|
You last visited: Today at 19:02
Advertisement
Creating Co2 Aimbot...
Discussion on Creating Co2 Aimbot... within the CO2 Private Server forum part of the Conquer Online 2 category.
08/15/2012, 03:09
|
#16
|
elite*gold: 0 
Join Date: Jun 2009
Posts: 611
Received Thanks: 195
|
Quote:
Originally Posted by abdeen
yes thanks , but i meant how ton use it lol , thanks again , thanks button pressed.
|
How to use the packet? you simply log it from TQ,analyse it and find the structures, those 23 00 43 20 bla bla **** are called packets, here's a great tutorial that should explain some stuff.
Fang did a couple of tutorials too, I kinda lost the links tho, so yeah, search and you should find them.
|
|
|
|
08/15/2012, 14:00
|
#17
|
elite*gold: 0
Join Date: Mar 2010
Posts: 475
Received Thanks: 14
|
hey guys , sorry but i am not well at conquer coding , i am just coding desktop programs , so i tried many times to get user UID or Name using this library . but i failed all times ....
i tried using co2 p-s sources idea`s but fails too ..
just a code for getting char name or uid or anything else will help me alot ....
thanks guys
|
|
|
|
|
08/15/2012, 15:58
|
#18
|
elite*gold: 0
Join Date: Dec 2011
Posts: 1,537
Received Thanks: 785
|
uint UID = Player.UID;
string Name = Player.Name;
|
|
|
|
|
08/15/2012, 16:24
|
#19
|
elite*gold: 0
Join Date: Mar 2010
Posts: 475
Received Thanks: 14
|
Quote:
Originally Posted by I don't have a username
uint UID = Player.UID;
string Name = Player.Name;
|
at first thanks button is pressed ...
so i have to create a class for player ?
correct me if i am wrong ...
and i need to create variables for Name , UID, Level , etc... ?
and how i can collect this info or transfer packets to get this info ?
what step i shall do ?
i mean how do i get uid at first ??
|
|
|
|
|
08/15/2012, 16:40
|
#20
|
elite*gold: 0
Join Date: Jun 2009
Posts: 611
Received Thanks: 195
|
I really suggest that you should look into packets and stuff before attempting an aimbot, find the packets in any source and find how they're handled etc.
|
|
|
|
|
08/15/2012, 16:44
|
#21
|
elite*gold: 0
Join Date: Mar 2010
Posts: 475
Received Thanks: 14
|
Quote:
Originally Posted by diedwarrior
I really suggest that you should look into packets and stuff before attempting an aimbot, find the packets in any source and find how they're handled etc.
|
i created a new class named Botters , i added to it this code ...
PHP Code:
public string Name
{
get
{
fixed (byte* Packet = SpawnPacket)
return new string((sbyte*)(Packet + 82));
}
set
{
this.SpawnPacket[80] = 0x01;
this.SpawnPacket[81] = (byte)value.Length;
//fixed (byte* Packet = SpawnPacket) ;
//PacketKernel.Encode(Packet, value, 82);
}
}
i created a new class named packets , i added this code into it ...
PHP Code:
public unsafe class Packets
{
public static byte[] CharacterInfo(Botters Clients)
{
Botters Client = new Botters();
byte[] Buffer = new byte[70 + Client.Name.Length + Client.Spouse.Length];
fixed (byte* Packet = Buffer)
{
*((ushort*)(Packet)) = (ushort)Buffer.Length;
*((ushort*)(Packet + 2)) = 0x3EE;
*((uint*)(Packet + 4)) = Client.UID;
*((uint*)(Packet + 8)) = Client.Model;
*((ushort*)(Packet + 12)) = Client.Hairstyle;
*((int*)(Packet + 14)) = Client.Silvers;
*((int*)(Packet + 18)) = Client.ConquerPoints;
*((uint*)(Packet + 22)) = 0;
*((ushort*)(Packet + 42)) = (ushort)5130;
*((ushort*)(Packet + 46)) = Client.Strength;
*((ushort*)(Packet + 48)) = Client.Agility;
*((ushort*)(Packet + 50)) = Client.Vitality;
*((ushort*)(Packet + 52)) = Client.Spirit;
*((ushort*)(Packet + 54)) = Client.StatPoints;
*((ushort*)(Packet + 56)) = (ushort)Client.Hitpoints;
*((ushort*)(Packet + 58)) = (ushort)Client.Mana;
*((ushort*)(Packet + 60)) = (ushort)Client.PkPoints;
Packet[62] = (byte)Client.Level;
Packet[63] = Client.Job;
Packet[64] = 0x05;
Packet[65] = (byte)Client.Reborn;
Packet[66] = 0x01;
Packet[67] = 0x02;
Packet[68] = (byte)Client.Name.Length;
Packet[69 + Client.Name.Length] = (byte)Client.Spouse.Length;
Encode(Packet, Client.Name, 69);
