lol yes now I get it, I though packet sending sent infomation to the server :S yeah now I understand lol. Thank you.Quote:
This way you aren't actually sending packets yourself, you're just making the game think it's been told to perform a certain action, just like with the other injection functions. This function is just two or three function calls further down the line from say an 'Equip this gear' function. There is technically absolutely no difference, you could call it 'PerformAction' function instead if it makes you feel better :D :D
Perfect World Bot PWI-Prophet Bot Recoded
09/11/2010 15:02
asaky#421
09/11/2010 15:26
Interest07#422
hehe I edited my post a little more, didn't catch you replying already :D
09/11/2010 17:24
Interest07#423
Prophets,
I fixed the function I posted earlier (I had only posted what it would look like) and tested it, This code gives an example of the usage by sending a 'deselect current target' packet. (The _hex function has been slightly adjusted )
for pwi
last time I checked. I just threw on any includes that were in your bot file as I couldn't be bothered to check which are needed :p
I fixed the function I posted earlier (I had only posted what it would look like) and tested it, This code gives an example of the usage by sending a 'deselect current target' packet. (The _hex function has been slightly adjusted )
for pwi
Code:
realBaseAddress=0x00A5B90C SendPacketAddress=0x0060E310
Code:
#include <GUIButton.au3>
#include <GUIToolbar.au3>
#include <GUIConstantsEx.au3>
#include <ProgressConstants.au3>
#include <StaticConstants.au3>
#include <WindowsConstants.au3>
#include <EditConstants.au3>
#include <NomadMemory.au3>
#include <Array.au3>
Global $kernel32 = DllOpen('kernel32.dll')
Global $pid = ProcessExists('elementclient.exe')
global $realBaseAddress = 0x0098657C
global $sendPacketFunction = 0x005BD7B0
;Deselect target (example usage of sendPacket)
sendPacket('0800', 2, $pid)
DllClose($kernel32)
Func sendPacket($packet, $packetSize, $pid)
;Declare local variables
Local $pRemoteThread, $vBuffer, $loop, $result, $OPcode, $processHandle, $packetAddress
;Open process for given processId
$processHandle = memopen($pid)
;Allocate memory for the OpCode and retrieve address for this
$functionAddress = DllCall($kernel32, 'int', 'VirtualAllocEx', 'int', $processHandle, 'ptr', 0, 'int', 0x46, 'int', 0x1000, 'int', 0x40)
;Allocate memory for the packet to be sent and retrieve the address for this
$packetAddress = DllCall($kernel32, 'int', 'VirtualAllocEx', 'int', $processHandle, 'ptr', 0, 'int', $packetSize, 'int', 0x1000, 'int', 0x40)
;Construct the OpCode for calling the 'SendPacket' function
$OPcode &= '60' ;PUSHAD
$OPcode &= 'B8'&_hex($sendPacketFunction) ;MOV EAX, sendPacketAddress
$OPcode &= '8B0D'&_hex($realBaseAddress) ;MOV ECX, DWORD PTR [revBaseAddress]
$OPcode &= '8B4920' ;MOV ECX, DWORD PTR [ECX+20]
$OPcode &= 'BF'&_hex($packetAddress[0]) ;MOV EDI, packetAddress //src pointer
$OPcode &= '6A'&_hex($packetSize,2) ;PUSH packetSize //size
$OPcode &= '57' ;PUSH EDI
$OPcode &= 'FFD0' ;CALL EAX
$OPcode &= '61' ;POPAD
$OPcode &= 'C3' ;RET
;Put the OpCode into a struct for later memory writing
$vBuffer = DllStructCreate('byte[' & StringLen($OPcode) / 2 & ']')
For $loop = 1 To DllStructGetSize($vBuffer)
DllStructSetData($vBuffer, 1, Dec(StringMid($OPcode, ($loop - 1) * 2 + 1, 2)), $loop)
Next
