|
You last visited: Today at 06:46
Advertisement
(Asm) Send Packet Nostale
Discussion on (Asm) Send Packet Nostale within the Nostale forum part of the MMORPGs category.
04/25/2014, 15:59
|
#1
|
elite*gold: 0 
Join Date: Apr 2014
Posts: 28
Received Thanks: 0
|
(Asm) Send Packet Nostale
Hello guys  i'd like to send a packet with function Assembly's call(C++),but i don't know the function of Assembly... How to send a packet with Call in C++ ? Can you teach me this? Sorry for my bad english D:
Thank you
|
|
|
|
04/26/2014, 15:06
|
#2
|
elite*gold: 0
Join Date: Dec 2011
Posts: 367
Received Thanks: 199
|
You don't know C++, you don't know ASM and you don't know how to reverse.. How you want work on it ? go to study the basic stuffs and after come here that we will help you.. but not 'please give me the code that i do copy and paste' ._.
|
|
|
|
|
04/26/2014, 17:08
|
#3
|
elite*gold: 20
Join Date: Jan 2012
Posts: 766
Received Thanks: 645
|
With the code posted by Doktor.  . You should be able to look how packets are sended/received and reverse it, getting the functions "in air" (cheatEngine debugger) with searching the patterns.
|
|
|
|
|
04/26/2014, 19:37
|
#4
|
elite*gold: 0
Join Date: Jul 2013
Posts: 11
Received Thanks: 0
|
Thanks for reply ernilos 
|
|
|
|
|
04/27/2014, 22:55
|
#5
|
elite*gold: 0
Join Date: Jul 2013
Posts: 11
Received Thanks: 0
|
This is a Doctor's code for packetlogger :
#include <windows.h>
#include <stdio.h>
bool DetourFunc( BYTE* oldFunc, BYTE* newFunc, DWORD len )
{
BYTE* newMem4base = NULL;
DWORD dwOld;
newMem4base = ( BYTE* )malloc( 5+len );
if( newMem4base == NULL )
return false;
for( DWORD i = 0; i < ( len+5 ); i++ )
newMem4base[i] = 0x90;
VirtualProtect( oldFunc, len, PAGE_READWRITE, &dwOld );
memcpy( newMem4base, oldFunc, len );
oldFunc[0] = 0xE8;
*( DWORD* )( oldFunc+0x01 ) = DWORD( newFunc-oldFunc-5 );
oldFunc[5] = 0xE9;
*( DWORD* )( oldFunc+0x06 ) = DWORD( newMem4base-( oldFunc+0x5 )-5 );
newMem4base += len;
newMem4base[0] = 0xE9;
*( DWORD* )( newMem4base+0x01 ) = DWORD( ( oldFunc+10 )-newMem4base-5 );
for( DWORD i = 10; i <len; i++ )
oldFunc[i] = 0x90;
return true;
}
bool bDataCompare(const unsigned char *pData, const unsigned char *bMask, const char *szMask)
{
for(; *szMask; ++szMask, ++pData, ++bMask)
if(*szMask == 'x' && *pData != *bMask )
return false;
return (*szMask) == 0;
}
DWORD dwFindPattern(BYTE *bMask, char *szMask)
{
DWORD dw_Address = 0x00400000;
DWORD dw_Len = 0x00436000;
for(DWORD i = 0; i < dw_Len; i++)
if(bDataCompare((unsigned char*) (dw_Address + i), bMask, szMask) )
return (DWORD) (dw_Address + i);
return 0;
}
void hkSend()
{
char* packet;
_asm
{
pushad
pushfd
MOV packet,EDX
}
printf("Send: %s\n",packet);
_asm
{
popfd
popad
}
}
void hkRecv()
{
char* packet;
_asm
{
pushad
pushfd
MOV packet,EDX
}
printf("Recv: %s\n",packet);
_asm
{
