[Free Source] BDO Market Bot/Animation Speedhack

[Ustonovic]

[ruikangzhu1990]

if you want to learn how this work thats fine, but if you are doing it to use it then I dont recommend to do so because once the new market changes come this will be useless

[Black_and_White]

Quote:

Originally Posted by ruikangzhu1990

if you want to learn how this work thats fine, but if you are doing it to use it then I dont recommend to do so because once the new market changes come this will be useless

Good day my primary Motivation is defenitely learning how this works. @: Thanks for the screenshot ill get back to it in the evening

Thanks again for the ss @ maybe you could help me out one more time?

Update: Ayyy works now

[Akllwzk]

I've tried to dump the process as admin using process dump x64 but I got the issue:

Quote:

Loading clean hash database from 'C:\Users\l\Documents\pd_v2_1\clean.hashes'.
Did not find an existing clean hash database, using an empty one.
dump_process CreateToolhelp32Snapshot failed with error 5: Access is denied.
dumping process unknown with pid 0x2a2c...
... building import reconstruction table ...
Finished running.

is anybody able to dump it?

[Akllwzk]

@ would you mind sharing what's the average size of the dumped BlackDesert64.exe process? After some research, I was able to dump it but I'm not sure if the ~77mb dumped file is correct.

[Ustonovic]

use hide x64dbg and then use Scylla to dump.

[MakerTheWord]

Thanks for sharing your knowledge, I learned a lot from this.

I would like to implement a minimacro function.

es:
receive[F12] ---> send [Shift]+[W] -> 200ms -> send [L mouse]

it will be complicated?

[ruikangzhu1990]

Quote:

Originally Posted by MakerTheWord

Thanks for sharing your knowledge, I learned a lot from this.

I would like to implement a minimacro function.

es:
receive[F12] ---> send [Shift]+[W] -> 200ms -> send [L mouse]

it will be complicated?

1 or 2 lines of code top

[Tripple2]

Quote:

Originally Posted by Ustonovic

Since I got all the items I needed with this bot (about 10k meme frags, all boss gears and enough value packs) I decided to release the source.

It is a single file (exclusive MinHook dep.) and is fully internal.
I coded it mainly as a marketplace bot but also added some animation speedhack capabilities.

Code:

#include <windows.h>
#include <stdint.h>
#include <stdio.h>
#include <string>
#include <sstream>
#include <map>
#include <iostream>
#include <ctime>

#include "third_party/minhook/source/minhook.h"

#define APPLICATION_NAME									"Mark"

#define ATA_LUA_GETTOP										0x0000000141566270 // 795 0x00000001414FE620
#define ATA_REQUEST_ITEM_MARKET_SELL_INFO					0x000000014043A040 // 795 0x0000000140434640
#define ATA_GET_ITEM_MARKET_SELL_INFO_IN_CLIENT_COUNT		0x0000000140439EB0 // 795 0x00000001404344B0
#define ATA_GET_ITEM_MARKET_SELL_INFO_IN_CLIENT_BY_INDEX	0x0000000140439EE0 // 795 0x00000001404344E0
#define ATA_REQUEST_BUY_ITEM_FOR_ITEM_MARKET				0x000000014043A410 // 795 0x0000000140434A10
#define ATA_IS_BIDDING_ITEM									0x0000000140397D40 // 795 0x0000000140392420
#define ATA_IS_BIDDING_JOIN_TIME							0x0000000140397D80 // 795 0x0000000140392460
#define ATA_GET_ITEM_MARKET_NO								0x00000001401BCA10 // 795 0x00000001401BB5A0
#define ATA_IS_BIDDING_JOIN_ITEM							0x000000014043B0F0 // 795 0x00000001404356F0
#define ATA_GET_ONE_PRICE									0x00000001402CD020 // 795 0x00000001402C78E0
#define ATA_WAREHOUSE_MONEY_FROM_NPC_SHOP					0x0000000140645E40 // 795 0x000000014063F9C0

