3d movement? how?

06/20/2009 17:53 biophyte#1
Hi guys,

Well, i can use...
1. Autoscript
2. a packet bot
3. direct ingame manipulation ( the way i wanna try )

Any method has its benefits.

1.
Autoscript is easy and i just dont wanna use it :P.

2.
If i have a packetbot and theres a packet movetoXYZ, i could use
- "maybe" a mob position
- a record of some positions
- a calculation by myself with somekind of pathfinding algorythm
must include physics ... <.<
- or sth. else i dont know??
Ok. Any suggestions?

3.
But if wanna use direct ingame manipulation, i need to know how to find the
"2d point to 3d vector move function". Any game uses the mouse, to move the character to a choosen point on the screen. There must be a function which has an argument of a vector and calculates the moving to the choosen point. Am i right? If yes, how can i find it?
Ok. Any suggestions?

any help is appreciated. :) thanks
06/20/2009 18:27 ms​#2
In MMORPGS you often move your character by clicking on the ground. The game then directly calls an internal call like "void MoveCharacter(int X, int Y)" or something like that. So I'd attach a memory scanner to the game and try to find those arguments (in this case "X" and "Y"). Then I would check where the game accesses those values.
There you should somewhere find the internal call of the game which is responsible for character movement and you can call it with your own aguments in order to move the character.

Not sure if that was what you're asking for.
06/20/2009 20:55 biophyte#3
Yea, in a way.
Ive found various moving functions but not the one which is made for moving directly to the selected point.
And how i know the values been clicked by me? Before i cant scan or sth. else.
06/20/2009 21:09 ms​#4
Well, you can also set a breakpoint at the Winsock function "send" or similar in ollydbg and then "go backwards" to find the function which causes this function to be called.
06/20/2009 21:24 Bot_interesierter#5
Quote:
Originally Posted by Disconnect View Post
Well, you can also set a breakpoint at the Winsock function "send" or similar in ollydbg and then "go backwards" to find the function which causes this function to be called.
it's very likely that olly is going to break on the function before he's able to click ingame, because most online games communicate constantly with their server.
Did you ever succed using this method?
06/20/2009 21:40 ms​#6
Well on the MMORPG Shaiya the client doesn't. If I remain idle it sends packets every 5-10 seconds only which leaves enough time for Alt+Tab. And if one of that packets happens to be caught by my breakpoint I notice it by its constant packet length.
06/20/2009 22:33 schlurmann#7
Quote:
Originally Posted by Bot_interesierter View Post
it's very likely that olly is going to break on the function before he's able to click ingame, because most online games communicate constantly with their server.
Did you ever succed using this method?
You could hook it, and log the return addresses.
06/21/2009 13:01 zarut#8
see if the game got any messages when you cant move or when you are stuck those usually helps a lot