GW Working Bots 2019!

Nachico · 12/15/2019, 21:09

Quote:

Originally Posted by TripToSanity

Or, and hear me out on this, people could read the thread. It's a new issue that is being worked on. If you're not contributing to the solution, go find something else to do.

i highly doubt somebody is working on updating GWA2 atm. Most skilled devs that are left don't use gwa2 themselves as they have their owns API's. I've heard from people it might not be worth the time in updating since this update ****** with everything.

I'm just a messenger.

oneshout · 12/15/2019, 21:43

one more ****** update....
On holidays for the moment, christmas coming... Don't have much times

PS : Post with bots updated to **OUTDATED**

strecky · 12/16/2019, 15:26

working on bots And Testing 1-6 Bots Work

dzejdzej43 · 12/16/2019, 17:49

updated files will be in a main page?

oneshout · 12/17/2019, 08:06

Quote:

Originally Posted by dzejdzej43

updated files will be in a main page?

2020 coming fast... for better clarity and better search, maybe it will the good time for me to create new topic with all bots updated

nubleet · 12/18/2019, 04:40

Almost new year woop woop to another year of gw1

~~fivel_976~~ · 12/20/2019, 01:19

Quote:

Originally Posted by oneshout

2020 coming fast... for better clarity and better search, maybe it will the good time for me to create new topic with all bots updated

let us know if you start a 2020 thread

danyp1 · 12/20/2019, 05:16

TY

phat34 · 12/20/2019, 06:14

With the limited time and major compilation changes, it has been difficult to gain much ground with the updates but I am sure many are working on solutions to the current issues... Any new pattern updates should be posted here for testing. The keys to getting things working again lies in replacing the old patterns with new search patterns that lead to the correct subroutines of the newly compiled version of the code base.

Nachico · 12/21/2019, 15:22

Quote:

Originally Posted by phat34

With the limited time and major compilation changes, it has been difficult to gain much ground with the updates but I am sure many are working on solutions to the current issues... Any new pattern updates should be posted here for testing. The keys to getting things working again lies in replacing the old patterns with new search patterns that lead to the correct subroutines of the newly compiled version of the code base.

i am learning c++/assembly/CE/use dbg/Reclass/IDA/ as we speak. It's much to take in atm and started learning at the very basis of each subject. But im already making progress everyday. Probably in a few months i could provide things back to the community. As i have taken a lot from it aswel.

Thanks to everybody that is contributing!

list comprehension · 12/21/2019, 16:56

To use these you obviously need to be in the process space through .dll injection then GetModuleHandle to get the base for scanning. I have been making my own new patterns for my own personal API, however if I can confirm there is a public equivalent I will post it as well with my personal patterns as I have time. That way people have multiple options and some may be easier than others to update gwa2 api for example.
SendPacket:
Two valid patterns found so far:

Code:

55 8B EC 83 EC 78 A1 64 B1 A1 ?? 33 C5 89 45 FC 53 8B 5D 10 56 8B 75
Offset: none

Alternate Toolbox variant:
F7 D9 C7 47 54 01 ?? ?? ?? 1B C9 81
Offset: -C3

3vangelist · 12/22/2019, 00:47

Quote:

Originally Posted by phat34

With the limited time and major compilation changes, it has been difficult to gain much ground with the updates but I am sure many are working on solutions to the current issues... Any new pattern updates should be posted here for testing. The keys to getting things working again lies in replacing the old patterns with new search patterns that lead to the correct subroutines of the newly compiled version of the code base.

Wouldn't be so sure mate, some of these patterns use injected asm to get variables etc, and even with updated patterns you might not have the right vars in the same places

MrBigBones · 12/22/2019, 11:33

Quote:
Originally Posted by list comprehension
Two valid patterns found so far:
Code:
55 8B EC 83 EC 78 A1 64 B1 A1 ?? 33 C5 89 45 FC 53 8B 5D 10 56 8B 75
Offset: none

Alternate Toolbox variant:
F7 D9 C7 47 54 01 ?? ?? ?? 1B C9 81
Offset: -C3

Your pattern doesn't work and is not very well choosen. Most of the bytes (The first ones) will appear in almost every functions so won't help much. Moreover, the assembly for the first pattern is:

Code:

011E1A50 | 55                       | push ebp
011E1A51 | 8BEC                     | mov ebp,esp
011E1A53 | 83EC 78                  | sub esp,78
011E1A56 | A1 64B14901              | mov eax,dword ptr ds:[149B164]
   Notice                                                   ^^^^^^^
011E1A5B | 33C5                     | xor eax,ebp
011E1A5D | 8945 FC                  | mov dword ptr ss:[ebp-4],eax
011E1A60 | 53                       | push ebx
011E1A61 | 8B5D 10                  | mov ebx,dword ptr ss:[ebp+10]
011E1A64 | 56                       | push esi
011E1A65 | 8B75 0C                  | mov esi,dword ptr ss:[ebp+C]

After the byte "A1" you put one wildcard byte. (i.e. "??") You should have 4 of them, because it represent the address in "mov eax,dword ptr ds:[149B164]" which changes on regular bases. Since the last update, it potentially changes on every start. Indeed, it's an address in ".data" segment which can be loaded at different addresses, because of ASLR. (Address Space Layout Randomization)

Finally, the pattern in GWCA (GWToolbox as you said) is:

Code:

F7 D9 C7 47 54 01 00 00 00 1B C9 81
Offset: -C3

jc2570147 · 12/23/2019, 07:45

would love to help but I am illiterate when it comes to coding and programming. im good on the technical side but that's about it

jc2570147 · 12/24/2019, 22:58

Has there been any updates anyone on a updated gwa2 file or is it more than just that needs re worked?