[Development] CharObject Struct Of Client (Source)

re: [Development] CharObject Struct Of Client (Source)

DarkSim how to generate a struct Object Character?

My Main 1.02.40 (1.02N+ CHS)

re: [Development] CharObject Struct Of Client (Source)

VeltonD
- I make it manually, with olly & ida

re: [Development] CharObject Struct Of Client (Source)

Quote:

Originally Posted by -=DarkSim=-

VeltonD
- I make it manually, with olly & ida

Yep, there no magic, just plain old hard work ...:)

re: [Development] CharObject Struct Of Client (Source)

How can I find the right struct in my main.exe?

re: [Development] CharObject Struct Of Client (Source)

i cant see offset? where is objstructchar?
main 1.04j

Code:

CPU Disasm Address Hex dump Command Comments 00649926 |> \6A 00 PUSH 0 ; /TimerFunc = 00000000 00649928 |. 68 204E0000 PUSH 4E20 ; |Timeout = 20000. ms 0064992D |. 68 E8030000 PUSH 3E8 ; |TimerID = 1000. 00649932 |. 8B15 84EEAF07 MOV EDX,DWORD PTR DS:[7AFEE84] ; | 00649938 |. 52 PUSH EDX ; |hWnd => NULL 00649939 |. FF15 C0647500 CALL DWORD PTR DS:[<&USER32.SetTimer>] ; \USER32.SetTimer 0064993F |. 6A 00 PUSH 0 ; /Arg1 = 0 00649941 |. E8 1E220F00 CALL 0073BB64 ; \Main.0073BB64 00649946 |. 83C4 04 ADD ESP,4 00649949 |. 50 PUSH EAX ; /Arg1 0064994A |. E8 A1FD0E00 CALL 007396F0 ; \Main.007396F0 0064994F |. 83C4 04 ADD ESP,4 00649952 |. C785 60FFFFFF MOV DWORD PTR SS:[EBP-0A0],0 0064995C |. EB 0F JMP SHORT 0064996D 0064995E |> 8B85 60FFFFFF /MOV EAX,DWORD PTR SS:[EBP-0A0] 00649964 |. 83C0 01 |ADD EAX,1 00649967 |. 8985 60FFFFFF |MOV DWORD PTR SS:[EBP-0A0],EAX 0064996D |> 83BD 60FFFFFF |CMP DWORD PTR SS:[EBP-0A0],64 00649974 |. 7D 1C |JGE SHORT 00649992 00649976 |. E8 82FD0E00 |CALL 007396FD 0064997B |. 99 |CDQ 0064997C |. B9 68010000 |MOV ECX,168 00649981 |. F7F9 |IDIV ECX 00649983 |. 8B85 60FFFFFF |MOV EAX,DWORD PTR SS:[EBP-0A0] 00649989 |. 891485 A0ECAF |MOV DWORD PTR DS:[EAX*4+7AFECA0],EDX 00649990 |.^ EB CC \JMP SHORT 0064995E 00649992 |> E8 66FD0E00 CALL 007396FD

re: [Development] CharObject Struct Of Client (Source)

Some of the images are dead :(

re: [Development] CharObject Struct Of Client (Source)

Does anyone have or could explain to me how to get this structures for 1.03K?

re: [Development] CharObject Struct Of Client (Source)

Could you help me with the offset and the structure of the main 1.02.03 season2 or how can I find it ?, I have this in the ollydbg:

Code:

004D5B48 |> \6A 00 PUSH 0 004D5B4A |. 68 204E0000 PUSH 4E20 004D5B4F |. 68 E8030000 PUSH 3E8 004D5B54 |. 8B15 301E8405 MOV EDX,DWORD PTR DS:[5841E30] 004D5B5A |. 52 PUSH EDX 004D5B5B |. FF15 D8347800 CALL DWORD PTR DS:[<&user32.SetTimer>] 004D5B61 |. 6A 00 PUSH 0 ; /Arg1 = 0 004D5B63 |. E8 E0152800 CALL 00757148 ; \main.00757148 004D5B68 |. 83C4 04 ADD ESP,4 004D5B6B |. 50 PUSH EAX ; /Arg1 004D5B6C |. E8 6BFF2700 CALL 00755ADC ; \main.00755ADC 004D5B71 |. 83C4 04 ADD ESP,4 004D5B74 |. C785 60FFFFFF MOV DWORD PTR SS:[EBP-0A0],0 004D5B7E |. EB 0F JMP SHORT 004D5B8F 004D5B80 |> 8B85 60FFFFFF /MOV EAX,DWORD PTR SS:[EBP-0A0] 004D5B86 |. 83C0 01 |ADD EAX,1 004D5B89 |. 8985 60FFFFFF |MOV DWORD PTR SS:[EBP-0A0],EAX 004D5B8F |> 83BD 60FFFFFF |CMP DWORD PTR SS:[EBP-0A0],64 004D5B96 |. 7D 1C |JGE SHORT 004D5BB4 004D5B98 |. E8 4CFF2700 |CALL 00755AE9 004D5B9D |. 99 |CDQ 004D5B9E |. B9 68010000 |MOV ECX,168 004D5BA3 |. F7F9 |IDIV ECX 004D5BA5 |. 8B85 60FFFFFF |MOV EAX,DWORD PTR SS:[EBP-0A0] 004D5BAB |. 891485 301C84 |MOV DWORD PTR DS:[EAX*4+5841C30],EDX 004D5BB2 |.^ EB CC \JMP SHORT 004D5B80 004D5BB4 |> E8 30FF2700 CALL 00755AE9 004D5BB9 |. 99 CDQ 004D5BBA |. B9 64000000 MOV ECX,64 004D5BBF |. F7F9 IDIV ECX 004D5BC1 |. 83C2 01 ADD EDX,1 004D5BC4 |. 52 PUSH EDX ; /Arg1 004D5BC5 |. E8 38F62700 CALL 00755202 ; \main.00755202 004D5BCA |. 83C4 04 ADD ESP,4 004D5BCD |. 8985 D4F1FFFF MOV DWORD PTR SS:[EBP-0E2C],EAX 004D5BD3 |. 8B95 D4F1FFFF MOV EDX,DWORD PTR SS:[EBP-0E2C] 004D5BD9 |. 8915 001C8405 MOV DWORD PTR DS:[5841C00],EDX 004D5BDF |. 68 00090000 PUSH 900 ; /Arg1 = 900 004D5BE4 |. E8 19F62700 CALL 00755202 ; \main.00755202 004D5BE9 |. 83C4 04 ADD ESP,4 004D5BEC |. 8985 D0F1FFFF MOV DWORD PTR SS:[EBP-0E30],EAX 004D5BF2 |. 8B85 D0F1FFFF MOV EAX,DWORD PTR SS:[EBP-0E30] 004D5BF8 |. A3 C0967707 MOV DWORD PTR DS:[77796C0],EAX 004D5BFD |. 68 003C0000 PUSH 3C00 ; /Arg1 = 3C00 004D5C02 |. E8 FBF52700 CALL 00755202 ; \main.00755202 004D5C07 |. 83C4 04 ADD ESP,4 004D5C0A |. 8985 CCF1FFFF MOV DWORD PTR SS:[EBP-0E34],EAX 004D5C10 |. 8B8D CCF1FFFF MOV ECX,DWORD PTR SS:[EBP-0E34] 004D5C16 |. 890D E0DD7A07 MOV DWORD PTR DS:[77ADDE0],ECX 004D5C1C |. 68 00D00B00 PUSH 0BD000 ; /Arg1 = 0BD000 004D5C21 |. E8 DCF52700 CALL 00755202 ; \main.00755202 004D5C26 |. 83C4 04 ADD ESP,4 004D5C29 |. 8985 C8F1FFFF MOV DWORD PTR SS:[EBP-0E38],EAX 004D5C2F |. 8B95 C8F1FFFF MOV EDX,DWORD PTR SS:[EBP-0E38] 004D5C35 |. 8915 041C8405 MOV DWORD PTR DS:[5841C04],EDX 004D5C3B |. E8 A9FE2700 CALL 00755AE9 004D5C40 |. 25 FF030080 AND EAX,800003FF 004D5C45 |. 79 07 JNS SHORT 004D5C4E 004D5C47 |. 48 DEC EAX 004D5C48 |. 0D 00FCFFFF OR EAX,FFFFFC00 004D5C4D |. 40 INC EAX 004D5C4E |> 6BC0 54 IMUL EAX,EAX,54 004D5C51 |. 8B0D 041C8405 MOV ECX,DWORD PTR DS:[5841C04] 004D5C57 |. 03C8 ADD ECX,EAX 004D5C59 |. 890D 14ED8807 MOV DWORD PTR DS:[788ED14],ECX 004D5C5F |. 68 F83B0900 PUSH 93BF8 ; /Arg1 = 93BF8 004D5C64 |. E8 99F52700 CALL 00755202 ; \main.00755202 004D5C69 |. 83C4 04 ADD ESP,4 004D5C6C |. 8985 C0F1FFFF MOV DWORD PTR SS:[EBP-0E40],EAX 004D5C72 |. 83BD C0F1FFFF CMP DWORD PTR SS:[EBP-0E40],0 004D5C79 |. 74 29 JE SHORT 004D5CA4 004D5C7B |. 68 A0924100 PUSH 004192A0 ; /Arg4 = main.4192A0, Entry point of procedure 004D5C80 |. 