#define ADA_LOCAL_PLAYER									0x00000001421BB768 // 795 0x0000000142108158

#define EXECUTION_INTERVAL									250

#define DEFAULT_TERRITORY_KEY								1 // Heidel
#define DEFAULT_WALLET_TYPE									2 // Warehouse
#define DEFAULT_ANIMATION_SPEED_MODIFIER					0.25f

typedef uint64_t(__fastcall* ft_lua_gettop)(void* lua_state);
typedef void(__fastcall* ft_request_item_market_sell_info)(uint32_t territory_key, uint32_t item_key, bool unk_1);
typedef int32_t(__fastcall* ft_get_item_market_sell_info_in_client_count)(uint32_t territory_key, uint32_t item_key);
typedef uint64_t(__fastcall* ft_get_item_market_sell_info_in_client_by_index)(uint32_t territory_key, uint32_t item_key, uint32_t slot_index);
typedef void(__fastcall* ft_request_buy_item_for_item_market)(uint32_t wallet_type, uint32_t item_key, uint32_t slot_index, uint32_t amount, uint64_t unk_1);
typedef bool(__fastcall* ft_is_bidding_item)(uint64_t sell_info_address);
typedef bool(__fastcall* ft_is_bidding_join_time)(uint64_t sell_info_address);
typedef uint64_t(__fastcall* ft_get_item_market_no)(uint64_t sell_info_address);
typedef bool(__fastcall* ft_is_bidding_join_item)(uint64_t item_market_no);
typedef uint64_t(__fastcall* ft_get_one_price)(uint64_t sell_info_address);
typedef uint64_t(__fastcall* ft_warehouse_money_from_npc_shop)();

static ft_lua_gettop g_fp_lua_gettop = nullptr;
static ft_request_item_market_sell_info g_fp_request_item_market_sell_info = reinterpret_cast<ft_request_item_market_sell_info>(ATA_REQUEST_ITEM_MARKET_SELL_INFO);
static ft_get_item_market_sell_info_in_client_count g_fp_get_item_market_sell_info_in_client_count = reinterpret_cast<ft_get_item_market_sell_info_in_client_count>(ATA_GET_ITEM_MARKET_SELL_INFO_IN_CLIENT_COUNT);
static ft_get_item_market_sell_info_in_client_by_index g_fp_get_item_market_sell_info_in_client_by_index = reinterpret_cast<ft_get_item_market_sell_info_in_client_by_index>(ATA_GET_ITEM_MARKET_SELL_INFO_IN_CLIENT_BY_INDEX);
static ft_request_buy_item_for_item_market g_fp_request_buy_item_for_item_market = reinterpret_cast<ft_request_buy_item_for_item_market>(ATA_REQUEST_BUY_ITEM_FOR_ITEM_MARKET);
static ft_is_bidding_item g_fp_is_bidding_item = reinterpret_cast<ft_is_bidding_item>(ATA_IS_BIDDING_ITEM);
static ft_is_bidding_join_time g_fp_is_bidding_join_time = reinterpret_cast<ft_is_bidding_join_time>(ATA_IS_BIDDING_JOIN_TIME);
static ft_get_item_market_no g_fp_get_item_market_no = reinterpret_cast<ft_get_item_market_no>(ATA_GET_ITEM_MARKET_NO);
static ft_is_bidding_join_item g_fp_is_bidding_join_item = reinterpret_cast<ft_is_bidding_join_item>(ATA_IS_BIDDING_JOIN_ITEM);
static ft_get_one_price g_fp_get_one_price = reinterpret_cast<ft_get_one_price>(ATA_GET_ONE_PRICE);
static ft_warehouse_money_from_npc_shop g_fp_warehouse_money_from_npc_shop = reinterpret_cast<ft_warehouse_money_from_npc_shop>(ATA_WAREHOUSE_MONEY_FROM_NPC_SHOP);

static bool g_market_activated = false;
static bool g_hacks_activated = false;
static std::map<std::string, uint32_t> g_targets = {
	// { "Memory Fragment", 44195 },
	{ "Value Pack (30 Days)", 17354 },
	{ "Blessing of Kamasylve (15 Days)", 17081 },
	{ "Sealed Book of Combat (15 Days)", 17646 },
	{ "Equipment Tailoring Coupon", 17611 },
	{ "Young Griffon", 18429 },
	{ "Shaggy Dog", 17939 },
	{ "Calpheon Chubby Dog", 17966 },
	{ "Desert Fox", 17976 },
	{ "Red Panda", 18098 },
	{ "Snowball Rosefinch", 18426 },
	{ "Crow", 18439 },
	{ "Snowflake Reindeer Box", 290006 },
	{ "Winter Snowflake Box", 18946 },
	{ "Horse Flute Box (Permanent)", 17973 },
	{ "Trina Knight Horse Gear Set", 21012 },
	{ "Silver Embroidered Cook's Clothes +3", 50345667 },
	{ "[Musa] Western Frontiers Premium Set", 21257 },
	{ "[Musa] Palgong Premium Set", 21359 },
	{ "[Musa] Nouse's Shard Premium Set", 29147 },
	{ "[Musa] Western Frontiers Classic Set", 21256 },
	{ "Nouver Horn Bow +0", 13138 },
	{ "Kutum Horn Bow +0", 13140 },
	{ "Dandelion Crescent Blade +0", 14762 },
	{ "Griffon's Helmet +0", 11101 },
	{ "Dim Tree Spirit's Armor +0", 11017 }
};
static uint64_t g_last_execution = 0;
static float g_animation_speed = 1.0f;

