Monster Summon Function

Darn · Dec 24, 2017

MainFunction

Code:

int* KSummon::Summon(int index, int x, int y, int map){
	tagPOINT point;
	CGenMonster thisGenMonster;
	int* thisInitMonster;
	int* thisMonster = 0;
	DWORD Offset;
	DWORD Offset2;
	DWORD Unknown;
	point.x = x;
	point.y = y;

	CriticalSectionEnter((void*)0x4E182C);
	Unknown0((void*)(g_mInitMonsterMap), (int)&Offset, (int)&index);
	Offset2 = Unknown1((void*)(g_mInitMonsterMap), (int)&Unknown);

	if (!Unknown2(&Offset, Offset2)){
		CriticalSectionLeave((void*)0x4E182C);
		return 0;
	}else{
		thisInitMonster = (int*)*(DWORD*)(Unknown3(&Offset) + 4);
		thisGenMonster = SetGenMonster(index, x, y, map);
		thisMonster = NewMonster(thisInitMonster, &thisGenMonster);

		if (thisMonster){
			SetXY(thisMonster, &point);
			SetProperty(thisMonster, thisInitMonster);
			CriticalSectionLeave((void*)0x4E182C);
			Lock((int)thisMonster);
			point.x = x >> 5;
			point.y = y >> 5;

			if (GetCellMap(*(void **)(thisMonster + 80), thisMonster, &point)){
				AddMonster(thisMonster, 0);

				WriteInSight((void*)thisMonster, S2C_CREATEMONSTER, "wdddwddIIsbdsIIb",
					*(WORD*)((int)thisInitMonster + 60),//index
					*(DWORD*)((int)thisMonster + 28),//id
					*(DWORD*)((int)thisMonster + 332),//x
					*(DWORD*)((int)thisMonster + 336),//y
					*(WORD*)((int)thisMonster + 348),//dir
					*(DWORD*)((int)thisMonster + 272),//curhp
					GetMaxHp(thisMonster),//maxhp
					(__int64)(*(DWORD*)((int)thisMonster + 280)),//gstate
					*(__int64*)((int)thisMonster + 288),//gstate64
					(char*)GetGuildName(thisMonster),//guildname
					*(BYTE*)((int)thisInitMonster + 64),//race
					*(DWORD*)((int)thisMonster + 524),//gid
					(char*)GetOperatorName(thisMonster),//operatorname
					(__int64)0,
					(__int64)0, 0);
				Unlock((int)thisMonster);
			}
			else{
				Unlock((int)thisMonster);
				if (thisMonster)
					(**(void(__thiscall ***)(int*, DWORD))thisMonster)(thisMonster, 1);
			}
		}
		CriticalSectionLeave((void*)0x004E182C);
	}
	return thisMonster;
}

Misc.

Code:

#define g_mInitMonsterMap 0x4E1820
#define S2C_CREATEMONSTER 51

//####
//InitMonsterMap
int(__thiscall* Unknown0)(void* _this, int a2, int a3) = (int(__thiscall*)(void*, int, int))0x0044AE20;
int(__thiscall* Unknown1)(void* _this, int a2) = (int(__thiscall*)(void*, int))0x00430C20;
bool(__thiscall* Unknown2)(void* _this, int a2) = (bool(__thiscall*)(void*, int))0x0047D070;
int(__thiscall* Unknown3)(void* _this) = (int(__thiscall*)(void*))0x00420250;
//####

