Aion Bot Movement Problem

09/24/2009 21:21 Bl@ze!#1
Hey guys,

i recognized a problem and i still wonder if I am the only one who has this problem.

Okay, we've got X Y and Z.

Z is ok but X and Y seems to change if I move my mouse in current active Aion Window. BUT my character does not move.

Anyone else got this problem? I use following adresses :

Quote:
PlayerX = BaseAdress + 0x91FA40
PlayerY = BaseAdress + 0x91FA48
PlayerZ = BaseAdress + 0x8E336C
The BaseAdress is the Module Adress from the Game.dll ;)

And if you do not have that problem and you are using the same offsets. I will pay a lot for a code snippet.

Thanks in advance.

#edit

[Only registered and activated users can see links. Click Here To Register...]
[Only registered and activated users can see links. Click Here To Register...]
oh sorry wrong section you may move it ? :(
09/25/2009 06:30 Revived Soulreaver#2
Quote:
Originally Posted by Unkn0wn0x View Post
Hey guys,

i recognized a problem and i still wonder if I am the only one who has this problem.

Okay, we've got X Y and Z.

Z is ok but X and Y seems to change if I move my mouse in current active Aion Window. BUT my character does not move.

Anyone else got this problem? I use following adresses :



The BaseAdress is the Module Adress from the Game.dll ;)

And if you do not have that problem and you are using the same offsets. I will pay a lot for a code snippet.

Thanks in advance.

#edit

[Only registered and activated users can see links. Click Here To Register...]
[Only registered and activated users can see links. Click Here To Register...]
oh sorry wrong section you may move it ? :(
Your offsets are wrong,
X is Game.dll+8E3368
Y is Game.dll+8E3364
Z is Game.dll+8E336C

please share your code snippet for how to calculate the BaseAddress because i can't get this to work...thanks
09/25/2009 13:46 Bl@ze!#3
Quote:
Originally Posted by Revived Soulreaver View Post
Your offsets are wrong,
X is Game.dll+8E3368
Y is Game.dll+8E3364
Z is Game.dll+8E336C

please share your code snippet for how to calculate the BaseAddress because i can't get this to work...thanks
I will after work. Thank you so much :-)
09/25/2009 15:20 Revived Soulreaver#4
Quote:
Originally Posted by Unkn0wn0x View Post
I will after work. Thank you so much :-)
If this code comes to be posted, you sir will deserve all the thanks.

What i know:
I am aware that i should likely be using:
GetProcAddress
GetModuleHandle

however I am unaware as to what i should pass to these as i have tried multiple items...

Thanks again.
09/25/2009 16:02 Bl@ze!#5
Quote:
Originally Posted by Revived Soulreaver View Post
If this code comes to be posted, you sir will deserve all the thanks.

What i know:
I am aware that i should likely be using:
GetProcAddress
GetModuleHandle

however I am unaware as to what i should pass to these as i have tried multiple items...

Thanks again.
These 2 functions are only from yourself loaded dll like kernel32.dll or something which you load with loadlibary ;)
09/25/2009 16:54 Revived Soulreaver#6
Quote:
Originally Posted by Unkn0wn0x View Post
These 2 functions are only from yourself loaded dll like kernel32.dll or something which you load with loadlibary ;)
I know that should help but to me that means i have to inject a dll into the Aion.bin process which i don't feel is necessary.
09/25/2009 18:45 Bl@ze!#7
I use this autoit script to dump it and i write it to a .ini and read it out with my c# bot ;)


Code:
;===================================================================================================
; Function........:  _MemoryGetBaseAddress($ah_Handle, $iHD)
;
; Description.....:  Reads the 'Allocation Base' from the open process.
;
; Parameter(s)....:  $ah_Handle - An array containing the Dll handle and the handle of the open
;                         		  process as returned by _MemoryOpen().
;              	     $iHD - Return type:
;                	    |0 = Hex (Default)
;                	    |1 = Dec
;
; Requirement(s)..:  A valid process ID.
;
; Return Value(s).:  On Success - Returns the 'allocation Base' address and sets @Error to 0.
;                    On Failure - Returns 0 and sets @Error to:
;						|1 = Invalid $ah_Handle.
;						|2 = Failed to find correct allocation address.
;						|3 = Failed to read from the specified process.
;
; Author(s).......:  Nomad. Szhlopp.
; URL.............:  [url=http://www.autoitscript.com/forum/index.php?showtopic=78834]Memory UDF - AutoIt Forums[/url]
; Note(s).........:  Go to [url=http://Www.CheatEngine.org]Cheat Engine[/url] for the latest version of CheatEngine.
;===================================================================================================
Func _MemoryGetBaseAddress($ah_Handle, $iHexDec = 0)
    
    Local $iv_Address = 0x00100000
	Local $v_Buffer = DllStructCreate('dword;dword;dword;dword;dword;dword;dword')
	Local $vData
	Local $vType
	
    If Not IsArray($ah_Handle) Then
        SetError(1)
        Return 0
    EndIf
    

    DllCall($ah_Handle[0], 'int', 'VirtualQueryEx', 'int', $ah_Handle[1], 'int', $iv_Address, 'ptr', DllStructGetPtr($v_Buffer), 'int', DllStructGetSize($v_Buffer))
    
    If Not @Error Then
        
        $vData = Hex(DllStructGetData($v_Buffer, 2))
        $vType = Hex(DllStructGetData($v_Buffer, 3))
        
