Register for your free account! | Forgot your password?

Go Back   elitepvpers > MMORPGs > Kal Online
You last visited: Today at 14:57

  • Please register to post and access all features, it's quick, easy and FREE!


Shop hack

Discussion on Shop hack within the Kal Online forum part of the MMORPGs category.

Closed Thread
 
Old 01/08/2008, 22:28   #16
 
elite*gold: 0
Join Date: Dec 2007
Posts: 652
Received Thanks: 132
@Swatty Du glaubst garnicht wie viel ich weiß :P
@Illu mach doch bitte nen Leerzeichen zwischen : und D. Danke.

Und hey, ich bin einer der wenigen die nen kompilierten KH11 haben :P:P
Nochmal danke dickerchen :P:P



MeepMoep is offline  
Old 01/08/2008, 22:41   #17
 
elite*gold: 0
Join Date: Jan 2007
Posts: 204
Received Thanks: 26
zeig maln screen von dem hack ingame pl0x


Analigator is offline  
Old 01/08/2008, 22:58   #18
 
elite*gold: 0
Join Date: Dec 2007
Posts: 652
Received Thanks: 132
Das man mir hier nichts glaubt o_O


MeepMoep is offline  
Old 01/08/2008, 23:06   #19
 
elite*gold: 120
Join Date: Sep 2007
Posts: 10,481
Received Thanks: 4,415
Hast wieder bei irgendwem geschnorrt du **** als ob du das selber gemacht hast, also gib nich so an^^


exeduz is offline  
Old 01/08/2008, 23:08   #20
 
elite*gold: 0
Join Date: Dec 2007
Posts: 652
Received Thanks: 132
Soll ich dir nen screen der Source machen kleiner? ^^
Aber ich hatte hilfe, das geb ich zu ;D
MeepMoep is offline  
Old 01/08/2008, 23:11   #21
 
elite*gold: 120
Join Date: Sep 2007
Posts: 10,481
Received Thanks: 4,415
loooooool..
wow die source hab ich auch.. tadaaah..

Quote:
#
#
KAL HACK 11 by BakaBug
#
-----------------------------------------
#
stricsamo you little wannabe !
#
First stealing my KalHack8 renaming it to KsBOT
#

#
And then telling everyone that you have written KalHack1-11
#
and wanna release it ? COM'ON RELEASE IT !!
#

#
Anyways guy's..
#

#
This hack would still work on INT-Server when
#
you know how to use it...
#
True is this is only a TEST-HACK
#
Used for checking how to the new hshild is ...
#

#
New Hshild is really better .. but arg it doesnothing ..
#

#
Anyways you can't call it a fully hack
#
The source were wirtten in 20min without any reason
#
for making it to a GOOD HACK / BOT
#

#
It include a little funny bot
#
(which is handled over a bad written packet handling)
#

#
BOT DO:
#
1. Walk form mob to mob
#
2. Kill it ..
#

#
Yeah not much + whats funny about it ?
#

#
The fun comes here:
#
No Players around: Move speed superman... toooooo fast XD
#
1 or more player : Normal move speed + walking on ground normal attack speed
#

#
Yeah nobody would see it as bot :X
#

#
I called it invisible bot ^^
#

#
Auto-pickup am not sure but i think it inclded a noobs-test pickup..
#

#
Anyways everything is worse written...
#

#
(c) BakaBug - Luca Béla Palkovics 31.Dez.2007 15:33
#
You can see this as a little present from me !
#
HAPPY NEW YEAR !!!
#

#
You can use the source where you want.. XD
#
But pls add my Name XD .. don't be a wannabe like "stric samo"
#

#

#
AH FOR THE NOOBS:
#
No this is not a full hack
#
No you can't copy past finish
#

#
FOR PROFIS:
#
SearchPattern does nothing else then serach for a ASM-Sequenze
#
My Detours working without problems
#

#
FOR SOMEONE WHO WANT TO MAKE IT BETTER:
#
DON'T USE THE SEND-DETOUR FOR GETTING WHATS SENT !!
#
AS YOU SEE IT'S REALLY HARD TO FILER OUT THE PACKET INFOS THIS WAY
#
IT'S BETTER YOU DO IT LIKE THE RECV-DETOUR
#
*/
#
#include <stdio.h>
#
#include "HackIt.h"
#
#include "Hook.h"
#
#include <iostream>
#
#include <fstream>
#
#include <stdio.h>
#
#include <fcntl.h> /* for _O_TEXT and _O_BINARY */
#
#include <io.h>
#
#include <process.h>
#
// basic file operations
#
#include <iostream>
#
#include <fstream>
#
#include <math.h>
#

