAD
B8 00000000 MOV EAX,BaseAddress
8B00 MOV EAX,DWORD PTR DS:[EAX]
8B40 1C MOV EAX,DWORD PTR DS:[EAX+1C]
8B78 34 MOV EDI,DWORD PTR DS:[EAX+34]
8B8F 11111111 MOV ECX,DWORD PTR DS:[EDI+playerActionStructOffset]
6A 01 PUSH 1
BA 00000000 MOV EDX, Walk1
FFD2 CALL EDX
8D4C24 1C LEA ECX,[ESP+1C]
89C6 MOV ESI,EAX
51 PUSH ECX
BA 00000000 MOV EDX,FLYMODE
52 PUSH EDX
89F1 MOV ECX,ESI
BA 00000000 MOV EDX,Walk2
FFD2 CALL EDX
8B8F 22222222 MOV ECX,DWORD PTR DS:[EDI+playerActionStructOffset]
B8 00000000 MOV EAX,X
89F2 MOV EDX,ESI
83C2 20 ADD EDX,20
8902 MOV DWORD PTR DS:[EDX],EAX
B8 00000000 MOV EAX,Z
89F2 MOV EDX,ESI
83C2 24 ADD EDX,24
8902 MOV DWORD PTR DS:[EDX],EAX
B8 00000000 MOV EAX,Y
89F2 MOV EDX,ESI
83C2 28 ADD EDX,28
8902 MOV DWORD PTR DS:[EDX],EAX
6A 01 PUSH 1
56 PUSH ESI
6A 01 PUSH 1
BA 00000000 MOV EDX,Walk3
FFD2 CALL EDX
61 POPAD
C3 RETN
copied from http://zhyk.ru/ author diagnost
|
|
|
05/19/2016, 23:31
|
#39
|
elite*gold: 0
Join Date: Sep 2013
Posts: 146
Received Thanks: 84
|
|
|
|
05/20/2016, 23:44
|
#40
|
elite*gold: 0
Join Date: Dec 2009
Posts: 70
Received Thanks: 15
|
I was playing around with the chat. I can read out the whole chat with this function here:
Local $array[1][2], $pointer, $counter
$pid = ProcessExists("elementclient.exe")
$PROCESS_INFORMATION = _MemoryOpen($pid)
For $i = 0 To 199
$pointer = _MemoryRead(0xE61580, $PROCESS_INFORMATION)
ReDim $array[$counter + 1][2]
$array[$counter][0] = _MemoryRead($pointer + $i * Dec("24") + 0x4, $PROCESS_INFORMATION, "Byte") ;Chat Type
$array[$counter][1] = _MemoryRead(_MemoryRead($pointer + $i * Dec("24") + 0x8, $PROCESS_INFORMATION)+0x0, $PROCESS_INFORMATION, 'wchar[100]') ;Chat text
$counter += 1
Next
_MemoryClose($pid)
_ArraySort($array, "", "", "", 6)
_ArrayDisplay($array)
The only Problem here is, that linked items are shown like this "<1><>" :/
Does anyone know what way i can read out the text with items as wchar doesn't really do the trick?
|
|
|
05/21/2016, 01:54
|
#41
|
elite*gold: 0
Join Date: Jul 2011
Posts: 145
Received Thanks: 97
|
Quote:
Originally Posted by sasukezero
The only Problem here is, that linked items are shown like this "<1><>" :/
Does anyone know what way i can read out the text with items as wchar doesn't really do the trick?
|
Here's an old writeup but getting the actual tooltip looks complicated.
The item itself looks like its at the same offset chain but with 0xC at the end instead of 0x8.
|
|
|
05/21/2016, 03:09
|
#42
|
elite*gold: 0
Join Date: Dec 2009
Posts: 70
Received Thanks: 15
|
Quote:
Originally Posted by jasty
Here's an old writeup but getting the actual tooltip looks complicated.
