Sending Packets

[Interest07]

Quote:

Originally Posted by Sttt

Interest07, it is possible to fly straight up with actionstructs.

MemFunctions.MemWriteInt(pr_processHandle, moveAction + 0x2C, 0); // Set moveType

set movetype to 1.


Can you help me with such problem? Some skills needs chi to cast and i didnt find any addresses in client memory for them. Surely, i can hardcore them in my programm for every skill but i think it's stupid. So do you know how to get chi requirements for skill from the client memory? Or can you tell any other way to solve this problem?

I never managed to get that working, it would only very briefly move up when I tried that before.

Hmm no haven't seen the chi data lying around, though it's prolly available in elements.data or something.

[Sttt]

Code:

Func FlyUp($DesiredHeight)
local $currentX, $currentZ, $FlyMountId

$currentX = memread(memread(memread($GameAdress) + 0x20) + 0x3c, 'float')
$currentZ = memread(memread(memread($GameAdress) + 0x20) + 0x44, 'float')
$FlyMountId = memread(memread(memread($GameAdress) +0x20) + 0x534)

if memread(memread(memread($GameAdress) + 0x20) + 0x5e0) = 0 then    
	useItem(12,$FlyMountId,$pid,1)
	sleep(2000)
endif
MoveTo($currentX,$DesiredHeight*10.0,$currentZ,1) 

EndFunc



Func MoveTo($x,$y,$z,$flyornot) 
 
local $ActionStruct,$ActionList, $MoveAction

$ActionStruct = memread(memread(memread($GameAdress) + 0x20) + 0xbb8)
$ActionList = memread($ActionStruct + 0x30)
$MoveAction = memread($ActionList + 0x4) 

memwrite($MoveAction + 0x8, 0x0);  //action finished = 0
memwrite($MoveAction + 0x14,0x1); //Action start = 1
memwrite($MoveAction + 0x20, $x,'float');  // Set X coord
memwrite($MoveAction + 0x24, $y,'float');  // Set Y coord
memwrite($MoveAction + 0x28, $z,'float');  // Set Z coord

memwrite($MoveAction + 0x64, 26624);      //Set 1st var for not flying up   
memwrite($MoveAction + 0x6c, 65536);      // Set 2nd var for not flying up

memwrite($MoveAction + 0x2c, $flyornot);  //movetype for flying 1 for ground run 0


memwrite($ActionStruct + 0xc, $MoveAction);
memwrite($ActionStruct + 0x18, 1);
memwrite($ActionStruct + 0x14, $MoveAction);

EndFunc

Works like a charm for me. Never tested it on official servers though.

Code:

memwrite($MoveAction + 0x64, 26624);      //Set 1st var for not flying up   
memwrite($MoveAction + 0x6c, 65536);      // Set 2nd var for not flying up

Didn't notice this values influenced on smth. Set it just in case.

[Smurfin]

since there are already a lot of threads in this section, I'll just ask a quick question here if you all won't mind coz it might be related to tampering with packets.

about the recent questioning for several Love of Up and Down being auctioned at once and at half the normal price, do you guys think they're duped items or just a clever con or hacking outside the ingame exploits ?

[Sᴡoosh]

They where generated by replacing IDs in Browser JSON code on the DQ point reward site.
PWE's devs where so retarded we didnt even bother to check this out because we plainly did not expect them to be this retarded - implementing a powerful function that could send you any item ID you passed to it into clientside JSON is so much stupidity in one place I cannot even emphasise it enough

Cheers

[Smurfin]

oh lol, thanks for the info, just curious if it's done by tampering with packets, turns out it's done that way.