#
//connect to myself
#
char SendText[]="SEND TYPE: 0x%0.2x FORMAT: %sn";
#
char RecvText[]="RECV TYPE: 0x%0.2x DATA : ";
#

#
DWORD MyRecvBack,MySendBack,MyHeightBack,MyTeleportBack;
#
DWORD GetUnitByName;
#

#
struct SPlayer
#
{
#
DWORD PID;
#
DWORD X;
#
DWORD Y;
#
DWORD Z;
#
BYTE Classe;
#
char name[255];
#
};
#
SPlayer Player[500]={0};
#

#
struct SItem
#
{
#
DWORD Item;
#
DWORD X;
#
DWORD Y;
#
DWORD Z;
#
};
#
SItem Item[500]={0};
#

#
struct SMob
#
{
#
DWORD MID;
#
DWORD X;
#
DWORD Y;
#
DWORD Z;
#
BYTE Classe;
#
DWORD HP;
#
};
#
SMob Mob[500]={0};
#

#
int playerx,mobsx,hp,mp;
#
int last_u=0;
#
DWORD temp={0};
#
DWORD lastweapon={0};
#
DWORD target;
#
DWORD botstate=0;
#
DWORD FightBack[500]={0};
#
DWORD start_x,start_y,lastmove;
#
DWORD attackcount=0;
#

#
void IntDEBUG()
#
{
#
int hCrtIn, hCrtOut;
#
FILE *conIn, *conOut;
#

#
AllocConsole();
#
hCrtIn = _open_osfhandle ((intptr_t) GetStdHandle(STD_INPUT_HANDLE), _O_TEXT);
#
hCrtOut = _open_osfhandle ((intptr_t) GetStdHandle(STD_OUTPUT_HANDLE), _O_TEXT);
#
conIn = _fdopen( hCrtIn, "r" );
#
conOut = _fdopen( hCrtOut, "w" );
#
*stdin = *conIn;
#
*stdout = *conOut;
#
}
#

#
float Naked Something2(DWORD some,DWORD some2,...)
#
{
#
//jep
#
__asm
#
{
#
push ebp
#
mov ebp, esp
#
sub esp, 40h
#
}
#
//SOMETHING yeahhh
#
__asm
#
{
#
jmp MyTeleportBack
#
}
#
}
#

#

#
DWORD Naked Something(DWORD some,DWORD some2,...)
#
{
#
_asm
#
{
#
push ebp
#
mov ebp, esp
#
push ecx
#
fild [ebp+0x08]
#
mov eax, [ebp+0x0C]
#
shl eax, 0Dh
#
mov [ebp-0x04], eax
#
fisub [ebp-0x04]
#
mov esp, ebp
#
pop ebp
#
fstp [ebp-0x04]
#
mov eax,[ebp-0x04]
#
retn
#
}
#
}
#

#
DWORD Naked CalculateMapPart(DWORD someDWORD)
#
{
#
__asm
#
{
#
push ebp
#
mov ebp, esp
#
sub esp, 1Ch
#
mov eax,someDWORD //GET VARIBALE FROM STACK
#
cdq // -> EAX -> 64bit auf EDX:EAX
#
and edx, 1FFFh
#
add eax, edx
#
sar eax, 0Dh //roate 13bit Oo (right)
#
//return
#
mov esp, ebp
#
pop ebp
#
retn
#
}
#
}
#

#
float Naked MyHeightDetour(DWORD x,DWORD y,...)
#
{
#
__asm
#
{
#
push ebp
#
mov ebp, esp
#
sub esp, 94h
#
}
#
//show info
#
//printf("Height 0x%08x 0x%08x %fn ",x,y);
#
__asm
#
{
#
jmp MyHeightBack //back to original
#
}
#
}
#