std::string get_formatted_datetime()
{
	std::time_t raw_time;
	std::tm* time;
	char time_buffer[20] = { 0 };

	std::time(&raw_time);
	time = std::localtime(&raw_time);
	std::strftime(time_buffer, sizeof(time_buffer), "%d.%m.%Y %H:%M:%S", time);

	return std::string(::_strdup(time_buffer));
}

uint64_t __fastcall hf_lua_gettop(void* lua_state)
{
	if (::GetAsyncKeyState(VK_NUMPAD6) & 0x01)
	{
		g_market_activated = !g_market_activated;

		if (g_market_activated)
		{
			std::ostringstream warehouse_money_string_stream;

			warehouse_money_string_stream.imbue(std::locale("de"));
			warehouse_money_string_stream << g_fp_warehouse_money_from_npc_shop();

			std::cout << "Warehouse Money: " << warehouse_money_string_stream.str() << std::endl;
		}

		std::cout << APPLICATION_NAME " Market state is now `" << g_market_activated << "`." << std::endl;
	}

	if (::GetAsyncKeyState(VK_NUMPAD7) & 0x01)
	{
		g_animation_speed -= DEFAULT_ANIMATION_SPEED_MODIFIER;

		std::cout << "<< Animation Speed Modifier decreased to `" << g_animation_speed << "`." << std::endl;
	}

	if (::GetAsyncKeyState(VK_NUMPAD8) & 0x01)
	{
		g_animation_speed += DEFAULT_ANIMATION_SPEED_MODIFIER;

		std::cout << ">> Animation Speed Modifier increased to `" << g_animation_speed << "`." << std::endl;
	}

	if (::GetAsyncKeyState(VK_NUMPAD9) & 0x01)
	{
		g_hacks_activated = !g_hacks_activated;

		if (!g_hacks_activated)
		{
			uint64_t local_player_address = *((uint64_t*) ADA_LOCAL_PLAYER);
			uint64_t character_control_address = *((uint64_t*) (local_player_address + 0x0380));
			uint64_t character_scene_address = *((uint64_t*) (character_control_address + 0x10));

			*((float*) (character_scene_address + 0x04BC)) = 1.0f;
		}

		std::cout << APPLICATION_NAME " Hack state is now `" << g_hacks_activated << "`." << std::endl;
	}

	if (g_hacks_activated)
	{
		uint64_t local_player_address = *((uint64_t*) ADA_LOCAL_PLAYER);
		uint64_t character_control_address = *((uint64_t*) (local_player_address + 0x0380));
		uint64_t character_scene_address = *((uint64_t*) (character_control_address + 0x10));

		*((float*) (character_scene_address + 0x04BC)) = g_animation_speed;
	}

	if (g_market_activated && ((g_last_execution + EXECUTION_INTERVAL) <= ::GetTickCount64()))
	{
		g_last_execution = ::GetTickCount64();

		for (auto const& target : g_targets)
		{
			g_fp_request_item_market_sell_info(DEFAULT_TERRITORY_KEY, target.second, false);

			int32_t target_slot_count = g_fp_get_item_market_sell_info_in_client_count(DEFAULT_TERRITORY_KEY, target.second);

			if (target_slot_count == 0)
				continue;

			for (int32_t slot_index = 0; slot_index < target_slot_count; slot_index++)
			{
				uint64_t sell_info = g_fp_get_item_market_sell_info_in_client_by_index(DEFAULT_TERRITORY_KEY, target.second, slot_index);

				if (sell_info == 0x00)
					continue;

				uint64_t sell_info_count = *((uint64_t*) (sell_info + 0x18));

				if (sell_info_count > 0)
				{
					bool is_bidding_item = g_fp_is_bidding_item(sell_info);
					bool is_bidding_join_time = g_fp_is_bidding_join_time(sell_info);
					uint64_t item_market_no = g_fp_get_item_market_no(sell_info);
					bool is_bidding_join_item = g_fp_is_bidding_join_item(item_market_no);

					uint64_t one_price = g_fp_get_one_price(sell_info);
					uint64_t total_price = (one_price * sell_info_count);

