|
You last visited: Today at 19:50
Advertisement
GW2 Memory Thread
Discussion on GW2 Memory Thread within the Guild Wars 2 forum part of the MMORPGs category.
10/17/2012, 19:02
|
#31
|
elite*gold: 0 
Join Date: Apr 2006
Posts: 306
Received Thanks: 27
|
Nutzt jemand c++ für seinen gw2 hack?
|
|
|
|
10/17/2012, 19:37
|
#32
|
elite*gold: 41
Join Date: Oct 2007
Posts: 1,950
Received Thanks: 3,120
|
ja ich wieso?
|
|
|
|
|
10/17/2012, 19:49
|
#33
|
elite*gold: 0
Join Date: Apr 2006
Posts: 306
Received Thanks: 27
|
Hast du oder evtl. jemand ander lust es ein bischen open source zu machen, damit man davon lernen kann, wie der code aufgebaut ist ect?
Kannst ja auch dir wichtige hacks ect. rauslassen wenn du sie nicht vö willst.
|
|
|
|
|
10/17/2012, 20:44
|
#34
|
elite*gold: 0
Join Date: Apr 2009
Posts: 793
Received Thanks: 366
|
Quote:
Originally Posted by shuuky
Hast du oder evtl. jemand ander lust es ein bischen open source zu machen, damit man davon lernen kann, wie der code aufgebaut ist ect?
Kannst ja auch dir wichtige hacks ect. rauslassen wenn du sie nicht vö willst.
|
Objektorientierte Programmierung
Sorry, aber das ist nichts was speziell mit Hacks sondern mit Programmieren im Allgemein zu tuen hat. Zu jener Thematik gibt es Dutzende von Büchern und die verschiedene Techniken, Patterns und Paradigma lassen sich nicht anhand eines einziges Programmes verstehen. Außerdem sind Hacks / Bots normalerweise nicht gerade die besten Beispiele für OOP oder einen guten Stil. Wenn du nur in c++ interessiert wirst du es sowieso schwieriger haben, da die Sprache doch ihre ganz eigenen Kniffe hat (constness,templates, RAII, value semantics um nur ein paar zu nennen). Guter c++ code ist rar! Wenn du trotzdem nicht von c++ abhälts rate ich dir die Poco libs anzusehen; mit Abstand einer der saubersten und objektorientiertesten c++ libs, die es so gibt.
|
|
|
|
|
10/17/2012, 21:06
|
#35
|
elite*gold: 30
Join Date: May 2008
Posts: 201
Received Thanks: 321
|
Quote:
Originally Posted by shuuky
Hast du oder evtl. jemand ander lust es ein bischen open source zu machen, damit man davon lernen kann, wie der code aufgebaut ist ect?
Kannst ja auch dir wichtige hacks ect. rauslassen wenn du sie nicht vö willst.
|
Also wenn du allgemein c++ näher kennenlernen möchtest, solltest du vlt nicht gleich hackspezifisch durchstarten. es gibt unzählige beginner tuts für c++ um einfach einsteigen zu können. Wenn du wirklich objektorientiert proggen möchtest, solltest du c++ eher meiden. mein tipp für oop ist java. eignet sich aber nicht für hacks.
solltest du dir einfach nur nen teleporter bauen wollen zum testen, schau dir mal den c# code zum auslesen der char koordinaten an, den djmatrix1987  gepostet hat. den code kann man simple ändern um die werte nicht zu lesen sondern zu schreiben.
gruß piotr
|
|
|
|
|
10/17/2012, 23:21
|
#36
|
elite*gold: 0
Join Date: Jul 2011
Posts: 5
Received Thanks: 2
|
So the first step is done  Map is finished. Here a preview of the GW2 bot.
|
|
|
|
|
10/18/2012, 00:04
|
#37
|
elite*gold: 30
Join Date: May 2008
Posts: 201
Received Thanks: 321
|
Quote:
Originally Posted by djmatrix1987
So the first step is done Map is finished. Here a preview of the GW2 bot.
|
Nice was wirds wenns fertig ist? nen bot mit wegpunkten oder wie?
gruß piotr
|
|
|
|
|
10/18/2012, 01:33
|
#38
|
elite*gold: 0
Join Date: Jul 2011
Posts: 5
Received Thanks: 2
|
Wird ein richtiger Bot mit Wegpunkten, diese mann dan auf der Karte zeichnen kann. Im Moment sind die Wegpunkte ingame auch auf der Karte vorhanden und die Rüssi / Händler.
