Register for your free account! | Forgot your password?

You last visited: Today at 15:10

  • Please register to post and access all features, it's quick, easy and FREE!

 

GW2 Memory Thread

Reply
 
Old   #106


 
elite*gold: 2826
Join Date: Mar 2009
Posts: 4,258
Received Thanks: 6,099
Quote:
Originally Posted by hans2116 View Post
Wie kann man so ein Packetsend Funktion finden??
Vielleicht mit Wireshark oder ollydbg??
OllyDBG wäre ein Anfang



buFFy! is offline  
Thanks
1 User
Old   #107
 
elite*gold: 5
Join Date: May 2009
Posts: 1,141
Received Thanks: 70
Quote:
Originally Posted by buFFy! View Post
OllyDBG wäre ein Anfang
Danke
Kennst du ein Paar gute OllyDBG Tutorial ??


hans2116 is offline  
Old   #108


 
elite*gold: 2826
Join Date: Mar 2009
Posts: 4,258
Received Thanks: 6,099
Lenas Reversing for Newbies. Einfach mal googlen.
buFFy! is offline  
Thanks
3 Users
Old   #109
 
elite*gold: 0
Join Date: Feb 2013
Posts: 5
Received Thanks: 0
Hey all. I know this is a rather old thread but IDK where else to post so whatever. I'm having some issues detour the packet funcion, here's the code. Note I'm using Sinners DetourXS.

I'm not familiar with fastcall hooks, so any help would be nice! Thanks.

Code:
/*
void __fastcall sub_A82A50(int a1, int a2, signed int a3)

call example
.text:00C37B8E                 mov     edx, 0Ah
.text:00C37B93                 mov     ecx, eax
.text:00C37B95                 call    sub_A82A50
*/

typedef VOID (__thiscall *tPacketEncrypt)(VOID* pThis, int bufferSize, VOID* pBuffer, VOID* pTargetBuffer);
tPacketEncrypt oPacketEncrypt;
VOID __fastcall m_PacketEncrypt(VOID* pThis, VOID* Unused, int bufferSize, VOID* pBuffer, VOID* pTargetBuffer)
{
	// note EDX, ECX, *
	// use inline asm ???
	return oPacketEncrypt( pThis, bufferSize, pBuffer, pTargetBuffer );
}

void init_hooks()
{
	// todo: sig scans
	oPacketEncrypt = (tPacketEncrypt)DetourCreate( (void*)0x00A82A50, m_PacketEncrypt, DETOUR_TYPE_JMP, 0x5 );
}

This code crashes almost instantly and brings up the send report dialog.


sgt.pootis is offline  
Old   #110
 
elite*gold: 0
Join Date: Dec 2012
Posts: 48
Received Thanks: 56
Quote:
Originally Posted by sgt.pootis View Post
This code crashes almost instantly and brings up the send report dialog.
Because that isn't the EncryptPacket function. Thats the PutPacketQueue function.
Deathsnacks is offline  
Old   #111
 
elite*gold: 0
Join Date: Dec 2009
Posts: 123
Received Thanks: 15
wäre schöön wenn man irgednwie die offsets auch vom andernen porter mal posten könnte.
urmomslover is offline  
Old   #112
 
elite*gold: 0
Join Date: Feb 2013
Posts: 5
Received Thanks: 0
Quote:
Originally Posted by Deathsnacks View Post
Because that isn't the EncryptPacket function. Thats the PutPacketQueue function.
[facepalm] Well no ****. [/facepalm]



This is what happens when you code when sleepys as hell. Oh well. *****
sgt.pootis is offline  
Old   #113
 
elite*gold: 0
Join Date: Feb 2013
Posts: 5
Received Thanks: 0
What are the parameters for the function? IDK what the first param is, and I believe the second parameter is a buffer length, and the 3rd parameter is a pointer to the buffer. Is that correct?
sgt.pootis is offline  
Old   #114
 
elite*gold: 0
Join Date: Nov 2012
Posts: 50
Received Thanks: 21
Code:
typedef VOID (__thiscall *tPacketEncrypt)(VOID* pThis, int bufferSize, VOID* pBuffer, VOID* pTargetBuffer);
It's a __thiscall, this means that the first parameter is always a pointer to an object of the class this function belongs to. You were right about the second parameter, thats the size of the buffer in bytes. Third parameter is source buffer. Forth Parameter is named wrong, it's not the destination where the encrypted buffer is written to, but rather a pointer to additional data which will be packed in the package (e.g. pointer to null terminated string for chat messages). The destination is not passed a as parameter.
Ext3h is offline  
Old   #115
 
elite*gold: 0
Join Date: Feb 2013
Posts: 5
Received Thanks: 0
I see. I figured that much out with google (the "this" pointer that is). What about the PutPacketQueue() function params? Same story?

