I really don't have a specific answer i have never seen olly act like that while debugging Conquer, I wold first go to view -> Log and see what information i can collect when the process crashes, also i wold recheck olly's options/settings, adjust the setting to break on threads creation/termination to have a better understanding of whats really going on before the process exits, Rename olly to something else, Idk see if any of that helps.Quote:
Yes, I get it, I can do those, but I`m curious why my Olly behaves differently at the start than the one presented in the video. My primary intention is to learn a little bit of reverse engineering, not to create any program whatsoever.
[Guide] Lets make a memory based bot
04/11/2013 06:30
{ Angelius }#46
04/13/2013 10:50
denominator#47
I have no idea why but I have watched the video in this thread and in the other thread which just opens the .dll and edits but even though I followed it to detail I didn't get the "run play.exe" box to show up at the end of it?
04/15/2013 17:00
go for it#48
been almost a week since last tut , i was wondering if you are still going to release the next part or that's it for now ?
04/17/2013 20:35
dusica#49
yea the packet length is 38. I tried this and it worked fine, tnx. Btw seeing the bots in action i can notice its possible to teleport wherever u want on the map . so i m wondering how that thing works, cuz obviously you cant use the "Jump" function to jump that long across the map. i ve also noticed in ur Evolution project, u ve hooked a function or address named "FarJump". is that function responsible for the teleportation in game? i know you said you will explain those functions later but i just cant stop wondering what that "FarJump" does :DQuote:
And then in Send_Packet_Hook_Callback() case 1004 you extract the message from the packet and compare it to a certain command such as @teleport @tele etc. And if its equals then you call the Teleport_To_Client();PHP Code:void CBClient::Teleport_To_Client()
{
ByteBuffer* Buffer = new ByteBuffer(40);// the length could be 38 i am not sure.
Buffer->WriteUInt16(40, 0, Pack);
Buffer->WriteUInt16(10010, 2, Pack);
Buffer->WriteUInt32(UID, 4, Pack);
Buffer->WriteUInt32(Map, 8, Pack);
Buffer->WriteUInt16(86, 20, Pack);
Buffer->WriteUInt16(0, 22, Pack);
Buffer->WriteUInt16(ToX, 24, Pack);
Buffer->WriteUInt16(ToY, 26, Pack);
hooks->ADD_Packet(Buffer);
}
I'll be explaining how to use these functions a little later when i am done hooking the needed functions.
04/18/2013 23:33
KraHen#50
What you`re talking about is just client-sided, your character isn`t really teleporting on the server. Just to make sure you`re aware of this.
04/19/2013 00:09
viper115#51
hello Angelius
you really have good tuts here , and i start learn from you , but resolution of vids not good enough to see codes etc , to be sure that i work like you , one more thing , i think every patch from TQ have a new conquer.exe file which have new things inside it , , so tell me if i'm wrong
you really have good tuts here , and i start learn from you , but resolution of vids not good enough to see codes etc , to be sure that i work like you , one more thing , i think every patch from TQ have a new conquer.exe file which have new things inside it , , so tell me if i'm wrong
04/19/2013 01:02
nTL3fTy#52
Are you blind? All of his videos are uploaded in 720p. :rolleyes:Quote:
04/19/2013 01:28
dusica#53
yes, i know that this is client-sided, but i think that there is another function that provide teleportation at any point on map, i mean server-sided .. maybe i m wrong ..Quote:
04/19/2013 05:29
dusica#54
With the last patch, the code inside conquer.exe (TQanp.dll) has changed a bit, so i wanna help here for those who cant manage to disable the client protection. I dont know if i did it right, so Angelius should confirm if i m right or wrong. Anyways here s what i did:
First follow the first tutorial until you get to that "Jump" that we edited.
As Angelius said, we dont want those 2 functions to be called ever. and with the latest patch, in the code, instead of "JNZ" we have "JE", so obviously we should edit that "JE" to "JNE" (if u edit it to "JMP" it wont work). but if you notice it will jump right into the first function, and it will continue executing. so we should also change the address where it is jumping. The original one is 6A7F2574. it needs to be changed to 6A7F2583. Now it will jump over both functions. I also provided a photo for better understanding.
The "JUMP" line is marked with green.
[Only registered and activated users can see links. Click Here To Register...]
So the final code should look like this "JNE SHORT 6A7F2583"
My thanks to Angelius, cuz i d never have known these things without his tutorials ...
First follow the first tutorial until you get to that "Jump" that we edited.
As Angelius said, we dont want those 2 functions to be called ever. and with the latest patch, in the code, instead of "JNZ" we have "JE", so obviously we should edit that "JE" to "JNE" (if u edit it to "JMP" it wont work). but if you notice it will jump right into the first function, and it will continue executing. so we should also change the address where it is jumping. The original one is 6A7F2574. it needs to be changed to 6A7F2583. Now it will jump over both functions. I also provided a photo for better understanding.
The "JUMP" line is marked with green.
[Only registered and activated users can see links. Click Here To Register...]
So the final code should look like this "JNE SHORT 6A7F2583"
My thanks to Angelius, cuz i d never have known these things without his tutorials ...
04/19/2013 07:32
{ Angelius }#55
There is no such thing...Quote:
The bot path-finds to the given X/Y and then spams the server with a series of jump packets based on the generated path. When its done it sends a teleport packet to the client to adjust player position to the new X/Y..
It also takes advantage of the quest based teleportation to shorten the path sometimes.
Change JE SHORT 6A7F2574 to NOP NOPQuote:
First follow the first tutorial until you get to that "Jump" that we edited.
As Angelius said, we dont want those 2 functions to be called ever. and with the latest patch, in the code, instead of "JNZ" we have "JE", so obviously we should edit that "JE" to "JNE" (if u edit it to "JMP" it wont work). but if you notice it will jump right into the first function, and it will continue executing. so we should also change the address where it is jumping. The original one is 6A7F2574. it needs to be changed to 6A7F2583. Now it will jump over both functions. I also provided a photo for better understanding.
The "JUMP" line is marked with green.
[Only registered and activated users can see links. Click Here To Register...]
So the final code should look like this "JNE SHORT 6A7F2583"
My thanks to Angelius, cuz i d never have known these things without his tutorials ...
04/25/2013 13:35
Smaehtin#56
Couple of notes:
- C++ does not have a garbage collector
- You don't need to APPEND the "TQClient" or "TQServer" strings when using the SendMsg and ProcessMsg functions
04/27/2013 05:07
viper115#57
yes nTL3fTy i download it from youtube , and resliution not good on youtube , may be you have very sharp eyes :D
04/27/2013 18:20
pro4never#58
Change the quality on youtube. It's crystal clear.Quote:
Don't blame him for your own incompetence adjusting youtube quality settings.
Looks pretty clear to me
[Only registered and activated users can see links. Click Here To Register...]
That's on a shitty work monitor so it's worse than you'd normally see on a decent resolution.
05/06/2013 15:34
ahmedmahmed#59
Angelius bro i watch your video " Disabling the client protection HQ "
and i done but i have 1 Question c++ working for sourse .....
Thanks for help other :)
and i done but i have 1 Question c++ working for sourse .....
Thanks for help other :)
05/06/2013 18:16
go for it#60
c++ is a programming language and it works for everythingQuote:
and i done but i have 1 Question c++ working for source* .....
Thanks for help other :)