|
|
|
|
|
10/18/2012, 14:21
|
#39
|
elite*gold: 0
Join Date: Oct 2012
Posts: 6
Received Thanks: 3
|
Quote:
Originally Posted by Cencil
Packet encryption for sending packets (imagebase already added)
Code:
off_NetworkClass = $015C1DD4; // [15754]
off_EncryptCallAdd = $1CC; // [15754]
off_EncryptPacket = $00A62190; // [15754]
procedure EncryptPacket(pBuffer, pTargetBuffer: Pointer; bufferSize: Integer);
const
// delphi __thiscall hekk, ignore _eax and _edx and reverse the order
gw2Encrypt: procedure( _eax, _edx, pThis, pTargetBuffer, pBuffer: Pointer; bufferSize: Integer) = Pointer(off_EncryptPacket);
begin
gw2Encrypt(nil, nil, Pointer(PCardinal(off_NetworkClass)^ + off_EncryptCallAdd), pTargetBuffer, pBuffer, bufferSize);
end;
After the encryption you have to send your packet immediately or the server will receive wrong encrypted packets by the client. Just put the targetbuffer into the winsock send function, so easy. |
Hi, first thanks for these offsets, this is very interresting, i tried to implement this to a c++ dll. Hooks on EncryptPacket and send are applying fine but when EncryptPacket is called, the game instantly crashes :/
Here is the code i do in my hooked EncryptPacket & send :
Code:
VOID __fastcall m_PacketEncrypt(VOID* pTargetBuffer, VOID* pBuffer, int bufferSize)
{
DWORD NetClassptr = *(DWORD*)(gw2_base + NetworkClass);
VOID* EncryptCallAdd = *(VOID**)(NetClassptr + EncryptCall);
/*for(int i = 0; i < bufferSize; i++)
{
cout << hex << pBuffer[i];
}*/
cout << "m_PacketEncrypt()" << endl;
cout << hex << NetClassptr << endl;
cout << hex << EncryptCallAdd << endl;
cout << hex << (const char*)pBuffer << endl;
cout << hex << (const char*)pTargetBuffer << endl;
cout << bufferSize << endl;
cout << "m_PacketEncrypt()" << endl;
cout << "_________________" << endl;
//m_send(m_s, (const char*)pTargetBuffer, bufferSize, NULL);
return pPacketEncrypt(NULL, NULL, EncryptCallAdd, pTargetBuffer, pBuffer, bufferSize);
}
int WINAPI m_send(SOCKET s, const char* buf, int len, int flags)
{
cout << "m_send()" << endl;
cout << buf << endl;
cout << len << endl;
cout << flags << endl;
cout << "m_send()" << endl;
cout << "________" << endl;
m_s = s;
return pSend(s, buf, len, flags);
}
Can help me plz ? winsock send hook work pretty but not packet enc 
|
|
|
|
|
10/18/2012, 14:25
|
#40
|
elite*gold: 97
Join Date: Jun 2007
Posts: 2,246
Received Thanks: 4,850
|
I'm sure there are better ways to send packets. GW2 puts all packets into a list and sends it, there is a high chance that your encryption will fail if you do it in your own thread.
Still had no time to completely reverse it.
return pPacketEncrypt(NULL, NULL, EncryptCallAdd, pTargetBuffer, pBuffer, bufferSize);
Looks wrong, EncryptCallAdd should be the first parameter (as you use msfastcall). Also you don't need to add the base to the offset, I already did it.
If your code is a detour you should also add edx and ecx as the first parameters
VOID __fastcall m_PacketEncrypt(VOID* ecx, VOID * Unused, int bufferSize, VOID* pBuffer, VOID* pTargetBuffer)
Hope this helps.
Anyway here's my detour in delphi, it's crap but hey it works.
Code:
procedure hk_PacketCrypt(_eax, _edx, pThis, pEncryptedBuffer, pBuffer: Pointer; packetSize: Integer);
var
buffer: Array of Byte;
i: Integer;
sLog, sOpName: string;
wOpCode: Word;
const
org_PacketCrypt: procedure(_eax, _edx, pThis, pEncryptedBuffer, pBuffer: Pointer; packetSize: Integer) = Pointer($00A62190);
begin
if (g_bLogOutgoingPackets) then
begin
SetLength(buffer, packetSize);
Move(pBuffer^, buffer[0], packetSize);
for i := Low(buffer) to High(buffer) do
begin
sLog := sLog + IntToHex(buffer[i], 2) + ' ';
end;
Move(buffer[0], wOpCode, SizeOf(wOpCode));
case wOpCode of
$0D:
sOpName := 'MovementHeartbeat';
$0F:
sOpName := 'CastSpell';
$21:
sOpName := 'MoveItem';
$54:
sOpName := 'ChatMessage';
$56:
sOpName := 'SlashCommand';
$7C:
sOpName := 'Unlock bag slot'
else
sOpName := 'Unknown';
end;
LogConsole ('======================================================');
LogConsoleF('C->S Packet code: %x (%s) Size: %d', [wOpCode, sOpName, Length(buffer)]);
LogConsole ('======================================================');
LogConsole (sLog);
LogConsole ('======================================================');
end;
org_PacketCrypt(_eax, _edx, pThis, pEncryptedBuffer, pBuffer, packetSize);
end;
I'm overwriting the call at 0x00A5D011, else you'll also see the incoming packets.