popfd
popad
}
}
DWORD WINAPI tThread(LPVOID param)
{
AllocConsole();
freopen("CONIN$", "r", stdin);
freopen("CONOUT$", "w", stdout);
freopen("CONOUT$", "w", stderr);
/* Send */
BYTE s_bPatter[] = {0x53,0x56,0x8B,0xF2,0x8B,0xD8,0xEB,0x04};
char *s_cPatter = "xxxxxxxx";
DWORD dSend = dwFindPattern(s_bPatter,s_cPatter);
/* Recv */
BYTE r_bPatter[] = {0x55,0x8B,0xEC,0x83,0xC4,0xF4,0x53,0x56,0x57,0x33 ,0xC9,0x89,0x4D,0xF4,0x89,0x55,0xFC,0x8B,0xD8,0x8B ,0x45,0xFC};
char *r_cPatter = "xxxxxxxxxxxxxxxxxxxxxx";
DWORD dRecv = dwFindPattern(r_bPatter,r_cPatter);
DetourFunc( ( BYTE* )dSend, ( BYTE* )&hkSend, 14 );
DetourFunc( ( BYTE* )dRecv, ( BYTE* )&hkRecv, 11 );
return 0x0;
}
BOOL APIENTRY DllMain(HMODULE hModule, DWORD ul_reason_for_call, LPVOID lpReserved)
{
switch (ul_reason_for_call)
{
case DLL_PROCESS_ATTACH:
CreateThread(nullptr, 0, tThread, nullptr, 0, nullptr);
DisableThreadLibraryCalls(hModule);
break;
}
return TRUE;
}
But i have a problem with function malloc in project Visual studio for .dll
Can you help me?
|
|
|
|
|
04/27/2014, 23:01
|
#6
|
elite*gold: 20
Join Date: Jan 2012
Posts: 766
Received Thanks: 645
|
You may try with calloc if malloc are failing, anyway just with this code you should be okay.
Code:
#include <windows.h>
#include <stdio.h>
bool bDataCompare(const unsigned char *pData, const unsigned char *bMask, const char *szMask)
{
for(; *szMask; ++szMask, ++pData, ++bMask)
if(*szMask == 'x' && *pData != *bMask )
return false;
return (*szMask) == 0;
}
DWORD dwFindPattern(BYTE *bMask, char *szMask)
{
DWORD dw_Address = 0x00400000;
DWORD dw_Len = 0x00436000;
for(DWORD i = 0; i < dw_Len; i++)
if(bDataCompare((unsigned char*) (dw_Address + i), bMask, szMask) )
return (DWORD) (dw_Address + i);
return 0;
}
DWORD WINAPI tThread(LPVOID param)
{
AllocConsole();
freopen("CONIN$", "r", stdin);
freopen("CONOUT$", "w", stdout);
freopen("CONOUT$", "w", stderr);
/* Send */
BYTE s_bPatter[] = {0x53,0x56,0x8B,0xF2,0x8B,0xD8,0xEB,0x04};
char *s_cPatter = "xxxxxxxx";
DWORD dSend = dwFindPattern(s_bPatter,s_cPatter);
/* Recv */
BYTE r_bPatter[] = {0x55,0x8B,0xEC,0x83,0xC4,0xF4,0x53,0x56,0x57,0x33 ,0xC9,0x89,0x4D,0xF4,0x89,0x55,0xFC,0x8B,0xD8,0x8B ,0x45,0xFC};
char *r_cPatter = "xxxxxxxxxxxxxxxxxxxxxx";
DWORD dRecv = dwFindPattern(r_bPatter,r_cPatter);
//Write dRecv and dSend for get the address
return 0x0;
}
BOOL APIENTRY DllMain(HMODULE hModule, DWORD ul_reason_for_call, LPVOID lpReserved)
{
switch (ul_reason_for_call)
{
case DLL_PROCESS_ATTACH:
CreateThread(nullptr, 0, tThread, nullptr, 0, nullptr);
DisableThreadLibraryCalls(hModule);
break;
}
return TRUE;
}
|
|
|
|
|
04/28/2014, 14:52
|
#7
|
elite*gold: 0
Join Date: Dec 2011
Posts: 367
Received Thanks: 199
|
Quote:
Originally Posted by ernilos
You may try with calloc if malloc are failing, anyway just with this code you should be okay.
