GW2 Memory Thread

01/14/2013 21:46 buFFy!#106
Quote:
Originally Posted by hans2116 View Post
Wie kann man so ein Packetsend Funktion finden??
Vielleicht mit Wireshark oder ollydbg??
OllyDBG wäre ein Anfang ;)
01/14/2013 21:52 TheDarkShadows#107
Quote:
Originally Posted by buFFy! View Post
OllyDBG wäre ein Anfang ;)
Danke
Kennst du ein Paar gute OllyDBG Tutorial ??
01/14/2013 21:58 buFFy!#108
Lenas Reversing for Newbies. Einfach mal googlen.
02/05/2013 19:48 sgt.pootis#109
Hey all. I know this is a rather old thread but IDK where else to post so whatever. I'm having some issues detour the packet funcion, here's the code. Note I'm using Sinners DetourXS.

I'm not familiar with fastcall hooks, so any help would be nice! Thanks.

Code:
/*
void __fastcall sub_A82A50(int a1, int a2, signed int a3)

call example
.text:00C37B8E                 mov     edx, 0Ah
.text:00C37B93                 mov     ecx, eax
.text:00C37B95                 call    sub_A82A50
*/

typedef VOID (__thiscall *tPacketEncrypt)(VOID* pThis, int bufferSize, VOID* pBuffer, VOID* pTargetBuffer);
tPacketEncrypt oPacketEncrypt;
VOID __fastcall m_PacketEncrypt(VOID* pThis, VOID* Unused, int bufferSize, VOID* pBuffer, VOID* pTargetBuffer)
{
	// note EDX, ECX, *
	// use inline asm ???
	return oPacketEncrypt( pThis, bufferSize, pBuffer, pTargetBuffer );
}

void init_hooks()
{
	// todo: sig scans
	oPacketEncrypt = (tPacketEncrypt)DetourCreate( (void*)0x00A82A50, m_PacketEncrypt, DETOUR_TYPE_JMP, 0x5 );
}

This code crashes almost instantly and brings up the send report dialog.
02/05/2013 23:13 Deathsnacks#110
Quote:
Originally Posted by sgt.pootis View Post
This code crashes almost instantly and brings up the send report dialog.
Because that isn't the EncryptPacket function. Thats the PutPacketQueue function.
02/06/2013 01:48 urmomslover#111
wäre schöön wenn man irgednwie die offsets auch vom andernen porter mal posten könnte.
02/06/2013 02:05 sgt.pootis#112
Quote:
Originally Posted by Deathsnacks View Post
Because that isn't the EncryptPacket function. Thats the PutPacketQueue function.
[facepalm] Well no shit. [/facepalm]



This is what happens when you code when sleepys as hell. Oh well. Lmfao
02/07/2013 05:14 sgt.pootis#113
What are the parameters for the function? IDK what the first param is, and I believe the second parameter is a buffer length, and the 3rd parameter is a pointer to the buffer. Is that correct?
02/07/2013 06:58 Ext3h#114
Code:
typedef VOID (__thiscall *tPacketEncrypt)(VOID* pThis, int bufferSize, VOID* pBuffer, VOID* pTargetBuffer);
It's a __thiscall, this means that the first parameter is always a pointer to an object of the class this function belongs to. You were right about the second parameter, thats the size of the buffer in bytes. Third parameter is source buffer. Forth Parameter is named wrong, it's not the destination where the encrypted buffer is written to, but rather a pointer to additional data which will be packed in the package (e.g. pointer to null terminated string for chat messages). The destination is not passed a as parameter.
02/07/2013 07:12 sgt.pootis#115
I see. I figured that much out with google (the "this" pointer that is). What about the PutPacketQueue() function params? Same story?

Code:
typedef void (__fastcall *tPutPacketQueue)( void *pThis, int buffsz, void *pBuff );
02/07/2013 10:55 Deathsnacks#116
Quote:
Originally Posted by sgt.pootis View Post
I see. I figured that much out with google (the "this" pointer that is). What about the PutPacketQueue() function params? Same story?

Code:
typedef void (__fastcall *tPutPacketQueue)( void *pThis, int buffsz, void *pBuff );
Yup.
02/10/2013 15:56 sgt.pootis#117
Can anyone post some up-to-date classes/structures, or some somewhat outdated ones for me to reclass?


Thanks.
09/28/2013 18:03 The Annihilator#118
Well guys a little question for all of you before I'm starting to crash GW2 with a custom DLL for myself:

Are any kind of Anti-Cheat messures in GW2 and it's Launcher implemented? Like scanning for detours or invalid/modified packets/memoryregions and/or do they sent that information with their crashreports?

I've read that claim from MMOMinion that they might at least send some senstive information regarding that in their crashreport and even have a serverside parser for it filtering out any modifications and do autobans. Thats why I'm might be looking into hooking into it first before starting with anything more specific.

Or is that just a false claim, trying to stop people from injecting their dlls with another launcher (really sounds like it as its theoretically so easy to get around that kind of claimed crashreport-detection)?
09/28/2013 19:39 Rhubarb.Trader#119
There is no client side anticheat in gw2. I wouldn't send crash reports just on the rare principal it might be looked at by someone. The only anticheat is server side pattern detection for instance if you sit in one spot for hours with a macro hitting button 1 to kill mobs. They also have a few checks on packets most interesting of which has to do with heartbeat/movement hence the distance bans for teleport hacking. I would try to avoid sending malformed/incorrect values in packets as well.
10/09/2013 10:48 xoraxax#120
Does anyone know how the environment informarion is stored - i mean players, mobs, loot etc which are available on the map around the player (Is it arrays or kinda hashtables or anything else?). And a tip how to find it would be very helpfull too.