Code:
typedef void (__fastcall *tPutPacketQueue)( void *pThis, int buffsz, void *pBuff );
sgt.pootis is offline  
Old   #116
 
elite*gold: 0
Join Date: Dec 2012
Posts: 48
Received Thanks: 56
Quote:
Originally Posted by sgt.pootis View Post
I see. I figured that much out with google (the "this" pointer that is). What about the PutPacketQueue() function params? Same story?

Code:
typedef void (__fastcall *tPutPacketQueue)( void *pThis, int buffsz, void *pBuff );
Yup.
Deathsnacks is offline  
Old   #117
 
elite*gold: 0
Join Date: Feb 2013
Posts: 5
Received Thanks: 0
Can anyone post some up-to-date classes/structures, or some somewhat outdated ones for me to reclass?


Thanks.
sgt.pootis is offline  
Old   #118
 
elite*gold: 0
Join Date: May 2009
Posts: 43
Received Thanks: 2
Well guys a little question for all of you before I'm starting to crash GW2 with a custom DLL for myself:

Are any kind of Anti-Cheat messures in GW2 and it's Launcher implemented? Like scanning for detours or invalid/modified packets/memoryregions and/or do they sent that information with their crashreports?

I've read that claim from MMOMinion that they might at least send some senstive information regarding that in their crashreport and even have a serverside parser for it filtering out any modifications and do autobans. Thats why I'm might be looking into hooking into it first before starting with anything more specific.

Or is that just a false claim, trying to stop people from injecting their dlls with another launcher (really sounds like it as its theoretically so easy to get around that kind of claimed crashreport-detection)?
The Annihilator is offline  
Old   #119
 
elite*gold: 0
Join Date: Jun 2012
Posts: 28
Received Thanks: 13
There is no client side anticheat in gw2. I wouldn't send crash reports just on the rare principal it might be looked at by someone. The only anticheat is server side pattern detection for instance if you sit in one spot for hours with a macro hitting button 1 to kill mobs. They also have a few checks on packets most interesting of which has to do with heartbeat/movement hence the distance bans for teleport hacking. I would try to avoid sending malformed/incorrect values in packets as well.
Rhubarb.Trader is offline  
Thanks
1 User
Old   #120
 
elite*gold: 0
Join Date: Aug 2011
Posts: 57
Received Thanks: 13
Does anyone know how the environment informarion is stored - i mean players, mobs, loot etc which are available on the map around the player (Is it arrays or kinda hashtables or anything else?). And a tip how to find it would be very helpfull too.


xoraxax is offline  
Reply



« Previous Thread | Next Thread »

Similar Threads
Grand Chase Memory Hacking Brigade Application Thread
Grand Chase Memory Hackers Brigade http://www.elitepvpers.com/forum/customgroupicons/socialgroupicon_1406_1294233999.gif Since i can't do...
34 Replies - Grand Chase
grand chase memory hackers brigade application thread
Grand Chase Memory Hackers Brigade http://www.elitepvpers.com/forum/customgroupicons/socialgroupicon_1406_1294233999.gif Since i can't do...
26 Replies - Grand Chase Philippines
Quick Memory Editor - Alternative Memory Hacking Software
This might be detected or not by GameGuard, I have not tested this on Official servers however it worked perfectly fine on other private servers....
11 Replies - Cabal Hacks, Bots, Cheats, Exploits & Macros
Fragen Zur Memory!!!(Auslesen von Spawn/Memory)
hey leute, ich wollte mal einen bot schreiben und nun bin ich ganz verwirrt. könnte mir jmd bitte schritt für schritt erklären wie das mit Memory...
3 Replies - Guild Wars



All times are GMT +2. The time now is 15:10.


Powered by vBulletin®
Copyright ©2000 - 2017, Jelsoft Enterprises Ltd.
SEO by vBSEO ©2011, Crawlability, Inc.

Support | Contact Us | FAQ | Advertising | Privacy Policy
Copyright ©2017 elitepvpers All Rights Reserved.