What Xigncode also does.
[Only registered and activated users can see links. Click Here To Register...]
[Only registered and activated users can see links. Click Here To Register...]
War Rock Cheat Programming Discussion
08/29/2015 11:01
znoeen#1021
08/30/2015 13:20
MRx86™#1022
Not exactly.Quote:
What Xigncode also does.
[Only registered and activated users can see links. Click Here To Register...]
08/31/2015 11:17
live3333#1023
hat einer für mich vielleicht die aktuelle dumped warrock.exe? bei mir funktioniert es irgend wie nicht sie zu dumpen ^^
09/30/2015 15:06
xBuRn3R#1024
Download: [Only registered and activated users can see links. Click Here To Register...]Quote:
Virustotal: [Only registered and activated users can see links. Click Here To Register...]
09/30/2015 20:28
live3333#1025
Code:
#define ADR_SERVERPOINTER 0x00B01044 #define ADR_DEVICEPOINTER 0x00AFF6A8 #define ADR_GEARBASE 0x00B20640 #define ADR_USERBASE 0x00C3581C #define ADR_BASEPOINTER 0x00B52938 #define ADR_REMOTEVEH 0x00AFF6A0 #define ADR_VEHILCEBASE 0x00AFF82C #define ADR_PLAYERPOINTER 0x00B0215C #define ADR_WARROCK_HWND 0x00AFF6A0 #define ADR_PLAYERANGLES 0x00AFF6A4 #define ADR_BOMBPOINTER 0x00B028F8 #define ADR_FLAGPOINTER 0x00B093D8 #define ADR_MAPPOINTER 0x00B021F4 #define ADR_CHECKPOINTER 0x00B004FC #define ADR_WEAPONGLOBALPOINTER1 0x00B20608 #define ADR_WEAPONGLOBALPOINTER2 0x00C29760 #define ADR_CHECKREADYSTART 0x00B5334C #define ADR_CLASSROOMPOINTER 0x00B0250C #define ADR_WEAPONSHOT 0x00B0218C #define ADR_USERNAME 0x00B52F64 //not sure #define ADR_INVEHICLE 0x00B02180 #define ADR_UNLISTAMINA 0x008E60E8 #define ADR_Glasswalls 0x00AFF7BC #define ADR_NOWATER 0x00B0921C #define ADR_NOWATER2 0x00B09220 #define ADR_SCOPESIZE 0x009894A0 #define ADR_SPEED 0x0091F838 #define ADR_ROLLSPEED 0x0091F670 #define ADR_NOGRAVWEAP 0x0091F460 #define ADR_MQUICKPLANT 0x0091F530 #define ADR_MQUICKDEFUSE 0x0091F820 #define ADR_CLIPSNIPER 0x00AFF71D #define ADR_BANDAGEPX 0x00AFF720 #define ADR_SNIPER2XPX 0x00AFF71E #define ADR_ASSAULT2XPX 0x00AFF71C #define ADR_CLIPASSAULT 0x00AFF702 #define ADR_CROSSMEM1 0x00B06A10 #define ADR_CROSSMEM2 0x00B06A14 #define ADR_RNOSPREAD1 0x00B06A8C #define ADR_RNOSPREAD2 0x00B06A90 #define ADR_WEAPONBASE 0x00B20648 #define ADR_FASTAMMO 0x00AFF734 #define ADR_FASTHEALTH (ADR_FASTAMMO + 0x08)//AFF73C #define ADR_FASTREPAIR (ADR_FASTAMMO + 0x10)//AFF744 #define ADR_FASTFLAG (ADR_FASTAMMO + 0x18)//AFF74C #define ADR_SUPERNOSPREAD 0x0091F4A8 #define ADR_FullBright1 0x00AFF824 #define ADR_FullBright2 0x00AFF820 #define ADR_FullBright3 0x00AFF81C #define ADR_NOBOUNDS1 0x00C46C4C #define ADR_NOBOUNDS2 0x00C46C50 #define ADR_NOBOUNDS3 0x00C46C54 #define ADR_PLANTANYWHERE 0x00AFF6EA // duno #define ADR_AMMOANYWHERE 0x00920488 #define ADR_BONESHOT 0x0044AE8A #define ADR_NORELOAD 0x00525AC0 #define ADR_CHATCOMMAND 0x004F2CD8 #define ADR_SWITCHWEAPON 0x0051CE4F #define ADR_UNLAMMO 0x0051CF0B #define ADR_AUTOREPAIR 0x0042616F #define ADR_QUICKPLANT 0x0051C21F #define ADR_QUICKDEFUSE 0x00518642 #define ADR_AUTOAMMO 0x00510F45 #define ADR_AUTOMEDIC 0x00511050 #define ADR_BACKTOLOBBY 0x004E5FE0 #define ADR_MOVETOLOBBY 0x004E5DEC #define ADR_STAMINAUP1 0x004098FA #define ADR_STAMINAUP2 0x00409941 #define ADR_ASMBANDAGES 0x00458087 #define ADR_ASMASSZOOM 0x004580CB #define ADR_ASMSNIZOOM 0x004580F5 #define ADR_TRIGGER 0x0059DF94 #define ADR_CROSSASM 0x0059DF69 #define ADR_SNOSPREAD 0x00519F19 #define ADR_NOSPREAD 0x0091F4A8 #define ADR_PRONECQC 0x00989490 #define ADR_TAKEBASE 0x005135CF #define ADR_SUPERCAR 0x0075C910 #define ADR_WARROCKMSGBOX 0x0045A87F #define ADR_ENGINETEXT 0x00529062 #define ADR_REGBONES 0x007AED70 #define ADR_VISABLECHECK 0x005FF963 #define ADR_VEHICLENFD 0x0042A13D #define ADR_DESTORYVEHICLE 0x0042A13D #define ADR_BULLETS 0x0051A1AA #define ADR_COMMAND 0x004E6050 //================= OFFSETS =================// #define OFS_GLOBALSIZE 0x00000AD0 #define OFS_PACKET 0x0002E604 #define OFS_INVISIBLE 0x00040764 #define OFS_ROOMNUMBER 0x00040C58 #define OFS_MYPLAYERSLOT 0x00040C5C #define OFS_DEVICE 0x0002B930