Encode(Packet, Client.Spouse, 70 + Client.Name.Length);
}
return Buffer;
}
public static void Encode(byte* Packet, string Str, int Index)
{
fixed (char* Ptr = Str)
Copy(Ptr, Packet, Index, 0, Str.Length);
}
public static unsafe void Copy(char* pSrc, byte* pDst, int dstIndex, int srcIndex, int Count)
{
byte* ps = ((byte*)(pSrc + srcIndex)), pd = (pDst + dstIndex);
for (int i = 0; i < Count; i++)
{
*pd = *ps;
pd++;
ps += 2;
}
}
}
i am getting this error
PHP Code:
+ $exception {"The pointer passed in as a String must not be in the bottom 64K of the process's address space."} System.Exception {System.ArgumentException}
|
|
|
|
|
08/16/2012, 01:27
|
#22
|
elite*gold: 21
Join Date: Jul 2005
Posts: 9,193
Received Thanks: 5,376
|
You clearly don't understand what you're doing...
I'd do something simple like...
//Represents possible targets which are currently on your map or are currently targeted
public class Opponent
{
public uint UID;
public ushort X, Y;//There's tons of data structures you could use to represent position but simple X/Y ushorts is simplest for this example.
public string Name;
}
We have all the variables needed to target a player (UID and X/Y used for sending spells and their name for use in targeting commands!)
We need to populate this information. We could do a method inside it but the only time we'd be doing this is when we first construct the packet. Therefor...
public Opponent(byte[] packet)
{
Location = new Point();//I use a point because it's nice for built in math functions.
//Read in the data from a entity spawn packet. Note, these are all WRONG offsets, I don't care to look them up.
Name = Encoding.ASCII.GetString(packet, 81, byte[80]);//This assumes name length is at 80 and name starts at 81. This is most likely not correct, I just used it as a placeholder
UID = BitConverter.ToUInt32(packet, 8);//This assumes uid is offset 8 and is a Uint.
X = BitConverter.ToUInt16(packet, 32);//this assumes X is at offset 32 and is a Ushort.
Y = BitConverter.ToUInt16(packet, 34);//this assumes Y is at offset 34 and is a Ushort.
}
Now, we have a constructor which we can pass the spawn entity packet to which will pull out only usable information (we really don't care anything else about the player and we will never send a spawn player packet from a proxy. Pointless to structure past this)
We WILL want to update their position though. We would be reading jump packets (general data subtypes) and walk packets to update their position.
EG:
public void UpdatePosition(ushort x, ushort y)
{
X = x;
Y = y;
}
Now, we have our targeting system, we have an event driven firing system and now need to handle input into it.
#1: Handling movement
Step 1: Jumps
Handle General Data packet and pull out the subtype. last I checked jump was subtype 137 so you need to simply pull the X/Y/UID, check if this UID exists in your local targets list/Dict and update it if needed
Something like...
uint uid= BitConverter.ToUint32(data, 4);
if(localTargets.ConatinsKey(uid)
localtargets[uid].UpdatePosition(BitConverter.ToUInt16(data, 20), BitConverter.ToUInt16(data, 22));
//handle Removal if out of range
if(Calculations.OffScreen(client.X, client.Y, localtargets[uid].X, localtargets[uid].Y))
localtargets.Remove(uid);
//Target is still on screen after moving. Check if it's our active target and if it's been long enough between attacks, then attack it!
else if(client.TargetUID == uid && DateTime.Now() > client.LastFB.AddMilliseconds(client.FBDelay))
client.FBActiveTarget();
There, you have plenty of logic built in. if you have ANY familiarity with how C# works, you should be able to fill in the blanks where I didn't explicitly state things.
If you have ANY knowledge of how to look through sources or how packets work then you should be able to implement the required structuring and encryption of sending the final attack packet to server (this is the ONLY packet you need to modify/construct/send in the entire project! Rest you just need to pull bits of info from)
As you can see, the logic and coding behind it is very simple.
