[CodeSnippet] Send Chat Packet from dll[Aeria]

02/22/2010 22:07 Mega Byte#1

UPDATE NOTE:
The same code may be able to be found here... i can not be bothered looking for it again unless i need it. I will post up if i find it again if i actually look for it tho :)

Quote:

00412F10 /. 55 PUSH EBP
00412F11 |. 8BEC MOV EBP,ESP
00412F13 |. 83EC 08 SUB ESP,8
00412F16 |. C745 FC DC2B5>MOV DWORD PTR SS:[EBP-4],TwelveSk.00572B>
00412F1D |. 837D 08 00 CMP DWORD PTR SS:[EBP+8],0
00412F21 |. 74 06 JE SHORT TwelveSk.00412F29
00412F23 |. 8B45 08 MOV EAX,DWORD PTR SS:[EBP+8]
00412F26 |. 8945 FC MOV DWORD PTR SS:[EBP-4],EAX
00412F29 |> 6A 04 PUSH 4
00412F2B |. 8B4D FC MOV ECX,DWORD PTR SS:[EBP-4]
00412F2E |. 83C1 01 ADD ECX,1
00412F31 |. 51 PUSH ECX
00412F32 |. 8D55 F8 LEA EDX,DWORD PTR SS:[EBP-8]
00412F35 |. 52 PUSH EDX
00412F36 |. E8 D5901200 CALL TwelveSk.0053C010
00412F3B |. 83C4 0C ADD ESP,0C
00412F3E |. 68 5BD35400 PUSH TwelveSk.0054D35B
00412F43 |. 8B45 F8 MOV EAX,DWORD PTR SS:[EBP-8]
00412F46 |. 6BC0 0D IMUL EAX,EAX,0D
00412F49 |. 05 8CB00A01 ADD EAX,TwelveSk.010AB08C
00412F4E |. 50 PUSH EAX
00412F4F |. E8 0CA31200 CALL TwelveSk.0053D260
00412F54 |. 83C4 08 ADD ESP,8
00412F57 |. 8BE5 MOV ESP,EBP
00412F59 |. 5D POP EBP
00412F5A \. C3 RETN

C++ Code for a dll you can inject.

Code:

void __cdecl SendChat( const char* szText )
{
	UINT_PTR adr = 0x00412F18; //function address
	__asm
	{
	push szText
	mov eax,szText
	mov ecx,0x005081E8
	call adr
	}
}

Usage set a key hook or some other method to call this function I would suggest a console window of some kind.
SendChat("Hello");
Would say Hello :)

I am releasing this here so people may make use of it but I must request please do not use it to spam in game with garbage adverts etc...
Use it as a learning tool Its taken me 3 days or so to work this out haha...

This is proof that a dll can be used to make the game send packets to the server. Now to make it send different packets :) this is just sending chat.

I am going to attempt this method for things such as portal usage, return scroll usage, respawn, death, movement, duel, attack, skills, items, party, guild, whisper etc.

If you hook this using a detour you could make your dll read commands the user types in and prevent them being sent to the server just an example of one possible use.

Cya till next time :)

02/22/2010 22:10 Iktov#2

This is great work. I have been working out trying to get this working for /commands and such for a while and kept fucking it up and crashing the game.

This works superb.

02/22/2010 22:30 Mr_Troy22#3

Great job

About detouring the ChatInput :
Here's what I've found

Code:

0048E730   8D45 D0          LEA EAX,DWORD PTR SS:[EBP-30]
0048E733   68 101F4D00      PUSH TwelveSk.004D1F10                   ; ASCII "/out"
0048E738   50               PUSH EAX
0048E739   E8 90640300      CALL TwelveSk.[B]004C4BCE[/B]

0048DD36   8D45 D0          LEA EAX,DWORD PTR SS:[EBP-30]
0048DD39   68 FC1F4D00      PUSH TwelveSk.004D1FFC                   ; ASCII "/hide"
0048DD3E   50               PUSH EAX
0048DD3F   E8 8A6E0300      CALL TwelveSk.[B]004C4BCE[/B]

Noticed that the Calls are the same at those text strings? Well that is the function that returns your chatinput

oh and here a gift :

Experimental Godmode that stuns every monster that attcks you but still needs a bypass to not disconnect
(also needs to be compiled in C++)

Code:

unsigned long Godmode = 0x44933D; // EXPERIMENTAL
unsigned long ulOldProtect;
		if (GetAsyncKeyState(VK_MULTIPLY)&0x8000)
		{
			bGodmode=!bGodmode;
			if (bGodmode == true)
			{
				VirtualProtect((void *)Godmode, 5, PAGE_EXECUTE_READWRITE, &ulOldProtect);
                FlushInstructionCache(GetCurrentProcess(), (void *)Godmode, 5);
                *(long*)Godmode=2517175768;
                VirtualProtect((void *)Godmode, 5, ulOldProtect, &ulOldProtect);
			}
			if (bGodmode == false)
			{
				VirtualProtect((void *)Godmode, 5, PAGE_EXECUTE_READWRITE, &ulOldProtect);
                FlushInstructionCache(GetCurrentProcess(), (void *)Godmode, 5);
                *(long*)Godmode=2286423512;
                VirtualProtect((void *)Godmode, 5, ulOldProtect, &ulOldProtect);
			}
			Sleep(500);
		}

after a few crashes : (still need to find a way on how to change the color)
[Only registered and activated users can see links. Click Here To Register...]

:D:D:D

02/22/2010 23:16 Mega Byte#4

Very Nice :)
Prehaps look at other messages and see what makes them have certian colors :) I think the color's are stored in an array.

02/25/2010 15:33 zowex#5

Now this is what i am talkign about!! Finaly something i can use and learn from .. great job Mega Byte! I was hoping we could could get in toutch and exchange some information witch hopefully can be of even greater advantage for hack users in here! I sent you a PM. /zowex

03/05/2010 05:11 12sky#6

what do this do? how can i use it?

03/05/2010 06:21 Iktov#7

Quote:

Originally Posted by 12sky

what do this do? how can i use it?

It allows you to automate chat via your own program. The code above shows you how to bind a specific message to any key. So when you hit that key it will send your message to chat. You could also automate your program to chat by itself under certain circumstances.

It is an example code on how to use the games own code in your own program to automate things. Such as make a bot.

03/05/2010 06:28 12sky#8

Quote:

Originally Posted by Iktov

It allows you to automate chat via your own program. The code above shows you how to bind a specific message to any key. So when you hit that key it will send your message to chat. You could also automate your program to chat by itself under certain circumstances.

It is an example code on how to use the games own code in your own program to automate things. Such as make a bot.

i dont know how? but can u make it for me?
btw can i said red word in chat like GM?

03/05/2010 06:35 Iktov#9

Quote:

Originally Posted by 12sky

i dont know how? but can u make it for me?
btw can i said red word in chat like GM?

Well I think the point in this post was to promote people making things themselves. It shows an example of how to use the games code to automate things(exactly what you need to make a full bot).

03/05/2010 08:49 Mega Byte#10

Please read tutorials on the internet for C++ and DLL making / DLL Injection and such. There are even a few on this website somewhere.

03/13/2010 10:24 Cymon#11

yeaaaaaaah, now i can learn how to hack over night, megabyte

it even rymes :)

03/26/2010 00:03 Mega Byte#12

Posted note about update :)