[Tutorial] Call a function inside Neuz (melee attack example)

help me pls
so when i find the target id same ur guide but i can't follow ur step when i copy that third dword and hex so there's not anything happen

[Only registered and activated users can see links. Click Here To Register...]

i wanna cry

heyyyyy

now i got this but when i scan that i find at target id there's not anything happen T T
[Only registered and activated users can see links. Click Here To Register...]

Quote:

Originally Posted by cookie69 [FONT="Tahoma"][SIZE="3"] Hello sexy cheaters :D ...

I made recently a blade.. and I'm curious about something.. some of blade's hits have almost double dmg without critical (when you hit normally), but with the bot, it's only the normal damage. Is possible to get the maximum damage with the bot? The bot need changed or the client :-?

Quote:

Originally Posted by starswper I made recently a blade.. and I'm curious about something.. some of blade's hits have almost double dmg without critical (when you hit normally), but with the bot, it's only the normal damage. Is possible to get the maximum damage with the bot? The bot need changed or the client :-?

For my version of flyff, a blade uses all of the following 4 attacks in this order:
OBJMSG_ATK1, // 29 (0x1D)
OBJMSG_ATK2, // 30
OBJMSG_ATK3, // 31
OBJMSG_ATK4, // 32

=> try all of them to find the strongest attack.

So OBJMSG is actually the attack number :-?

Second and 4th hits are ~double dmg, so it's very usefull for blade.

Again.. thx for help.

On the server I am currently trying this on. When I specifically click "Find out what accesses this address", then when I click on the mob, the game crashes. Any idea what is happening?

Also, I would like to try this using the packet editor method, you did say you posted a tutorial on that somewhere?

Got a quesiton that someone hopefully can answer me if he worked with this solution files,

I've found out all the required adresses, so the Reversing part is not the problem on my side.

Just weirdly when I'm injecting the dll with winject, or the inlayed injector.exe, I'm just getting a blank unwritable console without any text or informations.

The sourcecode is ment to print the 'set adresses' as it looks like but, clearly nothing happens, started things as admin ofc.

Also my pc crashed thats why im slightly frustrated to start things up again right now, but I'm hoping any1 has an idea what it could be, or had similar problems^^

Will try debugging it tommorow to see if I can identify the problem myself.

Also sorry for re-awaking this post but I've just started on learning to call and reverse functions, and this Tutorial seems for the reversing part definetly very useful!

Also i've found some other more or less useful 'hacks' (tested on Insanity Flyff) which are pretty easy to create but which I've not yet found anywhere (diddnt searched too deeply), as things like Collision Hack, Client Sided Admin, ofc Skill Range and Ranged-Weapon Range, Jump, Float and Speedhack. Couldnt delimit the 250% Movespd Maximum but i guess that's trickable somehow by nopping some crap out or changing some asm.

Long story short: I'd appericiate any help, and ofc if any1 is interested, I dont mind sharing my findings :P

Quote:

Originally Posted by shadow14493 Got a quesiton that someone hopefully can answer me if he worked with this solution files, I've found out all the required adresses, so the Reversing part is not the problem on my side. Just weirdly when I'm injecting the dll with winject, or the inlayed injector.exe, I'm just getting a blank unwritable console without any text or informations. The sourcecode is ment to print the 'set adresses' as it looks like but, clearly nothing happens, started things as admin ofc. Also my pc crashed thats why im slightly frustrated to start things up again right now, but I'm hoping any1 has an idea what it could be, or had similar problems^^ Will try debugging it tommorow to see if I can identify the problem myself. Also sorry for re-awaking this post but I've just started on learning to call and reverse functions, and this Tutorial seems for the reversing part definetly very useful! Also i've found some other more or less useful 'hacks' (tested on Insanity Flyff) which are pretty easy to create but which I've not yet found anywhere (diddnt searched too deeply), as things like Collision Hack, Client Sided Admin, ofc Skill Range and Ranged-Weapon Range, Jump, Float and Speedhack. Couldnt delimit the 250% Movespd Maximum but i guess that's trickable somehow by nopping some crap out or changing some asm. Long story short: I'd appericiate any help, and ofc if any1 is interested, I dont mind sharing my findings :P

It is just a print issue...use OutputDebugStrint() and run debugView to see the logd...or write output to a file.....

