People give these identifiers different names obviously but there should be an Entity ID and Entity UID.
The Entity UID is what you use for your target parameter. ID is generic, it's like 1080001 is for a DB but 3923442 might be the UID for that specific ID.
ermmm, yes i noticed that UIDs are diffrent from IDs.
While i am storing char/mob spawn list, i did realize that mobs/guards' IDs are less than 999,999 while player IDs are more than 999,999. That is what helped me to build the 2 hashtables.
Anyways, my problem is that, when i look into the target UID in the action packet, Eg, thunder, The UID is a bit off as compared to the UID i have obtained through spawn packet.
ermmm, yes i noticed that UIDs are diffrent from IDs.
While i am storing char/mob spawn list, i did realize that mobs/guards' IDs are less than 999,999 while player IDs are more than 999,999. That is what helped me to build the 2 hashtables.
Anyways, my problem is that, when i look into the target UID in the action packet, Eg, thunder, The UID is a bit off as compared to the UID i have obtained through spawn packet.
Are you decoding the magic attack information properly?
ermmm, yes i noticed that UIDs are diffrent from IDs.
While i am storing char/mob spawn list, i did realize that mobs/guards' IDs are less than 999,999 while player IDs are more than 999,999. That is what helped me to build the 2 hashtables.
Anyways, my problem is that, when i look into the target UID in the action packet, Eg, thunder, The UID is a bit off as compared to the UID i have obtained through spawn packet.
Thunder, and all magic attack packets are encrypted.
Regular melee attacks are not though.
ermmm, yes i noticed that UIDs are diffrent from IDs.
While i am storing char/mob spawn list, i did realize that mobs/guards' IDs are less than 999,999 while player IDs are more than 999,999. That is what helped me to build the 2 hashtables.
Anyways, my problem is that, when i look into the target UID in the action packet, Eg, thunder, The UID is a bit off as compared to the UID i have obtained through spawn packet.
As mentioned... skill usage is encrypted.
Here's some handy code from my proxy (pulled from tannels proxy)
I actually reversed that and realized that the values are a bit off.
As for the hashtable part, that is a unsynchronised java direct access collection that do not give me too many exceptions, lol. I picked that only for simplicity's sake.
Anyways, i'll revisit my codes after i am done with my exam later. lol
EDIT:
i guess i'll stick this on before i leave; I do not think there is a problem with the decoding with skill at least. I am getting all the correct values for skills used.
@nTL3fTy: i believe i am decoding them properly.
@Ian : yes, i did realize that and had handled it
Code:
public static class Action {
public int len, packetType, timer, charID, targetID, coordX, coordY, actionType, actionValue; //action value also known as skill ID
byte[] trailer;
byte[] pac; //the packet
public Action(byte[] p) {
pac = p;
len = Utility.getUShort(p, 0);
packetType = Utility.getUShort(p, 2);
timer = Utility.getInt(p, 4);
charID = Utility.getInt(p, 8);
targetID = Utility.getUShort(p, 12);
coordX = Utility.getUShort(p, 16);
coordY = Utility.getUShort(p, 18);
actionType = Utility.getInt(p, 20); //2=meelee, 24=skill/magic
if (actionType != 2) {
//decode skill id
short aValue = (short) (((long) p[24] & 0xFF) | (((long) p[25] & 0xFF) << 8));
aValue ^= (short) (0x915d & 0xffff);
aValue ^= (short) (charID & 0xffff);
aValue = (short) ((aValue << 0x3 | aValue >> 0xd) & 0xffff);
aValue -= 0xeb42;
actionValue = aValue;
targetID = decodeTarget(targetID, charID);
coordX = decodeXCord(coordX, charID);
coordY = decodeYCord(coordY, charID);
} else {
actionValue = Utility.getInt(p, 24);
}
trailer = new byte[p.length - 28];
System.arraycopy(p, 24, trailer, 0, p.length - 28);
}
@Override
public String toString() {
return "Packet Length :" + len + "\ntype :" + packetType + "\nTimer :" + timer + "\nChar ID :" + charID + "\nTarget ID :"
+ targetID + "\nCoordX :" + coordX + "\nCoordY :" + coordY + "\nAction Type :" + actionType + "\nAction Value :"
+ actionValue + "\n";
}