|
|
|
|
|
10/18/2012, 22:03
|
#41
|
elite*gold: 4
Join Date: Feb 2008
Posts: 3,854
Received Thanks: 1,268
|
Code:
E-Mail Address - 0x015C0D38
|
|
|
|
|
10/18/2012, 22:03
|
#42
|
elite*gold: 0
Join Date: Oct 2012
Posts: 6
Received Thanks: 3
|
Thanks for the answer, i'm doing like this now but it crash at calling oPacketEncrypt (I cleaned my src a little ^^') (oPacketEncrypt is new name for pPacketEncrypt)
Code:
VOID __fastcall m_PacketEncrypt(VOID* _EAX, VOID* _ECX, VOID* pTargetBuffer, VOID* pBuffer, int bufferSize)
{
DWORD NetClassptr = *(DWORD*)(NetworkClass);
DWORD EncryptCallAdd = *(DWORD*)(NetClassptr + EncryptCall);
cout << "================================" << endl;
cout << NetClassptr << endl;
cout << EncryptCallAdd << endl;
cout << "================================" << endl;
//m_send(m_s, (const char*)pTargetBuffer, bufferSize, 0);
return oPacketEncrypt(_EAX, (VOID*)EncryptCallAdd, NULL /*don't find what place here and NULL fail*/, pTargetBuffer, pBuffer, bufferSize);
}
I use MSDetours 1.5 and the call of m_PacketEncrypt works fine now !
In PacketEncrypt(_EAX, (VOID*)EncryptCallAdd, NULL, pTargetBuffer, pBuffer, bufferSize);
I set 3rd parameters as NULL because I didn't know which argument passing to it.
Also after checking
DWORD EncryptCallAdd = *(DWORD*)(NetClassptr + EncryptCall) are set with some random numbers, i'm sure the cast is good and i removed the base adding indeed ><
I'm very new with hooks, i just done on D3DWrapper project, and i search for a deep documentation on, because i had failed to find one good with ggl!
So thanks again for explanation.
PS : how i declare my Hook :
Code:
typedef VOID (__thiscall *tPacketEncrypt)(VOID* _EAX, VOID* _EDX, VOID* pThis, VOID* pTargetBuffer, VOID* pBuffer, int bufferSize);
tPacketEncrypt oPacketEncrypt;
VOID __fastcall m_PacketEncrypt(VOID* _EAX , VOID* _ECX, VOID* pThis, VOID* pTargetBuffer, VOID* pBuffer, int bufferSize);
|
|
|
|
|
10/18/2012, 22:27
|
#43
|
elite*gold: 4
Join Date: Feb 2008
Posts: 3,854
Received Thanks: 1,268
|
For Constants Data, uvm.:
Code:
public enum ItemRarities : uint
{
Junk = 0,
Common = 1,
Fine = 2,
Masterwork = 3,
Rare = 4,
Exotic = 5,
Legendary = 6,
}
public enum AgentAttitudes : uint
{
Friendly = 0,
Hostile = 1,
Neutral = 2,
UnattackablePNJ = 3,
}
public enum GatheringType : uint
{
Herb = 0,
Wood = 1,
Mine = 2,
None = 3,
}
public enum ItemTypes : uint
{
Armor = 0,
Back = 1,
Bag = 2,
Consumable = 3,
Container = 4,
CraftingMaterial = 5,
Gathering = 6,
Gizmo = 7,
MiniDeck = 9,
Tool = 13,
Trinket = 15,
Trophy = 16,
UpgradeComponent = 17,
Weapon = 18,
//NUM_ITEM_TYPES = 19,
}
public enum AgentTypes : uint
{
Char = 0,
Gadget = 8,
Gadget_Attack_Target = 9,
Item = 13,
}
public enum EquipmentSlot : uint
{
AquaticHeadgear = 0,
Chest = 2,
Boots = 3,
Gloves = 4,
Headgear = 5,
Leggings = 6,
Shoulders = 7,
Back = 11,
Accessory1 = 12,
Accessory2 = 13,
Amulet = 14,
Ring1 = 15,
Ring2 = 16,
TownClothesHeadgear = 17,
TownClothesChest = 18,