#
DWORD GetUnit(char* name)
#
{
#
__asm jmp GetUnitByName;
#
}
#

#
int Naked MySendDetour(DWORD type,LPCSTR format,...)
#
{
#
__asm
#
{
#
push ebp
#
mov ebp, esp
#
sub esp, 18h
#
}
#

#

#
//if (format[0] =='U')
#
//DO SOMETHING HEHE
#
/*
#
SEND TYPE: 0x2b FORMAT: Ubd
#
SEND TYPE: 0x10 FORMAT: Ubbd
#
*/
#

#
//printf(SendText,type,format);
#

#
if (type == 0x25)
#
{
#
printf("SEND TELPORT TO TOWN !!!n");
#
botstate=0;
#
Sleep(1000);
#
}
#

#
va_list args;
#
va_start(args, format); /* Initialize variable arguments. */
#

#
int i,s;
#
char* something;
#
for (i=0;i<strlen(format);i++)
#
{
#
switch (format[i])
#
{
#
case 'U': //??? 4bytes
#
temp=va_arg( args, DWORD);
#
last_u=temp;
#
break;
#
case 'b': //BYTE
#
if ((i==1)&&((type==0x14)||(type==0x15)))
#
Player[0].X+=(signed char)va_arg( args, DWORD);
#
if ((i==2)&&((type==0x14)||(type==0x15)))
#
Player[0].Y+=(signed char)va_arg( args, DWORD);
#
if ((i==3)&&((type==0x14)||(type==0x15)))
#
Player[0].Z+=(signed char)va_arg( args, DWORD);
#
if (type==0x0F)
#
{
#
temp=va_arg( args, DWORD);
#
}
#
if (type==0x10)
#
{
#
temp=va_arg( args, DWORD);
#
}
#
if (type==0x15)
#
{
#
// printf("Pickup %dn",va_arg(args, DWORD));
#
}
#
break;
#
case 'd': //DWORD
#
if (type==0x0F)
#
//printf(" %d: %dn",i+1,va_arg( args, DWORD));
#
temp=va_arg( args, DWORD);
#
if ((i==2)&&(type==0x0F))
#
{
#
printf("Attack [%08x]n,",temp);
#
s=temp;
#
}
#
if ((i==3)&&(type==0x0F))
#
{
#
//yeah the item id
#
lastweapon=temp;
#
//printf("%08x]n",temp);
#
attackcount++;
#
if (attackcount>=4)
#
{
#
if (mp>50)
#
{
#
//send skill
#
MySendDetour(0x10,"Ubbd",last_u,3,1,s);
#
// MySendDetour(0x2b,"Ubd",last_u,3,s);
#
}
#
attackcount=0;
#
}
#
}
#
break;
#
case 'w': //WORD
#
// printf(" %d: %dn",i+1,(WORD)va_arg( args, DWORD));
#
temp=va_arg( args, DWORD);
#
break;
#
case 's': //WORD
#
// printf(" %d: %sn",i+1,va_arg( args, char*));
#
something=va_arg( args, char*);
#
if (type==0x11)
#
{
#
printf("Chat: %sn",something);
#
if (strcmp("/bot 1",something) == 0)
#
{
#
botstate=1;//active
#
start_x=Player[0].X;
#
start_y=Player[0].Y;
#
printf("ACTIVE BOT !n");
#
}
#
if (strcmp("/bot 0",something) == 0)
#
{
#
botstate=0; //deactive
#
printf("DEACTIVE BOT !n");
#
}
#
if (strcmp("/test",something) == 0)
#
{
#
botstate=0; //deactive
#
printf("Height test: %d %d %f!n",Something(Player[0].X,0x20),Something(Player[0].Y,0x20),MyHeightDetour(Something(Player[0].X,0x20),Something(Player[0].Y,0x20)));
#
Something2(Something(Player[0].X+100,0x20),Something(Player[0].Y+100,0x20));
#
printf("Get UnitByName: BakaBug %d",GetUnit("BakaBug"));
#
}
#
if (strcmp("/attack_all",something) == 0)
#
{
#
printf("CHEAT ATTACK ALLn");
#
//yeah test attack all in near..
#
int ii;
#
for (ii=0;ii<800;ii++)
#
{
#
//check if x !=0
#
if (Mob[ii].X != 0)
#
{
#
printf("MOB [%08x]r",Mob[ii].MID);
#
int xx;
#
for (xx=0;xx<5;xx++)
#
{
#
//MySendDetour(0x0F,"Ubdd",last_u,1,Mob[ii].MID,0);
#
//MySendDetour(0x0F,"Ubdd",last_u,1,Mob[ii].MID,0);
#
//MySendDetour(0x0F,"Ubdd",last_u,1,Mob[ii].MID,0);
#
MySendDetour(0x15,"Ubbb",last_u,1,1,-30);
#
}
#
}
#
//walk squar
#
}
#
}
#
}
#
break;
#
}
#
}
#
va_end(args); /* Reset variable arguments. */
#
//jump to original..
#

#
__asm
#
{
#
jmp MySendBack;
#
}
#
// .recv 6b änderung des appender
#
}
#

#

#
void MyThread(void* start_parameter)
#
{
#
//here is our thread
#
DWORD lastattack;
#
while(true) //endless loop
#
{
#
char mytext[255];
#