68 11020000 PUSH 211 ; |Arg3 = 211 004D5C85 |. 68 78040000 PUSH 478 ; |Arg2 = 478 004D5C8A |. 8B95 C0F1FFFF MOV EDX,DWORD PTR SS:[EBP-0E40] ; | 004D5C90 |. 52 PUSH EDX ; |Arg1 004D5C91 |. E8 7A0F0000 CALL 004D6C10 ; \main.004D6C10 004D5C96 |. 8B85 C0F1FFFF MOV EAX,DWORD PTR SS:[EBP-0E40] 004D5C9C |. 8985 10F1FFFF MOV DWORD PTR SS:[EBP-0EF0],EAX 004D5CA2 |. EB 0A JMP SHORT 004D5CAE 004D5CA4 |> C785 10F1FFFF MOV DWORD PTR SS:[EBP-0EF0],0 004D5CAE |> 8B8D 10F1FFFF MOV ECX,DWORD PTR SS:[EBP-0EF0] 004D5CB4 |. 898D C4F1FFFF MOV DWORD PTR SS:[EBP-0E3C],ECX 004D5CBA |. 8B95 C4F1FFFF MOV EDX,DWORD PTR SS:[EBP-0E3C] 004D5CC0 |. 8915 081C8405 MOV DWORD PTR DS:[5841C08],EDX 004D5CC6 |. E8 1EFE2700 CALL 00755AE9 004D5CCB |. 25 7F000080 AND EAX,8000007F 004D5CD0 |. 79 05 JNS SHORT 004D5CD7 004D5CD2 |. 48 DEC EAX 004D5CD3 |. 83C8 80 OR EAX,FFFFFF80 004D5CD6 |. 40 INC EAX 004D5CD7 |> 69C0 78040000 IMUL EAX,EAX,478 004D5CDD |. 8B0D 081C8405 MOV ECX,DWORD PTR DS:[5841C08] 004D5CE3 |. 03C8 ADD ECX,EAX 004D5CE5 |. 890D 948F5107 MOV DWORD PTR DS:[7518F94],ECX 004D5CEB |. 68 400F0000 PUSH 0F40 ; /Arg1 = 0F40 004D5CF0 |. E8 0DF52700 CALL 00755202 ; \main.00755202 004D5CF5 |. 83C4 04 ADD ESP,4 004D5CF8 |. 8985 BCF1FFFF MOV DWORD PTR SS:[EBP-0E44],EAX 004D5CFE |. 8B95 BCF1FFFF MOV EDX,DWORD PTR SS:[EBP-0E44] 004D5D04 |. 8915 BC2A7707 MOV DWORD PTR DS:[7772ABC],EDX 004D5D0A |. 68 00090000 PUSH 900 ; /Arg3 = 900 004D5D0F |. 6A 00 PUSH 0 ; |Arg2 = 0 004D5D11 |. A1 C0967707 MOV EAX,DWORD PTR DS:[77796C0] ; | 004D5D16 |. 50 PUSH EAX ; |Arg1 => [77796C0] = 0 004D5D17 |. E8 24FE2700 CALL 00755B40 ; \main.00755B40 004D5D1C |. 83C4 0C ADD ESP,0C 004D5D1F |. 68 003C0000 PUSH 3C00 ; /Arg3 = 3C00 004D5D24 |. 6A 00 PUSH 0 ; |Arg2 = 0 004D5D26 |. 8B0D E0DD7A07 MOV ECX,DWORD PTR DS:[77ADDE0] ; | 004D5D2C |. 51 PUSH ECX ; |Arg1 => [77ADDE0] = 0 004D5D2D |. E8 0EFE2700 CALL 00755B40 ; \main.00755B40 004D5D32 |. 83C4 0C ADD ESP,0C 004D5D35 |. 68 00800A00 PUSH 0A8000 ; /Arg3 = 0A8000 004D5D3A |. 6A 00 PUSH 0 ; |Arg2 = 0 004D5D3C |. 8B15 14ED8807 MOV EDX,DWORD PTR DS:[788ED14] ; | 004D5D42 |. 52 PUSH EDX ; |Arg1 => [788ED14] = 0 004D5D43 |. E8 F8FD2700 CALL 00755B40 ; \main.00755B40 004D5D48 |. 83C4 0C ADD ESP,0C 004D5D4B |. 68 F8FF0600 PUSH 6FFF8 ; /Arg3 = 6FFF8 004D5D50 |. 6A 00 PUSH 0 ; |Arg2 = 0 004D5D52 |. A1 948F5107 MOV EAX,DWORD PTR DS:[7518F94] ; | 004D5D57 |. 50 PUSH EAX ; |Arg1 => [7518F94] = 0 004D5D58 |. E8 E3FD2700 CALL 00755B40 ; \main.00755B40 004D5D5D |. 83C4 0C ADD ESP,0C 004D5D60 |. 68 400F0000 PUSH 0F40 ; /Arg3 = 0F40 004D5D65 |. 6A 00 PUSH 0 ; |Arg2 = 0 004D5D67 |. 8B0D BC2A7707 MOV ECX,DWORD PTR DS:[7772ABC] ; | 004D5D6D |. 51 PUSH ECX ; |Arg1 => [7772ABC] = 0 004D5D6E |. E8 CDFD2700 CALL 00755B40 ; \main.00755B40 004D5D73 |. 83C4 0C ADD ESP,0C 004D5D76 |. 8B15 BC2A7707 MOV EDX,DWORD PTR DS:[7772ABC] 004D5D7C |. 8915 B82A7707 MOV DWORD PTR DS:[7772AB8],EDX 004D5D82 |. 8B0D BC2A7707 MOV ECX,DWORD PTR DS:[7772ABC] 004D5D88 |. E8 F2260B00 CALL 0058847F 004D5D8D |. A1 948F5107 MOV EAX,DWORD PTR DS:[7518F94] 004D5D92 |. A3 A88F5107 MOV DWORD PTR DS:[7518FA8],EAX 004D5D97 |. 833D F81F7A00 CMP DWORD PTR DS:[7A1FF8],1

