packets

[fear-x]

anyone knows how to make packet bots?
i want to try give it a shot making packet bot for cabal online to do auto quests.

if not packet bot, then i would like some ideas of making jsut natural bot on how to make it do quests automatiaclly. from npc to npc to killing mobs etc.

never done such a bot(only hunting bots)

[alpines]

Well that's quite a difficult chapter, especially for games which are not unknown.
I assume Cabal Online is protecting its packets with a encryption so you have to find the Encryption Algorithm + its key (probably somewhere on the internet already).

After you've done that you'll be able to read the packets properly.
Each packet is seperated into different parts, Headers, Flags, Data, ...

You'll have to parse some packets to know where these bytes start and what these bytes do.

For example a packet could look like this.

Code:

08 1A FF FF 3D FC C3 B2

Each byte represents a part of the packet and has its own meaning.

For example the 08 could stand for the packet size (8 bytes in total).
1A could mean a specific header for targeting mobs, npcs, players etc.

The rest could be the data but that varies in every online game.


As you can see it's not that easy to make a packet bot for a mmorpg.
You have to rebuild many functions from the original client and you have to parse every single packet that is sent to you.

AutoIt is probably not fast enough (especially not with encryptions but you could give it a try) to provide a solid base for packet bots.

---- Or ----

You use a proxy for the game. Which means that you use a program which hooks the Send / Recv Function of the game and sends packets you want to send.

Using this way you don't have to rebuild many functions because the game parses the packets itself.
The only thing you have to do is to find out the mob locations by the packets, the mob targeting packets and the attack sending packet. The proxy itself will provide a GUI or something similar to send your packets to the game.

[Shadow992]

The only possible solution how you can read/write packets is using some asm code to extract not encrypted packets and read/modify them. All other solutions are too slow if you want to use only autoit.

I did something similiar for nostale sometime ago, it worked like a charm (unfortunately thread is german but maybe google translator is good enough):


Here is my udf i used for doing such things, with this udf you will not need much asm knowledge, just some debugging skills because you have to find a location in exe where it is possible to read the whole unecrypted packet:

[fear-x]

wow thank you both !
i surely will have to google alot of information now.
any more advice/tips on how to get going ?

XIGNCODE3 detects the CCInject tool ;D fk.


Or i have another idea .
here is what i am wanting to do in the first place.
I want to run multiple accounts doing quests making me ingame gold.

So this idea i tought of is, to create a TCP Send/Receive mouse/keyboard clicks to other computer or 2-3 etc and do teh same thing.
"i will make same character class in same place, i will put them all in same position 1:1 and then play the game on my main pc , and along side those other characters in other computers will be doing same gameplay as me on my main by receiving same clicks." ? this is for personal use anyways

[alpines]

That's possible. In many online games you see 20 characters standing on the same spot with names like oij0xy9cjh02h.

You could make a script which would transfer these inputs over to the 2nd PC. The question would be how you want to tell these inputs the game.
If Send etc is blocked by an Anti-Cheat you'll have to try something else.

A possible way would be to do many things oder memory manipulation. In an mmorpg I was able to move the character by changing the position (memory address of the position).

[fear-x]

yeah .. hmm.. i was thinking to Use TCP in localhost. over tcp send keyboard/mouse clicks to other PCs and i think Send does work ? if using #AdminRequired

but if it doesnt, what other options ive got besides bypassing?

EDIT: back with test result , indeed #RequireAdmin makes the Send() Command to work without issues.

now all i need to do is write up TCP Parts to Send/Receive Kbrd+Mouse controls and will be done.
i am terrible with tcp but il give it a shot ;D

[alpines]

I made something similar some months ago so I'll post you the some codes. If some are missing just add them.

Code:

Local $aKeys[84] = ["01", "02", "90", "A0", "A1", "A2", "A3", "08", "09", "0D", "10", "11", "12", "14", "1B", "20", "25", "26", _
						"27", "28", "2D", "2E", "30", "31", "32", "33", "34", "35", "36", "37", "38", "39", "41", "42", "43", "44", _
						"45", "46", "47", "48", "49", "4A", "4B", "4C", "4D", "4E", "4F", "50", "51", "52", "53", "54", "55", "56", _
						"57", "58", "59", "5A", "5B", "5C", "60", "61", "62", "63", "64", "65", "66", "67", "68", "69", "70", "71", _
						"72", "73", "74", "75", "76", "77", "78", "79", "7A", "7B", "BC", "BE"]

Local $aCodes[84] = ["LeftClick", "RightClick", "{NUMLOCK}", "{LSHIFT}", "{RSHIFT}", "{LCTRL}", "{RCTRL}", "{BACKSPACE}", "{TAB}", "{ENTER}", "+", "^", "!", "{CAPSLOCK}", _
						 "{ESC}", "{SPACE}", "{LEFT}", "{UP}", "{RIGHT}", "{DOWN}", "{INSERT}", "{DEL}", "{0}", "{1}", "{2}", "{3}", "{4}", "{5}", _
						 "{6}", "{7}", "{8}", "{9}", "{a}", "{b}", "{c}", "{d}", "{e}", "{f}", "{g}", "{h}", "{i}", "{j}", "{k}", "{l}", "{m}", "{n}", _
						 "{o}", "{p}", "{q}", "{r}", "{s}", "{t}", "{u}", "{v}", "{w}", "{x}", "{y}", "{z}", "{LWIN}", "{RWIN}", "{NUMPAD0}", "{NUMPAD1}", _
						 "{NUMPAD2}", "{NUMPAD3}", "{NUMPAD4}", "{NUMPAD5}", "{NUMPAD6}", "{NUMPAD7}", "{NUMPAD8}", "{NUMPAD9}", "{F1}", "{F2}", "{F3}", _
						 "{F4}", "{F5}", "{F6}", "{F7}", "{F8}", "{F9}", "{F10}", "{F11}", "{F12}", "{,}", "{.}"]

Of course LeftClick / RightClick have to be handled via MouseClick not Send.

[fear-x]

thanks ! might come in handy!
i was thinking to go more along with _IsPressed() and then loop the keycode 0 to FF or whatever is highest...

[alpines]

Yes, that's what you have to do. Just iterate the code array and if you see that a specific code is pressed, simply use the $i (iteration index) on the key array in combination with send.

[fear-x]

yeah but i was thinking to just do Certain keys only. so i would do a part for each key instead then. because all i need to WASD + 1-0 + mouse clicks. so then there wont be any unnecesary clicks being sent to other clients...

EDIT: i have some concern regarding the click detecting... can autoit detect multiple clicks at once?
like say ingame you move with W and D so you are moving forward_right way... i hope you get me o.O

EDIT 2 : is this correct? or is it something wrong? or is it just my script...

Code:

Local $WASD[4] = ["57", "41", "53", "44"] ;= check for moving
			For $Walking = $WASD[0] To $WASD[3]
				If _IsPressed($Walking) Then
					Sleep(100)
					$Socket = TCPConnect($ip, $port)
					TCPSend($Socket, $Walking)
					If @error Then
						_AppendInfo("Cannot send : "&$Walking&"!,"&@error)
					Else
						_AppendInfo("Sent : "&$Walking&"!,"&@error)
					EndIf
				EndIf
			Next ;==========================================================

seems to me like its correct. but aint working

EDIT 3: Figured it out . i dont know how i missed it...
;For $walking = 0 to 3
;$WASD[$Walking]

anyway, maybe you can suggest a way to detect when a mouse is dragged when pressed or just clicks ?
im thinking to do maybe -> IsPressed(01) then If $Coord = not $Coord then $Status = Dragged. ? obviously not like that , but its a sketch. would that workout well enough ?

[alpines]

Sure why should it not detect that.