WOOT! Wasted 15 min of my shift. Mission accomplished.
|
|
|
|
|
08/16/2012, 06:47
|
#23
|
elite*gold: 0
Join Date: Mar 2010
Posts: 475
Received Thanks: 14
|
Quote:
Originally Posted by pro4never
You clearly don't understand what you're doing...
I'd do something simple like...
//Represents possible targets which are currently on your map or are currently targeted
public class Opponent
{
public uint UID;
public ushort X, Y;//There's tons of data structures you could use to represent position but simple X/Y ushorts is simplest for this example.
public string Name;
}
We have all the variables needed to target a player (UID and X/Y used for sending spells and their name for use in targeting commands!)
We need to populate this information. We could do a method inside it but the only time we'd be doing this is when we first construct the packet. Therefor...
public Opponent(byte[] packet)
{
Location = new Point();//I use a point because it's nice for built in math functions.
//Read in the data from a entity spawn packet. Note, these are all WRONG offsets, I don't care to look them up.
Name = Encoding.ASCII.GetString(packet, 81, byte[80]);//This assumes name length is at 80 and name starts at 81. This is most likely not correct, I just used it as a placeholder
UID = BitConverter.ToUInt32(packet, 8);//This assumes uid is offset 8 and is a Uint.
X = BitConverter.ToUInt16(packet, 32);//this assumes X is at offset 32 and is a Ushort.
Y = BitConverter.ToUInt16(packet, 34);//this assumes Y is at offset 34 and is a Ushort.
}
Now, we have a constructor which we can pass the spawn entity packet to which will pull out only usable information (we really don't care anything else about the player and we will never send a spawn player packet from a proxy. Pointless to structure past this)
We WILL want to update their position though. We would be reading jump packets (general data subtypes) and walk packets to update their position.
EG:
public void UpdatePosition(ushort x, ushort y)
{
X = x;
Y = y;
}
Now, we have our targeting system, we have an event driven firing system and now need to handle input into it.
#1: Handling movement
Step 1: Jumps
Handle General Data packet and pull out the subtype. last I checked jump was subtype 137 so you need to simply pull the X/Y/UID, check if this UID exists in your local targets list/Dict and update it if needed
Something like...
uint uid= BitConverter.ToUint32(data, 4);
if(localTargets.ConatinsKey(uid)
localtargets[uid].UpdatePosition(BitConverter.ToUInt16(data, 20), BitConverter.ToUInt16(data, 22));
//handle Removal if out of range
if(Calculations.OffScreen(client.X, client.Y, localtargets[uid].X, localtargets[uid].Y))
localtargets.Remove(uid);
//Target is still on screen after moving. Check if it's our active target and if it's been long enough between attacks, then attack it!
else if(client.TargetUID == uid && DateTime.Now() > client.LastFB.AddMilliseconds(client.FBDelay))
client.FBActiveTarget();
There, you have plenty of logic built in. if you have ANY familiarity with how C# works, you should be able to fill in the blanks where I didn't explicitly state things.
If you have ANY knowledge of how to look through sources or how packets work then you should be able to implement the required structuring and encryption of sending the final attack packet to server (this is the ONLY packet you need to modify/construct/send in the entire project! Rest you just need to pull bits of info from)
As you can see, the logic and coding behind it is very simple.
WOOT! Wasted 15 min of my shift. Mission accomplished.
|
Thanks bro very much , but sorry there a simple question
why do i get this error
PHP Code:
Invalid expression term 'byte'
at this code ?
PHP Code:
Name = Encoding.ASCII.GetString(packet, 81, byte[80]);
exactly here ...
i tried to change it to ...
PHP Code:
Name = Encoding.ASCII.GetString(packet, 81, 80)
but when i press button with this code...
PHP Code:
private void Button1_Click(object sender, EventArgs e)
{
byte[] packet = new byte[0x3ee];
Opponent x = new Opponent(packet);
NameValue.Text = x.Name;
}
name label change from [ label1 ] into [ ]
i mean empty string....
any advice ?
or correct me if i am going wrong way
thanks again...
|
|
|
|
|
08/16/2012, 07:09
|
#24
|
elite*gold: 0
Join Date: Dec 2011
Posts: 1,537
Received Thanks: 785
|
LEARN TO ******* PROGRAM!!!!
|
|
|
|
|
08/16/2012, 07:15
|
#25
|
elite*gold: 0
Join Date: Mar 2010
Posts: 475
Received Thanks: 14
|
Quote:
Originally Posted by I don't have a username
LEARN TO ******* PROGRAM!!!!
|
Thanks for Advice , Thanks button pressed...
could you correct me , or just correct my code to read character name ??
trust me this will help me alot to know where i was wrong , and i am just learning ... and you`rs my teachers ....