static void(__thiscall *CriticalSectionEnter)(void *Section) = (void(__thiscall*)(void*))0x00423640;
static void(__thiscall *CriticalSectionLeave)(void *Section) = (void(__thiscall*)(void*))0x004236d0;
static int* (__cdecl *NewMonster)(int* InitMonster, void* GenMonster) = (int* (__cdecl*)(int*, void*))0x00439200;
static int(__thiscall *SetXY)(int* nObject, void* point) = (int(__thiscall*)(int*, void*))0x0040B110;
static int(__thiscall *SetProperty)(void* thisMonster, void* thisInitMonster) = (int(__thiscall*)(void*, void*))0x0043CEA0;
static void(__thiscall *Lock)(int nObject) = (void(__thiscall*)(int))0x00412e90;
static void(__thiscall *Unlock)(int nObject) = (void(__thiscall*)(int))0x00412eb0;
static unsigned long(__thiscall *GetCellMap)(void *_this, void*, void* point) = (unsigned long(__thiscall*)(void*, void*, void*))0x00491360;
static LONG(__thiscall *AddMonster)(void* thisMonster, int a5) = (LONG(__thiscall*)(void*, int))0x0043CFA0;
static void(__cdecl *WriteInSight)(void *Char, unsigned char Type, const char* Format, ...) = (void(__cdecl*)(void*, unsigned char, const char*, ...))0x0040b9e0;
static unsigned long(__thiscall *GetGuildName)(void *Monster) = (unsigned long(__thiscall*)(void*))0x00438eb0;
static int(__thiscall *GetMaxHp)(void *Char) = (int(__thiscall*)(void*))0x0043A200;
static unsigned long(__thiscall *GetOperatorName)(void *Monster) = (unsigned long(__thiscall*)(void*))0x0043a720;


enum CGenMonsterEx{
	nIndex = 8,
	nMap,
	nArea,
	nMax,
	nUnknown1,
	nLive,
	nLeft,
	nTop,
	nRight,
	nBottom,
	nSMap,
	nUnknown2,
	nCycle,
	nUnknown3
};
struct CGenMonster{
	int s_gen[22];
};

CGenMonster SetGenMonster(int index, int x, int y, int map){
	CGenMonster GenMonster;
	ZeroMemory(&GenMonster, sizeof GenMonster);
	GenMonster.s_gen[CGenMonsterEx::nIndex] = index;
	GenMonster.s_gen[CGenMonsterEx::nMap] = map;
	GenMonster.s_gen[CGenMonsterEx::nArea] = -1;
	GenMonster.s_gen[CGenMonsterEx::nMax] = 1;
	GenMonster.s_gen[CGenMonsterEx::nLive] = 1;
	GenMonster.s_gen[CGenMonsterEx::nLeft] = x;
	GenMonster.s_gen[CGenMonsterEx::nTop] = y;
	GenMonster.s_gen[CGenMonsterEx::nRight] = x;
	GenMonster.s_gen[CGenMonsterEx::nBottom] = y;
	GenMonster.s_gen[CGenMonsterEx::nSMap] = *(DWORD*)0x4E2738;
	GenMonster.s_gen[CGenMonsterEx::nUnknown2] = GetTickCount();
	GenMonster.s_gen[CGenMonsterEx::nCycle] = 1000;
	return GenMonster;
}


//Old Engine WriteInSight
WriteInSight((void*)thisMonster, S2C_CREATEMONSTER, "wdddwddIIsbds",
					*(WORD*)((int)thisInitMonster + 60),//index
					*(DWORD*)((int)thisMonster + 28),//id
					*(DWORD*)((int)thisMonster + 332),//x
					*(DWORD*)((int)thisMonster + 336),//y
					*(WORD*)((int)thisMonster + 348),//dir
					*(DWORD*)((int)thisMonster + 272),//curhp
					GetMaxHp(thisMonster),//maxhp
					(__int64)(*(DWORD*)((int)thisMonster + 280)),//gstate
					*(__int64*)((int)thisMonster + 288),//gstate64
					(char*)GetGuildName(thisMonster),//guildname
					*(BYTE*)((int)thisInitMonster + 64),//race
					*(DWORD*)((int)thisMonster + 524),//gid
					(char*)GetOperatorName(thisMonster));//operatorname

LittleMaffia · Dec 25, 2017

Darn said:

MainFunction

Code:

int* KSummon::Summon(int index, int x, int y, int map){
    tagPOINT point;
    CGenMonster thisGenMonster;
    int* thisInitMonster;
    int* thisMonster = 0;
    DWORD Offset;
    DWORD Offset2;
    DWORD Unknown;
    point.x = x;
    point.y = y;