#
if (playerx != 0)
#
{
#
sprintf(mytext,"KalHack11 - HP: %d - MP: %d X: %d Y: %d Z: %d - BotState: %d",hp,mp,Player[0].X,Player[0].Y,Player[0].Z,botstate);
#
SetConsoleTitleA(mytext);
#
if (botstate == 1)
#
{
#
printf("Search MOB..n");
#
//SEARCH NEARES MOB !
#
int nearest=65535000;
#
int id=-1;
#
int i;
#
for (i=0;i<500;i++)
#
if (Mob[i].X != 0)
#
{
#
//MOB HERE CALC NEAR !
#
int difx=start_x-Mob[i].X;
#
int dify=start_y-Mob[i].Y;
#
//
#
int range=difx*difx+dify*dify;
#
if (nearest > range)
#
{
#
id=i;
#
nearest = range;
#
}
#
}
#
if (id!=-1)
#
{
#
//MOB FOUND
#
target=id;
#
botstate=2; //walk to it !
#
printf("Walk to MOB..n");
#
}
#
}
#

#
if (botstate == 2)
#
{
#
//WALK TO SELECTED MOB !!
#
int difx=Player[0].X-Mob[target].X;
#
int dify=Player[0].Y-Mob[target].Y;
#
float range=(difx*difx+dify*dify)*1.0;
#
if (sqrt(range) < 50.0)
#
{
#
botstate=3; //ATTACK IT !
#
printf("attack the MOB..n");
#
lastattack=GetTickCount()-800;
#
}
#
else
#
{
#
//CALC MOVE !
#
signed char tempx=-(difx/sqrt(range))*30;
#
signed char tempy=-(dify/sqrt(range))*30;
#
int difz=Player[0].Z-MyHeightDetour(Something(Player[0].X+tempx,0x20),Something(Player[0].Y+tempy,0x20))*10;
#
signed char tempz=-difz*1;
#
if (-difz>120.0)
#
tempz=120;
#
if (-difz<-120.0)
#
tempz=-120;
#
if (playerx > 1)
#
{
#
if (lastattack<GetTickCount()-200*3)
#
{
#
MySendDetour(0x15,"Ubbb",last_u,tempx,tempy,tempz) ;
#
lastattack=GetTickCount();
#
}
#
}
#
else
#
MySendDetour(0x15,"Ubbb",last_u,tempx,tempy,tempz) ; //NOBODY HERE SPEED UP MAN !
#
}
#
}
#
if (botstate==3)
#
{
#
//attack mob !!
#
if (lastattack<GetTickCount()-600)
#
{
#
//ATTACK IT !
#
MySendDetour(0x0F,"Ubdd",last_u,1,Mob[target].MID,lastweapon);
#
lastattack=GetTickCount();
#
}
#
//yeah
#
if (lastmove<GetTickCount()-200)
#
{
#
int difx=Player[0].X-Mob[target].X;
#
int dify=Player[0].Y-Mob[target].Y;
#
//int difz=Player[0].Z-MyHeightDetour(Something(Player[0].X,0x20),Something(Player[0].Y,0x20))*10;
#
float range=(difx*difx+dify*dify)*1.0;
#
signed char tempx=-(difx/sqrt(range))*30;
#
signed char tempy=-(dify/sqrt(range))*30;
#
//roate vector
#
tempy = (cos(100*3.16)*(tempx*1.0) - sin(100*3.16)*(tempy*1.0))*1;
#
tempy = (cos(100*3.16)*(tempy*1.0) + sin(100*3.16)*(tempx*1.0))*1;
#

#
int difz=Player[0].Z-MyHeightDetour(Something(Player[0].X+tempx,0x20),Something(Player[0].Y+tempy,0x20))*10;
#
signed char tempz=-difz*1;
#
if (-difz>120.0)
#
tempz=120;
#
if (-difz<-120.0)
#
tempz=-120;
#
if (hp > 100)
#
{
#
if (sqrt(range) < 50.0)
#
{
#
if (playerx <= 1)
#
MySendDetour(0x15,"Ubbb",last_u,tempx,tempy,tempz) ;
#
}
#
}
#
else
#
if (sqrt(range) < 150.0)
#
{
#
MySendDetour(0x15,"Ubbb",last_u,tempx,tempy,tempz) ;
#
MySendDetour(0x15,"Ubbb",last_u,tempx,tempy,tempz) ;
#
//THIS IS RUN AWAY !
#
}
#