;Write the OpCode to previously allocated memory
DllCall($kernel32, 'int', 'WriteProcessMemory', 'int', $processHandle, 'int', $functionAddress[0], 'int', DllStructGetPtr($vBuffer), 'int', DllStructGetSize($vBuffer), 'int', 0)
;Put the packet into a struct for later memory writing
$vBuffer = DllStructCreate('byte[' & StringLen($packet) / 2 & ']')
For $loop = 1 To DllStructGetSize($vBuffer)
DllStructSetData($vBuffer, 1, Dec(StringMid($packet, ($loop - 1) * 2 + 1, 2)), $loop)
Next
;Write the packet to previously allocated memory
DllCall($kernel32, 'int', 'WriteProcessMemory', 'int', $processHandle, 'int', $packetAddress[0], 'int', DllStructGetPtr($vBuffer), 'int', DllStructGetSize($vBuffer), 'int', 0)
;Create a remote thread in order to run the OpCode
$hRemoteThread = DllCall($kernel32, 'int', 'CreateRemoteThread', 'int', $processHandle, 'int', 0, 'int', 0, 'int', $functionAddress[0], 'ptr', 0, 'int', 0, 'int', 0)
;Wait for the remote thread to finish
Do
$result = DllCall('kernel32.dll', 'int', 'WaitForSingleObject', 'int', $hRemoteThread[0], 'int', 50)
Until $result[0] <> 258
;Close the handle to the previously created remote thread
DllCall($kernel32, 'int', 'CloseHandle', 'int', $hRemoteThread[0])
;Free the previously allocated memory
DllCall($kernel32, 'ptr', 'VirtualFreeEx', 'hwnd', $processHandle, 'int', $functionAddress[0], 'int', 0, 'int', 0x8000)
DllCall($kernel32, 'ptr', 'VirtualFreeEx', 'hwnd', $processHandle, 'int', $packetAddress[0], 'int', 0, 'int', 0x8000)
;Close the Process
memclose($processHandle)
Return True
EndFunc
Func memopen($pid)
Local $mid = DllCall($kernel32, 'int', 'OpenProcess', 'int', 0x1F0FFF, 'int', 1, 'int', $pid)
Return $mid[0]
EndFunc
Func memclose($mid)
DllCall($kernel32, 'int', 'CloseHandle', 'int', $mid)
EndFunc
Func _hex($Value, $size=8)
Local $tmp1, $tmp2, $i
$tmp1 = StringRight("000000000" & Hex($Value),$size)
For $i = 0 To StringLen($tmp1) / 2 - 1
$tmp2 = $tmp2 & StringMid($tmp1, StringLen($tmp1) - 1 - 2 * $i, 2)
Next
Return $tmp2
EndFunc
09/11/2010 22:17
Interest07#424
09/11/2010 23:59
PW-Prophets#425
All I can say is :handsdown: and a lil more :handsdown: wait wait wait 1 more :handsdown:. If this works this will change ALOT of things.:handsdown:Quote:
09/12/2010 08:01
PW-Prophets#426
Well, this has got to be one of the nicest things we both have ever seen we cannot begin to thank you enough for this. Everything works flawlessly, This constitutes a WHOLE NOTHER RECODE :). Everyone keep their eyes out for a bigger badder prophet bot. It may take awhile with having a job now and all.Quote:
09/12/2010 08:04
asaky#427
Can't wait!!! And thank you interest07 :)Quote:
09/12/2010 08:52
Interest07#428
You're welcome, glad to be of use :p
If anything doesn't work or you need any other specific functions (like accepting revive and stuff?) I'll look into em. Congrats on getting a job too :D
I'm not sure if the PM I sent worked prophets as it is not storing anything into my 'sent items' folder.
Trying to figure out how the set up catshop packet works atm, but its being a bugger.
If anything doesn't work or you need any other specific functions (like accepting revive and stuff?) I'll look into em. Congrats on getting a job too :D
I'm not sure if the PM I sent worked prophets as it is not storing anything into my 'sent items' folder.
Trying to figure out how the set up catshop packet works atm, but its being a bugger.
