[Game hacking] Hook move function

09/17/2019 15:23 Celid#1
Hello everyone!
I need to hook the move function of my character in Nostale and use it in c#/c++, can someone help me to do this?
09/25/2019 10:55 Celid#2
Can someone help me?

I've wrote the asm but when I execute it, the game crashes.

Code:
unsigned newPosition = 0x000A000A;
DWORD walkAddress = 0x00490A40;

void __declspec(naked) ourFunct() {
	__asm {
		mov eax, myPosition
		mov edx, newPosition
		call walkAddress
        }
}
09/25/2019 18:26 IceTrailer#3
Quote:
Originally Posted by Celid View Post
Code:
unsigned newPosition = 0x000A000A;
DWORD walkAddress = 0x00490A40;

void __declspec(naked) ourFunct() {
	__asm {
		mov eax, myPosition
		mov edx, newPosition
		call walkAddress
        }
}
Looks like you use dynamic addresses and no static address. Dynamic addresses vary everytime you run Nostale and allocate new memory.
You have to deduce which address writes to your dynamic address (you have to find the new one) and use then the pointer.
09/26/2019 01:16 DarkyZShadow#4
Quote:
Originally Posted by Celid View Post
Can someone help me?

I've wrote the asm but when I execute it, the game crashes.

Code:
unsigned newPosition = 0x000A000A;
DWORD walkAddress = 0x00490A40;

void __declspec(naked) ourFunct() {
	__asm {
		mov eax, myPosition
		mov edx, newPosition
		call walkAddress
        }
}
Remember that declaring your function with "naked" removes the prolog and epilog from it (cf [Only registered and activated users can see links. Click Here To Register...]).
So you have to add the "ret" instruction at the end of your function else your program will continue to execute undefined instructions after the call to "walkAddress".

You can try something like that :
Code:
unsigned newPosition = 0x000A000A;
DWORD walkAddress = 0x00490A40;

void __declspec(naked) ourFunct() {
	__asm {
		mov eax, myPosition
		mov edx, newPosition
		call walkAddress
		ret
        }
}
09/26/2019 20:47 Celid#5
Quote:
Originally Posted by IceTrailer View Post
Looks like you use dynamic addresses and no static address. Dynamic addresses vary everytime you run Nostale and allocate new memory.
You have to deduce which address writes to your dynamic address (you have to find the new one) and use then the pointer.
Hello IceTrailer and thank you for your reply,
I don't understand what do you mean, the address I found is a static address.

Quote:
Originally Posted by DarkyZShadow View Post
Remember that declaring your function with "naked" removes the prolog and epilog from it (cf [Only registered and activated users can see links. Click Here To Register...]).
So you have to add the "ret" instruction at the end of your function else your program will continue to execute undefined instructions after the call to "walkAddress".

You can try something like that :
Code:
unsigned newPosition = 0x000A000A;
DWORD walkAddress = 0x00490A40;

void __declspec(naked) ourFunct() {
	__asm {
		mov eax, myPosition
		mov edx, newPosition
		call walkAddress
		ret
        }
}
Hello DarkyZShadow and thank you for your reply,
I've added ret at the end but it doesn't work.
I've tryed also to set all the registers as they normally are before calling the function but steel it doesn't works.
09/26/2019 22:54 DarkyZShadow#6
Quote:
Originally Posted by Celid View Post
Hello DarkyZ and thank you for your reply,
I've added ret at the end but it doesn't work.
I've tryed also to set all the registers as they normally are before calling the function but steel it doesn't works.
How did you do that ? Using PUSHAD/POPFD instructions ? Also, try to save flags (PUSHFD/POPFD).

Code:
unsigned newPosition = 0x000A000A;
DWORD walkAddress = 0x00490A40;

void __declspec(naked) ourFunct() {
	__asm {
		; Save registers & flags
		pushad
		pushfd

		mov eax, myPosition
		mov edx, newPosition
		call walkAddress

		; Restore flags & registers: don't forget to reverse the order
		popfd
		popad

		ret
        }
}
If it doesn't work, you probably have a problem when you call the "walk" function (bad address, bad parameters, ...)
09/28/2019 20:54 Celid#7
Quote:
Originally Posted by DarkyZShadow View Post
How did you do that ? Using PUSHAD/POPFD instructions ? Also, try to save flags (PUSHFD/POPFD).

Code:
unsigned newPosition = 0x000A000A;
DWORD walkAddress = 0x00490A40;

void __declspec(naked) ourFunct() {
	__asm {
		; Save registers & flags
		pushad
		pushfd

		mov eax, myPosition
		mov edx, newPosition
		call walkAddress

		; Restore flags & registers: don't forget to reverse the order
		popfd
		popad

		ret
        }
}
If it doesn't work, you probably have a problem when you call the "walk" function (bad address, bad parameters, ...)
I've the move function:
Code:
NostaleClientX.exe+145309 - 6A 01                 - push 01
NostaleClientX.exe+14530B - 33 C9                 - xor ecx,ecx
NostaleClientX.exe+14530D - 8B 55 FC              - mov edx,[ebp-04]
NostaleClientX.exe+145310 - A1 88B78600           - mov eax,[NostaleClientX.exe+46B788] { (0E2AADD0) }
NostaleClientX.exe+145315 - E8 2653FFFF           - call NostaleClientX.exe+13A640
Do you know how can I call It in c++ or in c# when I need to move my char?
For now I've edit the move coords whit memory write (code cave) and when I click my char moves in the right coords.
Now I want to call my function without click in the game.