Let's talk about the recent patch and changes

No it hasn't, at least I don't think it did. Looks the same at first glance.

Anyways, why not read the whole buffer? That way it doesn't matter if someone jumps onto screen.

Also it may be 0x65xxxx. Not sure, didn't write it down.

0x6502D4 <-- as for that magic number

I KNOW WHY ITS x2 size... it reports number pairs (one after the other)... and THESE are the TWO parameters i can send to the attack function... im almost certain.

I'll release some autoit script to prove it soon.

Edit: Check it out, attached is the autoit script that shows the numbers i get from the DequeEx using that magic number.. I grouped it into pairs to show what i mean.

Edit: Have a look

From my olly (break point in attack function)
CPU Stack
Address Value ASCII Comments
0012EAF8 /0120B008 ; Arg1 = 120B008
0012EAFC |0FBC40A0 @ ; Arg2 = 0FBC40A0

From my autoit
0120B008:0FBC40A0

PERFECT MATCH :D

Edit: Added an additional column w/ the name of the mob as proof of correctness. Remember this is the [mob base address + 0xE4] (mob base address is 0120B008 in my example) (And also the pointer to the end of the string +0xE8 (from high6))

@clintonselke
The moblist works for me :)

Also when a mob dies [mobBaseAddr + 0x14] seems to take on the value 0x20 . (So ur leveling bot does not keep attacking a already dead mob)

dammit =( , char name have a dinamic address now , i can't use Co2Ren anymore

About the recent botjailing episodes:

Quote:

Originally Posted by Zeroxelli Okay, found the reason for the botjailing of multiclients. The memory addresses to the void "findbots" is pushed down by the new client, in multiclients it's still the old address. So the Bot Check is constantly sending data (This also makes you check people's gears randomly, like 5Bot does now), So of course, this is counted as bot activity (Automation) and you're sent to botjail. By the looks of the things, I haven't been botjailed at all for this toole. But as soon as I tried ANY tool on a hacked exe (Multiclient) I got botjailed after a night in tg. It's a bit extensive, but it proves a point. This tool should still be safe, i.e. no botjail from use (even extended). So, again. My note was to developers, not users. Because for users, you don't have to worry about it the developers have your back. :)

What?

Quote:

Originally Posted by high6 What?

I just posted Zeroxelli's theory about what caused the botjailings ? :p
Or was that not what you were talking about?

Hey guys , has a new patch on Co ftp look ftp://64.151.117.77/enzf/ 5128 , take a look guys

It is just a file for the autopatcher.

Yep, all these changes are becoming a pain. Iv had to redo my packet structures about 3 times now x.x. My proxys still working fine tho so no real damage done since i can just get on a relog the packets everytime they update. Still though i would rather they would stop changing them >.>

Anyone found a way to get CharName?

Quote:

Originally Posted by Ulfius Anyone found a way to get CharName?

Have you even read the thread?

Quote:

Originally Posted by high6 Have you even read the thread?

Of course I have. I am not asking what is its static address, but whether or not someone has discovered how it's being stored dynamically now (e.g. where the pointer to it's base address is).

I am one of the first that discovered that things have been changed to DMA and I have found other values with the CharacterBaseAddress + offset, but CharName is being illusive - hence my question.

Quote:

Originally Posted by Ulfius Of course I have. I am not asking what is its static address, but whether or not someone has discovered how it's being stored dynamically now (e.g. where the pointer to it's base address is). I am one of the first that discovered that things have been changed to DMA and I have found other values with the CharacterBaseAddress + offset, but CharName is being illusive - hence my question.

It has already been posted in this thread...