Simulating clicks?

Alright lately ive been working on a memory based bot,
what i got so far, i can set coordinates where exactly i want to jump to and bam, it happens.
Now the only problem I ran into (for now, and hopefully no others :p) is that i want to simulate a click, just simple the click (inside the memory) it doesnt matter where it clicks or how it clicks aslong as i can call a click.

Now ofcourse postmessage and sendmessage and whatever message things there are can do this, but this is not what im looking for (that click jail is number 1 reason).
Now what im hoping for is that inside Conquer.exe theres a call to a click function.
Now back to topic, im hoping that someone can give me a pointer, what to look for or what i could use, any advice/feedback/rant? is welcome :p.
(tbh i have not tried Post/Send message, because i assume it will lead to that click jail)

(on a side note, im doin this in VB6 (ye ye shh :p) and ASM (to do exactly what i want :o ) )

Edit im still trying to help myself, right now im actually testing postmessage to actually see if i get clickjailed, so far no jail :o :D

Edit my edit :p send to click jail :(
alright got a bp set on the message waitin to get send to it again
didnt break. :(

Anyone got any ideas? Suggestions?

If you succeded calling jump function, you dont need click at all. Just find the attack function... and call it. Melee attack just need targetID as parameter.

Quote:

Originally Posted by giacometti If you succeded calling jump function, you dont need click at all. Just find the attack function... and call it. Melee attack just need targetID as parameter.

Alright let me explain a little more, Im calling the jump function yes but the click is calling it, i have set coords to my liking so after a click it jumps to that coord another click anywhere on the screen and it jumps to the next coord i preset.
Think about it as setting a path, im not going for the attack yet, i will once i have setting a path set up correctly calling the attack function is a whole diff story :p

Now what i did think about is calling the jump thru something else that wouldnt require a click, but im not completely sure how im gonna do that in VB like sure i can altar the memory create a codecave to write the function, but how am I going to execute that function?

Got any pointers? :D

(my first thought is CreateRemoteThread write a dll with the functions inject and then call function? perhaps im thinking too far. Hmm ill play around some, share your thoughts because all the help is welcome :) )

_fobos_@
thats what i found out earlier, but it wont help u much at all:
situation 1.
only control left clicks to move character = jail
situation 2.
only postmessage left click to move character = jail
situation 3.
only artificial normal left click to move character = no jail
situation 4.
control left click, then immediately follow by an artifical normal left click at the same spot to move character = no jail
situation 5.
postmessage left click, then immediately follow by an artifical normal left click at the same spot to move character = no jail
situation 6.
control left click, then immediately follow by an artifical normal left click at a different spot to move character = jail
situation 7.
postmessage left click, then immediately follow by an artifical normal left click at a different spot to move character = jail

so my suggestion is, clicking functions are not going to get u anywhere (unless u dont mind normal clicks). as giacometti stated, call the attack function will be ur best shot, but of course, so far i dont see anyone found that out yet without using proxy

Quote:

Originally Posted by Evan Lim _fobos_@ thats what i found out earlier, but it wont help u much at all: situation 1. only control left clicks to move character = jail situation 2. only postmessage left click to move character = jail situation 3. only artificial normal left click to move character = no jail situation 4. control left click, then immediately follow by an artifical normal left click at the same spot to move character = no jail situation 5. postmessage left click, then immediately follow by an artifical normal left click at the same spot to move character = no jail situation 6. control left click, then immediately follow by an artifical normal left click at a different spot to move character = jail situation 7. postmessage left click, then immediately follow by an artifical normal left click at a different spot to move character = jail so my suggestion is, clicking functions are not going to get u anywhere (unless u dont mind normal clicks). as giacometti stated, call the attack function will be ur best shot, but of course, so far i dont see anyone found that out yet without using proxy

Looks right to me those situations, but what if you could execute the call that actually does the jump with remote code?
wich wont be a click.

Let me give like an example of what i want to do, i want my bot on the press of a button execute code somewhere in our lovely conquer.exe just like a ctrl + left click executes the code to make a jump i want my "bot" to execute that piece of code. if I can manage to do that theres no click involved, and I wouldnt see why its not possible.
Unless you proof me wrong :p Im interested in your opinion :)

And about the attack function the monster name ur left clicking is not static (correct me if im wrong :p), so would have to patch that to a static location first and somehow have to change that static location to the monster u want to attack, then calling that attack function would give me the same problem as calling the jump function i would have to execute that piece of code, wich i yet have to find out how im gonna solve that problem :p

oh 1 more thing if i cant execute code remotely Ill have to find a different solution, and im sure theres a way, i kinda got an ugly way in my head and that is patching for example the pathfind button to execute the jump call and send control clicks to that? because thinking about it sending control clicks with your stigger never jailed me that clicked on the icon So i wonder if that would be the same for pathfind.
Ofcourse i dont want this ugly way but eitherway im gonna finish what i started :p