Code:
struct CVehicle
{
char unknown[56]; //0x000000
BYTE vehtype; //0x000038
char unknown1[31]; //0x000039
char name[20]; //0x000058
char unknown2[12]; //0x00006C
BYTE HowManySeats; //0x000078
char unknown3[23]; //0x000079
float health; //0x000090
float maxhealth; //0x000094
char unknown4[564]; //0x000098
int index; //0x00002CC
char unknown5[48]; //0x00002D0
D3DXVECTOR3 Pos; //0x0000300
char unknown6[116]; //0x000030C
float throttleX; //0x0000380
float throttleY; //0x0000384
};
struct CPlayer
{
char unknown[50260];//0x000000
DWORD Weapons; //0x00C454
char unknown1[92]; //0x00C458
BYTE index; //0x00C4B4
char unknown2[64]; //0x00C4B8
CVehicle* vehicle; //0x00C4F8
char unknown3[4]; //0x00C4FC
int inwater; //0x00C500
char unknown4[15580];//0x00C504
float Pitch; //0x0101E0
float leaning; //0x0101E4
char unknown5[56]; //0x0101E8
float yaw; //0x0101FC
char unknown6[8]; //0x010200
D3DXVECTOR3 pos; //0x010208
char unknown7[12]; //0x010214
WORD weapon; //0x010220
WORD wWeaponModel2; //0x010222
WORD unknown8; //0x010224
WORD wPlayerModel; //0x010226
WORD wCurrentSlot; //0x010228
char unknown9[90]; //0x01022A
BYTE status; //0x010284
char unknown10[155];//0x010285
float NoFallDamage; //0x010320
char unknown11[20]; //0x010324
float PosX; //0x010338
char unknown12[4]; //0x01033C
float PosY; //0x010340
char unknown13[4]; //0x010344
float PosZ; //0x010348
};
10/01/2015 01:17
Alliance™#1026
Don't forget to write credits!Quote:
Code:struct CVehicle { char unknown[56]; //0x000000 BYTE vehtype; //0x000038 char unknown1[31]; //0x000039 char name[20]; //0x000058 char unknown2[12]; //0x00006C BYTE HowManySeats; //0x000078 char unknown3[23]; //0x000079 float health; //0x000090 float maxhealth; //0x000094 char unknown4[564]; //0x000098 int index; //0x00002CC char unknown5[48]; //0x00002D0 D3DXVECTOR3 Pos; //0x0000300 char unknown6[116]; //0x000030C float throttleX; //0x0000380 float throttleY; //0x0000384 }; struct CPlayer { char unknown[50260];//0x000000 DWORD Weapons; //0x00C454 char unknown1[92]; //0x00C458 BYTE index; //0x00C4B4 char unknown2[64]; //0x00C4B8 CVehicle* vehicle; //0x00C4F8 char unknown3[4]; //0x00C4FC int inwater; //0x00C500 char unknown4[15580];//0x00C504 float Pitch; //0x0101E0 float leaning; //0x0101E4 char unknown5[56]; //0x0101E8 float yaw; //0x0101FC char unknown6[8]; //0x010200 D3DXVECTOR3 pos; //0x010208 char unknown7[12]; //0x010214 WORD weapon; //0x010220 WORD wWeaponModel2; //0x010222 WORD unknown8; //0x010224 WORD wPlayerModel; //0x010226 WORD wCurrentSlot; //0x010228 char unknown9[90]; //0x01022A BYTE status; //0x010284 char unknown10[155];//0x010285 float NoFallDamage; //0x010320 char unknown11[20]; //0x010324 float PosX; //0x010338 char unknown12[4]; //0x01033C float PosY; //0x010340 char unknown13[4]; //0x010344 float PosZ; //0x010348 };
10/01/2015 20:32
live3333#1027
ok sry credits me because i updated them lawl :pQuote:
and no one would give credits in an hack for addys so who cares^^
10/02/2015 10:33
Alliance™#1028
Credits don't go to you only because you have update it lol!Quote:
and no one would give credits in an hack for addys so who cares^^
The credits go to coders that have found it on WarRock process, and released it public.