09/12/2010 17:03
Smurfin#429
@Interest07, about the sendpacket in code global $sendPacketFunction = 0x005BD7B0 , how do I find the correct address to use sendpacket ?
also please find the accepting revive packet, hope you could find it too.
this sendpacket thing is great, looks like a lot more things can be done with it, and simpler coz it's the same packet for all PW server, right ? right now just need the address and test it on PW Indo and see if it works there :D
is it ok to put sendpacket in a loop, to do normal attack for example ? because I guess it will instantly send data to the server, while if using keypresses it'll only send packet when a keypress is accepted to trigger the attack, if pressing too much/rapidly some will just be ignored until attacking queue is opened again and it only happens in our PC without sending packets.
about useSkillWithoutCastTime , is it really casting skill without cast time like if we use nocast pill or just eliminate the animation so casting look faster ?
oh and please make a new thread about this sendpacket, so a lot of questions about other things unrelated to bot can be asked there :handsdown:, dun want to be oot later.
thanks for sharing this, can't wait to try it here. :p
also please find the accepting revive packet, hope you could find it too.
this sendpacket thing is great, looks like a lot more things can be done with it, and simpler coz it's the same packet for all PW server, right ? right now just need the address and test it on PW Indo and see if it works there :D
is it ok to put sendpacket in a loop, to do normal attack for example ? because I guess it will instantly send data to the server, while if using keypresses it'll only send packet when a keypress is accepted to trigger the attack, if pressing too much/rapidly some will just be ignored until attacking queue is opened again and it only happens in our PC without sending packets.
about useSkillWithoutCastTime , is it really casting skill without cast time like if we use nocast pill or just eliminate the animation so casting look faster ?
oh and please make a new thread about this sendpacket, so a lot of questions about other things unrelated to bot can be asked there :handsdown:, dun want to be oot later.
thanks for sharing this, can't wait to try it here. :p
09/12/2010 19:12
Interest07#430
useSkillWithoutCastTime is for skills that don't have a cast time in game, such as change to fox or tiger form, or warrior run skill or +pdef/-mdef skill.
Most packets will be the same for all servers. There might be some exceptions that I haven't encountered yet.
finding the sendPacketFunction is much easier:
1)
search for:
2)
You'll get 7 results (most likely), pick the third one:
[Only registered and activated users can see links. Click Here To Register...]
3)
It'll look like this (lots of Xrefs)
[Only registered and activated users can see links. Click Here To Register...]
and there you go, the address of this function.
from my wq bot thread
Most packets will be the same for all servers. There might be some exceptions that I haven't encountered yet.
finding the sendPacketFunction is much easier:
1)
search for:
Code:
(void *Src, size_t Size)
You'll get 7 results (most likely), pick the third one:
[Only registered and activated users can see links. Click Here To Register...]
3)
It'll look like this (lots of Xrefs)
[Only registered and activated users can see links. Click Here To Register...]
and there you go, the address of this function.
from my wq bot thread
09/12/2010 20:36
asaky#431
*Nods and pretends he knows what your talking about* Yes, yes I see now. :D
09/13/2010 04:15
Interest07#432
resurrect functions for you prophets :p
Code:
Func rezToTown($pid) ;Respawn in town after death local $packet, $packetSize $packet = '0400' $packetSize = 2 sendPacket($packet, $packetSize, $pid) EndFunc Func rezWithScroll($pid) ;Respawn in the place you died, costs a rez scroll local $packet, $packetSize $packet = '0500' $packetSize = 2 sendPacket($packet, $packetSize, $pid) EndFunc Func acceptRez($pid) ;Accept rez by a priest. local $packet, $packetSize $packet = '5700' $packetSize = 2 sendPacket($packet, $packetSize, $pid) EndFunc
09/13/2010 07:13
asaky#433
Could you make a walk to target func? including up and down movements? Alot of people have been complaining about looting underwater.Quote:
Code:Func rezToTown($pid) ;Respawn in town after death local $packet, $packetSize $packet = '0400' $packetSize = 2 sendPacket($packet, $packetSize, $pid) EndFunc Func rezWithScroll($pid) ;Respawn in the place you died, costs a rez scroll local $packet, $packetSize $packet = '0500' $packetSize = 2 sendPacket($packet, $packetSize, $pid) EndFunc Func acceptRez($pid) ;Accept rez by a priest. local $packet, $packetSize $packet = '5700' $packetSize = 2 sendPacket($packet, $packetSize, $pid) EndFunc
09/13/2010 11:16
Interest07#434
Quote:
Sure, I can see what I can do.
09/13/2010 11:17
asaky#435
Thanks man, wish I could help with all this stuff being a leech doesn't feel good :\Quote: