War Rock Cheat Programming Discussion

Page 1 of 76

07/03/2013 21:37 Raz9r#1

WarRock Cheat Programming Discussion
REGELN / RULES

DEUTSCH / GERMAN

Hallo elitepvpers,

unter Absprache mit der Moderation er�ffne ich dieses Thema, das eine Vereinigung zweier Themen unter strengeren Regeln ist. Ziel dieser Vereinigung ist, ein wenig Licht ins Chaos zu bringen und die Moderation zu erleichtern.

Bitte nehmt euch einen Moment Zeit, diese Regeln zur Kenntnis zu nehmen.

Beitr�ge, die Quellcode beinhalten, haben diesen mit dem BB-Code [CODE] zu kennzeichnen oder eine geeignete Schriftart zu benutzen (etwa mit [FONT=monospace]).
Beitr�ge, die sich auf einen anderen Beitrag beziehen, m�ssen entweder direkt auf diese folgen, sie zitieren oder den Autor nennen.
Es d�rfen nur die Teile eines Beitrags zitiert werden, auf die auch Bezug genommen wird.
Beitr�ge, die Fragen beinhalten, haben m�glichst konkret zu sein. Es ist nicht erlaubt, Fragen innerhalb kurzer Zeit mehrmals zu stellen.
Beitr�ge, die lange Listen mit Datenstrukturen oder Adressen und Offsets enthalten, m�ssen diese mit dem BB-Code [SPOILER] k�rzen.
Pers�nliche Bemerkungen sind in diesem Thema unerw�nscht.
Wenn zwei komplett unabh�ngige Sachen beigetragen werden, d�rfen und sollen diese in zwei aufeinanderfolgenden Posts beigetragen werden. Die "Doppelpost-Regel" greift unter diesen Umst�nden also nicht.
Beitr�ge d�rfen in Englisch oder Deutsch verfasst werden. Antworten auf einen in Englisch verfassten Beitrag sollen auch in Englisch verfasst werden.
Beitr�ge, die sich nicht auf die EU-Version von War Rock, sondern auf Privatserver oder ausl�ndische Versionen beziehen, m�ssen als solche gekennzeichnet werden.
Regelverst��e sind in diesem Thema mit Bezug auf die versto�ene Regel zu melden, um der Moderation die Arbeit zu erleichtern. Regelverst��e werden mit Verwarnungen geahndet.

~Raz9r

ENGLISCH / ENGLISH

Hello elitepvpers,

under agreement with the moderation I open this topic, which is a consolidation of two former topics, now under stricter rules. The aim of this fusion is to bring a little light into the chaos and facilitate moderation.

Please take a minute to take note of the following rules.

Posts containing source code have to be marked with the BB-code [CODE] or use appropriate fonts (e.g. using [FONT=monospace]).
Posts that relate to another post, must either immediately follow them, quote them, or mention the author of the post you relate to.
Only those parts of a post shall be quoted, on which the reference is made.
Comments containing questions have to be as specific as possible. It is not allowed to ask the same questions again within a short time frame.
Posts that contain long lists of data structures or addresses and offsets must be reduced, using the BB-code [SPOILER].
Personal statements are undesirable within this topic.
If you wanna contribute two or more completely seperate things, you may and should contribute them in sequential posts. Considering those circumstances, the "double-post-rule" does not apply, therefore.
Posts must be written in English or German. Responses to a post written in English, should be also written in English.
Posts that do not relate to the EU version of War Rock, but on private server or other versions must be noticeable labeled as such.
Rule violations in this topic are to be reported with reference to the rule the author broke. This is necessary to facilitate the work of moderation. Rule violations are punished with warnings.

~Raz9r

07/03/2013 21:37 xxfabbelxx#2

pinned

07/03/2013 21:56 Raz9r#3

Um loszulegen gleich einmal ein l�ngerer Post, der Hotpatching (eine Art Hooking) sehr einfach macht.
Die meisten Windows API Funktionen fangen so an:

Code:

NOP
NOP
NOP
NOP
NOP
; * hier f�ngt die funktion an
MOV EDX, EDX

Das sind also 7 Byte, die exakt nichts machen. Ein Hotpatch ersetzt das MOV EDX, EDX um einen Sprung zur�ck zu den f�nf NOP-Anweisungen, die dann zum eigentlichen Hook springen.