Thanks, sorry for my bad English.

Re: [Development] CharObject Struct Of Client (Source)

Quote:

Originally Posted by xavi321

Could you help me with the offset and the structure of the main 1.02.03 season2 or how can I find it ?, I have this in the ollydbg:

Code:

004D5B48 |> \6A 00 PUSH 0 004D5B4A |. 68 204E0000 PUSH 4E20 004D5B4F |. 68 E8030000 PUSH 3E8 004D5B54 |. 8B15 301E8405 MOV EDX,DWORD PTR DS:[5841E30] 004D5B5A |. 52 PUSH EDX 004D5B5B |. FF15 D8347800 CALL DWORD PTR DS:[<&user32.SetTimer>] 004D5B61 |. 6A 00 PUSH 0 ; /Arg1 = 0 004D5B63 |. E8 E0152800 CALL 00757148 ; \main.00757148 004D5B68 |. 83C4 04 ADD ESP,4 004D5B6B |. 50 PUSH EAX ; /Arg1 004D5B6C |. E8 6BFF2700 CALL 00755ADC ; \main.00755ADC 004D5B71 |. 83C4 04 ADD ESP,4 004D5B74 |. C785 60FFFFFF MOV DWORD PTR SS:[EBP-0A0],0 004D5B7E |. EB 0F JMP SHORT 004D5B8F 004D5B80 |> 8B85 60FFFFFF /MOV EAX,DWORD PTR SS:[EBP-0A0] 004D5B86 |. 83C0 01 |ADD EAX,1 004D5B89 |. 8985 60FFFFFF |MOV DWORD PTR SS:[EBP-0A0],EAX 004D5B8F |> 83BD 60FFFFFF |CMP DWORD PTR SS:[EBP-0A0],64 004D5B96 |. 7D 1C |JGE SHORT 004D5BB4 004D5B98 |. E8 4CFF2700 |CALL 00755AE9 004D5B9D |. 99 |CDQ 004D5B9E |. B9 68010000 |MOV ECX,168 004D5BA3 |. F7F9 |IDIV ECX 004D5BA5 |. 8B85 60FFFFFF |MOV EAX,DWORD PTR SS:[EBP-0A0] 004D5BAB |. 891485 301C84 |MOV DWORD PTR DS:[EAX*4+5841C30],EDX 004D5BB2 |.^ EB CC \JMP SHORT 004D5B80 004D5BB4 |> E8 30FF2700 CALL 00755AE9 004D5BB9 |. 99 CDQ 004D5BBA |. B9 64000000 MOV ECX,64 004D5BBF |. F7F9 IDIV ECX 004D5BC1 |. 83C2 01 ADD EDX,1 004D5BC4 |. 52 PUSH EDX ; /Arg1 004D5BC5 |. E8 38F62700 CALL 00755202 ; \main.00755202 004D5BCA |. 83C4 04 ADD ESP,4 004D5BCD |. 8985 D4F1FFFF MOV DWORD PTR SS:[EBP-0E2C],EAX 004D5BD3 |. 8B95 D4F1FFFF MOV EDX,DWORD PTR SS:[EBP-0E2C] 004D5BD9 |. 8915 001C8405 MOV DWORD PTR DS:[5841C00],EDX 004D5BDF |. 68 00090000 PUSH 900 ; /Arg1 = 900 004D5BE4 |. E8 19F62700 CALL 00755202 ; \main.00755202 004D5BE9 |. 83C4 04 ADD ESP,4 004D5BEC |. 8985 D0F1FFFF MOV DWORD PTR SS:[EBP-0E30],EAX 004D5BF2 |. 8B85 D0F1FFFF MOV EAX,DWORD PTR SS:[EBP-0E30] 004D5BF8 |. A3 C0967707 MOV DWORD PTR DS:[77796C0],EAX 004D5BFD |. 68 003C0000 PUSH 3C00 ; /Arg1 = 3C00 004D5C02 |. E8 FBF52700 CALL 00755202 ; \main.00755202 004D5C07 |. 