- Joined
- Oct 31, 2008
- Messages
- 341
- Reaction score
- 294
Just a little Test I made for Pet Pick - u need to add a check if Item is in Inventory or smth.
it's not finished yet u need to fix somethings but should be a good basic.
it's not finished yet u need to fix somethings but should be a good basic.
You must be registered to see links
PHP:
#include <Windows.h>
#include <vector>
#define INST_NOP 0x90
#define INST_CALL 0xe8
#define INST_JMP 0xe9
#define INST_BYTE 0x00
#define SHORT_JZ 0x74
void MemcpyEx(DWORD destination, DWORD source, int length)
{
DWORD oldSource = 0;
DWORD oldDestination = 0;
VirtualProtect((LPVOID)source, length, PAGE_EXECUTE_READWRITE, &oldSource);
VirtualProtect((LPVOID)destination, length, PAGE_EXECUTE_READWRITE, &oldDestination);
memcpy((void*)destination, (void*)source, length);
VirtualProtect((LPVOID)destination, length, oldDestination, &oldDestination);
VirtualProtect((LPVOID)source, length, oldSource, &oldSource);
}
DWORD Intercept(BYTE instruction, DWORD lpSource, DWORD lpDest, int len)
{
DWORD realtarget = 0;
LPBYTE buffer = new BYTE[len];
memset(buffer, 0x90, len); //Fill out with nops
if (instruction != INST_NOP && len >= 5){
buffer[(len - 5)] = instruction;
DWORD dwJMP = (DWORD)lpDest - (lpSource + 5 + (len - 5));
memcpy(&realtarget, (void*)(lpSource + 1), 4);
realtarget = realtarget + lpSource + 5;
memcpy(buffer + 1 + (len - 5), &dwJMP, 4);
}
if (instruction == SHORT_JZ){
buffer[0] = instruction;
buffer[1] = (BYTE)lpDest;
}
if (instruction == INST_BYTE){
buffer[0] = (BYTE)lpDest;
}
MemcpyEx(lpSource, (DWORD)buffer, len);
delete[] buffer;
return realtarget;
}
static int (__thiscall *CParty__GetRandomPlayer)(int Player) = (int (__thiscall*)(int Player))0x0044E7C0;
static int(__cdecl *CreateItem)(int Index, int Prefix, int Amount, int unknown) = (int(__cdecl*)(int Index, int Prefix, int Amount, int unknown))0x00426110;
static int(__cdecl* FindParty)(int PartyID) = (int(__cdecl*)(int PartyID))0x0044D4E0;
static int(__thiscall* GetPartySize)(int PartyID) = (int(__thiscall*)(int PartyID))0x00412ED0;
static int(__thiscall* GetPlayerList)(void* PartyID) = (int(__thiscall*)(void* PartyID))0x0044F390;
static int(__thiscall* BaseListPop)(void* unknown) = (int(__thiscall*)(void* unknown))0x00402430;
static int(__thiscall* unknown_libname_77)(void* unknown) = (int(__thiscall*)(void* unknown))0x0042F830;
static int (__thiscall *CInitMonster__DropItem)(DWORD *__this, int pMonster, int isParty, int PlayerID, int a5, int DropItemMask) = (int (__thiscall*)(DWORD *__this, int pMonster, int isParty, int PlayerID, int a5, int DropItemMask))0x00437D70;
static int (__thiscall *CParty__GetLuckySize)(int a5) = (int (__thiscall*)(int a5))0x0044F440;
static int (__cdecl *CItem__CreateDropItem)(char a4, int a5) = (int (__cdecl*)(char a4, int a5))0x00426290;
static void* (__cdecl* FindPlayerByID) (int ID) = (void* (__cdecl*) (int ID))0x00450810;
