CO-Yeti 5065 GUID SourceCODE

thank for evry think

thank for your help.

sorry for late but i was travel , i finish do all steps in ur guide and i test it run and read client name but after that client was crashed i attach project after i do all steps can tell me why client crashed may be i id step wrong , and thx for ur help
i love ur tools 2 much after i see ur code and ur guide and if u don't upgrade it in future i hope upgrade it to all ppl always remember CO-YETi tool

Quote:

Originally Posted by ace_heart sorry for late but i was travel , i finish do all steps in ur guide and i test it run and read client name but after that client was crashed i attach project after i do all steps can tell me why client crashed may be i id step wrong , and thx for ur help i love ur tools 2 much after i see ur code and ur guide and if u don't upgrade it in future i hope upgrade it to all ppl always remember CO-YETi tool

hi.. good to see that u still working on it!!
but u have not the right adresses... look at mouse zoom (cyclone: intspeed)!! assambler code looks good. but the adress where u write the code is wrong.
nondc code could be different from me. conquer just crash if u write wrong code in memory!! try to add code step by step and find out whats wrong!! or,and watch details of errormessage. it tell u the adress where conquer crashed!! i see error(exception informatin.. address:0x00..5302d1) this is address of nondc1.
i give u my programm head. compare it with ur code and find out whats wrong!!

//Variablen

String StrProgFile = "conquer";
String OriWindowName = "[Conquer2.0]";

uint WM_SETTEXT = 0x0C;
//uint WM_GETTEXT = 0x0D;
//uint WM_GETTEXTLENGTH = 0x0E;
//uint VK_RETURN = 0x0D;
//uint WM_SETFOCUS = 0x0007;
//uint WM_CHAR = 0x0102;
//uint WM_KEYDOWN = 0x0100;
//uint VK_TAB = 0x09;

//non dc sh
byte[] nondc1 = { 0x81, 0x05, 0xE1, 0x89, 0x57, 0x00, 0x6A, 0x04, 0x00, 0x00, 0xA1, 0xE1, 0x89, 0x57, 0x00, 0xE9, 0x0D, 0xDE, 0xF7, 0xFF }; // add dword ptr [xxxxxx], 46A ||| mov eax, dword ptr [xxxxxx] ||| jmp 004xxxxx
byte[] nondc2 = { 0xE9, 0xDF, 0x21, 0x08, 0x00 }; //jmp "IntNodc1"
byte[] nondc1o = { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 };
byte[] nondc2o = { 0xE8, 0x45, 0x86, 0x04, 0x00 }; // call <jmp.&WINMM.timeGetTime>
byte[] mouszoomo = { 0x81, 0xF9, 0x00, 0x01, 0x00, 0x00, 0x76, 0x1D, 0x83, 0xC1, 0xE0, 0xEB, 0x0B, 0x81, 0xF9, 0x00, 0x02, 0x00, 0x00 };
byte[] mouszoomc = { 0x81, 0xF9, 0xB0, 0x00, 0x00, 0x00, 0x76, 0x1D, 0x83, 0xC1, 0xE0, 0xEB, 0x0B, 0x81, 0xF9, 0x00, 0x03, 0x00, 0x00 };
byte[] Pmcommandc = { 0x84 };
byte[] Pmcommando = { 0x85 };
byte[] effectc = { 0x90, 0x90, 0x90 }; //NOP
byte[] effecto = { 0xFF, 0x50, 0x08 }; //call ...
IntPtr IntEffect = (IntPtr)0x004ABDFF;
IntPtr IntPmcommand = (IntPtr)0x004AE320; //JNZ !
IntPtr IntMouszoom = (IntPtr)0x004808A5; // cmp ecx, 100 ... !
IntPtr IntNodc1 = (IntPtr)0x005302D1;
IntPtr IntNodc2 = (IntPtr)0x004AE0ED;

uint nodc2Size = 4;


//char size
IntPtr IntCharSize = (IntPtr)0x0057B63C; //norm 64

//walljump
IntPtr IntWalljump = (IntPtr)0x004AE023; //
byte[] wallo = { 0x75 };
byte[] wall = { 0xEB };