public static int decodeTarget(int target, int id){
//decode target id
target = ((target >> 13) | (target << 19));
target ^= 0x5F2D2463;
target ^= id;
target -= 0x746F4AE6;
return target;
}
public static int decodeXCord( int x, int id){
//decode X coordinate
long X = x;
X ^= (id & 0xffff);
X ^= 0x2ed6;
X = ((X << 1) | ((X & 0x8000) >> 15)) & 0xffff;
X |= 0xffff0000;
X -= 0xffff22ee;
return (int)X;
}
public static int decodeYCord(int y, int id){
//decode Y coordinate
long Y = y;
Y = Y ^ (id & 0xffff) ^ 0xb99b;
Y = ((Y << 5) | ((Y & 0xF800) >> 11)) & 0xffff;
Y |= 0xffff0000;
Y -= 0xffff8922;
return (int)Y;
}
public static int encodeTarget(int Target, int id){
Target += 0x746F4AE6;
Target ^= id;
Target ^= 0x5F2D2463;
Target = ((Target << 13) | (Target >> 19));
return Target;
}
public static int encodeXCord(int xcord, int id){
long _X = xcord + 0xffff22ee;
_X -= 0xffff0000;
_X = ((_X << 15) | (_X >> 1));
_X ^= 0x2ed6;
_X ^= id;
return (int)_X;
}
public static int encodeYCord(int ycord, int id){
long _Y = ycord + 0xffff8922;
_Y -= 0xffff0000;
_Y = ((_Y << 11) | (_Y >> 5));
_Y ^= 0xb99b;
_Y ^= id;
return (int)_Y;
}
public static int encodeSkill(int skill, int id){
short SkillId = (short) (skill & 0xffff);
SkillId += 0xeb42;
SkillId = (short)(SkillId << 13 | SkillId >> 0x3);
SkillId = (short)(SkillId ^ id);
SkillId ^= 0x915d;
return SkillId;
}
public static byte[] buildSkillPacket(int timer, int id, int targetid, int xcord, int ycord, int actionValue){
byte[] packet = new byte[36];
System.arraycopy(Utility.Int16ToBytes(28), 0, packet, 0, 2);
System.arraycopy(Utility.Int16ToBytes(1022), 0, packet, 2, 2);
System.arraycopy(Utility.Int32ToBytes(timer), 0, packet, 4, 4);
System.arraycopy(Utility.Int32ToBytes(id), 0, packet, 8, 4);
System.arraycopy(Utility.Int32ToBytes(targetid), 0, packet, 12, 4);
System.arraycopy(Utility.Int16ToBytes(xcord), 0, packet, 16, 2);
System.arraycopy(Utility.Int16ToBytes(ycord), 0, packet, 18, 2);
System.arraycopy(Utility.Int32ToBytes(24), 0, packet, 20, 4);
//encode actionValue
short skill = (short) actionValue;
skill += 0xeb42;
skill = (short)(skill << 13 | skill >> 0x3);
skill = (short)(skill ^ (id & 0xffff));
skill ^= 0x915d;
System.arraycopy(Utility.Int32ToBytes(skill), 0, packet, 24, 4);
System.arraycopy("TQClient".getBytes(), 0, packet, 28, 8);
return packet;
}
}
I actually reversed that and realized that the values are a bit off.
As for the hashtable part, that is a unsynchronised java direct access collection that do not give me too many exceptions, lol. I picked that only for simplicity's sake.
Anyways, i'll revisit my codes after i am done with my exam later. lol
EDIT:
i guess i'll stick this on before i leave; I do not think there is a problem with the decoding with skill at least. I am getting all the correct values for skills used.
@nTL3fTy: i believe i am decoding them properly.
@Ian : yes, i did realize that and had handled it
Code:
public static class Action {
public int len, packetType, timer, charID, targetID, coordX, coordY, actionType, actionValue; //action value also known as skill ID
byte[] trailer;
byte[] pac; //the packet
public Action(byte[] p) {
pac = p;
len = Utility.getUShort(p, 0);
packetType = Utility.getUShort(p, 2);
timer = Utility.getInt(p, 4);
charID = Utility.getInt(p, 8);
targetID = Utility.getUShort(p, 12);
coordX = Utility.getUShort(p, 16);
coordY = Utility.getUShort(p, 18);
actionType = Utility.getInt(p, 20); //2=meelee, 24=skill/magic
if (actionType != 2) {
//decode skill id
short aValue = (short) (((long) p[24] & 0xFF) | (((long) p[25] & 0xFF) << 8));
aValue ^= (short) (0x915d & 0xffff);
aValue ^= (short) (charID & 0xffff);
aValue = (short) ((aValue << 0x3 | aValue >> 0xd) & 0xffff);
aValue -= 0xeb42;
actionValue = aValue;
targetID = decodeTarget(targetID, charID);
coordX = decodeXCord(coordX, charID);
coordY = decodeYCord(coordY, charID);
} else {
actionValue = Utility.getInt(p, 24);
}
trailer = new byte[p.length - 28];
System.arraycopy(p, 24, trailer, 0, p.length - 28);
}
@Override
public String toString() {
return "Packet Length :" + len + "\ntype :" + packetType + "\nTimer :" + timer + "\nChar ID :" + charID + "\nTarget ID :"