The item itself looks like its at the same offset chain but with 0xC at the end instead of 0x8.
|
That did the trick with 0xC it reads out the item name too. Now i still have the extra signs etc but its more readable. String replace does the rest. Ty
$array[$counter][2] = _MemoryRead(_MemoryRead($pointer + $i * Dec("24") + 0xC, $PROCESS_INFORMATION), $PROCESS_INFORMATION, 'wchar[100]') ;Chat text
|
|
|
05/21/2016, 11:54
|
#43
|
elite*gold: 0
Join Date: Nov 2013
Posts: 32
Received Thanks: 1
|
hi any one can give me questID for Enter Base faction from
Faction Base Manager Zeen
i try find in pwdatabase.com
"Enter the Base"
but no quest found
|
|
|
05/21/2016, 15:57
|
#44
|
elite*gold: 0
Join Date: Dec 2009
Posts: 70
Received Thanks: 15
|
I checked for the send package via this old guid:
And came up with this:
func EnterFactionbase($pid,$playerid_,$factionid)
Local $packet, $packetSize
$packet = '2500'
$packet &= "40000000"
$packet &= "10000000"
$packet &= "3C110000"
$packet &= Hex($playerid_)
$packet &= Hex($factionid)
$packet &= Hex($factionid)
$packetSize = 26
sendPacket($packet, $packetSize, $pid)
EndFunc
Tested it on 2 different characters and it works like a charm.
Seems like you don't have to open the npcdialogue, just stand close enough and select it
|
|
|
05/21/2016, 17:46
|
#45
|
elite*gold: 0
Join Date: Nov 2013
Posts: 32
Received Thanks: 1
|
Quote:
Originally Posted by sasukezero
I checked for the send package via this old guid:
And came up with this:
func EnterFactionbase($pid,$playerid_,$factionid)
Local $packet, $packetSize
$packet = '2500'
$packet &= "40000000"
$packet &= "10000000"
$packet &= "3C110000"
$packet &= Hex($playerid_)
$packet &= Hex($factionid)
$packet &= Hex($factionid)
$packetSize = 26
sendPacket($packet, $packetSize, $pid)
EndFunc
Tested it on 2 different characters and it works like a charm.
Seems like you don't have to open the npcdialogue, just stand close enough and select it
|
hi thx for info, but can u tell me how to find my $factionid
|
|
|
|
|
Similar Threads
|
Elysium
02/20/2016 - 9Dragons - 7 Replies
Deleted.
|
[Selling] Nachjägerin (180 - Elysium)
02/05/2015 - Last Chaos Trading - 13 Replies
Hallo Ihr,
wie man wohl sieht bin ich neu hier, ein Freund hat mir das Forum empfohlen um meine Assa in gute Hände weiterzugeben. Hab nun einige Jahre LC gespielt und bin zu einem Privatserver gewechselt, daher habe ich mich entschlossen meine Assa zum Verkauf anzubieten. Wer mir nicht vertraut kann auch gerne mit mir vorher auf unserem TS plaudern ect. Da der neue Server nur PSC oder Paypal akzeptiert habe ich mich dazu entschlossen auch nur PSC und Überweisung, sowie egold zu akzeptieren.
...
|
elysium?¿
01/28/2015 - 9Dragons - 10 Replies
hmm what happend with elysium ? web doesn´t work, and the launcher seems the GC one ¬¬
any notices or its just disapear? :confused:
|
Suche EQ auf Elysium (PSG)
06/12/2011 - Metin2 Trading - 1 Replies
Gude suche EQ auf "Elysium" auf dem PSG Network.
Biete 28 e*gold
Was erwartet Ihr denn.
|
[HELP] Elysium Pictures
03/16/2010 - EO PServer Hosting - 0 Replies
Hy @all
I am already so far some of it am indicated,… only unfortunately white I no more further,… which files I forgot/to be still added am.
And the Debug says to me relatively nothing more which still be missing could at image files.
I inserted and/or worked on the following files
|
All times are GMT +2. The time now is 03:03.
|
|