    CriticalSectionEnter((void*)0x4E182C);
    Unknown0((void*)(g_mInitMonsterMap), (int)&Offset, (int)&index);
    Offset2 = Unknown1((void*)(g_mInitMonsterMap), (int)&Unknown);

    if (!Unknown2(&Offset, Offset2)){
        CriticalSectionLeave((void*)0x4E182C);
        return 0;
    }else{
        thisInitMonster = (int*)*(DWORD*)(Unknown3(&Offset) + 4);
        thisGenMonster = SetGenMonster(index, x, y, map);
        thisMonster = NewMonster(thisInitMonster, &thisGenMonster);

        if (thisMonster){
            SetXY(thisMonster, &point);
            SetProperty(thisMonster, thisInitMonster);
            CriticalSectionLeave((void*)0x4E182C);
            Lock((int)thisMonster);
            point.x = x >> 5;
            point.y = y >> 5;

            if (GetCellMap(*(void **)(thisMonster + 80), thisMonster, &point)){
                AddMonster(thisMonster, 0);

                WriteInSight((void*)thisMonster, S2C_CREATEMONSTER, "wdddwddIIsbdsIIb",
                    *(WORD*)((int)thisInitMonster + 60),//index
                    *(DWORD*)((int)thisMonster + 28),//id
                    *(DWORD*)((int)thisMonster + 332),//x
                    *(DWORD*)((int)thisMonster + 336),//y
                    *(WORD*)((int)thisMonster + 348),//dir
                    *(DWORD*)((int)thisMonster + 272),//curhp
                    GetMaxHp(thisMonster),//maxhp
                    (__int64)(*(DWORD*)((int)thisMonster + 280)),//gstate
                    *(__int64*)((int)thisMonster + 288),//gstate64
                    (char*)GetGuildName(thisMonster),//guildname
                    *(BYTE*)((int)thisInitMonster + 64),//race
                    *(DWORD*)((int)thisMonster + 524),//gid
                    (char*)GetOperatorName(thisMonster),//operatorname
                    (__int64)0,
                    (__int64)0, 0);
                Unlock((int)thisMonster);
            }
            else{
                Unlock((int)thisMonster);
                if (thisMonster)
                    (**(void(__thiscall ***)(int*, DWORD))thisMonster)(thisMonster, 1);
            }
        }
        CriticalSectionLeave((void*)0x004E182C);
    }
    return thisMonster;
}

Misc.

Code:

#define g_mInitMonsterMap 0x4E1820
#define S2C_CREATEMONSTER 51

static void(__thiscall *CriticalSectionEnter)(void *Section) = (void(__thiscall*)(void*))0x00423640;
static void(__thiscall *CriticalSectionLeave)(void *Section) = (void(__thiscall*)(void*))0x004236d0;
static int* (__cdecl *NewMonster)(int* InitMonster, void* GenMonster) = (int* (__cdecl*)(int*, void*))0x00439200;
static int(__thiscall *SetXY)(int* nObject, void* point) = (int(__thiscall*)(int*, void*))0x0040B110;
static int(__thiscall *SetProperty)(void* thisMonster, void* thisInitMonster) = (int(__thiscall*)(void*, void*))0x0043CEA0;
static void(__thiscall *Lock)(int nObject) = (void(__thiscall*)(int))0x00412e90;
static void(__thiscall *Unlock)(int nObject) = (void(__thiscall*)(int))0x00412eb0;
static unsigned long(__thiscall *GetCellMap)(void *_this, void*, void* point) = (unsigned long(__thiscall*)(void*, void*, void*))0x00491360;
static LONG(__thiscall *AddMonster)(void* thisMonster, int a5) = (LONG(__thiscall*)(void*, int))0x0043CFA0;
static void(__cdecl *WriteInSight)(void *Char, unsigned char Type, const char* Format, ...) = (void(__cdecl*)(void*, unsigned char, const char*, ...))0x0040b9e0;
static unsigned long(__thiscall *GetGuildName)(void *Monster) = (unsigned long(__thiscall*)(void*))0x00438eb0;
static int(__thiscall *GetMaxHp)(void *Char) = (int(__thiscall*)(void*))0x0043A200;
static unsigned long(__thiscall *GetOperatorName)(void *Monster) = (unsigned long(__thiscall*)(void*))0x0043a720;


enum CGenMonsterEx{
    nIndex = 8,
    nMap,
    nArea,
    nMax,
    nUnknown1,
    nLive,
    nLeft,
    nTop,
    nRight,
    nBottom,
    nSMap,
    nUnknown2,
    nCycle,
    nUnknown3
};
struct CGenMonster{
    int s_gen[22];
};