TownClothesGloves = 19,
TownClothesLeggings = 20,
TownClothesShoes = 21,
TownClothesToy = 22,
AquaticWeapon = 24,
AlternateAquaticWeapon = 25,
MainHandWeapon = 29,
OffHandWeapon = 30,
AlternateMainHandWeapon = 31,
AlternateOffHandWeapon = 32,
ForagingTool = 34,
LoggingTool = 35,
MiningTool = 36,
}
public enum ItemDurabilities : uint
{
Ok = 0,
Damaged = 1,
Broken = 2,
}
public enum UiFlags : int
{
Autoloot = 0x2,
EnableCameraShake = 0x8,
UseFreeCamera = 0x10,
DoubleClickToAttackInteract = 0x100,
InvertCameraYAxis = 0x1000,
ShowAllEnemyNames = 0x10000,
ShowAllNPCNames = 0x20000,
ShowAllPlayerNames = 0x8000,
ShowSkillRecharge = 0x80000,
SimplePartyUI = 0x200000,
Autotargeting = 0x400000,
StopAutoAttackingOnTargetChange = 0x800000,
DoubleTapToEvade = 0x2000000,
DisableAreaOfEffectRings = 0x1000000,
FastCastGroundTargeting = 0x4000000,
PromoteSkillTarget = 0x8000000,
MeleeAttackAssist = 0x10000000,
}
public enum ResolutionMode : uint
{
Windowed = 0,
Fullscreen = 1,
FullscreenWindowed = 2,
}
public enum WeaponType : byte
{
Sword = 0,
Hammer = 1,
Longbow = 2,
Shortbow = 3,
Axe = 4,
Dagger = 5,
Greatsword = 6,
Mace = 7,
Pistol = 8,
Rifle = 10,
Scepter = 11,
Staff = 12,
Focus = 13,
Torch = 14,
Warhorn = 15,
Shield = 16,
Spear = 19,
HarpoonGun = 20,
Trident = 21,
}
public enum SkillTypes : uint
{
Ability = 0,
Buff = 1,
}
Source: [B][URL="http://www.**************/forums/mmo/guild-wars-2/gw2-memory-editing/378035-gw2-constant-data-enums-structs-etc.html"]Here[/URL][/B]
|
|
|
|
|
10/19/2012, 05:06
|
#44
|
elite*gold: 97
Join Date: Jun 2007
Posts: 2,246
Received Thanks: 4,850
|
Quote:
Originally Posted by midi12
Thanks for the answer, i'm doing like this now but it crash at calling oPacketEncrypt (I cleaned my src a little ^^') (oPacketEncrypt is new name for pPacketEncrypt)
Code:
VOID __fastcall m_PacketEncrypt(VOID* _EAX, VOID* _ECX, VOID* pTargetBuffer, VOID* pBuffer, int bufferSize)
{
DWORD NetClassptr = *(DWORD*)(NetworkClass);
DWORD EncryptCallAdd = *(DWORD*)(NetClassptr + EncryptCall);
cout << "================================" << endl;
cout << NetClassptr << endl;
cout << EncryptCallAdd << endl;
cout << "================================" << endl;
//m_send(m_s, (const char*)pTargetBuffer, bufferSize, 0);
return oPacketEncrypt(_EAX, (VOID*)EncryptCallAdd, NULL /*don't find what place here and NULL fail*/, pTargetBuffer, pBuffer, bufferSize);
}
I use MSDetours 1.5 and the call of m_PacketEncrypt works fine now !
In PacketEncrypt(_EAX, (VOID*)EncryptCallAdd, NULL, pTargetBuffer, pBuffer, bufferSize);
I set 3rd parameters as NULL because I didn't know which argument passing to it.
Also after checking
DWORD EncryptCallAdd = *(DWORD*)(NetClassptr + EncryptCall) are set with some random numbers, i'm sure the cast is good and i removed the base adding indeed ><
I'm very new with hooks, i just done on D3DWrapper project, and i search for a deep documentation on, because i had failed to find one good with ggl!
So thanks again for explanation.
