![[Release]INT Hack Example](https://www.elitepvpers.com/forum/iconimages/kal-hacks-bots-cheats-exploits/release-int-hack-example_ltr.gif){kind=small}
With this Basic you can Send Packet's & Recive Packets .....
You can make a Proxy dll with this source..
- Working Send
- Working Recv
- CommandHandleThread
- Behade all Mobs
- Pick up drop's around you
PHP Code:
#include <WinSock2.h>
#include "detours.h"
#include <Windows.h>
#include <iostream>
#include <io.h>
#include <fcntl.h>
#pragma comment(lib, "detours.lib")
#pragma comment(lib, "ws2_32.lib")
#pragma pack(push, 1)
void InitConsole() {
AllocConsole();
int HandleIn = _open_osfhandle((long)GetStdHandle(STD_INPUT_HANDLE), _O_TEXT);
int HandleOut = _open_osfhandle((long)GetStdHandle(STD_OUTPUT_HANDLE), _O_TEXT);
FILE *In = _fdopen(HandleIn, "r");
FILE *Out = _fdopen(HandleOut, "w");
*stdin = *In;
*stdout = *Out;
SetConsoleTitleA("KalOnline Reloaded 2011.....");
}
bool bDataCompare(const BYTE* pData, const BYTE* bMask, const char* szMask)
{
for(;*szMask;++szMask,++pData,++bMask)
if(*szMask=='x' && *pData!=*bMask )
return false;
return (*szMask) == NULL;
}
DWORD dwFindPattern(DWORD dwAddress,DWORD dwLen, BYTE *bMask, char * szMask) {
for(DWORD i=0;i<dwLen;i++)
if( bDataCompare( (BYTE*)( dwAddress+i ),bMask,szMask) )
return (DWORD)(dwAddress+i);
return NULL;
}
DWORD dwFakeSend = dwFindPattern(0x401000,0x2bc000,(BYTE*)"\x55\x8B\xEC\x83\xEC\x18\x83\x3D\x00\x00\x00\x00\x00\x00\x00\x33\xC0","xxxxxxxx???????xx");
DWORD dwRealSendNoCrypt = dwFindPattern(dwFakeSend+1,0x2bc000,(BYTE*)"\x55\x8B\xEC\x83\xEC\x18\x83\x3D\x00\x00\x00\x00\x00\x00\x00\x33\xC0","xxxxxxxx???????xx");
DWORD dwSendBack = dwRealSendNoCrypt+0x06;
int (__stdcall *DetourRecv)(SOCKET Socket, char *Buffer, int Length, int Flags);
__declspec(naked) int __cdecl SendPacket (BYTE bHeader , LPCSTR szFormat , ... ){
__asm{
push ebp
mov ebp, esp
sub esp, 18h
}
__asm{JMP dwSendBack};
}
void PlayerAppear(char *szBuffer){
// --- --- ---
}
void MonsterAppear(char *szBuffer){
DWORD dwMonsterIID = *(DWORD*)&szBuffer[5];
int imX = *(DWORD*)&szBuffer[9];
int imY = *(DWORD*)&szBuffer[13];
}
void Item(char *szBuffer){
DWORD dwIID = *(DWORD*)&szBuffer[5];
int iX = *(DWORD*)&szBuffer[5+4];
int iY = *(DWORD*)&szBuffer[5+4+4];
SendPacket(0x1D,"ddd",dwIID,iX/32,iY/32);
}
void MonsterDie(char *szBuffer){
DWORD dwMonsterBehade = *(DWORD*)&szBuffer[3];
SendPacket(0x0D,"bbd",1,1,dwMonsterBehade);
}
void MyRecv(char *szBuffer, int iLength) {
switch(szBuffer[2])
{
case 0x32://Player Appear
PlayerAppear(szBuffer);
break;
case 0x33://Monster Appear
MonsterAppear(szBuffer);
break;
case 0x36://Item Drop
Item(szBuffer);
break;
case 0x3d://Mob Died