[dumbfck]

Quote:

Originally Posted by Sᴡoosh

They where generated by replacing IDs in Browser JSON code on the DQ point reward site.
PWE's devs where so retarded we didnt even bother to check this out because we plainly did not expect them to be this retarded - implementing a powerful function that could send you any item ID you passed to it into clientside JSON is so much stupidity in one place I cannot even emphasise it enough

Cheers

**** I wish I'd known about that lol. I assume they've fixed it now?
I wonder if any action has been taken against those who abused it? lol
(too lazy to check forums)

[amineurin]

some ppl are banned.
but...make items with this way, sell them fast, drop the coins on the ground and get them with ur main...how will they catch u.

more interesting is there policy, stop selling 11/12 orbs, tell then all users lies about the reasons.
dont take the jb and dq reward page off.
as i see some minutes ago, dq reward pages has item id inside the javascript, on the fb page it "seams" a crypted item id...since its long.
but after this disaster...i would say its unfixed right now and would take some time to fix.

pw stuff is arogant and selfish ppl, the coder of the script must be a monkey.
in this days of hacking...coding such a bullshit is unbelivable.
for what are scripts like php, so dont understand why the monkey put this function readable in javascript.

even if they fix it with a cryption...it would not take long to find out how.
they have to change the wole process of getting those items.

but what should i see...they think this way:
pw chief: oh we need more cash = users, to rip of with stupid packs.
pw second chief:from were we get those cash *erm* users ?
pw secretary: i heard of a page called facebook, u can make cool dates there and much users worldwide are to find.
pw chief: great, we need to advert there...so ppl know about our cashcow *erm* cool free2play game
pw coder: i start coding a script to advert and reward the users for facebook, give me 5min. to code
pw chief: no, code it in 2 min. and then get me a fresh coffee
to be continued...

[dumbfck]

Lmao

To be honest, if they haven't already fixed it, they could fix the issue in less than 5 minutes. There are only a very small handful of "valid" rewards that should be available via the DQ rewards / facecock page. It would be a simple case of checking that the item ID from the deserialised JSON packet matches one of the pre-defined items.

Code:

if(!in_array(chosenID, validIDs))
    outputMessage("Ummmm! I'm telling!");

Of course there would be some code to populate the array, which would probably be buried in some admin control panel, but you get the idea.

What they should probably be more concerned about is how much more of the website was coded by the monkey that made this page. I bet there are holes everywhere.

[Interest07]

Meh, the only problem was that they didn't do server side checking. There was nothing wrong with their javascript, as it did exactly what it was intended to do. They were just stupid enough to blindly trust the client side messages.

Encrypting anything isn't worth the hassle as it simply should not be necessary. It's like those sites that 'protect' against SQL injection by having their javascript check for fishy usernames, it only gives you a false sense of security. Any real protection should be done server side, javascript is only there to make it easy for the user to get his wishes to you, not to verify the legitimacy of those wishes.

[dumbfck]

Indeed. And I should have pointed out that I was referring to server side checking... I kinda forgot that vital point xD.

[Interest07]

Quote:

Originally Posted by dumbfck

Indeed. And I should have pointed out that I was referring to server side checking... I kinda forgot that vital point xD.

lmao

Shows what assuming someone is competent does for you, I've even played around with that JS ages ago but never thought to try this. I was too focused on automating my daily jones blessing and DQ reward fetchup to think of abusing their system

[Smurfin]

interest07 , do you have the function for putting items with prices in catshop ? it's very painful dragging up items, backspacing default prices then typing prices manually if the surrounding sellers keep lowering their prices for the same stuffs like every few minutes.

pw dev should left the price field empty instead of putting a default price so we won't have to backspace them all everytime and can just use ctrl-v for same items.

***...i wish i could sendpacket something to make those annoying kittyshop disconnected

[Player_First_L3]

Does who know packets for: using Teleport Stone; crafting item; refine item with Dragon stone; buying item at Cash Shop; send item by mail.
Thanks in advance..

[Interest07]

Don't have those packets available right at this moment, and at the moment i'm having a little hiatus from snooping around pwi, so not gonna dig around for em either

[Sᴡoosh]

Send item is not sent by the packet function we use - its a different one, namely the same one which also handles chat messages.

Cash shop requires Item ID of the item and the current id of item from gshop.data - much work here.

Never checked refine - No, you cannot "hack" anything here.

Crafting is handled by our packet send function if I remember correctly, never bothered with writing down opcode though cause I did not care about this.

Cheers