//zoom (byte 100-255)
IntPtr Intzoom = (IntPtr)0x00579DD0; // 256-512
int tgzoom = 4096;

//cyclone (byte7=1)
IntPtr Intspeed = (IntPtr)0x0057B58E; // 00
byte[] data1 = { 132 };
byte[] data2 = { 0 };

//charname
IntPtr Intname = (IntPtr)0x0057B604; //
uint uIntNameSize = 15;

//programm var
bool settings = true;
bool windowrenamer = true;

Process Prog = new Process();
//--Variablen-----------------------------------------

#Merged and removed posts. Keep it clean guys.

thx der-yeti i trace my code and compare it with urs and found a problems and i solve it ,NOW it's run good no crash i but my code with my comments for my wrong
but after i finish code 100% i still face problem to get address for zoom and speed how can get it easy and if i must use cheat engine how find address in it or give me way to trace it ,more thx again for ur help

//non dc sh
byte[] nondc1 = { 0x81, 0x05, 0x0f, 0x92, 0x57, 0x00, 0x6A, 0x04, 0x00, 0x00, 0xA1, 0x0f, 0x92, 0x57, 0x00, 0xE9, 0x0D, 0xDE, 0xF7, 0xFF }; // ----- change address for unused space and work
byte[] nondc2 = { 0xE9, 0xDF, 0x21, 0x08, 0x00 }; //jmp "IntNodc1"E9DF210800
byte[] nondc1o = { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 };
byte[] nondc2o = { 0xE8, 0x45, 0x86, 0x04, 0x00 }; // call <jmp.&WINMM.timeGetTime>E8 45860400
byte[] mouszoomo = { 0x81, 0xF9, 0x00, 0x01, 0x00, 0x00, 0x76, 0x1D, 0x83, 0xC1, 0xE0, 0xEB, 0x0B, 0x81, 0xF9, 0x00, 0x02, 0x00, 0x00 };
byte[] mouszoomc = { 0x81, 0xF9, 0xB0, 0x00, 0x00, 0x00, 0x76, 0x1D, 0x83, 0xC1, 0xE0, 0xEB, 0x0B, 0x81, 0xF9, 0x00, 0x03, 0x00, 0x00 };
byte[] Pmcommandc = { 0x84 };
byte[] Pmcommando = { 0x85 };
byte[] effectc = { 0x90, 0x90, 0x90 }; //NOP
byte[] effecto = { 0xFF, 0x50, 0x08 }; //call ...
IntPtr IntEffect = (IntPtr)0x004ABDFF;
IntPtr IntPmcommand = (IntPtr)0x004AE31F; //JNZ ! ----- my wrong when doing ur step
IntPtr IntMouszoom = (IntPtr)0x004808A5; // cmp ecx, 100 ... ! ----- my wrong when i wirte address
IntPtr IntNodc1 = (IntPtr)0x005302D1;
IntPtr IntNodc2 = (IntPtr)0x004AE0ED;

uint nodc2Size = 4;


//char size
IntPtr IntCharSize = (IntPtr)0x0057B63C; //norm 64 ! ----- it's ok i can find it

//walljump
IntPtr IntWalljump = (IntPtr)0x004AE023; // !
byte[] wallo = { 0x75 };
byte[] wall = { 0xEB };

//zoom (byte 100-255)
IntPtr Intzoom = (IntPtr)0x00579DD0; // 256-512 ! ----- how see it ?
int tgzoom = 4096;

//cyclone (byte7=1)
IntPtr Intspeed = (IntPtr)0x0057B58E; // 00 ! ----- how see it ?
byte[] data1 = { 132 };
byte[] data2 = { 0 };

//charname
IntPtr Intname = (IntPtr)0x0057B604; // !
uint uIntNameSize = 15;

//programm var
bool settings = true;
bool windowrenamer = true;

thx der-yeti i check again ur guide and know what i wrong when read address , now ur guide clear for me
thx again for ur help

Well We Can Works in 5090+??