I'll try that, I just wondered since i pressed F2/F3 without anything happening, I'll checkback on my stuff.

Maybe my gdPlay was incorrect, the target pointer is definetly correct as i can check the target id's using the Flyff Admin Debug menu easily

thanks for your response, and ofc for this great tut :)

__________________________________________________ ___

Allright, I retested everything and im pretty sure I got the correct stuff. Now the console also shows something but most likely weird stuff which I dont even understand where the heck this comes from, as no string alike are in the source:

[Only registered and activated users can see links. Click Here To Register...]

Well, I've screenshotted everything I've changed and anything I've found/used, maybe its just a scrub mistake or something, Im usually programming in C#, but as I only changed values on code, it shouldnt be the problem.

I hope my Screenshot collection can clearify whats wrong on my side, and hopefully your're willing to check them once u find some free time!


SS of Breakpointing Data, including Send Atk/gDPlay and Target Adress (this one in CE and ingame with Debug Menu)
[Only registered and activated users can see links. Click Here To Register...]

Target's CE Pointer:
[Only registered and activated users can see links. Click Here To Register...]

Inserted Adress Values into code:
[Only registered and activated users can see links. Click Here To Register...]

Diddnt forget the offsets:
[Only registered and activated users can see links. Click Here To Register...]

And lastly changed the offset amount to 1:
[Only registered and activated users can see links. Click Here To Register...]

For me, it seems i done everything correctly, im unsure what it could be. Btw this is the latest Insanity Flyff neuz, incase you wanna try these adresses, they should be static.

Any Hint on what it could be, or a part- solution to get me up would be great.
And a big note: I want to learn, i dont want a given solution at all, just need to know what point im wrong with :3 I dislike spoonfeeding :)

Anyways, sorry for the long post, potatoes for everyone.

Cheers!

Quote:

Originally Posted by shadow14493 I'll try that, I just wondered since i pressed F2/F3 without anything happening, I'll checkback on my stuff. Maybe my gdPlay was incorrect, the target pointer is definetly correct as i can check the target id's using the Flyff Admin Debug menu easily thanks for your response, and ofc for this great tut :) __________________________________________________ ___ Allright, I retested everything and im pretty sure I got the correct stuff. Now the console also shows something but most likely weird stuff which I dont even understand where the heck this comes from, as no string alike are in the source: [Only registered and activated users can see links. Click Here To Register...] Well, I've screenshotted everything I've changed and anything I've found/used, maybe its just a scrub mistake or something, Im usually programming in C#, but as I only changed values on code, it shouldnt be the problem. I hope my Screenshot collection can clearify whats wrong on my side, and hopefully your're willing to check them once u find some free time! SS of Breakpointing Data, including Send Atk/gDPlay and Target Adress (this one in CE and ingame with Debug Menu) [Only registered and activated users can see links. Click Here To Register...] Target's CE Pointer: [Only registered and activated users can see links. Click Here To Register...] Inserted Adress Values into code: [Only registered and activated users can see links. Click Here To Register...] Diddnt forget the offsets: [Only registered and activated users can see links. Click Here To Register...] And lastly changed the offset amount to 1: [Only registered and activated users can see links. Click Here To Register...] For me, it seems i done everything correctly, im unsure what it could be. Btw this is the latest Insanity Flyff neuz, incase you wanna try these adresses, they should be static. Any Hint on what it could be, or a part- solution to get me up would be great. And a big note: I want to learn, i dont want a given solution at all, just need to know what point im wrong with :3 I dislike spoonfeeding :) Anyways, sorry for the long post, potatoes for everyone. Cheers!