Update: tomorrow i will look some more into this, i had another idea involving creating a "PM command" writing a "/setpath" function and a "/attack" function when executed to jump to an altered version of the jump/attack function.
(its just an idea, i somehow need to execute a function and from where im standing at the moment im not so sure if i have any other options :p)

Alright quike update: I succesfully managed to make a jump thru a command now i need to loop this *beep* this is all done in olly btw, and its also where i want to loop the call any ideas? I will use my vb project for 1 thing reading and writing coords.
(because thats all I need, for now :p)

Alright so to make a loop, wait better yet it should be a loop with no end unless i tell it different, In order to do that my guess would be to use a register to count how many times to run thru code and I would probably make it stop looping if an address i specify is a certain value wich i will write to with my "stop botting" button / PM command to stop looping, eitherway would work.

So my progress is making 1 jump thru a command, I will be digging into making an infinite loop next, with this also any pointers are welcome :)
tho i think creating a loop should be the easiest part, also ofcourse need to set a delay in seconds for the code to be executed, now first thing that pops in mind is sleep API, because i think i have no other choise then to call an api. (correct me if wrong, or if theres a better way :p) While working on this project im also learning more, bare with me guys :)

Long time ago I used to use a loop from conquer (there are lots of them), and injected my own injector all done in asm (lot of work, you can imagine). It worked this way: it checked an address (in a cave) for a trigger. If the trigger was set as 1, for example, i called jump function; if the trigger was set as 2, called "read hp value" function; and goes on. Got the idea? But remember, this way is lot of asm work, but its nice, you get used to. (If you go through this way remember to save all the flags and restore them after you called the desired function - otherwise you will get the process to crash easily).

Other solution is what you said, create a thread inside a dll and inject it in conquer process. Basically its an infinite loop, but its the same idea as the trigger to call the functions. Look for coder62 tutorial on gamehacking here at epvps. But it uses delphi, not vb.

Dont give up, you will find your way.
Best wishes, Giacometti.

Quote:

Originally Posted by giacometti Long time ago I used to use a loop from conquer (there are lots of them), and injected my own injector all done in asm (lot of work, you can imagine). It worked this way: it checked an address (in a cave) for a trigger. If the trigger was set as 1, for example, i called jump function; if the trigger was set as 2, called "read hp value" function; and goes on. Got the idea? But remember, this way is lot of asm work, but its nice, you get used to. (If you go through this way remember to save all the flags and restore them after you called the desired function - otherwise you will get the process to crash easily). Other solution is what you said, create a thread inside a dll and inject it in conquer process. Basically its an infinite loop, but its the same idea as the trigger to call the functions. Look for coder62 tutorial on gamehacking here at epvps. But it uses delphi, not vb. Dont give up, you will find your way. Best wishes, Giacometti.

Hey thanks for the heads up!
Alright i tried making a simple loop, all is great and works fine except 1 thing, most important thing.
See the "PM command" only gets executed after some call to user32 (7E428EF7 E8 A805FFFF CALL USER32.7E4194A4)
But after that it just breaks out, it doesnt return to my code cave just completely breaks out. now this must be patchable too, Just have to figure out a way to loop it :p

I will look up on that tutorial delphi or vb API calls stay api calls :p
Again thanks for the heads up! any help is welcome :D

Tutorial can be found here: [Only registered and activated users can see links. Click Here To Register...]

Hiyoal :)

Testing calling the jump function without any clicks involved
- So far 10 minutes no jail
- So far 30 minutes no jail

I get the feeling its not gonna happen :D

Nice. Actually, while im here...does anyone know why I may be stuffing up with Conquer. Im using AutoIt which I have never failed with, I have a multiclient disabling the virus scanner and I still cannot activate the conquer window using WinActivate("[Conquer2.0]").

Is there anything in the asm disabling these WinAPI Functions from accessing conquer? Or is it just my autoit?

Hiyoal :o

Hiyoal@
try WinGetProcess the PID of CO client, then WinActivate the PID

Tried that, nothing. Im really wondering why. It may be my computer, but it was working the other day...Im thinking that the Microsoft Updates have done something since I havent restarted in a while...Hibernate ftw XD

Hiyoal

Quote:

Originally Posted by Hiyoal Tried that, nothing. Im really wondering why. It may be my computer, but it was working the other day...Im thinking that the Microsoft Updates have done something since I havent restarted in a while...Hibernate ftw XD Hiyoal

Sorry I cant help you with AutoIt think i tried it once, didnt like it :p

Np.

Ill just have a look at some different stuff and fix it.