Thanks again brother ...
|
|
|
|
|
08/16/2012, 07:37
|
#26
|
elite*gold: 0
Join Date: Dec 2011
Posts: 1,537
Received Thanks: 785
|
Stop creating an aimbot, you don't even understand the basics.
|
|
|
|
|
08/16/2012, 07:43
|
#27
|
elite*gold: 0
Join Date: Mar 2010
Posts: 475
Received Thanks: 14
|
Quote:
Originally Posted by I don't have a username
Stop creating an aimbot, you don't even understand the basics.
|
i am trying bro ... its not possible to do or to learn
look here , i got the char id with this code
PHP Code:
private void PacketReceived(byte[] packet)
{
ushort Length = BitConverter.ToUInt16(packet, 0);
ushort ID = BitConverter.ToUInt16(packet, 2);
if (RCV.InvokeRequired)
{
RCV.BeginInvoke(new Action(delegate
{
PacketReceived(packet);
}));
return;
}
if (ID == 1006)
{
int X = BitConverter.ToUInt16(packet, 4);//this assumes X is at offset 32 and is a Ushort.
int Y = BitConverter.ToUInt16(packet, 4);
//string Name = BitConverter.ToString(packet, 80, 81);
//string Name = Encoding.ASCII.GetString(packet, 81, 80);
NameValue.Text = Name;
RCV.Text += "PacketReceived : Character_ID = " + X + " Y = " + Y + "\r\n";
}
RCV.Text += "Received : Packet ID , " + ID + " Packet Length , " + Length + "\r\n";
}
but i am still can not get the char name , any advice tho ?
================================================== =====
EDIT
================================================== =====
hello again guys .... i tried many times but i failed
look here ...
PHP Code:
public unsafe class Packets
{
public byte[] CharacterInfo(Character Charr)
{
byte[] Packet = new byte[120 + Charr.Name.Length + Charr.Spouse.Length];
long Model = Convert.ToInt64(Convert.ToString(Charr.Avatar) + Convert.ToString(Charr.Model));
fixed (byte* p = Packet)
{
*((ushort*)p) = (ushort)Packet.Length;
*((ushort*)(p + 2)) = 1006;
*((uint*)(p + 4)) = (uint)Charr.UID;
*((uint*)(p + 10)) = (uint)Model;
*((ushort*)(p + 14)) = (ushort)Charr.Hair;
*((uint*)(p + 16)) = (uint)Charr.Silvers;
*((uint*)(p + 20)) = (uint)Charr.CPs;
*((uint*)(p + 24)) = (uint)Charr.Exp;
*((ushort*)(p + 42)) = (ushort)5130;
*((ushort*)(p + 52)) = (ushort)Charr.Str;
*((ushort*)(p + 54)) = (ushort)Charr.Agi;
*((ushort*)(p + 56)) = (ushort)Charr.Vit;
*((ushort*)(p + 58)) = (ushort)Charr.Spi;
*((ushort*)(p + 60)) = (ushort)Charr.StatP;
*((ushort*)(p + 62)) = (ushort)Charr.CurHP;
*((ushort*)(p + 64)) = (ushort)Charr.MaxMana();
*((ushort*)(p + 66)) = (ushort)Charr.PKPoints;
*(p + 68) = Charr.Level;
*(p + 69) = Charr.Job;
*((ushort*)(p + 73)) = (ushort)Charr.RBCount;
*(p + 70) = 1;
*(p + 71) = 2;
*(p + 111) = (byte)Charr.Name.Length;
Packet[111 + Charr.Name.Length] = (byte)Charr.Spouse.Length;
for (sbyte i = 0; i < Charr.Name.Length; i++)
{
*(p + 111 + i) = (byte)Charr.Name[i];
}
for (sbyte i = 0; i < Charr.Spouse.Length; i++)
{
*(p + 113 + Charr.Name.Length + i) = (byte)Charr.Spouse[i];
}
}
return Packet;
}
}
PHP Code:
public Character Charr;
PHP Code:
private void Btn1_Click(object sender, EventArgs e)
{
Charr.Doit();
NameValue.Text = Charr.Name;
}
PHP Code:
public COClient MyClient;
public Packets MyPackets;
PHP Code:
public void Doit()
{
MyClient.SendPacket(MyPackets.CharacterInfo(this));
}
PHP Code:
public void SendPacket(byte[] packet)
{
if (packet == null)
throw new Exception("Packet cannot be null");
if (!(packet.Length > 0))
throw new Exception("Packet length cannot be less than 1");
Action sendPacketAsync = (delegate()
{
uint packetLength = (uint)packet.Length;
IntPtr packetAddress = Memory.Allocate(packetLength);