It is cool to see curious people and not only leechers ;)
Well, I have no access to my PC for few days but I can tell that I find your target pointer weird.
Normally the offset of the target is always 0x20 in Flyff and the session id is like 0x2F0 or 0x2F4...
Just use CE starting with value 0 ( 0 means no target selected, except for Ignite Flyff where it is 0xFFFFFFFF) and change target selection until you find the value.
Then use CE to find the pointer+offset (offset should be 0x20) using pointe r scan feature (1 level) or break on write.
Good luck

Allright, I quite dont understand why the pointer is important, is this one works aswell (only if my pointer gets its data on a alter moment, which could harm the previous stuff maybe).

So I'll try to find the pointer you speak off with these offsets. I only followed ur tut on this part. (2 Lazy for a pointerscan, even tho 1 level is not alot.) Allright, I'll post my finding and ofc let you know if I found it and got it to work! :P

Allright i found the Correct target one, the first i found was the Guid, im pretty sure.
[Only registered and activated users can see links. Click Here To Register...]
(Weirdly, the offset order is the opposite of yours, so I again am not 100% sure that this is the right one, but it changes to 00000000 as you gave me the hint on finding it by this. Also it reacts fine on targets and changes back to its original value so I assume its the TargetID)

Sadly using these did not help me any much further.

Honestly im suspecting something weird in the Source happening, maybe you uploaded an somehow old file from yours? Since you already proceeded to way farer/more function on this.

I came to the Idea when i found ur ogiginal pointer offset '0x2F4' instead of '0xF20', Well as before im Stuck with a console filled with alot of left/right words, vlaue and shit, as shown above on my earlier Pics.

Im still not getting any messages printed, not even on initialization, apart of these for me ununderstandable values.

Already attached VS Debugger onto Neuz to see if I can find any exceptions running. But it seems clean, no errors, but aswell no actions.

Maybe got an Idea whats wrong my dll? For the reversing part (it seems again haha, that i got all needed Datas :P, specially the new Pointer)

Quote:

Originally Posted by shadow14493 Allright, I quite dont understand why the pointer is important, is this one works aswell (only if my pointer gets its data on a alter moment, which could harm the previous stuff maybe). So I'll try to find the pointer you speak off with these offsets. I only followed ur tut on this part. (2 Lazy for a pointerscan, even tho 1 level is not alot.) Allright, I'll post my finding and ofc let you know if I found it and got it to work! :P Allright i found the Correct target one, the first i found was the Guid, im pretty sure. [Only registered and activated users can see links. Click Here To Register...] (Weirdly, the offset order is the opposite of yours, so I again am not 100% sure that this is the right one, but it changes to 00000000 as you gave me the hint on finding it by this. Also it reacts fine on targets and changes back to its original value so I assume its the TargetID) Sadly using these did not help me any much further. Honestly im suspecting something weird in the Source happening, maybe you uploaded an somehow old file from yours? Since you already proceeded to way farer/more function on this. I came to the Idea when i found ur ogiginal pointer offset '0x2F4' instead of '0xF20', Well as before im Stuck with a console filled with alot of left/right words, vlaue and shit, as shown above on my earlier Pics. Im still not getting any messages printed, not even on initialization, apart of these for me ununderstandable values. Already attached VS Debugger onto Neuz to see if I can find any exceptions running. But it seems clean, no errors, but aswell no actions. Maybe got an Idea whats wrong my dll? For the reversing part (it seems again haha, that i got all needed Datas :P, specially the new Pointer)

Your pointer is still bad IMHO...offsets should be reversed as you noticed.
You need to OutputDebugString all your pointers and values (adresses and function params) to find the wrong ones.
You will see the debug strings in Visual studio console when attached to Neuz.
For the dll just change the logger, you can use c++ std::cout << "test" << std::endl;
And dont use the CreateConsole() provided function, just use std::cout correctly ( google it)

Well was experimenting with that source alot now and will just do it from scratch.

I'm not very comfortable on using C++ as i worked most times on C#, so I guess I'll first get a working c# version of implementing the function code. Im pretty sure thats possible either way.