83C4 04 ADD ESP,4 004D5C0A |. 8985 CCF1FFFF MOV DWORD PTR SS:[EBP-0E34],EAX 004D5C10 |. 8B8D CCF1FFFF MOV ECX,DWORD PTR SS:[EBP-0E34] 004D5C16 |. 890D E0DD7A07 MOV DWORD PTR DS:[77ADDE0],ECX 004D5C1C |. 68 00D00B00 PUSH 0BD000 ; /Arg1 = 0BD000 004D5C21 |. E8 DCF52700 CALL 00755202 ; \main.00755202 004D5C26 |. 83C4 04 ADD ESP,4 004D5C29 |. 8985 C8F1FFFF MOV DWORD PTR SS:[EBP-0E38],EAX 004D5C2F |. 8B95 C8F1FFFF MOV EDX,DWORD PTR SS:[EBP-0E38] 004D5C35 |. 8915 041C8405 MOV DWORD PTR DS:[5841C04],EDX 004D5C3B |. E8 A9FE2700 CALL 00755AE9 004D5C40 |. 25 FF030080 AND EAX,800003FF 004D5C45 |. 79 07 JNS SHORT 004D5C4E 004D5C47 |. 48 DEC EAX 004D5C48 |. 0D 00FCFFFF OR EAX,FFFFFC00 004D5C4D |. 40 INC EAX 004D5C4E |> 6BC0 54 IMUL EAX,EAX,54 004D5C51 |. 8B0D 041C8405 MOV ECX,DWORD PTR DS:[5841C04] 004D5C57 |. 03C8 ADD ECX,EAX 004D5C59 |. 890D 14ED8807 MOV DWORD PTR DS:[788ED14],ECX 004D5C5F |. 68 F83B0900 PUSH 93BF8 ; /Arg1 = 93BF8 004D5C64 |. E8 99F52700 CALL 00755202 ; \main.00755202 004D5C69 |. 83C4 04 ADD ESP,4 004D5C6C |. 8985 C0F1FFFF MOV DWORD PTR SS:[EBP-0E40],EAX 004D5C72 |. 83BD C0F1FFFF CMP DWORD PTR SS:[EBP-0E40],0 004D5C79 |. 74 29 JE SHORT 004D5CA4 004D5C7B |. 68 A0924100 PUSH 004192A0 ; /Arg4 = main.4192A0, Entry point of procedure 004D5C80 |. 68 11020000 PUSH 211 ; |Arg3 = 211 004D5C85 |. 68 78040000 PUSH 478 ; |Arg2 = 478 004D5C8A |. 8B95 C0F1FFFF MOV EDX,DWORD PTR SS:[EBP-0E40] ; | 004D5C90 |. 52 PUSH EDX ; |Arg1 004D5C91 |. E8 7A0F0000 CALL 004D6C10 ; \main.004D6C10 004D5C96 |. 8B85 C0F1FFFF MOV EAX,DWORD PTR SS:[EBP-0E40] 004D5C9C |. 8985 10F1FFFF MOV DWORD PTR SS:[EBP-0EF0],EAX 004D5CA2 |. EB 0A JMP SHORT 004D5CAE 004D5CA4 |> C785 10F1FFFF MOV DWORD PTR SS:[EBP-0EF0],0 004D5CAE |> 8B8D 10F1FFFF MOV ECX,DWORD PTR SS:[EBP-0EF0] 004D5CB4 |. 898D C4F1FFFF MOV DWORD PTR SS:[EBP-0E3C],ECX 004D5CBA |. 8B95 C4F1FFFF MOV EDX,DWORD PTR SS:[EBP-0E3C] 004D5CC0 |. 8915 081C8405 MOV DWORD PTR DS:[5841C08],EDX 004D5CC6 |. E8 1EFE2700 CALL 00755AE9 004D5CCB |. 25 7F000080 AND EAX,8000007F 004D5CD0 |. 79 05 JNS SHORT 004D5CD7 004D5CD2 |. 48 DEC EAX 004D5CD3 |. 83C8 80 OR EAX,FFFFFF80 004D5CD6 |. 40 INC EAX 004D5CD7 |> 69C0 78040000 IMUL EAX,EAX,478 004D5CDD |. 