#
lastmove=GetTickCount();
#
}
#
}
#
}
#
Sleep(10);
#
}
#
}
#

#
int WINAPI MyRecv(char* packet)
#
{
#
//printf(RecvText,packet[2]);
#

#
WORD size;
#
memcpy((void*)&size,(void*)((DWORD)packet),2);
#
//loop and schon packet
#
/*
#
{
#
int i;
#
for (i=0;i<=size;i++)
#
{
#
printf("%02x ",(BYTE)packet[i]);
#
}
#
printf("n");
#
}
#
*/
#
//size=(WORD)(packet[0]); //hoffe das ist die richtige..
#
if (packet[2] == 0x3B)
#
{
#
//ITEM AWAY !
#
DWORD id;
#
memcpy((void*)&id,(void*)((DWORD)packet+3),4);
#
int i;
#
for (i=0;i<=500;i++)
#
if (Item[i].Item==id)
#
{
#
//ITEM FOUND !
#
//DELETE IT !
#
Item[i].X=0;
#
break;
#
}
#
}
#
if (packet[2] == 0x36)
#
{
#
//ADD ITEM
#
DWORD id;
#
DWORD x;
#
DWORD y;
#
memcpy((void*)&id,(void*)((DWORD)packet+5),4);
#
memcpy((void*)&x,(void*)((DWORD)packet+5+4),4);
#
memcpy((void*)&y,(void*)((DWORD)packet+5+4+4),4);
#
printf("Item dropped [%08x] [%d , %d]n",id,x,y);
#
//add item to list !
#
int i;
#
for (i=0;i<=500;i++)
#
{
#
if (Item[i].X == 0)
#
{
#
//FREE ITEM SLOT FOUND !
#
Item[i].Item=id;
#
Item[i].X=x;
#
Item[i].Y=y;
#
//easy autopickup..
#
//SEND TYPE: 0x15 FORMAT: Ubbb byte byte byet Oo ? wtf ?
#
MySendDetour(0x20,"Uddd",last_u,id,x/32,y/32);
#
}
#
}
#
}
#
if (packet[2] == 0x46)
#
{
#
printf("TELPORT TO TOWN !!!n");
#
botstate=0;
#
Sleep(1000);
#
}
#
if (packet[2] == 0x45)
#
{
#
int i;
#
//for (i=0;i<size;i++)
#
// printf("%0.2x",(BYTE)packet[i]);
#
//printf("n");
#

#
char myword[1];
#
myword[0]=packet[5];
#
myword[1]=packet[4];
#
if (packet[3] == 0x08)
#
{
#
//printf("MP changed [%d]n",(WORD)(myword[0]));
#
memcpy((void*)&mp,(void*)((DWORD)packet+4),2);
#
printf("MP changed [%d]n",mp);
#
}
#
if (packet[3] == 0x07)
#
{
#
memcpy((void*)&hp,(void*)((DWORD)packet+4),2);
#
printf("HP changed [%d]n",hp);
#
}
#
}
#
if (packet[2] == 0x3E)
#
{
#
//someone attack someon
#
//or something attack something :P
#
DWORD attacker=0;
#
DWORD target=0;
#
WORD dmg;
#
WORD dmg2;
#
memcpy((void*)&attacker,(void*)((DWORD)packet+3+1) ,4);
#
memcpy((void*)&target,(void*)((DWORD)packet+3+1+4) ,4);
#
memcpy((void*)&dmg,(void*)((DWORD)packet+3+1+4+2), 2);
#
memcpy((void*)&dmg2,(void*)((DWORD)packet+3+1+4+2+ 2),2);
#
//if targe myslef => fight back => update hp
#
//add dmg to target / if mob
#
int i;
#
for (i=0;i<500;i++)
#
{
#
if (Mob[i].MID==target)
#
{
#
Mob[i].HP-=(dmg+dmg2);
#
break;
#
}
#
}
#
}
#
if (packet[2] == 0x3d)
#
{
#
DWORD id;
#
memcpy((void*)&id,(void*)((DWORD)packet+3),4);
#
BYTE state;
#
memcpy((void*)&state,(void*)((DWORD)packet+3+4),1) ;
#
//if (state==0x08)
#
//{
#
//someone die !
#
int i;
#
for (i=0;i<500;i++)
#
{
#
//check if x =0
#
if (Mob[i].MID == id)
#
{
#
if (state==0x08)
#
{
#
if (i==target)
#
MySendDetour(0x10,"Ubbd",last_u,1,1,Mob[i].MID);
#
}
#
else
#
mobsx-=1;
#

#
if (target==i)
#
if (botstate != 0)
#
{
#
//MySendDetour(0x1F,"Ub",last_u,1); //REST?
#
botstate=1; //when bot active
#
}
#