Code:
#include <windows.h>
#include <stdio.h>
bool bDataCompare(const unsigned char *pData, const unsigned char *bMask, const char *szMask)
{
for(; *szMask; ++szMask, ++pData, ++bMask)
if(*szMask == 'x' && *pData != *bMask )
return false;
return (*szMask) == 0;
}
DWORD dwFindPattern(BYTE *bMask, char *szMask)
{
DWORD dw_Address = 0x00400000;
DWORD dw_Len = 0x00436000;
for(DWORD i = 0; i < dw_Len; i++)
if(bDataCompare((unsigned char*) (dw_Address + i), bMask, szMask) )
return (DWORD) (dw_Address + i);
return 0;
}
DWORD WINAPI tThread(LPVOID param)
{
AllocConsole();
freopen("CONIN$", "r", stdin);
freopen("CONOUT$", "w", stdout);
freopen("CONOUT$", "w", stderr);
/* Send */
BYTE s_bPatter[] = {0x53,0x56,0x8B,0xF2,0x8B,0xD8,0xEB,0x04};
char *s_cPatter = "xxxxxxxx";
DWORD dSend = dwFindPattern(s_bPatter,s_cPatter);
/* Recv */
BYTE r_bPatter[] = {0x55,0x8B,0xEC,0x83,0xC4,0xF4,0x53,0x56,0x57,0x33 ,0xC9,0x89,0x4D,0xF4,0x89,0x55,0xFC,0x8B,0xD8,0x8B ,0x45,0xFC};
char *r_cPatter = "xxxxxxxxxxxxxxxxxxxxxx";
DWORD dRecv = dwFindPattern(r_bPatter,r_cPatter);
//Write dRecv and dSend for get the address
return 0x0;
}
BOOL APIENTRY DllMain(HMODULE hModule, DWORD ul_reason_for_call, LPVOID lpReserved)
{
switch (ul_reason_for_call)
{
case DLL_PROCESS_ATTACH:
CreateThread(nullptr, 0, tThread, nullptr, 0, nullptr);
DisableThreadLibraryCalls(hModule);
break;
}
return TRUE;
}
|
Him don't know C++, it's useless..
|
|
|
|
|
04/28/2014, 18:09
|
#8
|
elite*gold: 0
Join Date: Jul 2013
Posts: 11
Received Thanks: 0
|
Nice Code
|
|
|
|
|
04/28/2014, 19:42
|
#9
|
elite*gold: 0
Join Date: Dec 2011
Posts: 367
Received Thanks: 199
|
Quote:
Originally Posted by return!
Nice Code |
Im "goodbye !"
Him is "e.e"
[14.59.09] goodbye !: appena lo aggiornano ( il 5 del messe prosismo )
[14.59.13] goodbye !: voglio vedere come farai
[14.59.30] e.e: Ma per sto mese lo ho *o*
[14.59.41] goodbye !: wow hai scopiazzato sul web
[14.59.43] goodbye !: sei forte !