Mit meinem Code kann man dann folgendes machen (Beispielhafte Anwendung f�r MessageBox):

Code:

#include "hotpatch.hpp"

int WINAPI MessageBoxHook(
  _In_opt_  HWND hWnd,
  _In_opt_  LPCTSTR lpText,
  _In_opt_  LPCTSTR lpCaption,
  _In_      UINT uType
)
{
    // call original MessageBox function with replaced third parameter
    return hotpatch::original(&MessageBox)(hWnd, lpText, "replaced caption", uType);
}

void hotpatchMessageBox()
{
    if (hotpatch::install(&MessageBox, &MessageBoxHook))
    {
         // succcessfully installed hotpatch
         MessageBox(nullptr, "text", "caption", MB_OKCANCEL);

         if (hotpatch::remove(&MessageBox))
         {
             // successfully removed hotpatch
         }
         else
         {
             // failed to remove hotpatch
         }
    }
    else
    {
         // failed to install hotpatch
    }
}

Zu guter Letzt die ben�tigte Header-Datei, die ich geschrieben habe.
hotpatch.hpp

Spoiler

Code:

#pragma once

// Win32
#include <Windows.h>

// stdlib
#include <cstdint>

namespace hotpatch
{
    namespace detail
    {
#pragma pack(push, 1)
        struct signature
        {
            std::uint8_t  long_jmp;
            std::uint32_t long_jmp_adr;
            std::uint16_t jmp_back;
        };
#pragma pack(pop)
    }

    template <typename R, typename... Args>
    bool install(R (__stdcall *target)(Args...), R (__stdcall *hook)(Args...))
    {
        detail::signature *sig = reinterpret_cast<detail::signature *>(reinterpret_cast<char *>(target) - 5);
        DWORD prot = 0;

        if (!VirtualProtect(sig, sizeof(detail::signature), PAGE_EXECUTE_READWRITE, &prot))
        {
            return false;
        }

        __try
        {
            sig->long_jmp     = 0xE9;
            sig->long_jmp_adr = reinterpret_cast<std::uint32_t>(hook) - reinterpret_cast<std::uint32_t>(target);
            sig->jmp_back     = 0xF9EB;
        }
        __except(EXCEPTION_EXECUTE_HANDLER)
        {
            return false;
        }

        if (!VirtualProtect(sig, sizeof(detail::signature), prot, &prot))
        {
            return false;
        }

        if (!FlushInstructionCache(GetCurrentProcess(), sig, sizeof(detail::signature)))
        {
            return false;
        }

        return true;
    }

    template <typename R, typename... Args>
    bool remove(R (__stdcall *target)(Args...))
    {
        detail::signature *sig = reinterpret_cast<detail::signature *>(reinterpret_cast<char *>(target) - 5);
        DWORD prot = 0;

        if (!VirtualProtect(sig, sizeof(detail::signature), PAGE_EXECUTE_READWRITE, &prot))
        {
            return false;
        }

        __try
        {
            sig->long_jmp      = 0x90;
            sig->long_jmp_adr = 0x90909090;
            sig->jmp_back      = 0xFF8B;
        }
        __except(EXCEPTION_EXECUTE_HANDLER)
        {
            return false;
        }

        if (!VirtualProtect(sig, sizeof(detail::signature), prot, &prot))
        {
            return false;
        }

        if (!FlushInstructionCache(GetCurrentProcess(), sig, sizeof(detail::signature)))
        {
            return false;
        }

        return true;
    }

    template <typename R, typename... Args>
    inline auto original(R (__stdcall *target)(Args...)) -> R (__stdcall *)(Args...)
    {
        if (target)
        {
            return reinterpret_cast<R (__stdcall *)(Args...)>(reinterpret_cast<char *>(target) + 2);
        }
        else
        {
            return nullptr;
        }
    }
}}

07/03/2013 22:10 NikM#4

Oha ein frischer aufger�umter Thread :)
Meine Chance die Vehicleklassen auf der ersten Seite zu verewigen ;)

Vehicleklassen:

Spoiler

Code:

class cVehicleBase;
class cVehicleBase2;
class cVehicles;
class cVehicle;
class cVehicleRestrictions;
class cVehicleWeaponBase;
class cVehicleWeapon;
class cVehiclePosition;

static DWORD dwVehiclePointer = 0x00AE2C70;
static cVehicleBase *g_pVehicleArray = (cVehicleBase *) (dwVehiclePointer);

class cVehicleBase
{
	public:
		/* 0x00000000 */ cVehicleBase2 *m_pVehicleBase;
};

class cVehicleBase2
{
	public:
		/* 0x00000000 */ BYTE _00 [0x0C];
		/* 0x0000000C */ cVehicles *m_pVehicles;
};

class cVehicles 
{
	public:
		/* 0x00000000 */ cVehicle *m_pVehicles [64];
};

class cVehicle
{
	public:
		/* 0x00000000 */ BYTE _00 [0x38];
		/* 0x00000038 */ __int8 m_isType; 
		/* 0x00000039 */ BYTE _39 [0x1F];
		/* 0x00000058 */ char m_szVehicleName [0x10]; 
		/* 0x00000068 */ BYTE _68 [0x10];
		/* 0x00000078 */ __int32 m_iMaxPassengers; 
		/* 0x0000007C */ __int32 m_iHealth; 
		/* 0x00000080 */ __int32 m_iMaxHealth; 
		/* 0x00000084 */ BYTE _84 [0x04];
		/* 0x00000088 */ __int32 m_iCurrentPassengers; 
		/* 0x0000008C */ BYTE _8C [0x150];
		/* 0x000001DC */ cVehicleRestrictions *m_pRestrictions; 
		/* 0x000001E0 */ cVehiclePosition *m_pPositions;
		/* 0x000001E4 */ BYTE _1E4 [0xE8];
		/* 0x000002CC */ __int32 m_iIndex; 
		/* 0x000002D0 */ BYTE _2D0 [0x04];
		/* 0x000002D4 */ __int32 m_iLocalSeat; 
		/* 0x000002D8 */ BYTE _2D8 [0x28];
		/* 0x00000300 */ cVector3D m_vSpawnPos; 
		/* 0x0000030C */ BYTE _3EC [0x70];
		/* 0x0000037C */ float m_fSpeed; 
		/* 0x00000380 */ float m_fDirection; 
};

class cVehicleRestrictions
{
	public:
		/* 0x00000004 */ BYTE _00 [0x40];
		/* 0x00000040 */ float m_fMaxSpeed; 
		/* 0x00000044 */ float m_fMaxBackSpeed; 
		/* 0x00000048 */ float m_fAccelerationForeward;
		/* 0x0000004C */ float m_fAccelerationBackward;
		/* 0x00000050 */ float m_fAccelerationSideward;
		/* 0x00000054 */ BYTE _54 [0x3C];
		/* 0x00000090 */ float m_fLetsFetz; 
		/* 0x00000094 */ BYTE _94 [0x10];
		/* 0x000000A4 */ cVehicleWeaponBase *m_pWeaponBase; 
};

class cVehicleWeaponBase
{
	public:
		/* 0x00000000 */ cVehicleWeapon *m_pWeapons; 
};

class cVehicleWeapons
{
	public:
		/* 0x00000000 */ BYTE _0x0000 [0x21C];
		/* 0x0000021C */ cVehicleWeapon m_Weapon1;
		/* 0x00000264 */ BYTE _264 [0x120];
		/* 0x00000384 */ cVehicleWeapon m_Weapon2;
		/* 0x000003CC */ BYTE _3CC [0x58];
		/* 0x00000424 */ cVector3D m_vAimAt; 
};

class cVehicleWeapon 
{
	public:
		/* 0x00000000 */ __int32 m_iMaxAmmo; 
		/* 0x00000004 */ __int32 m_iAmmoXor1; 
		/* 0x00000008 */ __int32 m_iAmmoXor2; 
		/* 0x0000000C */ BYTE _0C [0x08];
		/* 0x00000014 */ __int32 m_iDelayTime; 
		/* 0x00000018 */ BYTE _18 [0x04];
		/* 0x0000001C */ float m_fShootTime; 
		/* 0x00000020 */ BYTE _20 [0x0C];
		/* 0x0000002C */ float m_fOverheatInc; 
		/* 0x00000030 */ float m_fOverheatDec; 
		/* 0x00000034 */ BYTE _34 [0x08];
		/* 0x0000003C */ __int8 m_isShooting; 
		/* 0x0000003D */ BYTE _3D [0x07];
		/* 0x00000044 */ float m_fOverheat;
};

class cVehiclePosition
{
	public:
		/* 0x00000000 */ BYTE _00 [0x10];
		/* 0x00000010 */ cVehicleWriteablePositions *m_pPositions;
		/* 0x00000014 */ BYTE _14 [0x34];
		/* 0x00000048 */ cVector3D m_vPos; 
};

class cVehicleWriteablePositions
{
	public:
		/* 0x00000000 */ BYTE _00 [0x98];
		/* 0x00000098 */ cVector3D m_vPos;
};

Beispiele zur Anwendung:

Spoiler

Falls man selbst in einem Fahrzeug sitzt findet man den Pointer auf eben dieses hier:
[[Playerpointer]+C4C4h]

07/04/2013 16:40 R3d_L!n3#5

Code:

		if(RedLine.rServer.AutoStart == 1)
		{

			if( WaitForAWhile1  == false  && *(DWORD*)ADR_PlayerPointer == 0) 
			{

				int Memory = (int)calloc(1, 404);
				if ( !Memory )
					abort();
				*(DWORD *)Memory = g_rBase->MyServer->Invisable;
				*(DWORD *)(Memory + 8) = g_rBase->MyServer->roomnumber;
				*(DWORD *)(Memory + 4) = g_rBase->MyServer->myplayerslot;
				*(BYTE *)(Memory + 20) = 1;
				*(DWORD *)(Memory + 12) = 1;
				*(DWORD *)(Memory + 16) = 1;
				*(DWORD *)(Memory + 24) = 0;
				Command(Memory);
				free((void*)Memory);

				WaitForAWhile1 = true;
		
			}

		}
		else if(RedLine.rServer.AutoStart == 0) WaitForAWhile1 = false;

		
		if(RedLine.rServer.AutoReady == 1)
		{

			if(*(DWORD*)ADR_PlayerPointer == 0 && WaitForAWhile2  == false) 
			{

				
				int Memory = (int)calloc(1, 404);
				if ( !Memory )
					abort();
				*(DWORD *)Memory = g_rBase->MyServer->Invisable;
				*(DWORD *)(Memory + 8) = g_rBase->MyServer->roomnumber;
				*(DWORD *)(Memory + 4) = g_rBase->MyServer->myplayerslot;
				*(BYTE *)(Memory + 20) = 1;
				*(DWORD *)(Memory + 12) = 2;
				*(DWORD *)(Memory + 16) = 50;
				*(DWORD *)(Memory + 24) = 0;
				Command(Memory);
				free((void*)Memory);
				 WaitForAWhile2  = true ;
			}

		}
		else if(RedLine.rServer.AutoReady == 0) WaitForAWhile2 = false;

Code:

 typedef DWORD (__cdecl * oStart)(signed int , signed int , signed int);
 oStart pStart = (oStart) 0x541112;// The addie is really old , so u need to update it

For autostart do (1 , 1 , 0 ) , For ready do (2 , 50 , 0 )

Be carefull while using it cuz if u dont use it correctly it will lag like hell ..

Credits :
R3d_L!n3
UnknownPk

07/04/2013 17:05 xRoute66x#6

Hat wer auf die schnelle die Scope Adresse?

07/04/2013 17:13 BlackLegend�##7

Quote:

Originally Posted by R3d_L!n3

Code:

 typedef DWORD (__cdecl * oStart)(signed int , signed int , signed int);
 oStart pStart = (oStart) 0x541112;// The addie is really old , so u need to update it

For autostart do (1 , 1 , 0 ) , For ready do (2 , 50 , 0 )

06.04.2013 have fun

07/04/2013 17:31 n4n033#8

Quote:

Originally Posted by xRoute66x

Hat wer auf die schnelle die Scope Adresse?

0x00934460

#Enjoy

07/04/2013 18:01 ChetUbetcha#9

Quote:

Originally Posted by NikM

Falls man selbst in einem Fahrzeug sitzt findet man den Pointer auf eben dieses hier:
[[Playerpointer]+C4C4h]

How would you do that?

07/05/2013 06:23 scraprecon#10

How come my no menu keeps crashing? My source :

Code:

template <typename T>VOID __Functions( void *Addie , T Value )
{
	MemWrite((void*)Addie,(BYTE*)&Value,sizeof ( T ) );
}

void  MemWrite ( void* IsAddress, BYTE *CodeOn, int SizeOf )
{
	unsigned long Protection;
	VirtualProtect( (void*)IsAddress, SizeOf, PAGE_EXECUTE_READWRITE, &Protection );
	memcpy( (void*)IsAddress, (const void*)CodeOn , SizeOf );
	VirtualProtect( (void*)IsAddress, SizeOf, Protection , 0 );
}

if( Player != 0 )
		{
			__Functions<DWORD>((void*)( Player + OFS_PlayerSpeed ) , 1500 ) ;
		}
#define ADR_PlayerPointer 0xAE92FC
#define OFS_PlayerSpeed 0x1010C

Here are some addies updated by me ;)

Code:

Credits to R3DL1NE!
#define ASM_Artillery1 0x4F82E0
#define ASM_Artillery2 0x4F8555
#define ASM_Artillery3 0x594F1E
#define ASM_Artillery4 0x594FB1
#define ASM_Artillery5 0x594CF9
#define ASM_Artillery6 0x577A01
#define ASM_Artillery7 0x594E98
#define ASM_Artillery8 0x5779B8

& AutoShoot by R3DL1NE
On:
   xPatch p_rArtillery1             ( ADR_Artillery1         ,(BYTE*)"\x90\x90"                 , 2 );
    xPatch p_rArtillery2             ( ADR_Artillery2         ,(BYTE*)"\x90\x90"                 , 2 );
    xPatch p_rArtillery3             ( ADR_Artillery3         ,(BYTE*)"\xEB"                     , 1 );
    xPatch p_rArtillery4             ( ADR_Artillery4         ,(BYTE*)"\xEB"                     , 1 );
    xPatch p_rArtillery5             ( ADR_Artillery5         ,(BYTE*)"\xEB"                     , 1 );
    xPatch p_rArtillery6             ( ADR_Artillery6         ,(BYTE*)"\x90\x90\x90\x90\x90"     , 5 );
    xPatch p_rArtillery7             ( ADR_Artillery7         ,(BYTE*)"\xEB"                     , 1 );
    xPatch p_rArtillery8             ( ADR_Artillery8         ,(BYTE*)"\x90\x90"                 , 2 );
Dont have off but very easy to find bytes

#Requesting dump from 10-31-2012, October 31, 2012. Thankyou :)

07/05/2013 07:06 boknoy24#11

is this the correct drawline?

Code:

void DrawLine( float X, float Y, float X2, float Y2, D3DCOLOR Color, LPDIRECT3DDEVICE9 pDevice)
{
	D3D V[2] =
{
{ (float)X, (float)Y, 0.0f, Color },
{ (float)X2, (float)Y2, 0.0f, Color },
};
pDevice->DrawPrimitiveUP( D3DPT_LINELIST, 1, V, sizeof( D3D ) );
}

07/05/2013 15:21 Xave :)#12

Quote:

Originally Posted by ChetUbetcha

How would you do that?

Code:

CVehicle* myVehicle = (CVehicle*)(*(DWORD*)(dwPlayerPointer+0xC4C4));

Should work : p

€dit : Current Addys

PHP Code:


			
//=========================================\
//=============== Xave Logger =============\
//=============      v.1.0     ============\
//============= Start logging =============\
//=========================================\

//~~~~~~~~~~~~Pointers~~~~~~~~~~~~
unsigned long ptrLocalPlayer = 0x00AE92FC;
unsigned long ptrRemotePlayer = 0x00B6AC98;
unsigned long ptrLocalServer = 0x00AE3AC4;
unsigned long ptrRemoteBase = 0x00B1BCF0;
unsigned long ptrViewPort = 0x00AE2B70;
unsigned long ptrWeapon1 = 0x00B07CA8;
unsigned long ptrWeapon2 = 0x00B5C5E8;
unsigned long ptrVehicle1 = 0x00AE2CDC;
unsigned long ptrVehicle2 = 0x00AE2C74;

//~~~~~~~~~~~~Memory~~~~~~~~~~~~~
unsigned long memWalkHeigth = 0x008C9AF0;
unsigned long memClanTag1 = 0x00B07C88;
unsigned long memClanTag2 = 0x00B07C44;
unsigned long memClanTag3 = 0x00B07C90;
unsigned long memClanTag4 = 0x00B07C8C;
unsigned long memClanChat = 0x00A9F564;
unsigned long memClanName = 0x00B07C48;
unsigned long memSpeed = 0x008C9E10;
unsigned long memGlobalSpeed = 0x00AE2B94;
unsigned long memSTW = 0x00AE2F94;
unsigned long memBoneShot = 0x008CAA40;
unsigned long memNoBounds = 0x00B7AB24;
unsigned long memNoSpawnWait = 0x00B850B4;
unsigned long memPlantAnyWhere = 0x00AE2BAE;
unsigned long memDefuseAnyWhere = 0x0093447C;

//~~~~~~~~~~~~Offsets~~~~~~~~~~~~~
unsigned long ofsRecoil = 0x00C448;
unsigned long ofsViewX = 0x00101D4;
unsigned long ofsViewY = 0x00101D8;
unsigned long ofsViewZ = 0x00101DC;
unsigned long ofsPosX = 0x0010300;
unsigned long ofsPosY = 0x0010308;
unsigned long ofsPosZ = 0x0010310;
unsigned long ofsPitch = 0x00101A8;
unsigned long ofsYaw = 0x00101C4;
unsigned long ofsNoFallDamage = 0x00102E8;
unsigned long ofsGlobalSize = 0x00B18;
unsigned long ofsLocalSize = 0x00A1DC;
unsigned long ofsSlot1 = 0x009F1E0;
unsigned long ofsSlot2 = 0x009F1E1;
unsigned long ofsSlot3 = 0x009F1E2;
unsigned long ofsSlot4 = 0x009F1E3;
unsigned long ofsSlot5 = 0x009F1E4;
unsigned long ofsSlot6 = 0x009F1E5;
unsigned long ofsSlot7 = 0x009F1E6;
unsigned long ofsSlot8 = 0x009F1E7;
unsigned long ofsInvisible = 0x00B7E4C;

//~~~~~~~~~~~~Weapon Offsets~~~~~~~~~~~~~
unsigned long ofsDamage = 0x0014C0;
unsigned long ofsDefence = 0x0014C4;
unsigned long ofsRange = 0x0014C8;
unsigned long ofsAmmoNumber = 0x0014CC;
unsigned long ofsMagazineNumber = 0x0014D0;
unsigned long ofsEffectRange = 0x0014D4;
unsigned long ofsParabola = 0x0014D8;
unsigned long ofsSpeed = 0x0014E8;
unsigned long ofsWeaponWheight = 0x0014EC;

//~~~~~~~~~~~~Remote~~~~~~~~~~~~~
unsigned long ofsRemoteName = 0x00644;

//~~~~~~~~~~~~Assembler~~~~~~~~~~~~~
unsigned long asmNoHSKick = 0x*;
unsigned long asmStamina1 = 0x004575F8;
unsigned long asmStamina2 = 0x*;
unsigned long asmStamina3 = 0x0050819A;