#
Mob[i].X=0; //mob not here anymore
#
break;
#
}
#
}
#
//}
#
}
#
if (packet[2] == 0x38)
#
{
#
//mob dis
#
DWORD id;
#
memcpy((void*)&id,(void*)((DWORD)packet+3),4);
#
int i;
#
for (i=0;i<500;i++)
#
{
#
//check if x =0
#
if (Mob[i].MID == id)
#
{
#
//printf("mob away");
#
Mob[i].X=0; //mob not here anymore
#
mobsx-=1;
#
break;
#
}
#
}
#
}
#

#
if ((packet[2] == 0x24) || (packet[2] == 0x25))
#
{
#
//mob move..
#
DWORD id;
#
memcpy((void*)&id,(void*)((DWORD)packet+3),4);
#
int i;
#
for (i=0;i<500;i++)
#
{
#
//check if x =0
#
if (Mob[i].MID == id)
#
{
#
signed char x,y/*,z*/=0;
#
memcpy((void*)&(x),(void*)((DWORD)packet+3+4),1);
#
memcpy((void*)&(y),(void*)((DWORD)packet+3+4+1),1) ;
#
//memcpy((void*)&(z),(void*)((DWORD)packet+3+4+1+1), 1);
#
Mob[i].X+=x;
#
Mob[i].Y+=y;
#
//Player[i].Z+=z;
#
break;
#
}
#
}
#
}
#
if (packet[2] == 0x33)
#
{
#
//mob apear
#

#
int i;
#
for (i=0;i<500;i++)
#
{
#
//check if x =0
#
if (Mob[i].X == 0)
#
{
#
DWORD id;
#
memcpy((void*)&id,(void*)((DWORD)packet+3+2),4);
#
Mob[i].MID=id;
#
memcpy((void*)&(Mob[i].Classe),(void*)((DWORD)packet+3),2);
#
memcpy((void*)&(Mob[i].X),(void*)((DWORD)packet+3+4+2),4);
#
memcpy((void*)&(Mob[i].Y),(void*)((DWORD)packet+3+4+2+4),4);
#
memcpy((void*)&(Mob[i].HP),(void*)((DWORD)packet+3+4+2+4+4+1+1),2);
#
//printf("Mob: %d X %d Y %d Z %d HP %dn",Mob[i].Classe,Mob[i].X,Mob[i].Y,Mob[i].Z,Mob[i].HP);
#
mobsx+=1;
#
break;
#
}
#
}
#
}
#
if (packet[2] == 0x37)
#
{
#
//disapear
#
DWORD id;
#
memcpy((void*)&id,(void*)((DWORD)packet+3),4);
#
int i;
#
for (i=0;i<500;i++)
#
{
#
if (Player[i].PID == id)
#
{
#
printf("Player disapear [PID: %08x Name: %s]n",id,Player[i].name);
#
Player[i].X=0; //deactive !
#
playerx-=1;
#
break;
#
}
#
}
#
}
#
if ((packet[2] ==0x22) || (packet[2] == 0x23))
#
{
#
//player move.. jetzt noch net..
#
DWORD id;
#
memcpy((void*)&id,(void*)((DWORD)packet+3),4);
#
int i;
#
for (i=0;i<500;i++)
#
{
#
//check if x =0
#
if (Player[i].PID == id)
#
{
#
//printf("Player move [PID: %08x Name: %s]n",id,Player[i].name);
#
signed char x,y,z=0;
#
memcpy((void*)&(x),(void*)((DWORD)packet+3+4),1);
#
memcpy((void*)&(y),(void*)((DWORD)packet+3+4+1),1) ;
#
memcpy((void*)&(z),(void*)((DWORD)packet+3+4+1+1), 1);
#
Player[i].X+=x;
#
Player[i].Y+=y;
#
Player[i].Z+=z;
#
break;
#
}
#
}
#
}
#
if (packet[2] == 0x32)
#
{
#
//player apear
#
DWORD id;
#
memcpy((void*)&id,(void*)((DWORD)packet+3),4);
#
char name[255]={0};
#
memcpy((void*)&name,(void*)((DWORD)packet+7),16);
#
printf("Player apear [PID: %08x Name: %s]n",id,name);
#
//ADD PLAYER
#
int i;
#
for (i=0;i<500;i++)
#
{
#
//check if x =0
#
if (Player[i].X == 0)
#
{
#
memcpy((void*)&(Player[i].name),(void*)&name,16);
#
Player[i].PID=id;
#
int aftername;
#
aftername=strlen(Player[i].name);
#
//insert COORDINATES
#
memcpy((void*)&(Player[i].Classe),(void*)((DWORD)packet+7+aftername+1),1);
#
memcpy((void*)&(Player[i].X),(void*)((DWORD)packet+7+aftername+2),4);
#
memcpy((void*)&(Player[i].Y),(void*)((DWORD)packet+7+aftername+2+4),4);
#
memcpy((void*)&(Player[i].Z),(void*)((DWORD)packet+7+aftername+2+4+4),4);
#
//printf("C: %d X: %d Y:%d Z:%dn",Player[i].Classe,Player[i].X,Player[i].Y,Player[i].Z);
#
playerx+=1;
#
break; //ender der schleife
#
}
#
}
#
}
#
return 0;
#
}
#