PS : how i declare my Hook :
Code:
typedef VOID (__thiscall *tPacketEncrypt)(VOID* _EAX, VOID* _EDX, VOID* pThis, VOID* pTargetBuffer, VOID* pBuffer, int bufferSize);
tPacketEncrypt oPacketEncrypt;
VOID __fastcall m_PacketEncrypt(VOID* _EAX , VOID* _ECX, VOID* pThis, VOID* pTargetBuffer, VOID* pBuffer, int bufferSize);
|
Function header should be
VOID __fastcall m_PacketEncrypt(VOID* pThis, VOID* Unused, int bufferSize, VOID* pBuffer, VOID* pTargetBuffer)
typedef VOID (__thiscall *tPacketEncrypt)(VOID* _EAX, VOID* _EDX, VOID* pThis, VOID* pTargetBuffer, VOID* pBuffer, int bufferSize);
should be
typedef VOID (__thiscall *tPacketEncrypt)(VOID* pThis, int bufferSize, VOID* pBuffer, VOID* pTargetBuffer);
and
VOID __fastcall m_PacketEncrypt(VOID* _EAX , VOID* _ECX, VOID* pThis, VOID* pTargetBuffer, VOID* pBuffer, int bufferSize));
should be
VOID __fastcall m_PacketEncrypt(VOID* pThis, VOID* Unused, int bufferSize, VOID* pBuffer, VOID* pTargetBuffer);
Since msfastcall is different than borlands fastcall. My first post was also a bit wrong, I just corrected it.
edit: Just letting you know that the offsets are not working anymore with the latest patch
|
|
|
|
|
10/20/2012, 18:04
|
#45
|
elite*gold: 0
Join Date: Oct 2012
Posts: 6
Received Thanks: 3
|
Quote:
Originally Posted by Cencil
edit: Just letting you know that the offsets are not working anymore with the latest patch |
Thanks detouring PacketEncrypt is now working fine, just crashing at original call but i'll work on it (whend using encryptcalladd).
The problem i have is i got a high number of packet throught the hook o_o
I use currently use pThis in oPacketEncrypt because EncryptCallAdd make the program crashing, i'm think it's because of the use of pThis and not of EncryptCallAdd that i got a lot of packet.
And yes new offsets are :
Code:
#define NetworkClass 0x015C1DD4
#define EncryptCall 0x1CC
#define EncryptPacket 0x00A62160
Just EncryptPacket changed !
Ok, this is fixed, i just check pThis is equal to EncryptCall to just log outgoing packet ^^"
But packets are differents than your, eg for Heartbeat i got:
Code:
size : 4
packet : c 0 0 0
Thanks again for help Cencil
|
|
|
|
 |
|
Similar Threads
|
Grand Chase Memory Hacking Brigade Application Thread
07/20/2011 - Grand Chase - 34 Replies
Grand Chase Memory Hackers Brigade
http://www.elitepvpers.com/forum/customgroupicons/ socialgroupicon_1406_1294233999.gif
Since i can't do memory hacking alone i need to gather members that can help me.. make and revive memory hacking... i got just the idea on how to make mle working again.. too bad i need someone who can help me with it..Now to begin with.. You need 1st to introduce yourself.. here follow this format:
Why do you want to join in the club?
Programming Language you...
|
grand chase memory hackers brigade application thread
01/10/2011 - Grand Chase Philippines - 26 Replies
Grand Chase Memory Hackers Brigade
http://www.elitepvpers.com/forum/customgroupicons/ socialgroupicon_1406_1294233999.gif
Since i can't do memory hacking alone i need to gather members that can help me.. make and revive memory hacking... i got just the idea on how to make mle working again.. too bad i need someone who can help me with it..Now to begin with.. You need 1st to introduce yourself.. here follow this format:
Why do you want to join in the club?
Programming Language you...
|
Quick Memory Editor - Alternative Memory Hacking Software
11/21/2009 - Cabal Hacks, Bots, Cheats, Exploits & Macros - 11 Replies
This might be detected or not by GameGuard, I have not tested this on Official servers however it worked perfectly fine on other private servers.
http://imagenic.net/images/x0jxwzwpg2zxmkdtcf36.p ng
This is just an alternative memory editing tool.
Press thanks if this helps.
Remember, scan before using this.
Cause its 5.5MB.
|
Fragen Zur Memory!!!(Auslesen von Spawn/Memory)
12/31/2008 - Guild Wars - 3 Replies
hey leute,
ich wollte mal einen bot schreiben und nun bin ich ganz verwirrt.
könnte mir jmd bitte schritt für schritt erklären wie das mit Memory auslesen, benutzen und der Spawnpointer funktioniert.
Ich wär sehr dankbar wenn jmd kontakt mit mir aufnehmen würde...
und sobald der bot fertig ist bekommt der ihn natürlicherweise umsonst:D
ICQ: 481799773
oder hier im forum
|
All times are GMT +1. The time now is 19:50.
|
|
