[Problem] Simple sending packets

[WalrossGreat]

Ok, thanks for answer, it was just error in my class (i used another one from forum, i will check it later why my func failed)

Anyway i wanted try (for fun) try recv packet too, is it much harder?
I found it:

Code:

0052EA93   8B06             MOV EAX,DWORD PTR DS:[ESI]
0052EA95   50               PUSH EAX
0052EA96   68 A8796100      PUSH nostalex.006179A8
0052EA9B   BA 4CFE5200      MOV EDX,nostalex.0052FE4C                ; ASCII "info"
0052EAA0   8BC3             MOV EAX,EBX
0052EAA2   E8 6D71FFFF      CALL nostalex.00525C14

Code:

0052E4E7   A1 C0816700      MOV EAX,DWORD PTR DS:[6781C0]
0052E4EC   8B00             MOV EAX,DWORD PTR DS:[EAX]
0052E4EE   8B58 34          MOV EBX,DWORD PTR DS:[EAX+34]

But both code above looks valid. :/

[iArtrix]

For recv:

Code:

VOID RecvPacket(CHAR* _i8_packet)
{
	DWORD _i32_RecvPacketFunc = 0x525D30;

	__asm
	{
		mov eax, dword ptr ds : [0x6781BC]
			mov eax, dword ptr ds : [eax]
			mov eax, [eax + 0x34]
			mov edx, _i8_packet
			call _i32_RecvPacketFunc
	}
}

btw. Address on my code (code from OMG thread) is invalid xD

[WalrossGreat]

@iAtrix
I had this code too from the olly but still don't know that call adress (i thought that its' 00525C14 but not)

[BladeTiger12]

For recv function you have to look deeper in the function.
It's harder to find as sendPacket.

[*-OMG-*]

@WalrossGreat, you should study the memory before than try it..
Useless a C. & P. if you don't know how pointers are working! And you don't, sure 101%

[WalrossGreat]

@*-OMG-* The one thing what i copied from this thread is the send packet call adress.
What you mean by don't know how pointers are working? Pointers strore information where the variable/element is stored in memory, don't they?

[*-OMG-*]

@WalrossGreat, if you were are able to work on the memory then you was not asking for it cuz pretty simple..

MOV EAX, DWORD PTR DS : [0x6781C0] <-- Nothing more than a pointer read! [eax = *(DWORD*)(0x6781C0)]

-- 1:1 NOSTALE STRING

Code:

/*
 
NostaleString class written by SystemX64 - 07/06/2015
 
32bit | string weight
32bit | string length
8bit* | string buffer
 
*/
 
class NostaleString
{
private:
	CHAR* _i8_string;
	DWORD _i32_length;

public:
	NostaleString(CHAR* _i8_string)
	{
		this->_i32_length = strlen(_i8_string);

		this->_i8_string = (CHAR*)malloc(this->_i32_length + 8 + 1);

		*(DWORD*)(this->_i8_string + 0x00) = 1;
		*(DWORD*)(this->_i8_string + 0x04) = this->_i32_length;

		memcpy(this->_i8_string + 0x08, _i8_string, this->_i32_length);

		*(this->_i8_string + this->_i32_length + 8) = '\0';
	}

	CHAR* get()
	{
		return this->_i8_string + 0x08;
	}

	DWORD length()
	{
		return this->_i32_length;
	}
};

-- ARE YOU A LEECHER ? C & P --

Code:

#include <windows.h>

/*

NostaleString class written by SystemX64 - 07/06/2015

32bit | string weight
32bit | string length
8bit* | string buffer

*/

class NostaleString
{
private:
	CHAR* _i8_string;
	DWORD _i32_length;

public:
	NostaleString(CHAR* _i8_string)
	{
		this->_i32_length = strlen(_i8_string);

		this->_i8_string = (CHAR*)malloc(this->_i32_length + 8 + 1);

		*(DWORD*)(this->_i8_string + 0x00) = 1;
		*(DWORD*)(this->_i8_string + 0x04) = this->_i32_length;

		memcpy(this->_i8_string + 0x08, _i8_string, this->_i32_length);

		*(this->_i8_string + this->_i32_length + 8) = '\0';
	}

	CHAR* get()
	{
		return this->_i8_string + 0x08;
	}

	DWORD length()
	{
		return this->_i32_length;
	}
};

VOID SendPacket(CHAR* _i8_packet)
{
	DWORD _i32_SendPacketFunc = 0x52AC58;

	__asm
	{
		mov eax, dword ptr ds : [0x6771B8]
		mov eax, dword ptr ds : [eax]
		mov edx, _i8_packet
		call _i32_SendPacketFunc
	}
}

VOID pInjector()
{
	NostaleString _nt_nosbazar = "c_skill";
	NostaleString _nt_shopping = "shopping 0 0 2 1819";

	while (true)
	{
		if (GetAsyncKeyState(VK_F2) == -32767)
			SendPacket(_nt_nosbazar.get());
		if (GetAsyncKeyState(VK_F3) == -32767)
			SendPacket(_nt_shopping.get());

		Sleep(1);
	}
}

INT WINAPI DllMain(HINSTANCE hInstance, DWORD dwReason, LPVOID lpvReserved)
{
	switch (dwReason)
	{
	case DLL_PROCESS_ATTACH:
		DisableThreadLibraryCalls(hInstance);
		CreateThread(NULL, 0, (LPTHREAD_START_ROUTINE)pInjector, NULL, NULL, NULL);
	}

	return TRUE;
}

[WalrossGreat]

Man actually i did my own class and it's working fine, as i said at second page on this thread, i don't need copy paste your code, i thought that it was the problem with the __asm code, but no it was probably something bad with my class

[*-OMG-*]

Your class ?

Code:

class PacketString 
{
public:
	char char_t[256];
	PacketString(char* str)
	{
		char* str2 = str;
		int len = strlen(str2);
		memcpy(char_t, str2, len);
		char_t[len] = 0x0;
	}

	char* _return()
	{
		return char_t;
	}
};

Do you mean copy & paste from here ?

[WalrossGreat]

No
Man the code (from link and my) do probably the same, so it realy ovbius that it looks similar, or no - i know all the pastebins subpage.

If you really want know i was modeling on it:

[*-OMG-*]

Quote:

Originally Posted by WalrossGreat

No
Man the code (from link and my) do probably the same, so it realy ovbius that it looks similar, or no - i know all the pastebins subpage.

If you really want know i was modeling on it:

@WalrossGreat, You are so stupid to don't know that AnsiString have a weight (similiar ? are you sure ? ahah), back to study instead leech.

I did support you but today i understand that you're worth nothing.

[WalrossGreat]

@*-OMG-*
I never saw a man so filled with venom like you. Yes you supported me a lot (nothing) unless you named your supporting flaming me (I don't talking only about this thread).

For moderators: Please close this thread. Thanks who every person who helped. Topic is solved and now there is only offtopic.
@UP
If you still want flame me please do it on PM but as i see:

Quote:

you're worth nothing.

PS. You think that i'm too stupid to know that AnsiString have a weight (lol), but i think that you are too stupid to talking with other peoples

[Trollface-]

NosTale uses AnsiString of delphi, lol.
Or i did unterstand something wrong.

[*-OMG-*]

Quote:

Originally Posted by Trollface-

NosTale uses AnsiString of delphi, lol.
Or i did unterstand something wrong.

Yeah, you are right. Nostale is written in delphi and uses AnsiString.. Visual studio has not the support for it but.. You can write a suitable class ending the string by 0 and adding, at the start, the string weight (usually 1) and length.

32bit | string weight
32bit | string length
8bit* | string buffer

[Trollface-]

Why don't use the class directly in nos? so you dont need to write a class which already exists.