+ targetID + "\nCoordX :" + coordX + "\nCoordY :" + coordY + "\nAction Type :" + actionType + "\nAction Value :"
+ actionValue + "\n";
}
public static int decodeTarget(int target, int id){
//decode target id
target = ((target >> 13) | (target << 19));
target ^= 0x5F2D2463;
target ^= id;
target -= 0x746F4AE6;
return target;
}
public static int decodeXCord( int x, int id){
//decode X coordinate
long X = x;
X ^= (id & 0xffff);
X ^= 0x2ed6;
X = ((X << 1) | ((X & 0x8000) >> 15)) & 0xffff;
X |= 0xffff0000;
X -= 0xffff22ee;
return (int)X;
}
public static int decodeYCord(int y, int id){
//decode Y coordinate
long Y = y;
Y = Y ^ (id & 0xffff) ^ 0xb99b;
Y = ((Y << 5) | ((Y & 0xF800) >> 11)) & 0xffff;
Y |= 0xffff0000;
Y -= 0xffff8922;
return (int)Y;
}
public static int encodeTarget(int Target, int id){
Target += 0x746F4AE6;
Target ^= id;
Target ^= 0x5F2D2463;
Target = ((Target << 13) | (Target >> 19));
return Target;
}
public static int encodeXCord(int xcord, int id){
long _X = xcord + 0xffff22ee;
_X -= 0xffff0000;
_X = ((_X << 15) | (_X >> 1));
_X ^= 0x2ed6;
_X ^= id;
return (int)_X;
}
public static int encodeYCord(int ycord, int id){
long _Y = ycord + 0xffff8922;
_Y -= 0xffff0000;
_Y = ((_Y << 11) | (_Y >> 5));
_Y ^= 0xb99b;
_Y ^= id;
return (int)_Y;
}
public static int encodeSkill(int skill, int id){
short SkillId = (short) (skill & 0xffff);
SkillId += 0xeb42;
SkillId = (short)(SkillId << 13 | SkillId >> 0x3);
SkillId = (short)(SkillId ^ id);
SkillId ^= 0x915d;
return SkillId;
}
public static byte[] buildSkillPacket(int timer, int id, int targetid, int xcord, int ycord, int actionValue){
byte[] packet = new byte[36];
System.arraycopy(Utility.Int16ToBytes(28), 0, packet, 0, 2);
System.arraycopy(Utility.Int16ToBytes(1022), 0, packet, 2, 2);
System.arraycopy(Utility.Int32ToBytes(timer), 0, packet, 4, 4);
System.arraycopy(Utility.Int32ToBytes(id), 0, packet, 8, 4);
System.arraycopy(Utility.Int32ToBytes(targetid), 0, packet, 12, 4);
System.arraycopy(Utility.Int16ToBytes(xcord), 0, packet, 16, 2);
System.arraycopy(Utility.Int16ToBytes(ycord), 0, packet, 18, 2);
System.arraycopy(Utility.Int32ToBytes(24), 0, packet, 20, 4);
//encode actionValue
short skill = (short) actionValue;
skill += 0xeb42;
skill = (short)(skill << 13 | skill >> 0x3);
skill = (short)(skill ^ (id & 0xffff));
skill ^= 0x915d;
System.arraycopy(Utility.Int32ToBytes(skill), 0, packet, 24, 4);
System.arraycopy("TQClient".getBytes(), 0, packet, 28, 8);
return packet;
}
}
Targets are 4 byte uints, not 2 byte ushorts.
For simplicity sake here's my olllddd decryption code from my packethandler
If you change the Rolls from using the ones above you can use them and cut out rol6 and the other never got around to it tho.
One originally from my first proxy thanks to Grabola helped me with it. I have a much more capable neater,cleaner version now but this one will work just as good.
Read Entity Name from memory 11/07/2009 - Aion - 0 Replies I can't seem to read a name of an entity.
Using Autoit3 with Nomad mem read. Does anyone have experience with this and what to pass to the memory read and how the data is returned in order to get the string from memory?
Thanks
Ofsets to entity table for Radar 01/06/2009 - General Gaming Discussion - 1 Replies Hello everyone,
i have big problem to locate offsets for radar. Using CE 5.4 im trying to locate count of entities ( it should follow a pointer on array of entities ) - but its really hard to find well controlled place in game where i can control an amount of entities around me. Probably there are other methods to track this pointer down? Like reverse pointer search from Name of char? Or name of random entity?
Thanks in advance.
Special Entity 09/01/2005 - World of Warcraft - 4 Replies Well, I was doing a stockade gangbang to lvl my mage. I pulled all the mobs to the beginning, and waited in the wall. As I looked on the minimap and point in the "Mob Train" I saw this strange "Jcffb0b" Entity/Player/Mob/Npc/Shit. I was like goddammnitagmigottagetthefuckouttahere.
When I did it again later, there were the same thing... Maybe someone knows what it is? Don't think it's something harmful anymore, just curious about it :P
...