MonsterDie(szBuffer);
break;
default:
int iSize = *(int*)&szBuffer[2];
for(int iPack=0;iPack<=iSize,iPack++;)
{
std::wcout << "%02x " << (BYTE)szBuffer[iPack] << std::endl;
}
std::wcout << "\n" << std::endl;
break;
}
}
/***********************************
Credits to .....?! I don't know o.O
************************************/
int ASyncPos = 0;
int FinalSize = 0;
int WINAPI FilterRecv(SOCKET Socket,char *Buffer, int iLength, int iFlags)
{
if (ASyncPos==FinalSize && FinalSize>0)
{
MyRecv(Buffer, ASyncPos);
ASyncPos = 0;
}
int RecvRET = DetourRecv(Socket, Buffer, iLength, iFlags);
if (RecvRET<0)
{
return RecvRET;
}
if (ASyncPos==0)
FinalSize = *((short int*) Buffer);
ASyncPos+=RecvRET;
return RecvRET;
}
DWORD WINAPI CommandHandle(LPVOID) {
wchar_t Handler[255] = {0};
while(true) {
std::wcin >> Handler;
if(std::wcscmp(Handler, L"Info") == 0) {
std::wcout << "KalOnline Reloaded...2011....\n\n" << std::endl;
}
}
}
DWORD WINAPI MainThread(LPVOID) {
// Init Command Prompt
InitConsole();
// Init Command Handle Thread
CreateThread(NULL,0,CommandHandle,NULL,0,NULL);
// Init Recv
DetourRecv = (int (__stdcall *)(SOCKET, char *, int, int))DetourFunction((PBYTE)recv, (PBYTE)FilterRecv);
ExitThread(0);
}
BOOL WINAPI DllMain(HINSTANCE hInst,DWORD dwReason,LPVOID) {
switch(dwReason) {
case DLL_PROCESS_ATTACH:
CreateThread(NULL,0,MainThread,NULL,0,NULL);
break;
case DLL_PROCESS_DETACH:
break;
}
}
|||||||||||||||||||||||||||||||||||||||||||||||||| ||||||
more thing's you can add ->
PHP Code:
BYTE bBotInstance;
void MonsterAttackPlayer(char *szBuffer, BYTE bType)
{
switch(bType)
{
case 1: //Skill Attack
if(bBotInstance==1)
{
DWORD dwAttackedPlayerID = *(DWORD*)&szBuffer[8];
DWORD dwAttackMonsterID = *(DWORD*)&szBuffer[4];
}
break;
case 2: //Normal Attack
if(bBotInstance==1)
{
DWORD dwAttackedPlayerID = *(DWORD*)&szBuffer[7];
DWORD dwAttackMonsterID = *(DWORD*)&szBuffer[3];
}
break;
}
}
PHP Code:
case 0x3f://Monster -> Player Skill Attack
MonsterAttackPlayer(Buffer,1);
break;
case 0x3e://Someone attacks someone
MonsterAttackPlayer(Buffer,2);
break;
||||||||||||||||||||||||||||||||||||||||||||||
PHP Code:
case 0x45://State Changed
switch(szBuffer[3])
{
case 0x19://Exp Increase
DWORD dwGetExp = *(DWORD*)&szBuffer[12];
std::wcout << "%d " << dwGetExp << std::endl;
break;
}
break;
PHP Code:
if(std::wcscmp(Handler, L"og") == 0) {
for(int i = 0;i<100;i++){
Sleep(1);
SendPacket(0x12,"bbb",0,0,-129);
}
}
if(std::wcscmp(Handler, L"ug") == 0) {
for(int i = 0;i<100;i++){
Sleep(1);
SendPacket(0x12,"bbb",0,0,129);
}
}
PHP Code:
SendPacket(0x15,"dbbww",Npc ID,100,1,ItemIndex,1);
NpcID you can get from Recv or send..
ItemIndex from config.pk/uce/item lists..
