Looking for Encryption function

AlainProvist · 01/05/2015, 16:03

Thought you were trying to get the list directly from packet received and not from the ram

.

Here is what I use for entity browsing :

Code:

struct EntityElement
{
	EntityElement* next;
	EntityElement* previous;
	int id;
	Entity* entity;
};

template <typename T>
struct Collection
{
	DWORD unk1;
	DWORD unk2;

	template <typename T>
	struct Container
	{
		T* begin;
		T* unkLink1;
		T* unkLink2;
	};

	Container<T> *container;// 8
	int nbElements;

	BYTE unk3[0x1c];// 10

	std::string name;// 2c : name of the collection
};
typedef Collection<EntityElement> EntityCollection;
typedef Collection<SkillCooldownDataElement> SkillCooldownCollection;

enum EntityCollectionType {ECT_Chara, ECT_Effect, ECT_Duel};

Entity collection and skill cooldown data use the same base structure. That's why I made a generic template collection class.

Code:

EntityCollection* GetEntityCollection(EntityCollectionType type, ULONG lpBase)
{
	size_t* addr = (size_t*)lpBase;
	if(addr)
		addr = ThreadSafeReadAddress(addr, 0);
	addr = (size_t*)((size_t)addr+0x61C+type*sizeof(EntityCollection));

	return (EntityCollection*)addr;
}

The offset is the one you talked I suppose (mine is from the french client).

Very simple way to use this (linked list):

Code:

	EntityCollection* ec = GetEntityCollection(ECT_Chara);

	EntityElement *el = ec->container->begin;
	for(int i = 0; i < ec->nbElements; ++i)
	{
		Entity* ent = el->entity;
		// any code there...

		el = el->next;
	}

ken12 · 01/05/2015, 16:08

Code:

EntityCollection* GetEntityCollection(EntityCollectionType type, ULONG lpBase)
{
	size_t* addr = (size_t*)lpBase;
	if(addr)
		addr = ThreadSafeReadAddress(addr, 0);
	addr = (size_t*)((size_t)addr+0x61C+type*sizeof(EntityCollection));

	return (EntityCollection*)addr;
}

What do you mean by "type" in line with 0x61C

I've tried the packet thing, but it sends lots of trash data >.<

AlainProvist · 01/05/2015, 16:12

There are 3 consecutive Collections at 0x61C (for the french client) :
enum EntityCollectionType {ECT_Chara, ECT_Effect, ECT_Duel};

The "type" argument allow you to use the collection you want (genrally the 1st one : ECT_Chara).

ken12 · 01/05/2015, 16:18

I see we have the same collections @ 0x61C,

0x61C -> IDK
0x620 -> IDK
0x624 -> For enemy/players around...

0x624 have this address which leads to all the the enemy id etc. etc...

I still dont get how'd you construct that entity. since its my first time to see such thing.. Lol=D Or should I say my first time to fully understand what entity means..

EDIT::

BTW I've seen those CharaCollection, EffectCollection, DuelCollection.. what are those for?

Edit2:

actually this one

Code:

template <typename T>
	struct Container
	{
		T* begin;
		T* unkLink1; <--- Is the number of enemy/npc/player around you for the CharaCollection..
		T* unkLink2; <--- No guess
	};

Edit3:

I think I fully get it now how the Entity you made is constructed. I just realized it now. Maybe I just need a lil more of explanations how the code you constructed works..

AlainProvist · 01/05/2015, 16:41

The names you've seen are the 3 collection names located at :
std::string name;// 2c : name of the collection
(0x2C+4 for the raw chars in this case)

For these entity collections only begin link is used (or anyway unklink1 and 2 are not used).
The number of entities (or objects if you prefer) of the collection is in the Collection class :
int nbElements;

The container is just a small structure containing the 1st entity element of the collection. Then each element is linked to the next one and the previous one.

The definition of Entity is (for me) this one :

Code:

struct Entity
{
	DWORD unk1;
	DWORD unk2;
	DWORD entityID;//8
	EntityInfo *info;//C
	Model* model;// 10
	BYTE unk3[ 0x0000014 ];//14
	DWORD typeID;//28
	Actor* actor;//2C
	DWORD unk5;//30
	float positionX;// 34 
	float positionY;// 38 
	BYTE unk6[ 0x0000054 ];//3C
	DWORD unk7;// 90 : this is not the target id...
	BYTE unk8[ 0x00000D8 ];//94
	Vector3f position;//16C
	BYTE unk9[ 0x0000078 ];//178
	DWORD* templateData;//1F0
};

With EntityInfo the struct you linked previously.

ken12 · 01/05/2015, 16:47

Quote:
Originally Posted by AlainProvist
The names you've seen are the 3 collection names located at :
std::string name;// 2c : name of the collection
(0x2C+4 for the raw chars in this case)

For these entity collections only begin link is used (or anyway unklink1 and 2 are not used).
The number of entities (or objects if you prefer) of the collection is in the the collection :
int nbElements;

The container is just a small structure containing the 1st entity element of the Collection class. Then each element is linked to the next one and the previous one.

The definition of Entity is (for me) this one :
Code:
struct Entity
{
	DWORD unk1;
	DWORD unk2;
	DWORD entityID;//8
	EntityInfo *info;//C
	Model* model;// 10
	BYTE unk3[ 0x0000014 ];//14
	DWORD typeID;//28
	Actor* actor;//2C
	DWORD unk5;//30
	float positionX;// 34 
	float positionY;// 38 
	BYTE unk6[ 0x0000054 ];//3C
	DWORD unk7;// 90 : this is not the target id...
	BYTE unk8[ 0x00000D8 ];//94
	Vector3f position;//16C
	BYTE unk9[ 0x0000078 ];//178
	DWORD* templateData;//1F0
};
With EntityInfo the struct you linked previously.

Yeah yeah, I got you in there we have the same entity as for the private server. I guess they have the same files (but outdated only i guess) That EntityInfo is the PlayerStruct Posted by Thr!ce right...

But my question now is, how are you going to get the each entity data? Like for example...

Okay you've scanned entity collection in this portion of the map. How are you going to get the data?

Like For example

EntityCollection* MyEntity = GetEntityCollection(...)
MyEntity->entity->info->GetHP to get the HP
MyEntity->next->entity->info->Get next HP somewhat like that?

.. I just dont get it how are they gonna be called @.@ Sorry still noob on such complex things like that..

AlainProvist · 01/05/2015, 16:55

Entity data are already here in the ram. This code does absolutely nothing except retrieve addresses of entities stored in the collection by the game. Basically each time a new entity becomes relevant (i.e. enters your field of view) the server push the data to the client that will simply add it to the collection. Same with irrelevancy with a delete from the collection.

All you have to do is using the collection exactly as the game does.
My set of structure is simply a convenient way to access easily any entity from the collection to do various things (like selecting the nearest mob).

ken12 · 01/05/2015, 17:06

Yeah I missed your statement on how to use the entity, everything's clear now. I just have to try it and fix some various misaligned structs for PS server. =) I'll ask you more if I have questions.. =)

Oriya9 · 01/05/2015, 17:56

If you want to keep the list synced via packets:

Code:

NPC_SPAWN = 0x01B6
NPC_DESPAWN = 0x0123
NPC_MOVEMENT = 0x01C7
NPC_KILLED = 0x01BB

The first 4 bytes in NPC_SPAWN are the dynamic ID of the NPC in the world (usually called "UID", which stands for Unique ID).
The following 2 bytes are the static ID of the NPC which you can gather information about (such as the NPC name, type of NPC ["Normal NPC", monster, etc]) from "data\db\c_biology.ini" and "data\db\t_biology.ini".

ken12 · 01/06/2015, 00:05

Yay thanks oriya! =) I'll try when I get home tonight. =)