I pretty much dont got the main basics like the std:cout stuff and so on, and on this point, im not needing to learn it for anything else but this project. I tried googling for some good samples for the purpose but couldnt find good or good explained ones.

Thats why i sadly gotta get back to my c# stuff.

About the wrong pointer stuff, even if it's the wrong pointer for the general, they are working fine for me, also I got a question related to the target id, it seems like there's 2 different values for some kind of ID type, At first i thought it's the Guid and maybe some kind of ObjectID, But both are changing, there's one which I find like in your tutorial described, by breakpointing the send function and grabbing it from the stack.

When seeking this one, I noticed, it does only change if I hit a mob once.

Then I did the way with the HEX searches for 00000000 if we got no target, and then i kept changing value searches while browsing through the mobs.

That one changes to 0 fine if no target available, also when spectating memory, you can see it saves a second target ID if you taget 1 mob mainly and subtargetting another one. (Thats why im sure this adress is the correct target id)

Still I'd like to know what the other ID might be. (This ID gets shown above the mob when you enable client sided admin -> debug menu)

When i remember back then when I've had a server for myself, i knew i had to take this ID to interact with commands.

Seems like my mind is stuck until i cleared up myself whats the difference between them, and which one I should go for mainly.

It doesnt make alot sense to me and rather confuses me more and more when i think about it, command related im using the secondly mentioned value, but when breakpointing the send funcion, im getting the other one (which not changes to 0 if nothing is targetted), also i found the other value in the Stack aswell, so it seems to have something to do with it aswell.

Up to the moment im just on the track of what ID is what now.

Did you notice this second ID-value aswell? Or is it maybe something comepletly else? Just curious what i found and which one to handle now..
xD

And please, if this is timewasting for you, let me know, i clearly dont wanna. I'm just lacking a bit knownledge still to identify some stuffs up, also ofc my c++ skills go near zero.

Again said, much thanks for your response, even if the c++ tips diddnt helped me personally due to lack of general basics on c++. Im sure those who're familiar to c++ can make use of this hints ^^

@[Only registered and activated users can see links. Click Here To Register...]
Maybe you are better with c# but c/c++ is not harder, it is just different and more suitable for hacks.
You can also redo the dll in c# if you prefer using pinvoke etc...
Sometimes you find 2 pointers but only 1 pointer is correct because when you change its value to 0 in CE it will unfocuse the already selected target.
In insanity and most other Flyff (except Ignite from what I remember) the target entity is the pointer to another entity and the target ID is the Offset from that target (usually 0x2F0).
I think it is clear, I can not explain more or I will give you a working code but I know you are not looking for that ;)

Ah working code would be the last backup of my choice on learning. First i'm trying to produce things, then if failing, im ususally decompiling stuff or whatever checks its sources to udnerstand them.

But i like the way of 'debuggish thinking' not of 'sourcish thinking' haha sorry for this non existant words, dont know how to describe it better :D

I'll take ur hint on the unselect to be used as a proof that i found the correct value atleast. That'll help me alot on identifying which one will be the correct one. Finding the pointer is another thing then, maybe i was doing something rly obvious wrong or something, im completely re-reading the tut and going to try to it again with my new infos.

Thanks for your super sonic response, diddnt expected you to be available right now :)!


BIG EDIT: Or not so big, I FOUND THE SPECIFIC POINTER WITH THE CORRECT OFFSETS /capsoff happy now.

Allright, now lets go again to proceed. I'll make everything extra sure again and then start my C# project.

If wanted i can attach it later too, it might help ofer c# fags ^^


Editing History in Spoiler:


EDIT 5 AND FINAL:

I got the solution to work it finally sends the attacks out, the mistake was that i somewhy forgot to change back the pointer level. My data has been valid for some while as i suspected. Thank you alot cookie! I'll try to create this thing for other Servers as my next test :)!

can u make video so hard neuz but its itak and rto process running can u help?

[Only registered and activated users can see links. Click Here To Register...]

[Only registered and activated users can see links. Click Here To Register...]

Which one for the pointer? sorry i can't understand clearly what what's next step thanks