8B0D 081C8405 MOV ECX,DWORD PTR DS:[5841C08] 004D5CE3 |. 03C8 ADD ECX,EAX 004D5CE5 |. 890D 948F5107 MOV DWORD PTR DS:[7518F94],ECX 004D5CEB |. 68 400F0000 PUSH 0F40 ; /Arg1 = 0F40 004D5CF0 |. E8 0DF52700 CALL 00755202 ; \main.00755202 004D5CF5 |. 83C4 04 ADD ESP,4 004D5CF8 |. 8985 BCF1FFFF MOV DWORD PTR SS:[EBP-0E44],EAX 004D5CFE |. 8B95 BCF1FFFF MOV EDX,DWORD PTR SS:[EBP-0E44] 004D5D04 |. 8915 BC2A7707 MOV DWORD PTR DS:[7772ABC],EDX 004D5D0A |. 68 00090000 PUSH 900 ; /Arg3 = 900 004D5D0F |. 6A 00 PUSH 0 ; |Arg2 = 0 004D5D11 |. A1 C0967707 MOV EAX,DWORD PTR DS:[77796C0] ; | 004D5D16 |. 50 PUSH EAX ; |Arg1 => [77796C0] = 0 004D5D17 |. E8 24FE2700 CALL 00755B40 ; \main.00755B40 004D5D1C |. 83C4 0C ADD ESP,0C 004D5D1F |. 68 003C0000 PUSH 3C00 ; /Arg3 = 3C00 004D5D24 |. 6A 00 PUSH 0 ; |Arg2 = 0 004D5D26 |. 8B0D E0DD7A07 MOV ECX,DWORD PTR DS:[77ADDE0] ; | 004D5D2C |. 51 PUSH ECX ; |Arg1 => [77ADDE0] = 0 004D5D2D |. E8 0EFE2700 CALL 00755B40 ; \main.00755B40 004D5D32 |. 83C4 0C ADD ESP,0C 004D5D35 |. 68 00800A00 PUSH 0A8000 ; /Arg3 = 0A8000 004D5D3A |. 6A 00 PUSH 0 ; |Arg2 = 0 004D5D3C |. 8B15 14ED8807 MOV EDX,DWORD PTR DS:[788ED14] ; | 004D5D42 |. 52 PUSH EDX ; |Arg1 => [788ED14] = 0 004D5D43 |. E8 F8FD2700 CALL 00755B40 ; \main.00755B40 004D5D48 |. 83C4 0C ADD ESP,0C 004D5D4B |. 68 F8FF0600 PUSH 6FFF8 ; /Arg3 = 6FFF8 004D5D50 |. 6A 00 PUSH 0 ; |Arg2 = 0 004D5D52 |. A1 948F5107 MOV EAX,DWORD PTR DS:[7518F94] ; | 004D5D57 |. 50 PUSH EAX ; |Arg1 => [7518F94] = 0 004D5D58 |. E8 E3FD2700 CALL 00755B40 ; \main.00755B40 004D5D5D |. 83C4 0C ADD ESP,0C 004D5D60 |. 68 400F0000 PUSH 0F40 ; /Arg3 = 0F40 004D5D65 |. 6A 00 PUSH 0 ; |Arg2 = 0 004D5D67 |. 8B0D BC2A7707 MOV ECX,DWORD PTR DS:[7772ABC] ; | 004D5D6D |. 51 PUSH ECX ; |Arg1 => [7772ABC] = 0 004D5D6E |. E8 CDFD2700 CALL 00755B40 ; \main.00755B40 004D5D73 |. 83C4 0C ADD ESP,0C 004D5D76 |. 8B15 BC2A7707 MOV EDX,DWORD PTR DS:[7772ABC] 004D5D7C |. 8915 B82A7707 MOV DWORD PTR DS:[7772AB8],EDX 004D5D82 |. 8B0D BC2A7707 MOV ECX,DWORD PTR DS:[7772ABC] 004D5D88 |. E8 F2260B00 CALL 0058847F 004D5D8D |. A1 948F5107 MOV EAX,DWORD PTR DS:[7518F94] 004D5D92 |. A3 A88F5107 MOV DWORD PTR DS:[7518FA8],EAX 004D5D97 |. 833D F81F7A00 CMP DWORD PTR DS:[7A1FF8],1