Just do something like

Code:

If _IsPressed("walking left key", $hUser32) and _IsPressed("walking forward key", $hUser32) Then ;...

I highly recommend you to open the User32.dll via DllOpen and to pass that handle everytime you call _IsPressed because in this case you will be able to read the inputs way faster.

///

Detecting if the mouse is dragging is pretty easy. Look at this script I made months ago.
Run it and click the mouse on the desktop somewhere drag it down and to the right and you'll see a picture of that area in a file called "Screen.jpg".

Code:

#include <ScreenCapture.au3>
#include <Misc.au3>

Local $bLMBpressed = False, $aFirstPos[2], $aSecondPos[2]

While 1
	If $bLMBpressed = False And _IsPressed(1) Then
		$bLMBpressed = True
		$aFirstPos = MouseGetPos()
	ElseIf $bLMBpressed = True And Not _IsPressed(1) Then
		$bLMBpressed = False
		$aSecondPos = MouseGetPos()
		ExitLoop
	EndIf
WEnd

;~ If FileExists(@DesktopDir & "\Screen.jpg") Then FileDelete(@DesktopDir & "\Screen.jpg")
_ScreenCapture_Capture("Screen.jpg", $aFirstPos[0], $aFirstPos[1], $aSecondPos[0], $aSecondPos[1])

[lolkop]

Quote:

Originally Posted by fear-x

EDIT 2 : is this correct? or is it something wrong? or is it just my script...

Code:

Local $WASD[4] = ["57", "41", "53", "44"] ;= check for moving
			For $Walking = $WASD[0] To $WASD[3]
				If _IsPressed($Walking) Then
					Sleep(100)
					$Socket = TCPConnect($ip, $port)
					TCPSend($Socket, $Walking)
					If @error Then
						_AppendInfo("Cannot send : "&$Walking&"!,"&@error)
					Else
						_AppendInfo("Sent : "&$Walking&"!,"&@error)
					EndIf
				EndIf
			Next ;==========================================================

that code looks like non-sense...

first of all, your game is using an existing socket. connecting to that socket once again is not possible (you would have to build a proxy script and redirect the game to the proxy). beside that, you'll need to send real packets. the packets you're trying to send, consist of single characters. normal game packets ain't structured like that...

[fear-x]

Quote:

Originally Posted by lolkop

that code looks like non-sense...

first of all, your game is using an existing socket. connecting to that socket once again is not possible (you would have to build a proxy script and redirect the game to the proxy). beside that, you'll need to send real packets. the packets you're trying to send, consist of single characters. normal game packets ain't structured like that...

i am not connecting to the game. you missed a few posts budd

EDIT : thanks alpines for that little script. with some extra maths inside it , i made the coords reverse if the mouse was drag from bottom or whichever way and itll be perfect to detect mouse drags i think...

[lolkop]

Quote:

Originally Posted by fear-x

i am not connecting to the game. you missed a few posts budd

EDIT : thanks alpines for that little script. with some extra maths inside it , i made the coords reverse if the mouse was drag from bottom or whichever way and itll be perfect to detect mouse drags i think...

sry, obviously u're right...

i didn't get the idea of doing one and the same action on mulitple machines...

it's still a bad idea to do multiple connections to each of them... using tcp connect on keyboard actions would be an overkill. the better way would be, to keep connected to multiple machines and only send packets on keydown/keyup events (without having to establish a new connection each time).

beside that, your idea won't realy work. pressing a key for a specific time, won't make you walk to a specific position. the distance between the client's will get bigger, with every second the script runs...

while it might work quite good for a few seconds/minutes it will get worse over time.

[alpines]

lolkop, I think he won't reconnect everytime he wants to send an key event.
Also I don't think that he'll be sending everytime data, only if a key is pressed / released.

It might work but it depends on the game. Some games will reset a character for example if he's experiencing a lag and that will crush everything.

To avoid that, you could read the character position and create a tolerance where the character should stay and look.