[14.59.50] e.e: Beh
[14.59.54] e.e: ti fa sentire importante
[14.59.54] e.e: lol
[15.00.01] goodbye !: se lo dici tu
Wow you are strong, you copied the code without know what it do ! *0*
[14.55.49] e.e: e xk cazzo da un problema fropen nel progetto epr dll? xD
[14.56.12] goodbye !: studia e smettila di copiare il codice in giro
[14.56.38] e.e: Asd
If you want do something, okay.. we will help you but first go to study.
|
|
|
|
|
05/09/2014, 22:35
|
#10
|
elite*gold: 0
Join Date: Apr 2014
Posts: 28
Received Thanks: 0
|
Ok,ernilos i try with this :
PHP Code:
#include <Windows.h>
#include <stdio.h>
#include <string>
bool bDataCompare(const unsigned char *pData, const unsigned char *bMask, const char *szMask)
{
for(; *szMask; ++szMask, ++pData, ++bMask)
if(*szMask == 'x' && *pData != *bMask )
return false;
return (*szMask) == 0;
}
DWORD dwFindPattern(BYTE *bMask, char *szMask)
{
DWORD dw_Address = 0x00400000;
DWORD dw_Len = 0x00436000;
for(DWORD i = 0; i < dw_Len; i++)
if(bDataCompare((unsigned char*) (dw_Address + i), bMask, szMask) )
return (DWORD) (dw_Address + i);
return 0;
}
class __string
{
private:
std::size_t length;
char packet[256];
public:
__string(char *_Packet)
{
length = strlen(_Packet);
memcpy(packet, _Packet, length);
packet[length] = 0;
}
char *p_char()
{
return packet;
}
unsigned long size()
{
return length;
}
};
void SEND(unsigned long ADDR,char *packet)
{
ADDR = 0x0051ED8C;
__asm
{
MOV EAX, DWORD PTR DS:[0x66C0AC]
MOV EAX, DWORD PTR DS:[EAX]
MOV EAX, DWORD PTR DS:[EAX]
MOV EDX, packet
CALL ADDR
}
}
BOOL APIENTRY DllMain(HMODULE hModule, DWORD ul_reason_for_call, LPVOID lpReserved)
{
BYTE s_bPatter[] = {0x53,0x56,0x8B,0xF2,0x8B,0xD8,0xEB,0x04};
char *s_cPatter = "xxxxxxxx";
DWORD dSend = dwFindPattern(s_bPatter,s_cPatter);
__string s_Packet = "packet";
SEND(dSend, s_Packet.p_char());
}
But i've a problem, if i want to see in the send packet of PacketLogger if the packet was send and the packet was send, but when i send a packet, nostale crash for a few second and when nostale function, packet not show Can you help me? And sorry for bad english
|
|
|
|
|
05/09/2014, 22:51
|
#11
|
elite*gold: 0
Join Date: Dec 2011
Posts: 367
Received Thanks: 199
|
It still crash because you don't know how it work.. Useless that you continue to leech, you can't continue without study..
Italian version ( him is )
Ti crasha perché ti limiti a lavorare su un qualcosa di cui non conosci un emerita ceppa, smettila di copiare il codice altrui, non puoi pensare di continuare senza metterti sotto con lo studio..
|
|
|
|
|
05/09/2014, 23:06
|
#12
|
elite*gold: 20
Join Date: Jan 2012
Posts: 766
Received Thanks: 645
|
Quote:
Originally Posted by Kingrap
It still crash because you don't know how it work.. Useless that you continue to leech, you can't continue without study..
Italian version ( him is )
Ti crasha perché ti limiti a lavorare su un qualcosa di cui non conosci un emerita ceppa, smettila di copiare il codice altrui, non puoi pensare di continuare senza metterti sotto con lo studio..
|
¿Why everyone here need's study? lol
I think it get "freeze" cause you're hooking the function ingame, but you created the func in the DLL, you should try in p.server and logging every packet
|
|
|
|
|
05/09/2014, 23:21
|
#13
|
elite*gold: 0
Join Date: Dec 2011
Posts: 367
Received Thanks: 199
|
Quote:
Originally Posted by ernilos
¿Why everyone here need's study? lol
I think it get "freeze" cause you're hooking the function ingame, but you created the func in the DLL, you should try in p.server and logging every packet
|
I think it crash for a memory problem.. Him need to reverse with a debugger, look what make the crash and solve it but if you continue to give him the solution him will not study..
¿Why everyone here need's study? because they can't depend by us for all the life.
|
|
|
|
|
05/10/2014, 00:05
|
#14
|
elite*gold: 0
Join Date: Aug 2011
Posts: 1,190
Received Thanks: 549
|
Code:
void SendPacket(char *packet)
{
DWORD addrPtr = 0x66C0AC; // <--
DWORD addrCall = 0x0051ED8C;
__asm
{
MOV EAX, DWORD PTR DS:[addrPtr] // <--
MOV EAX, DWORD PTR DS:[EAX]
MOV EAX, DWORD PTR DS:[EAX]
MOV EDX, packet
CALL addrCall
}
}
Code:
BOOL APIENTRY DllMain(HMODULE hModule, DWORD ul_reason_for_call, LPVOID lpReserved)
{
switch (ul_reason_for_call)
{
case DLL_PROCESS_ATTACH:
CreateThread(nullptr, 0, tThread, nullptr, 0, nullptr);
DisableThreadLibraryCalls(hModule); // <-- Without this i got some crashes, maybe it will help u too.
break;
}
return TRUE;
}
|
|
|
|
|
05/10/2014, 01:06
|
#15
|
elite*gold: 0
Join Date: Dec 2011
Posts: 367
Received Thanks: 199
|
It work perfectly 
Code:
#include <iostream>
#include <Windows.h>
class __string
{
private:
std::size_t length;
char packet[256];
public:
__string(char *_Packet)
{
length = strlen(_Packet);
memcpy(packet, _Packet, length);
packet[length] = 0;
}
char *p_char()
{
return packet;
}
unsigned long size()
{
return length;
}
};
bool bDataCompare(const unsigned char *pData, const unsigned char *bMask, const char *szMask)
{
for (; *szMask; ++szMask, ++pData, ++bMask)
{
if (*szMask == 'x' && *pData != *bMask)
{
return false;
}
}
return (*szMask) == 0;
}
unsigned long FindPattern(unsigned char *bMask, char *szMask)
{
unsigned long address = 0x00400000;
unsigned long length = 0x00436000;
for (unsigned long i = 0; i < length; i++)
{
if (bDataCompare((unsigned char*)(address + i), bMask, szMask))
{
return (unsigned long)(address + i);
}
}
return 0;
}
void Send(unsigned long s_Send, char *s_Packet)
{
__asm
{
mov eax, dword ptr ds : [0x0066C0AC]
mov eax, dword ptr ds : [eax]
mov eax, dword ptr ds : [eax]
mov edx, s_Packet
call s_Send
}
}
unsigned long __stdcall Main(void *arg)
{
unsigned char s_bPattern[] = { '\x53', '\x56', '\x8B', '\xF2', '\x8B', '\xD8', '\xEB', '\x04' };
char s_cPattern = "xxxxxxxx";
unsigned long s_Call = FindPattern(s_bPattern, s_cPattern);
__string s_Packet = "c_skill"; // change with packet to send
Send(s_Call, s_Packet.p_char());
return 0;
}
unsigned long __stdcall DllMain(HMODULE hModule, DWORD dwReason, LPVOID lpReserved)
{
switch (dwReason)
{
case DLL_PROCESS_ATTACH:
CreateThread(nullptr, 0, Main, nullptr, 0, nullptr);
DisableThreadLibraryCalls(hModule);
break;
}
return 1;
}
Now you have the code, are you happy ? Then exit from your world !
|
|
|
|
Similar Threads
|
Play sound via Packet Send?? [Question String Packet]
07/14/2010 - CO2 Private Server - 5 Replies
Yow im trying to figure out why i cant play music with the string packet
What im doin is;
MyChar.Client.SendPacket(Game.Packet.String(MyCha r.UID, 20, Splitter));
My Packet is:
public byte String(long CharId, byte Type, string name)
|
All times are GMT +1. The time now is 06:47.
|
|
