[CODE]Ingame Functions( POST YOUR FINDINGS HERE )

[jetrenz45]

@TheStupidDog, sir will you still be updating the AFKloader together with Thr!ce and NtKid? It will be really nice though.

[rfdeath0214]

Note : Using the updated pointer by cris made the MOBS on instances move quick.

Instance : OW : MS Solo

So basically the supposed speed movement went to the mobs and not the player. XD

[akoposimhack]

how can i use this what software should i use?

[ken12]

Time to revive this old thread =)

[AlainProvist]

Haha, I let you do the first step then feel free to share

[ken12]

Well I'am struggling some sort of error (dunno what error) on my mini-bot...


Here are my functions to share..

Code:

void WalkTo(float X, float Y){
PlayerInfo *Axis = NULL;
PlayerInfo->X = X;
PlayerInfo->Y  = Y;

DWORD dunAddr = ReadPointerAddress(0x0164A8C, 2, 0x51C, 0x3E8);
	if (dunAddr == 0)
		return;
DWORD addr = ReadPointerAddress(0x01A6DF4, 3, 0xC0, 0x10, 0x0);
	if (addr == 0)
		return;

__asm mov ecx, (ClassPointer)
((int(__stdcall*)(int, void*, int, int, int))0x006733B0)(Dungeon, (PlayerInfo*)Axis, 0, 0, 1);
}

Everytime that function gets called (Maybe 5 or 6 times straight of call) game crashes.

[AlainProvist]

oO is this C language ??

Code:

PlayerInfo *Axis = NULL;
PlayerInfo->X = X;
PlayerInfo->Y  = Y;

If this is C, I'm even wondering how this can compile :s

Not sure if this is what you meant but at least this is grammatically correct :

Code:

void WalkTo(float X, float Y){
PlayerInfo Axis;// no pointer here or dynamic allocation : the address here will be on the stack
Axis.X = X;
Axis.Y = Y;

DWORD dunAddr = ReadPointerAddress(0x0164A8C, 2, 0x51C, 0x3E8);
	if (dunAddr == 0)
		return;
DWORD addr = ReadPointerAddress(0x01A6DF4, 3, 0xC0, 0x10, 0x0);
	if (addr == 0)
		return;

__asm mov ecx, (ClassPointer)
((int(__stdcall*)(int, void*, int, int, int))0x006733B0)(Dungeon, (void*)&Axis, 0, 0, 1);
}

[ken12]

Well I've tried that one as well.. and also I already tried making new Struct, btw that PlayerInfo is a struct. Im also struggling with the Click to teleport command, can't even know where to start looking =D


Edit:
Im writing a bot for Aura Kingdom private server. Still far from a good bot, but i'll try to make one. =D

Edit2:

And also, I wonder why writing value (Speed Hack) + reading memory address makes the game GUI crash/dislocated..

[Daifoku]

Quote:

Originally Posted by ken12

And also, I wonder why writing value (Speed Hack) + reading memory address makes the game GUI crash/dislocated..

Check the address ^^
Addresses may be invalid after creating a new thread (switching channel, log in, going to navia, etc..)

Code:

	
	DWORD address;
	address = *(DWORD*)(0x00C22194); 
	if (!address) return -1;
	address = *(DWORD*)(address + 0x2fc);
	if (!address) return -1;
	address = *(DWORD*)(address + pukNum * 0x4);
	if (!address) return -1;
	address = *(DWORD*)(address +  0x32c);
	return address;

any idea how to do this check in plain _asm{} ?
and can you show me, how this call is made with _asm{} ?

Code:

((int(__stdcall*)(int, void*, int, int, int))0x006733B0)(Dungeon, (void*)&Axis, 0, 0, 1);

I don't get, how one can pass a struct as a parameter in asm. You pass the Address of Axis, but how can the function access the parameter X and Y ? (void*)&Axis+0 and (void*)&Axis+4 ?

[ken12]

well its like this

Code:

__asm{
 push 1
 push 0
 push 0
 push (Struct Pointer/Or any pointer that leads to coordiante X and Y)
 push dungeonID
 call Addr
}

[Daifoku]

Oh okay, so there is no seperate parameter for x and y ? Coz in my version, there is.
something like this:

Code:

	
__asm
{	
mov edi, lpthis;
mov edi, [edi];
mov edi, [edi + 0x0000001c];
mov ecx, edi;

push 0x40400000;
push 1;
push Y;
push X;
		
call lpFunction;
}

[ken12]

Well that was the old fashion way of calling the Walk Function, I have that function too but crashes so much unlike the other one.. >.< Just have to find out what causes the crash..


this is what your talking about right?

Code:

__asm mov ecx, (ClassPointer);
((int(__stdcall*)(float, float, int, float, char, int))0x006F1CB4)(PointX, PointY, 1, 3, 1, 0);

[Daifoku]

yep right, that's exactly what i meant. helped me a lot, thanks

[ken12]

Thats the easiest way to call the function ^_^ And also, if you wanna know how many args/parameters are being pushed, you may look the end of the function call and look for RET X, where X are the number of pushes in 4byte lenght.

ex. RET 0x4 = 1 arg/parameter
RET 0xC = 3 arg/parameter etc. etc...

[Daifoku]

oh that's nice to know
Til now I was using IDA to get the signature + calling convention ^.^

Already learnt a lot from AK