#
int Naked MyRecvDetour()
#
{
#
__asm
#
{
#
push edx
#
push ecx
#
push ebx
#
push eax
#

#
mov eax, [ebp+0x08] //my packet ehh ^^
#
push eax
#
call MyRecv
#

#
pop eax
#
pop ebx
#
pop ecx
#
pop edx
#

#
mov eax, [ebp+0x08]
#
movzx ecx, [eax+2]
#
mov edx,MyRecvBack//0x00523272
#
jmp edx
#
}
#
}
#

#
DWORD SearchPattern(char* pattern,DWORD start_offset)
#
{
#
//strtoul
#
if (start_offset==0)
#
start_offset=0x00401000;
#
DWORD offset=start_offset; //in olly nachgucken
#
DWORD ende =0x0061A587; //in olly nachgucken
#
DWORD start=offset; //yep
#
DWORD backoffset;
#
DWORD size =strlen(pattern)-1;
#
DWORD foundoffset=0; //0=not found !
#

#
char * pEnd=pattern; //next letter position
#
while(1)
#
{
#
char &myposition=*(char*)offset;
#
//überprüfen
#
if ((pEnd[1]!='x'))
#
{
#
char temp=(char)strtoul(pEnd, &pEnd, 0x10);
#
if (temp==myposition)
#
{
#
if (foundoffset==0)
#
{
#
foundoffset=offset;
#
}
#
}
#
else
#
{
#
//everything from beginning
#
pEnd=pattern;
#
if (foundoffset != 0)
#
offset=foundoffset;
#
foundoffset=0;
#
}
#
}
#
else
#
{
#
//WILDCARE DON'T HANDLE
#
pEnd=&pEnd[2]; //2 weiter " x" <- yep
#
}
#
offset++; //immer 1 byte dazu
#
if (((DWORD)pEnd-(DWORD)pattern>=size)||(offset>=ende))
#
break; //ende der schleife
#
}
#

#
return foundoffset;
#
}
#

#
void PimpItNow()
#
{
#
//hack start
#
IntDEBUG();
#

#
char mytext[255]={0};
#
sprintf(mytext,"KalHack11");
#
SetConsoleTitleA(mytext);
#

#
printf("KalHack 11 - I am not dead yet ! - by BakaBugn");
#
printf("----------------------------------------------------n");
#
int offset;
#
printf("[%6d] Install Send-Detour n",offset=SearchPattern("55 8B EC 83 EC 18 83 3D x x x x 00 74 07 33 C0 E9 x x x x 8A 45",0));
#
if (offset != 0)
#
Intercept(INST_JMP,offset,(DWORD)MySendDetour,5);
#
MySendBack=offset+6;
#
printf("[%6d] Install Recv-Detour n",offset=SearchPattern("8B 45 08 0F B6 48 02 89 8D x x FF FF 81 BD x x FF FF 81 00 00 00",0));
#
if (offset != 0)
#
Intercept(INST_JMP,offset,(DWORD)MyRecvDetour,5);
#
MyRecvBack=offset+7;
#
printf("[%6d] Install GetHeight-Detour n",offset=SearchPattern("55 8B EC 81 EC 94 00 00 00 D9 45 08 D8 35 x x x x D9 5D 08",0));
#
if (offset != 0)
#
Intercept(INST_JMP,offset,(DWORD)MyHeightDetour,5) ;
#
MyHeightBack=offset+9;
#
printf("[%6d] Install Teleport-Detourn",offset=SearchPattern("55 8B EC 83 EC 40 33 C0 83 3D x x x x x 0F 95 C0 85 C0",0));
#
if (offset != 0)
#
Intercept(INST_JMP,offset,(DWORD)Something2,5);
#
MyTeleportBack=offset+6;
#
printf("[%6d] Install DEBUG-Message-Detour n",offset=SearchPattern("55 8B EC 5D C3 CC CC CC CC CC CC CC CC CC CC CC 55 8B EC 83 EC 2C C7 45 D4 00 00 00 00 C7 45 DC 00 00 00 00 C7 45 D8 00 00 00 00 8B 45 08 33 D2 B9 00 01 00 00 F7 F1 89 55 D8 8B 55 D8",0));
#
if (offset != 0)
#
Intercept(INST_JMP,offset,(DWORD)printf,6);
#
printf("Active DEBUG-Messages..n");
#
int batches=0;
#
offset=0;
#
while (1)
#
{
#
offset=SearchPattern("01 00 00 00 85 x 74 x EB x",offset);
#
if (offset==0)
#
break;
#
batches++;
#
printf("Patched: %d [%d]r",batches,offset);
#
Intercept(INST_NOP,offset+8,0,2);
#
}
#
GetUnitByName=SearchPattern("8B 11 89 55 EC 8B 45 EC 89 45 F8 EB 08",0);
#
printf("n----------------------------------------------------n");
#
_beginthread(MyThread,0,NULL);
#
}
exeduz is offline  
Old 01/09/2008, 13:35   #22
 
