VB6.0 Multi-Client test

I was messing around with Visual Basic again and since i've tried converting to C# and it's not working out, and also there are so many VB6.0 programmer's either using the tool cause they enjoy it, or they're just satrting out and need some fresh code to work with, ALSO it may not be 'as' good as let's say vb.net it is however still rather flexible allowing much possibility (may take more code but it'll get the job done).

Anywho it was a piece of code that unknownone has given me to Inject the DMA HP, and then read from our created codecave.

Was a simple Findwindow / FindwindowEX multi client type deal snippet.Took me a few month's to figure out exactly what i was trying t oget it to do...then today it just popped up so give it a shot, tell me if it's working...maybe?

If so then i'll just remake the whole project i have over to the multiclient source.
the ONLY bug i found so far is when you load up another client, it'll fill the listbox with a blank character name since it has yet to be stored in the Memory since you havent logged a char in.

so i added a refresh button to bring it back to life for ya. Just got a few Memory values at the moment.

Stamina,Money,Character name,Virtue,Level, Current HP, Arrow Count (If ya got an archer can try it), and player/npcs/monsters in the area.If it work's i'll do as i said and add the rest of it !


couldnt upload it here i dont know why but here's a link
[Only registered and activated users can see links. Click Here To Register...]

Scan for MultiClient_Test.exe unpacked from zip file>>>

Quote:

Complete scanning result of "MultiClient_Test.exe", received in VirusTotal at 03.21.2007, 21:31:42 (CET). Antivirus Version Update Result AhnLab-V3 2007.3.22.0 03.21.2007 no virus found AntiVir 7.3.1.44 03.21.2007 no virus found Authentium 4.93.8 03.20.2007 no virus found Avast 4.7.936.0 03.21.2007 no virus found AVG 7.5.0.447 03.21.2007 no virus found BitDefender 7.2 03.21.2007 no virus found CAT-QuickHeal 9.00 03.21.2007 no virus found ClamAV devel-20070312 03.21.2007 no virus found DrWeb 4.33 03.21.2007 no virus found eSafe 7.0.14.0 03.21.2007 no virus found eTrust-Vet 30.6.3497 03.21.2007 no virus found Ewido 4.0 03.21.2007 no virus found FileAdvisor 1 03.21.2007 no virus found Fortinet 2.85.0.0 03.21.2007 no virus found F-Prot 4.3.1.45 03.20.2007 no virus found F-Secure 6.70.13030.0 03.21.2007 no virus found Ikarus T3.1.1.3 03.21.2007 no virus found Kaspersky 4.0.2.24 03.21.2007 no virus found McAfee 4989 03.21.2007 no virus found Microsoft 1.2306 03.21.2007 no virus found NOD32v2 2132 03.21.2007 no virus found Norman 5.80.02 03.21.2007 no virus found Panda 9.0.0.4 03.21.2007 no virus found Prevx1 V2 03.21.2007 no virus found Sophos 4.15.0 03.13.2007 no virus found Sunbelt 2.2.907.0 03.16.2007 no virus found Symantec 10 03.21.2007 no virus found TheHacker 6.1.6.078 03.20.2007 no virus found UNA 1.83 03.16.2007 no virus found VBA32 3.11.2 03.21.2007 no virus found VirusBuster 4.3.7:9 03.21.2007 no virus found Webwasher-Gateway 6.0.1 03.21.2007 no virus found Aditional Information File size: 520192 bytes MD5: 1cbead6bedda475bb1ca545b520daa81 SHA1: 87c1baac9f1a176c04fe1346693f1996b7c5e31f

All Clean!

@blinko > I tried it out.
Character names: Works, showed all acounts open.
Current HP: Flips between 10000 and 9120. 9120 is my true HP.
Gold: Works, showed right amount.
Virtue Points: Showed 88, I believe I have more then that like over 2000.
Level: Worked, shows right LV
Play/NPCS/Mon in your area: I'll say it works because I didn't take a count of them.
Arrows Left: Showed I had 6535? But I was tro with no arrows. My water showed 0.
WP%: Worked, showed right amount and instep with client.

Keep it up!

Quote:

@blinko > I tried it out. Character names: Works, showed all acounts open. Current HP: Flips between 10000 and 9120. 9120 is my true HP. Gold: Works, showed right amount. Virtue Points: Showed 88, I believe I have more then that like over 2000. Level: Worked, shows right LV Play/NPCS/Mon in your area: I'll say it works because I didn't take a count of them. Arrows Left: Showed I had 6535? But I was tro with no arrows. My water showed 0. WP%: Worked, showed right amount and instep with client.

i never really thought it possible to gather a reading as good as i have gotten using vb6. So i was happy. Virtue points was dead on for me., as was my HP it even showed as it dropped.However.. it might depend on what client you're using.I'm using the multiclient prog4mer has made, and i believe it was 4339 or whatever it was.If there is a newer one then if you'd direct me to the right link for iti'll get on working with it, as long as everyone is using it as well lol, perhaps i can just gather a few of the multiclients around the forum and maybe separate the modules, means for more code and a slightly bigger file, but i'm sure we can do a "Which client will you be using?" splaash screen., as soon as i get all the memory reading into it and give it a nice little gui i'll be trying to add some macro functions to it as well.

Perhap's a auto gaurd lvler,SH lvler for a test, then once thats complete and successful i'll hop into getting some ASM to create a character 'jump' based on coder62's tutorial of course

The multi client I'm using I made myself.
It's from patch 4334, as there has been no new conquer.exe since then.

What about the arrows on my tro? He didn't have any in the inventory.
Could there be a dynamic address for arrows an VP? Just throwing ideas out there.

Quote:

Originally posted by a1blaster@Mar 21 2007, 22:36 The multi client I'm using I made myself. It's from patch 4334, as there has been no new conquer.exe since then. What about the arrows on my tro? He didn't have any in the inventory. Could there be a dynamic address for arrows an VP? Just throwing ideas out there.

well arrows are at a pointer address 0051307C with an offset of 46

which is 70 in hex so we just take the value that we get from reading the memory for that address then add 70 to the value we get then we take that new value and enter it into another ReadProcessMemory piece, giving us a new value at 2 bytes instead of 4.So even though you was on a trojan that memory address STILL hold's a value, only if your an archer it gives the amount of arrows left in the pack that you have equipped, any other class other than a archer will return a set of number's that really have no significance.Since we're reading memory there's always going ot be a value in the memory thats being used.

A way around that would be for example the Job ID's from the Professions.ini file, i believe job id 40 is a Master archer..i'd have to open the file up and look, but i ccan say for example.

If JobID = "40" or "39" then
ReadProcess at 2 bytes for speed arrows
elseif JobID = "38" or "37" or "36" then
ReadProcess as 1 byte for the lower lvl arrow packs
else
lblArrow.caption = "Not Playing as an Archer"
end if

and it woudl kind of catch that exception.
and if you're an archer it'll read the byte length for that certain arrow/lvl
and if your jobid doesnt match none that is an archer class, thne it wont read the memory address and give you those unimportant values.

i hope u know what i mean.

using prog4mer's unpacked exe, i get all the readings correct, except for arrows (because the character tested on is not an archer).
keep up the good work.