					if (g_fp_warehouse_money_from_npc_shop() < total_price)
						continue;

					std::ostringstream one_price_string_stream;
					std::ostringstream total_price_string_stream;

					one_price_string_stream.imbue(std::locale("de"));
					one_price_string_stream << one_price;

					total_price_string_stream.imbue(std::locale("de"));
					total_price_string_stream << total_price;

					if (is_bidding_item)
					{
						if (is_bidding_join_time)
						{
							if (!is_bidding_join_item)
							{
								std::cout << "[" << get_formatted_datetime() << "] Bidding on " << target.first << " (" << slot_index << "." << sell_info_count << "-" <<  item_market_no << ") [T " << total_price_string_stream.str() << " | U " << one_price_string_stream.str() << "]" << std::endl;

								g_fp_request_buy_item_for_item_market(DEFAULT_WALLET_TYPE, target.second, slot_index, sell_info_count, 0);
							}
						}
						else if (is_bidding_join_item)
						{
							std::cout << "[" << get_formatted_datetime() << "] Confirming bid on " << target.first << " (" << slot_index << "." << sell_info_count << "-" << item_market_no << ") [T " << total_price_string_stream.str() << " | U " << one_price_string_stream.str() << "]" << std::endl;

							g_fp_request_buy_item_for_item_market(DEFAULT_WALLET_TYPE, target.second, slot_index, sell_info_count, 0);
						}
					}
					else
					{
						std::cout << "[" << get_formatted_datetime() << "] Buying " << target.first << " (" << slot_index << "." << sell_info_count << "-" << item_market_no << ") [T " << total_price_string_stream.str() << " | U " << one_price_string_stream.str() << "]" << std::endl;

						g_fp_request_buy_item_for_item_market(DEFAULT_WALLET_TYPE, target.second, slot_index, sell_info_count, 0);
					}
				}
			}
		}
	}

	return g_fp_lua_gettop(lua_state);
}

BOOL APIENTRY DllMain(HMODULE module, DWORD reason, void* reserved)
{
	if (reason != DLL_PROCESS_ATTACH)
		return FALSE;

	FILE* console_stream = nullptr;

	::AllocConsole();
	::SetConsoleTitle(APPLICATION_NAME);
	::freopen_s(&console_stream, "conout$", "w", stdout);

	std::cout << "Hello, world!" << std::endl;

	if (::MH_Initialize() != MH_OK)
	{
		std::cout << "Failed to initialize hook library." << std::endl;

		return 0;
	}

	if (::MH_CreateHook(((void*) ATA_LUA_GETTOP), &hf_lua_gettop, reinterpret_cast<void**>(&g_fp_lua_gettop)) != MH_OK)
	{
		std::cout << "Failed to create `lua_gettop` hook." << std::endl;

		return 0;
	}

	if (::MH_EnableHook(MH_ALL_HOOKS) != MH_OK)
	{
		std::cout << "Failed to enable hooks." << std::endl;

		return 0;
	}

	return TRUE;
}

Small Usage Guide

Modify the g_targets variable and add the items you want to be purchased. Go to the Heidel (important, I've hardcoded the territory key cuz lazy) Marketplace and press NUMPAD 6. You should see "Mark Market state is now `1`." in the console. It will now buy all the items possible (uses the warehouse money, also hardcoded). Take care, don't let it buy meme frags overnight as you will go bankrupt (I got about 1k meme frags per hour).

The only big thing that is not implemented is a way to check if a purchase was successful or not. I didn't want to bother with the shitty lua stuff so I decided to leave it out.

The speedhack is pretty simple, use NUMPAD 7 and NUMPAD8 to de/increase your animation speed in 0.25-steps and NUMPAD 9 to toggle the hack.

Don't forget to disable the hack (NUMPAD 9) before switching channels/characters/joining RBF or the client will crash.

I've also attached a binary version, if you don't want to compile it yourself.
Inject it with your favourite DLL injector during the Xigncode Splash.
(Or use Xenos with 750 ms delay to automatically do it for you).

Have fun.

Edit: I've also attached the whole source folder (Mark-Source.rar).
Should have all dependencies included. Open Solution with Visual Studio 2017 and hit compile.

Edit 2: Cause I was asked in Discord: Yes, you can do other stuff on your computer while using the bot. And you shouldn't hit NUMPAD 6 during that time as this will toggle the market bot even when the game is not focused (again, I'm lazy).

does not work anymore?

[Tripple2]

Can someone help me for private server?