elite*gold: 0
Join Date: Dec 2007
Posts: 652
Received Thanks: 132
fehlen die header files kleiner ;D
MeepMoep is offline  
Old 01/09/2008, 14:20   #23
 
elite*gold: 0
Join Date: Jan 2007
Posts: 204
Received Thanks: 26
#include <windows.h>
#include <fcntl.h>
#include <iostream>
#include <vector>
#include <string>
#include <algorithm>
#include <fstream>
#include <stdio.h>
#include <process.h>
#include <io.h>

#pragma comment(lib, "user32.lib")
using namespace std;
#pragma pack(1)

#define ASM void __declspec(naked)
#define EXPORT __declspec(dllexport) __cdecl
#define THREAD DWORD WINAPI
#define Naked __declspec( naked )
#define INST_NOP 0x90
#define INST_CALL 0xe8
#define INST_JMP 0xe9
#define INST_BYTE 0x00
#define SHORT_JZ 0x74
Analigator is offline  
Old 01/09/2008, 14:22   #24
 
elite*gold: 0
Join Date: Dec 2007
Posts: 652
Received Thanks: 132
Und die hook.h? ;D
MeepMoep is offline  
Old 01/09/2008, 14:37   #25
 
elite*gold: 0
Join Date: Jan 2007
Posts: 204
Received Thanks: 26
pssssst =D
Analigator is offline  
Old 01/09/2008, 14:48   #26
 
elite*gold: 0
Join Date: Nov 2007
Posts: 356
Received Thanks: 141
ZzzzZZZZzz



666me is offline  
Old 01/11/2008, 00:19   #27
 
elite*gold: 0
Join Date: Nov 2007
Posts: 145
Received Thanks: 0
where i can download it
vairis is offline  
Old 01/11/2008, 00:26   #28
 
elite*gold: 0
Join Date: Jan 2008
Posts: 11
Received Thanks: 0
get a c++ compiler
timSTAR is offline  
Old 01/11/2008, 14:33   #29
 
elite*gold: 0
Join Date: Sep 2007
Posts: 13
Received Thanks: 3
guys im getting a error when im starting game with bot , how to fix it ? ^^
zerowiec is offline  
Old 01/11/2008, 18:10   #30
 
elite*gold: 0
Join Date: Nov 2007
Posts: 26
Received Thanks: 0
How to run it ?


iPope is offline  
Closed Thread



« [FRAGE] Auto Key Presser ? | Tiger/Phanter Hack?! »

Similar Threads
[Release] Vac Hack, Zoom hack, auto pot hack, Speed hack me+ mobs, shop hack...
04/02/2011 - Dekaron Exploits, Hacks, Bots, Tools & Macros - 25 Replies
Deleted people must learn to do it by them self from now off ! :)
NEED: GEON HACK, SPEED HACK, LVL HACK AND SHOP HACK
06/20/2009 - Kal Online - 3 Replies
Hey, can some1 help me to get: Geon hack, Speed hack, lvl hack and Shop hack? PLZ i need it ^^:confused::confused::D
**2 Moons HACK NEWBIES GUIDE** Shop, wall, vac, pot, teleport etc HACK***
07/29/2008 - Dekaron Exploits, Hacks, Bots, Tools & Macros - 14 Replies
Edited by Vyn Tutorial already existing: http://www.elitepvpers.com/forum/2moons-exploits-hacks-bots-tools-macros/146954-easy-hack-v-2-0-new.html



All times are GMT +1. The time now is 14:57.


Powered by vBulletin®
Copyright ©2000 - 2019, Jelsoft Enterprises Ltd.
SEO by vBSEO ©2011, Crawlability, Inc.

Support | Contact Us | FAQ | Advertising | Privacy Policy | Terms of Service | Abuse
Copyright ©2019 elitepvpers All Rights Reserved.