//~~~~~~~~~~~~Structs~~~~~~~~~~~~
class CPlayer
{
public:
  CHAR _00[0x101A8];
  FLOAT fPitch;
  CHAR _01[0x18];
  FLOAT fYaw;
  CHAR _02[0xC];
  FLOAT fReadableX;
  FLOAT fReadableY;
  FLOAT fReadableZ;
  CHAR _03[0x120];
  FLOAT fWriteableX;
  CHAR _04[0x4];
  FLOAT fWriteableY;
  CHAR _05[0x4];
  FLOAT fWriteableZ;
}; // => 0x10314

class CWeapon
{
public:
    CHAR _00[0x14C0];
    DWORD dDamage;
    DWORD dDefence;
    DWORD dRange;
    DWORD dAmmoNum;
    DWORD dMagazineNum;
    DWORD dEffectRange;
    DWORD dParabola;
    CHAR _01[0xC];
    DWORD dShotSpeed;
    DWORD dWeight;
}; // => 0x14F0

class CBase
{
public:
    CPlayer* _Local;
    CHAR _00[0x81998]
    CPlayer** _Remote;
}; // => 0xB6AC9C

CBase* _pBase = (CBase*)0x00AE92FC;
CPlayer* _pPlayer = (CPlayer*)0x00AE92FC;
//==============  Next logging  ===========\

OPK

PHP Code:


			
VOID OPKThread()
{
    while ( TRUE )
    {
        if( CH_OPK )
        {
            for(register int i = 0; i < 32; i++)
            {
                _pBase->_Remote[i]->fWriteableX = 0;
                _pBase->_Remote[i]->fWriteableY = 0;
                _pBase->_Remote[i]->fWriteableZ = 0;
            }
            Sleep(1);
        }else{ Sleep(250); }
    }
}

07/05/2013 15:26 xx120xx#13

New Function [In ASM]:
Event Room (Add Room Type "Event" into the Room Creation.)

Info: It isn't a real Event!! It just Add Event to the Room Creation!

ASM Code:

Code:

005639D3  |. 84C0           TEST AL,AL
005639D5  |. 74 6F          JE SHORT WarRock-.00563A46
005639D7  |. 8D45 B0        LEA EAX,DWORD PTR SS:[EBP-50]
005639DA  |. 50             PUSH EAX
005639DB  |. B9 FCB28A00    MOV ECX,WarRock-.008AB2FC                ;  ASCII "m974_2"
005639E0  |. E8 8B040A00    CALL WarRock-.00603E70
005639E5  |. 59             POP ECX
005639E6  |. C745 FC 080000>MOV DWORD PTR SS:[EBP-4],8
005639ED  |. 8378 18 10     CMP DWORD PTR DS:[EAX+18],10

ASM Adress:

Code:

 0x5639D5 // Left from the JE.

m974_2 -> Text ascii for: m974_2="Event"

Simple "replace" the JE (Jump if Equal) (005639D5 |. 74 6F JE SHORT WarRock-.00563A46) with \x90 (NOPs [NoOperation]) so WR will read all what comes after the JE or the NOPs now.
(WR Added Event now ^.^ ..)

All u need now is a WriteMem Function.. ^^

Screen's:
[Only registered and activated users can see links. Click Here To Register...]
[Only registered and activated users can see links. Click Here To Register...]

Credits: Found by me long time Ago..

07/05/2013 16:48 *KingDevil*#14

Quote:

Originally Posted by scraprecon

How come my no menu keeps crashing?

[...]

#Requesting dump from 10-31-2012, October 31, 2012. Thankyou :)

Here... idk if it the right one.. 24.10.12

Download: [Only registered and activated users can see links. Click Here To Register...]

Virustotal: [Only registered and activated users can see links. Click Here To Register...]

07/05/2013 19:43 scraprecon#15

No, someone already gave me that one. I need the one right after that one (10-31-12). Thanks though

Page 1 of 76

Last »