Thanks, sorry for my bad English.

Your offset: 0x7772ABC

Re: [Development] CharObject Struct Of Client (Source)

Quote:

Originally Posted by muzic25

Your offset: 0x7772ABC

Thank you.

Now I have the following code:

protocol.cpp

Code:

void Protocol::DataRecv(DWORD Case, LPBYTE Data, int Len, int aIndex) { BYTE ProtocolType = Data[0]; if (ProtocolType == 0xC1) { switch (BYTE(Case)) { case 0xFB: { PMSG_DEFAULT2 * lpDef = (PMSG_DEFAULT2*)Data; switch (lpDef->subcode) { case 8: { gObjUser.UpdateCharInfo((CHAR_UPDATEINFO*)Data); } break; } break; } } } pDataRecv(Case, Data, Len, aIndex); }

user.cpp

Code:

void User::UpdateCharInfo(CHAR_UPDATEINFO * aRecv) { ObjectCharacter * pPlayer = &*(ObjectCharacter*)*(DWORD*)0x7772ABC; pPlayer->Strength = aRecv->Strength; pPlayer->Dexterity = aRecv->Dexterity; pPlayer->Vitality = aRecv->Vitality; pPlayer->Energy = aRecv->Energy; pPlayer->Leadership = aRecv->Leadership; }

I'm trying to update the character information with that code, but I do not get results.
What should I do?

sorry for my bad english.