static int (__thiscall *InsertItem)(void *thispointer, int a2, void* Item) = (int (__thiscall*)(void *,int,void*))0x0045DE10;
static void (__cdecl* WriteRed)(char* text, ...) = (void (__cdecl*)(char* text, ...))0x004328C0;
struct SItem
{
int Index;
int Amount;
int Prefix;
};
std::vector<SItem> itemvec;
void __fastcall hkDropItem(DWORD* pItem,void* _edx, int pMonster, int isParty, int PlayerID, int a5, int DropItemMask)
{
bool forward = true;
if(isParty)
{
int* PartyID = (int*)FindParty(PlayerID);
if(PartyID)
{
forward = false;
for (int ItemArray = 0; ItemArray < pItem[29]; ++ItemArray )
{
int dropAnzahl = pItem[ItemArray + 24];
if(pItem[16] == 4)
dropAnzahl += CParty__GetLuckySize(0);
else
++dropAnzahl;
for(int DropCount = 0; DropCount < dropAnzahl; DropCount++)
{
int* item = (int*)CItem__CreateDropItem(pItem[ItemArray + 19],DropItemMask);
if(item)
{
SItem newItem;
newItem.Index = ((int*)item[10])[16];
newItem.Amount = item[13];
newItem.Prefix = 0;
if ( item[11] )
newItem.Prefix = ((int*)item[11])[8];
itemvec.push_back(newItem);
}
}
}
for (int PartyPlayerIndex = GetPlayerList(PartyID); PartyPlayerIndex; PartyPlayerIndex = BaseListPop(reinterpret_cast<void*>(PartyPlayerIndex)))
{
int ListPlayer = unknown_libname_77(reinterpret_cast<void*>(PartyPlayerIndex));
if (ListPlayer)
{
std::vector<SItem>::iterator itemIterator;
itemIterator = itemvec.begin();
while(itemIterator != itemvec.end())
{
if(itemIterator->Index != 31)
ListPlayer = CParty__GetRandomPlayer((int)PartyID);
if(ListPlayer)
{
int* itemreturn = (int*)CreateItem(itemIterator->Index, itemIterator->Prefix, itemIterator->Amount, -1);
if(itemreturn)
InsertItem((int*)ListPlayer, 2, itemreturn);
if(itemIterator->Index != 31)
{
itemIterator = itemvec.erase(itemIterator);
}
else
++itemIterator;
}
}
}
}
itemvec.clear();
}
}
else
{
int* pPlayer = (int*)FindPlayerByID(PlayerID);
if(pPlayer)
{
forward = false;
int i;
for ( i = 0; i < pItem[29]; ++i )
{
int dropAnzahl = pItem[i + 24];
for(int ii = 0; ii < dropAnzahl; ii++)
{
int* item = (int*)CItem__CreateDropItem(pItem[i + 19],DropItemMask);
if(item)
{
int Index = ((int*)item[10])[16];
int Amount = item[13];
int Prefix = 0;
if ( item[11] )
Prefix = ((int*)item[11])[8];
int* itemreturn = (int*)CreateItem(Index, Prefix, Amount, -1);
InsertItem(pPlayer, 2, itemreturn);
}
}
}
}
}
if(forward)
CInitMonster__DropItem(pItem,pMonster,isParty,PlayerID,a5,DropItemMask);
}
unsigned long __stdcall thr(void* _d)
{
Sleep(5000);
WriteRed("---- Auto Picking Test ----");
Intercept(INST_CALL,(unsigned long)0x004423D3,(unsigned long)hkDropItem,5);
Intercept(INST_CALL,(unsigned long)0x0043F443,(unsigned long)hkDropItem,5);
return TRUE;
}
void MainHook()
{
CreateThread(0,0,thr,nullptr,0,0);
}
BOOL APIENTRY DllMain( HMODULE hModule, unsigned long ul_reason_for_call, void* lpReserved )
{
DisableThreadLibraryCalls(hModule);
switch (ul_reason_for_call)
{
case DLL_PROCESS_ATTACH:
MainHook();
break;
}
return TRUE;
}
Attachments
You must be registered for see attachments list
Last edited: