Quote:
Originally Posted by AlainProvist
Anyway if there is a chance to make this work on any server/client by exposing offsets or whatever need to be exposed, I'll grab this chance.
|
AOB (Array of Bytes) search. find specific memory patterns and search for those patterns.
under windows, you can simply do that with an injected DLL and the VirtualQueryEx API.
this gives us the luxury of searching within the process'
committed memory without using the ReadProcessMemory API at all, instead, we use pointers.
meaning the memory search will be ultra-fast and thanks to VirtualQueryEx, it will also be safe and efficient.
I have my AOBs (patterns) from the CBT for: character name, level, health, target, coordinates and "teleport" coordinates.
they're still valid since then. no need to use base addresses and offsets and all that stuff, a simple few seconds search and you get all those addresses.
If you're using Cheat Engine, use the Memory View feature and go to the address of the value you want to find a pattern for.
if a unique pattern does exist (in most cases it does), finding it is fairly easy, just takes a little bit of trial and error.
once you find that pattern, you just search for it and add the offset from that pattern to the original address and you're pretty much done.
A good pattern should work for a long time, until, of course, the game will drastically change.
as I said, the patterns I'm using are still working since the CBT.
looking for AOBs such as texture names, file paths and stuff like that is usually a good thing and in AK the client is full of them.
for example, you can retrieve most of the character information from a few structures, some of those structures are "connected" to the UI.
and because of that, there will be texture names close to such structure.
find a unique one that is close enough to the structure and its distance (offset) from the structure doesn't change and you've got yourself a good AOB without even the need of using mask for the pattern search.
2 tips:
1. Try to find a small AOB, large ones will impact the search speed. the bigger the pattern is the longer it will take to find it.
bigger AOBs are often more accurate of course, you need to find one that is not too big but not too small, unless it's really unique.
2. Like I said, try to use really static things like strings and such, using a mask in the pattern search will make the search less accurate and often slower. don't use a mask unless you really have to.
Just in case you are not familiar with pattern searches and don't know what a mask is:
let's say I've found my AOB and it's:
01 02 03 04 05 06 07 08 09 0A
so searching for it is easy, but what if it is always like this except that sometimes the 4th byte changes?
for example:
01 02 03 2F 05 06 07 08 09 0A
01 02 03 52 05 06 07 08 09 0A
and so on.
this is where we use a mask and this is where an AOB really have a pattern (AOB alone is a pattern too, of course, but this is a real pattern).
A mask in a pattern search is usually represented as x's and ?'s.
an "x" simply means a "hit", meaning the byte in the AOB is static and usually a "?" will be the "miss", meaning a dynamic byte that will be ignored.
so in my search I will have an AOB and a mask:
AOB: 01 02 03 FF 05 06 07 08 09 0A
Mask: xxx?xxxxxx
then, it will search through the memory and it will always ignore the 4th byte, it will only care about the other hits, as long as they are all in the right order of course.
Again, if you can go around without using a mask, that's the best way to go. but many times we just have to use a mask because the game just doesn't have a good enough pattern for us to use.
Good luck!
Oriya.
. The only reason why I chose first the french version was ignorance. Was not aware that the server and even the client were country specific. And now, even if I regret this choice I'm too lazy to start again new chars... 