Re: [Development] CharObject Struct Of Client (Source)

Quote:

Originally Posted by xavi321

Thank you.

Now I have the following code:

protocol.cpp

Code:

void Protocol::DataRecv(DWORD Case, LPBYTE Data, int Len, int aIndex) { BYTE ProtocolType = Data[0]; if (ProtocolType == 0xC1) { switch (BYTE(Case)) { case 0xFB: { PMSG_DEFAULT2 * lpDef = (PMSG_DEFAULT2*)Data; switch (lpDef->subcode) { case 8: { gObjUser.UpdateCharInfo((CHAR_UPDATEINFO*)Data); } break; } break; } } } pDataRecv(Case, Data, Len, aIndex); }

user.cpp

Code:

void User::UpdateCharInfo(CHAR_UPDATEINFO * aRecv) { ObjectCharacter * pPlayer = &*(ObjectCharacter*)*(DWORD*)0x7772ABC; pPlayer->Strength = aRecv->Strength; pPlayer->Dexterity = aRecv->Dexterity; pPlayer->Vitality = aRecv->Vitality; pPlayer->Energy = aRecv->Energy; pPlayer->Leadership = aRecv->Leadership; }

I'm trying to update the character information with that code, but I do not get results.
What should I do?

sorry for my bad english.

You need to parse the struct values with the original structure (lots of research)
One tip: Write a console in your dll and print to the monitor one by one eg.:

Quote:

g_Console.Log("pPlayer->Vitality: %d", pPlayer->Vitality);

(needs lot of time and a little bit coding skills )

Re: [Development] CharObject Struct Of Client (Source)

Quote:

Originally Posted by muzic25

You need to parse the struct values with the original structure (lots of research)
One tip: Write a console in your dll and print to the monitor one by one eg.: (needs lot of time and a little bit coding skills )

I have time and patience, you think you can teach me how to find one and I would look for the following?, i need to know how to build the structure, I hope you help me.

Thanks for your time.

Re: [Development] CharObject Struct Of Client (Source)

Quote:

Originally Posted by xavi321

I have time and patience, you think you can teach me how to find one and I would look for the following?, i need to know how to build the structure, I hope you help me.

Thanks for your time.

Check gs 1.00.18 character structures.

Re: [Development] CharObject Struct Of Client (Source)

Quote:

Originally Posted by xavi321

Thank you.

Now I have the following code:

protocol.cpp

Spoiler:

Code:

void Protocol::DataRecv(DWORD Case, LPBYTE Data, int Len, int aIndex) { BYTE ProtocolType = Data[0]; if (ProtocolType == 0xC1) { switch (BYTE(Case)) { case 0xFB: { PMSG_DEFAULT2 * lpDef = (PMSG_DEFAULT2*)Data; switch (lpDef->subcode) { case 8: { gObjUser.UpdateCharInfo((CHAR_UPDATEINFO*)Data); } break; } break; } } } pDataRecv(Case, Data, Len, aIndex); }

user.cpp

Code:

void User::UpdateCharInfo(CHAR_UPDATEINFO * aRecv) { ObjectCharacter * pPlayer = &*(ObjectCharacter*)*(DWORD*)0x7772ABC; pPlayer->Strength = aRecv->Strength; pPlayer->Dexterity = aRecv->Dexterity; pPlayer->Vitality = aRecv->Vitality; pPlayer->Energy = aRecv->Energy; pPlayer->Leadership = aRecv->Leadership; }

I'm trying to update the character information with that code, but I do not get results.
What should I do?

sorry for my bad english.

your code have too many problems!
but first post your CHAR_UPDATEINFO struct.

Re: [Development] CharObject Struct Of Client (Source)

Quote:

Originally Posted by myheart

your code have too many problems!
but first post your CHAR_UPDATEINFO struct.

CHAR_UPDATEINFO

Code:

struct CHAR_UPDATEINFO { PBMSG_HEAD2 h; short Strength; short Dexterity; short Vitality; short Energy; short Leadership; int LevelUpPoint; };