There seems to be a comment missing for the line:
0xA8, 0x00, 0x50, 0x39
Just in case you happen to know what it is, it differs from value in my packet dumps and I can't map it to any known values.
I'm afraid I haven't updated my catshop bot in ages, not sure what that was supposed to be lol. I just copy pasted it from my code that I dug up. If it's important I'll have a look at it.
Apart from being properly documented, It's only important if it changes between packets or between different users using this code.
Your pasted code doesn't change the afore mentioned packet section (more precisely this part: 0xA8, 0x00, 0x50, 0x39).
I don't care about, for example, 0x00, 0x00, 0x00, 0x00, even though it's also undocumented, simply because it's always the same value. Change user or number of packets (or number of items in packet, or quantity), value remains the same. It may be unknown, but it's also irrelevant to the use (at least up to the point of normal, intended usage of the packet).
Back to the unknown 0xA8, 0x00, 0x50, 0x39 part, it's not related to items being sold, for if it was, it would be a part of item struct at the end of packet.
If it works consistently for you, after several relogins AND with different characters, it would also seem it's not related to any character or shop data.
For additional info, I add my sample (same endian as yours):
0xB2, 0x00, 0xC8, 0x99
This was obtained on one purchase with one character on one shop. I will get more samples, from different shops using different characters, for comparison.
Edit:
I've checked value at my end after restarting the game and it's still the same.
Managed to track it to player struct, now I need confirmation from you Interest.
Please check the following offsets on your end:
PartOne = [[Base + 0x34] + 0x08 ( 2 bytes)
PartTwo = [[Base + 0x34] + 0x0A ( 2 bytes)
They should be:
PartOne = 0x39, 0x50 (reverse endian from network packets)
PartTwo = 0x00, 0xA8 (reverse endian from network packets)
Put together like shown below (and network packet endian), they should form your value:
PartTwo, PartOne = 0xA8, 0x00, 0x50, 0x39
Apart from being properly documented, It's only important if it changes between packets or between different users using this code.
Your pasted code doesn't change the afore mentioned packet section (more precisely this part: 0xA8, 0x00, 0x50, 0x39).
I don't care about, for example, 0x00, 0x00, 0x00, 0x00, even though it's also undocumented, simply because it's always the same value. Change user or number of packets (or number of items in packet, or quantity), value remains the same. It may be unknown, but it's also irrelevant to the use (at least up to the point of normal, intended usage of the packet).
Back to the unknown 0xA8, 0x00, 0x50, 0x39 part, it's not related to items being sold, for if it was, it would be a part of item struct at the end of packet.
If it works consistently for you, after several relogins AND with different characters, it would also seem it's not related to any character or shop data.
For additional info, I add my sample (same endian as yours):
0xB2, 0x00, 0xC8, 0x99
This was obtained on one purchase with one character on one shop. I will get more samples, from different shops using different characters, for comparison.
Yeah, i have used it consistently for several months on different characters, from different accounts. It may have changed since I last used it of course, as it has been at least about half a year since I last used my shop bot.
It's prolly something like the id of the catshop, the catshop session id, or something similar. Which isn't necessary for the server to process it since you are already in 'dialogue' with that particular cat.
At least that would be my (uneducated) guess
Just to finalize this discussion, I'd like to point out something else to watch for using this packet: ShopIndex
You are viewing the shop window and "Items Offered" as they called it, meaning items you can sell to shop are on the right side in their own 'group'.
Tendency would be to thus use index 0 for first item in first row, but that however isn't the case.
ShopIndex is calculated using ALL the items shop deals with, those for sale as well as those for purchase, while skipping empty slots.
Thus, in selling to cat shop, item that is located first in first row and with total items on sale being, let's say 12, ShopIndex would be: (12+1)-1. -1 is for zero indexing.
Just to finalize this discussion, I'd like to point out something else to watch for using this packet: ShopIndex
You are viewing the shop window and "Items Offered" as they called it, meaning items you can sell to shop are on the right side in their own 'group'.
Tendency would be to thus use index 0 for first item in first row, but that however isn't the case.
ShopIndex is calculated using ALL the items shop deals with, those for sale as well as those for purchase, while skipping empty slots.
Thus, in selling to cat shop, item that is located first in first row and with total items on sale being, let's say 12, ShopIndex would be: (12+1)-1. -1 is for zero indexing.
See image below to avoid confusion.
oh yeah, and something to pay attention to:
say originally a shop sets up with item X at slot 0 and item Y at slot 1.
Someone buys all of item X, now moving item Y to slot 0. When sending the packet you will still need to send shopIndex 1.
oh yeah, and something to pay attention to:
say originally a shop sets up with item X at slot 0 and item Y at slot 1.
Someone buys all of item X, now moving item Y to slot 0. When sending the packet you will still need to send shopIndex 1.
Oooh nasty... So for item Y which was in slot 1, but now in slot 0, you need to send 1? That's dangerous xD. Is this only if you don't close the shop interface? If that's always the case then those item slot IDs are pretty worthless as far as sending packets go?
Oooh nasty... So for item Y which was in slot 1, but now in slot 0, you need to send 1? That's dangerous xD. Is this only if you don't close the shop interface? If that's always the case then those item slot IDs are pretty worthless as far as sending packets go?
Nahh, that value can be found still I forget where exactly though
Wow, this could have worked though. I tested it and succeeded to obtain a perfect stone (50 DQpoints) through a manual post. Other item_id's from the 1st post were not working, so I guess it's fixed. Cool hack and at least I learned a lot from it.
Much can probably be exploited with mixing files 06/04/2008 - RF Online - 0 Replies Not sure if this (title) is common knowledge or what, but by doing so I was able to create different racial characters in one account in RFO-ph (which officially, is locked only to one race per account) just a few moments ago. For a full TUT on this go to the forum where you can hide stuff, sorry but I just hate spoonfeeding (you already got your clue from this topic's title).
Thanks to zereke for this idea though, his alleged item spawn hack got me into working on this line of exploits.
new thing to maybe get exploited 09/04/2007 - Conquer Online 2 - 19 Replies -------------------------------------------------- ------------------------------
We are proud to announce an incredible opportunity to all our loyal fans. We are giving away double EXP points!
Event Duration:
Beginning on Sept. 7th at 18:30 and ending on Sept. 9th at 23:59 (2 days)
Find GuruTodd in the Twin City (438,377) and he will invite you to join in the double EXP training. Each time, you will receive an hour's worth of double EXP. During the event, you can join in the...
Make 1 mil Gold in 1 hour exploited 06/11/2006 - General Gaming Discussion - 13 Replies Hi all sry for my bad english cause not my primary language , i'll describe u all how to make ur GB char rich a few hours and lvlup ur GB char from noobs to Sapphire Wand just a few days , but i recommend u dont try it every day ,actualy im using 2 comp for it i got 1 mil every 1 hour, and dont blame me if u got banned .
Tools
======
XFS2 = .xfs Decompiler ( googling it for that tool )
B43bot = bot ur gb char while u sleep
Vbot = another bot with ideath, auto ready fuction
1st...
maybe i dident create a right proxy web ? or it just got fixed
