(This is where you either change Eax to 0 to skip the processing of a packet,
or change the contents of [EBP-18h] to the address of a custom packet that you
wrote yourself and [EBP-14h] to the length of your custom packet)
Correct me where I'm wrong.
Why would I want to skip the processing of a packet when I can just skip "receiving" the packet by setting ESI to a RTN8 statement?
I guess I can understand replacing the processing of 1 packet with another but I prefer to just "block" all packets and re-send them myself via a queue. For that I need a direct SendPacketToClient()-like function. I figured the routine for a such a function would be similar to "SendPacketToServer()" so something like:
push packet size
push packet address
store network class in ECX
store ProcessMsg() address in EAX - is the address 6DEBBE?
call EAX
Why would I want to skip the processing of a packet when I can just skip "receiving" the packet by setting ESI to a RTN8 statement?
I guess I can understand replacing the processing of 1 packet with another but I prefer to just "block" all packets and re-send them myself via a queue. For that I need a direct SendPacketToClient()-like function. I figured the routine for a such a function would be similar to "SendPacketToServer()" so something like:
push packet size
push packet address
store network class in ECX
store ProcessMsg() address in EAX - is the address 6DEBBE?
call EAX
Set Esi to a Retn8 statement? I think you mean Eip, right? You could do that, I just use the Eax = 1 or 0 though
From what I've experienced, calling the "ProcessMsg" function directly the way you described would sometimes cause the client to crash, for instance when updating character coordinates with either the pullback+jump responce packets or the fatal strike step packet. I'm not sure, but I believe this could be caused by invalid data read/writes due to not being synchronized with the recv loop. That's why I switched to this method.
I just block all packets, add them to my own queue, and every time the recv loop is checking for incoming packets, I check my own queue if there's any packets that the client needs to process. If yes, I set Eax to 1 and change [EBP-18] to point to the address of my packet and [EBP-14] to the packet size.
Set Esi to a Retn8 statement? I think you mean Eip, right? You could do that, I just use the Eax = 1 or 0 though
From what I've experienced, calling the "ProcessMsg" function directly the way you described would sometimes cause the client to crash, for instance when updating character coordinates with either the pullback+jump responce packets or the fatal strike step packet. I'm not sure, but I believe this could be caused by invalid data read/writes due to not being synchronized with the recv loop. That's why I switched to this method.
I just block all packets, add them to my own queue, and every time the recv loop is checking for incoming packets, I check my own queue if there's any packets that the client needs to process. If yes, I set Eax to 1 and change [EBP+18] to point to the address of my packet and [EBP+14] to the packet size.
Yep, I meant EIP. Hmm so this is what I understand of your routine:
1. You queue a chat packet.
2. The recv loop runs and breaks at 006DEB8B just before checking if a packet is there to be processed. You check your queue and change EAX to 1.
3. You skip the decrypt function somehow?
4. Break at 006DEBB8 just before ProcessMsg (?), set EAX to 1, change EBP+18 to packet address and EBP+14 to packet size.
Yep, I meant EIP. Hmm so this is what I understand of your routine:
1. You queue a chat packet.
2. The recv loop runs and breaks at 006DEB8B just before checking if a packet is there to be processed. You check your queue and change EAX to 1.
3. You skip the decrypt function somehow?
4. Break at 006DEBB8 just before ProcessMsg (?), set EAX to 1, change EBP+18 to packet address and EBP+14 to packet size.
Actually, I place a breakpoint on the TEST EAX,EAX instruction at 0x6DEBB6. I then check if Eax is 1 or 0.
If Eax is 1, I read the packet from [EBP-18] and [EBP-14], handle the packet in my packet handler, and add it to my packet queue, unless I want to skip the packet, of course.
I then set [EBP-18] and [EBP-14] to point to the first element in my packet queue and of course remove that packet from my queue (Dequeue).
If Eax is 0, I check if there's any packets in my queue, and if yes, I set Eax to 1 and set [EBP-18] to point to the first element in my packet queue and set [EBP-14] to the size of the packet.
Actually, I place a breakpoint on the TEST EAX,EAX instruction at 0x6DEBB6. I then check if Eax is 1 or 0.
If Eax is 1, I read the packet from [EBP-18] and [EBP-14], handle the packet in my packet handler, and add it to my packet queue, unless I want to skip the packet, of course.
I then set [EBP-18] and [EBP-14] to point to the first element in my packet queue and of course remove that packet from my queue (Dequeue).
If Eax is 0, I check if there's any packets in my queue, and if yes, I set Eax to 1 and set [EBP-18] to point to the first element in my packet queue and set [EBP-14] to the size of the packet.
But if you break at 006DEBB6... that's after the function that checks if a packet was received/is to be processed. If there's no packet then it just jumps to Conquer.006DED6E. Is it because the client should be processing packets constantly that it doesn't matter or am I missing something?
But if you break at 006DEBB6... that's after the function that checks if a packet was received/is to be processed. If there's no packet then it just jumps to Conquer.006DED6E. Is it because the client should be processing packets constantly that it doesn't matter or am I missing something?
Actually, you're right. I haven't really looked into how the client checks for packets, I'm probably wrong about how it does it, 'cause my explanation doesn't make sense. What I do know though, is that the client keeps looping at the
Code:
006DEBB6 . 85C0 TEST EAX,EAX
and if Eax is 1, it means that there's a packet to be processed, and that packet is already decrypted. I also know that the code is still called if there's no packets to be processed. It's a little weird, actually. It still checks if there's a decrypted packet that needs to be processed, even if it never received an encrypted packet to decrypt.
I'm not really sure about it though, I never looked into it because I know my method works fine
What would be the best way to disconnect the client using this?
Also, does the Send function make the client send the packet to the server? Or just send to the client?
Does TQServer/TQClient need to be appended or does the client do after the send is hit?
What would be the best way to disconnect the client using this?
Also, does the Send function make the client send the packet to the server? Or just send to the client?
Does TQServer/TQClient need to be appended or does the client do after the send is hit?
Either call the client's own disconnect wrapper function or call closesocket() with the correct socket (which you can get from hooking connect())
There's no need to append packets with TQ stamps when you're using the client functions, they will do this for you.
[RELEASE] Make a more Advanced NPC 02/02/2011 - CO2 PServer Guides & Releases - 55 Replies This guide will show you how to make a NPC. I will update this post daily with new things to add to your NPC.
First. We are going to take this NPC from Paralyzer and modify this a little bit. here is the link if you have never made a simple NPC.
http://www.elitepvpers.com/forum/co2-pserver-guide s-releases/492901-release-how-code-decent-npc-npcs -txt-entry.html
Easiest stuff first.
How to make an NPC check for a specific level.
To make an NPC check for a level we can do this by adding...
Advanced Tribalwars Bot Release 05/31/2010 - Browsergames - 20 Replies Ein Bot für das Browsergame "Die Stämme".
Features:
Multiaccountfähig
baut Dörfer selbstständig aus
Bot merkt sich, wann ein Gebäude gebaut werden kann, bzw. wann es fertiggestellt ist
Information: Bei "Server" z.B. de60.die-staemme.de o.ä. eingeben.
ReViSiOn [Advanced Public Release] 02/13/2009 - WarRock Hacks, Bots, Cheats & Exploits - 5 Replies http://i295.photobucket.com/albums/mm150/gfx_forum s/revvv3.png
ReViSiOn Public Beta 1.2
_____
Working features:
No Recoil
No Spread