Aion Offsets

Hunter_1 · 10/27/2009, 19:28

Quote:

Originally Posted by psyK82

Depends, whats your coding language?
I know i only in .net, there its relativ easy to list all loadet modules for a PID and the addresses of them.

I actually just found it today, I needed the _MemoryModuleGetBaseAddress for nomadmemory.au3

Just found the source so I'm good to go now. The only thing I'm still confused on is how yall are getting the pointers to work. I understand how pointers work, I'm actually a software engineer, however, the offset you guys are using in your calculations is confusing to me. Is the pointer structure not a 32 byte data word?

heldl · 10/28/2009, 08:51

Can you someone please explain to me how the Game.dll work? I never worked with hacks before. However, I have experiences with C++ (pointers, classes, win32, etc) and now I am learning Assembly in my school. Thanks.

Bl@ze! · 10/28/2009, 09:33

Quote:

Originally Posted by heldl

Can you someone please explain to me how the Game.dll work? I never worked with hacks before. However, I have experiences with C++ (pointers, classes, win32, etc) and now I am learning Assembly in my school. Thanks.

I posted something about that on here a while ago.

heldl · 10/28/2009, 18:44

Thanks.

IntPtr module = GetModuleHandle("AION.bin");
IntPtr test = GetProcAddress(module, "Game.dll");

Is above what I need to get the base address using win32?
Also, I can send a virtual key in Windows 7 by calling the keybd_event function. I wonder if that's a good idea?

mel andru · 10/28/2009, 19:21

Hi there while working on the facetarget stuff that the Offset for the Player Rotation also reacts on Camera movements. So the Degree changes while rotating Camera while char is standing still.

I didn't really like that fact so i started to search Example with Rotation=134,830551147461

Search First Scan float between 134,830551147460 and 134,830551147462

Then Rotate CAM not the Char and scan for unchanged
Here you go there are the Adresses

Those Adresses show real Char Rotation and not Cam Rotation and the Compass is based on West 0/360 North 270 East 180 South 90

I tried to find the Game.dll pointer to those adresses but i failed. Would be nice to have a pointer to those.

Hunter_1 · 10/28/2009, 22:36

Can someone point me to a post explaining how to get the Game.dll base address please.

heldl · 10/29/2009, 04:43

Is it because of the Windows I am using? I think it's my Windows 7 x64.

Code:

#include <windows.h>
#include <iostream>
using namespace std;

int main()
{
    HMODULE pGame = GetModuleHandle( "aion.bin" );
    cout << pGame << endl;
    return 0;
}

I get pGame = 0. What's going on here? Anyone? Thanks.

mel andru · 10/29/2009, 07:25

Hi im using Blackmagic

Code:

        //Suchmaske DLL
        private const string PATTERN_CLIENT_CONNECTION_DLL = "4D 5A 90 00 03 00 00 00 04 00 00 00 FF FF";
        private const string MASK_CLIENT_CONNECTION_DLL = "xxxxxxxxxxxxxx";

        BlackMagic BM = new BlackMagic();

        public uint getDLLBaseAdress()
        {
            if (BM.OpenProcessAndThread(SProcess.GetProcessFromWindowTitle("AION Client"))) //AION Client
            {
                dwCodeLoc = BM.FindPattern(BM.GetModule("Game.dll"), PATTERN_CLIENT_CONNECTION_DLL, MASK_CLIENT_CONNECTION_DLL);
                return dwCodeLoc;
    
            }
            else
            {
                //MessageBox.Show("Aion could not be opened for read/write.");
                return 0;
            }
        }

This FindPattern Function searchs Memory for a Pattern and returns the Adress.

heldl · 10/29/2009, 17:26

Hey all, I have finally made it work. Here is a hint for those who do not know how to find the base address in C++.

Use the below libraries:
TlHelp32.h
Windows.h

Hunter_1 · 10/29/2009, 22:31

For those using autoit on Win 7 64bit, make sure you compile the program and run the .exe file. For some reason the dll functions won't work quite right if you just run the script.

CloudVii · 11/08/2009, 23:59

hi guys
is this offset for show or real hack

because i try do change any thing in game and dont really change any thing>

psyK82 · 11/09/2009, 18:58

Quote:

Originally Posted by CloudVii

hi guys
is this offset for show or real hack
because i try do change any thing in game and dont really change any thing>

If you try to change your kinah or name etc.. for sure you will fail..
What you can change is the players orientation, but i would be carefull with writing in the aion memory..

StRuNk · 11/11/2009, 21:42

Hallo, ich habe mich in letzter Zeit damit beschäftigt was über AutoIt , Cheat Engine und so zu lesen. Habe aber irgendwie Probleme die Hex-Codes etc zu verstehen ( und herauszufinden ).

Sowas in er Art 0x234 ..

Kann einer mir erklären, wie ich die Werte meiner HP und MP mit Cheat Engine auslesen kann ? Meine HP und MP regenerieren so schnell, dass ich es nicht lokalisiern kann mit Cheat engine.

Ausserdem würde ich gerne wissen, wie ich mit AutoIt dasverarbeiten kann. Ich hb verstanden , dass ich in die Memory lesen gehn muss. Das scheint mir klar zu sein, aber wie gesagt, ich komm mit den Hex COdes nicht so klar.

Hat jemand ein gutes Tut wie ich die Codes erhalten kann ( auch von NPC´s und so )
Find da keine Lösung ( bin neu in dem Gebiet )

Hier ein Beispiel, wo ich nicht verstehe:

Func MemReadTargetType($offset)
$StaticOffset = Dec($offset)
Global $pid
Global $CUROffset[1]
$CUROffset[0] = 0
$baseADDR = _MemoryModuleGetBaseAddress($pid, "Game.dll")
$finalADDR = "0x" & Hex($baseADDR + $StaticOffset)
$MemTest = _MemoryRead($finaladdr,$openmem)
$MemTest = _memoryread( $MemTest+ 0x1C4,$openmem)
$MemTest = _memoryread( $MemTest + 0x0168, $openmem )
Return $MemTest
EndFunc

Oder hier :

Func MemReadTargetName($offset = "4F68FC")

Diese PINKE Codes versteh ich nicht, wie kommt ihr an diese Werte ?

Niklan · 11/18/2009, 18:15

Hi. How i can show Health on label1 in delphi? Anyone can give project "show hp".

iam_clint · 11/19/2009, 07:23

1.5.1.4 offsets... game.dll+offset 'size and type

Code:

        mana = 0xA27728 '0x4- integer
        mana_max = 0xA27724 '0x4- integer
        hp = 0xA27720 '0x4- integer
        hp_max = 0xA2771C '0x4- integer
        exp = 0xA27710 '0x4- integer
        exp_max = 0xA27700 '0x4- integer
        casting = 0xA1D4D0 '0x4 - integer
        casting_time = 0xA1D4D4 '0x4 - integer
        x = 0xA1F158 '0x4 - float
        y = 0xA1F15C '0x4 - float
        z = 0xA1F160 '0x4 - float
        rotation = 0xA1C928 '0x4 - float
        id = 0xA1CC5C '0x4 - integer
        flight_status = 0xA27738 '0x4 - integer
        flight_time_max = 0xA27730 '0x4 - integer
        flight_time = 0xA27734 '0x4 - integer
        Gather_status = 0xA1EDA1 '0x1 - integer
        name = 0xA5E718 '0x64 - string
        level = 0xA276F8 '0x1 - integer
        dp = 0xA2772E '0x2 - integer
        dp_max = 0xA2772E '0x2 - integer

i'll post more as i find them