if (packetAddress != IntPtr.Zero)
{
if (Memory.WriteBytes(packetAddress, packet))
{
MemoryStream code = new MemoryStream();
BinaryWriter codeWriter = new BinaryWriter(code);
using (codeWriter)
{
//mov ecx, NetworkClass
codeWriter.Write((byte)0xB9);
codeWriter.Write((uint)networkClass);
//push packet length
codeWriter.Write((byte)0x68);
codeWriter.Write((uint)packetLength);
//push packet address
codeWriter.Write((byte)0x68);
codeWriter.Write((uint)packetAddress);
//mov eax, sendpacket function (codecave)
codeWriter.Write((byte)0xB8);
codeWriter.Write((uint)sendPacketCodeCave);
//call eax
codeWriter.Write(new byte[] { 0xFF, 0xD0 });
//ret
codeWriter.Write((byte)0xC3);
codeWriter.Flush();
ExecuteCode(code.ToArray());
}
}
}
});
sendPacketAsync.BeginInvoke(null, null);
}
but when i press Btn 1 the app is close idk why ??
|
|
|
|
|
08/17/2012, 17:33
|
#28
|
elite*gold: 0
Join Date: Aug 2012
Posts: 1
Received Thanks: 1
|
Try to use
PHP Code:
Name = Encoding.ASCII.GetString(packet, 81, packet[80]);
|
|
|
|
|
08/17/2012, 17:39
|
#29
|
elite*gold: 0
Join Date: Mar 2010
Posts: 475
Received Thanks: 14
|
Quote:
Originally Posted by CSharp Storm
Try to use
PHP Code:
Name = Encoding.ASCII.GetString(packet, 81, packet[80]);
|
i am already tried it , but i got charname is empty string ....
|
|
|
|
|
08/17/2012, 22:17
|
#30
|
elite*gold: 21
Join Date: Jul 2005
Posts: 9,193
Received Thanks: 5,376
|
Quote:
Originally Posted by abdeen
i am already tried it , but i got charname is empty string ....
|
Of course it said it was an empty string you retarded monkey...
I said explicitly about 5 times during my post that those offsets were completely pulled out of my *** and that you'd have to put half a second of work into finding the correct ones (which you've already posted... and then promptly ignored)
|
|
|
|
 |
|
Similar Threads
|
Creating something new... but what exactly?
12/07/2011 - Dekaron Private Server - 29 Replies
Busy with a new project, not gonna tell what exactly but it includes the following
Created in Flash CS3 & Photoshop CS3 & PHP & Java
Images from various sources :)
http://www.scampiml.com/imageshrimp/images/587038 Main.png
and this is what it looks like (Flash version + HTML + PHP)
http://www.scampiml.com/imageshrimp/images/395644 main2.png
|
Creating a C++ GUI
06/30/2006 - Conquer Online 2 - 4 Replies
First of all, sorry to bother putting up a wasteful post. I have searched google for creating a C++ GUI but everything ends up going to creating multi-threading for a process. Maybe I just am not using the correct search terms but I have run out of narrowing keywords and anything too specific gives me no results. Through reading most articles a few articles in the MSDN library, I found nothing useful that could help me. I did learn that I could use C# for this task, but I really want to...
|
new bot creating by me
08/09/2005 - Conquer Online 2 - 58 Replies
this bot will hunt items, and wen the inventry is full, it will go threw each item and check it for +1 and supers elites etc, and drop any crap items, u have options like,exit on good item, keep on hunting, teleport with scroll etc.
BUT
its still under development :)
|
creating own bot
06/16/2005 - General Coding - 4 Replies
what would i need to create my own bot and were would i start in the crteation of a bot.
thanx
|
Creating Lag?
05/31/2005 - Conquer Online 2 - 5 Replies
what would be a good program to create lag, that allows u to gain faster exp.
|
All times are GMT +2. The time now is 19:02.
|
|