In this list there aren't addys found by you ;), you can add your credits at the end of long list!
10/08/2015 13:29
johnixzkie#1029
Quote:
are you sure that you initializzing your tool class ?
tool->DetourFunc
try this one
i checked msdn the send function has no call convetion..Code:void * DetourCreate ( BYTE *src, const BYTE *dst, unsigned int len ) { BYTE * jmp = reinterpret_cast<BYTE*>(malloc(len+5)); DWORD dwBack; VirtualProtect(src,len,PAGE_EXECUTE_READWRITE,&dwBack); memcpy(jmp,src,len); jmp += len; jmp[0] = 0xE9; *reinterpret_cast<DWORD*>(jmp+1) = (DWORD)(src+len-jmp) - 5; src[0] = 0xE9; *reinterpret_cast<DWORD*>(src+1) = (DWORD)(dst-src) - 5; VirtualProtect(src,len,dwBack,&dwBack); return jmp-len; } typedef int( * hsend ) ( SOCKET s, const char *buf, int len, int flags ); hsend osend; int msend ( SOCKET s, const char *buf, int len, int flags ) { __asm pushad cout << "Hooked" << endl; __asm popad return osend(s, buf, len, flags); } DWORD WINAPI Start ( LPVOID lpArg ) { HMODULE wsDll = NULL; do { Sleep(300); wsDll = GetModuleHandle("ws2_32.dll"); }while ( !wsDll ); WSADATA wsaData; int iResult = WSAStartup(MAKEWORD(2, 2), &wsaData); if (iResult != 0) cout << "WSAStartup failed: " << iResult << endl; DWORD ADRSend = (DWORD)GetProcAddress(wsDll,"send"); if ( !ADRSend ) cout << "Could not find (Send) function Address"<< endl; osend = (hsend) DetourCreate(reinterpret_cast<BYTE*>(ADRSend),reinterpret_cast<BYTE*>(msend),5); return EXIT_SUCCESS; } BOOL WINAPI DllMain ( HMODULE hDll, DWORD dwReason, LPVOID lpReserved ) { if( dwReason == DLL_PROCESS_ATTACH ) { CreateThread(NULL,NULL,Start,NULL,NULL,NULL); } return TRUE; }
What address is this ADRSend ?
10/10/2015 21:11
AmazingTurtle#1030
as you can see its the return value of GetProcAddress which returns the address to a named (as parameter specified) functionQuote:
10/18/2015 04:28
johnixzkie#1031
Quote:
Code:DWORD dwFunction = 0x004F2FA7; // send packet function DWORD dwNetwork = *(DWORD*)(((*(DWORD*)0x00AE7BE4) + 0x00996B0) + 4); // maybe socket? wut __asm { PUSHAD; PUSH dwPacketData; PUSH dwPacketLength; MOV EAX, dwNetwork; CALL dwFunction; POPAD; }
How to do this in c++ ?
10/18/2015 13:06
Cyno™#1032
this obiously is c/c++.Quote:
if you mean the inline assembler, just create a function pointer and call it
10/18/2015 17:38
Alliance™#1033
You can use this function that is the same that use warrock for send packet!
Credits go to me!
Credits go to me!
Code:
void SendPacket(char* packet,size_t len)
{
static DWORD SENDPACKET_ADR = 0x00826F10;
__asm
{
mov ecx, dword ptr ds : [0xB010C4] //Serverpointer
mov edi, ecx
lea ecx, dword ptr ds : [edi + 0x458]
mov edx, len
push edx //packet size
mov eax, packet
push eax //packet text
call SENDPACKET_ADR;
}
}
10/19/2015 01:20
disav0w_#1034
inline asm useless shiet detectedQuote:
Credits go to me!
y u no typedef?!?!?!
10/19/2015 02:19
Alliance™#1035
In WarRock is not detected!Quote:
y u no typedef?!?!?!