        While $vType <> "00000080"
            DllCall($ah_Handle[0], 'int', 'VirtualQueryEx', 'int', $ah_Handle[1], 'int', $iv_Address, 'ptr', DllStructGetPtr($v_Buffer), 'int', DllStructGetSize($v_Buffer))
            $vData = Hex(DllStructGetData($v_Buffer, 2))
            $vType = Hex(DllStructGetData($v_Buffer, 3))
            If Hex($iv_Address) = "01000000" Then ExitLoop
            $iv_Address += 65536
            
        WEnd

        If $vType = "00000080" Then
            SetError(0)
            If $iHexDec = 1 Then
                Return Dec($vData)
            Else
                Return $vData
            EndIf
            
        Else
            SetError(2)
            Return 0
        EndIf
        
    Else
        SetError(3)
        Return 0
    EndIf
    
EndFunc
09/26/2009 07:14 Revived Soulreaver#8
thanks for the code but this fails in windows 7 x64
09/26/2009 09:58 Bl@ze!#9
works for me on windows 7 x32 :/
09/30/2009 15:08 ddarek#10
What u have been missing is that func as beneath which correspondent to game.dll module
Code:
Func _MemoryModuleGetBaseAddress($iPID, $sModule)
    If Not ProcessExists($iPID) Then Return SetError(1, 0, 0)

    If Not IsString($sModule) Then Return SetError(2, 0, 0)

    Local   $PSAPI = DllOpen("psapi.dll")

    ;Get Process Handle
    Local   $hProcess
    Local   $PERMISSION = BitOR(0x0002, 0x0400, 0x0008, 0x0010, 0x0020) ; CREATE_THREAD, QUERY_INFORMATION, VM_OPERATION, VM_READ, VM_WRITE

    If $iPID > 0 Then
        Local $hProcess = DllCall("kernel32.dll", "ptr", "OpenProcess", "dword", $PERMISSION, "int", 0, "dword", $iPID)
        If $hProcess[0] Then
            $hProcess = $hProcess[0]
        EndIf
    EndIf

    ;EnumProcessModules
    Local   $Modules = DllStructCreate("ptr[1024]")
    Local   $aCall = DllCall($PSAPI, "int", "EnumProcessModules", "ptr", $hProcess, "ptr", DllStructGetPtr($Modules), "dword", DllStructGetSize($Modules), "dword*", 0)
    If $aCall[4] > 0 Then
        Local   $iModnum = $aCall[4] / 4
        Local   $aTemp
        For $i = 1 To $iModnum
            $aTemp =  DllCall($PSAPI, "dword", "GetModuleBaseNameW", "ptr", $hProcess, "ptr", Ptr(DllStructGetData($Modules, 1, $i)), "wstr", "", "dword", 260)
            If $aTemp[3] = $sModule Then
                DllClose($PSAPI)
                Return Ptr(DllStructGetData($Modules, 1, $i))
            EndIf
        Next
    EndIf

    DllClose($PSAPI)
    Return SetError(-1, 0, 0)

EndFunc
Credits goes to PharmerPhale
So i f u have your known bases for move as above u need first read game.dll to obtain TARGET X, Y, Z at the end using classic _MemoryRead()

Enjoy

PS Actually it is mine part of NomadMemory file
09/30/2009 15:39 Revived Soulreaver#11
Quote:
Originally Posted by ddarek View Post
What u have been missing is that func as beneath which correspondent to game.dll module
Code:
Func _MemoryModuleGetBaseAddress($iPID, $sModule)
    If Not ProcessExists($iPID) Then Return SetError(1, 0, 0)

    If Not IsString($sModule) Then Return SetError(2, 0, 0)

    Local   $PSAPI = DllOpen("psapi.dll")

    ;Get Process Handle
    Local   $hProcess
    Local   $PERMISSION = BitOR(0x0002, 0x0400, 0x0008, 0x0010, 0x0020) ; CREATE_THREAD, QUERY_INFORMATION, VM_OPERATION, VM_READ, VM_WRITE

    If $iPID > 0 Then
        Local $hProcess = DllCall("kernel32.dll", "ptr", "OpenProcess", "dword", $PERMISSION, "int", 0, "dword", $iPID)
        If $hProcess[0] Then
            $hProcess = $hProcess[0]
        EndIf
    EndIf

    ;EnumProcessModules
    Local   $Modules = DllStructCreate("ptr[1024]")
    Local   $aCall = DllCall($PSAPI, "int", "EnumProcessModules", "ptr", $hProcess, "ptr", DllStructGetPtr($Modules), "dword", DllStructGetSize($Modules), "dword*", 0)
    If $aCall[4] > 0 Then
        Local   $iModnum = $aCall[4] / 4
        Local   $aTemp
        For $i = 1 To $iModnum
            $aTemp =  DllCall($PSAPI, "dword", "GetModuleBaseNameW", "ptr", $hProcess, "ptr", Ptr(DllStructGetData($Modules, 1, $i)), "wstr", "", "dword", 260)
            If $aTemp[3] = $sModule Then
                DllClose($PSAPI)
                Return Ptr(DllStructGetData($Modules, 1, $i))
            EndIf
        Next
    EndIf

    DllClose($PSAPI)
    Return SetError(-1, 0, 0)

EndFunc
So i f u have your known bases for move as above u need first read game.dll to obtain TARGET X, Y, Z at the end using classic _MemoryRead()

Enjoy

PS Actually it is mine part of NomadMemory file
He was just posting sample BaseMemory Code for me, which didn't work as i am on x64 this issue is resolved.
09/30/2009 15:40 ddarek#12
kk
However it works :)