CGenMonster SetGenMonster(int index, int x, int y, int map){
    CGenMonster GenMonster;
    ZeroMemory(&GenMonster, sizeof GenMonster);
    GenMonster.s_gen[CGenMonsterEx::nIndex] = index;
    GenMonster.s_gen[CGenMonsterEx::nMap] = map;
    GenMonster.s_gen[CGenMonsterEx::nArea] = -1;
    GenMonster.s_gen[CGenMonsterEx::nMax] = 1;
    GenMonster.s_gen[CGenMonsterEx::nLive] = 1;
    GenMonster.s_gen[CGenMonsterEx::nLeft] = x;
    GenMonster.s_gen[CGenMonsterEx::nTop] = y;
    GenMonster.s_gen[CGenMonsterEx::nRight] = x;
    GenMonster.s_gen[CGenMonsterEx::nBottom] = y;
    GenMonster.s_gen[CGenMonsterEx::nSMap] = *(DWORD*)0x4E2738;
    GenMonster.s_gen[CGenMonsterEx::nUnknown2] = GetTickCount();
    GenMonster.s_gen[CGenMonsterEx::nCycle] = 1000;
    return GenMonster;
}


//Old Engine WriteInSight
WriteInSight((void*)thisMonster, S2C_CREATEMONSTER, "wdddwddIIsbds",
                    *(WORD*)((int)thisInitMonster + 60),//index
                    *(DWORD*)((int)thisMonster + 28),//id
                    *(DWORD*)((int)thisMonster + 332),//x
                    *(DWORD*)((int)thisMonster + 336),//y
                    *(WORD*)((int)thisMonster + 348),//dir
                    *(DWORD*)((int)thisMonster + 272),//curhp
                    GetMaxHp(thisMonster),//maxhp
                    (__int64)(*(DWORD*)((int)thisMonster + 280)),//gstate
                    *(__int64*)((int)thisMonster + 288),//gstate64
                    (char*)GetGuildName(thisMonster),//guildname
                    *(BYTE*)((int)thisInitMonster + 64),//race
                    *(DWORD*)((int)thisMonster + 524),//gid
                    (char*)GetOperatorName(thisMonster));//operatorname

Thank you Darn for your great work.

Chale001 · Dec 29, 2017

Which function is it for effects? If WriteInSight then how does it look like? so far I could only find skillexecute animation and effects but not the effect list itself.
nvm got it
Server::CChar::WriteInSight(onlinePlayers.at(i), 0x49, "db", onlinePlayers.at(i)[7], 40);

Darn · Dec 30, 2017

Chale001 said:
Which function is it for effects? If WriteInSight then how does it look like? so far I could only find skillexecute animation and effects but not the effect list itself.
nvm got it
Server::CChar::WriteInSight(onlinePlayers.at(i), 0x49, "db", onlinePlayers.at(i)[7], 40);

73 is the Effect Packet
the Packet has to contain the Base ID of the Target and the EffectID
"WriteInSight(TargetPointer, 73, "db", TargetBaseID, EffectID);"

Code:

//Server to Client Packets
enum S2C_PROTOCOL
{
	S2C_EFFECT = 73,
};

// Effect Type
enum EFFECT_TYPE
{
	E_NONE,
	E_HP,
	E_MP,
	E_LEVELUP,
	E_CHARM_1,
	E_CHARM_2,
	E_CHARM_3,
	E_CHARM_4,
	E_CHARM_5,
	E_CHARM_6,
	E_CHARM_7,
	E_CHARM_8,
	E_POTION_1,
	E_POTION_2,
	E_POTION_3,
	E_POTION_4,
	E_POTION_5,
	E_FLUTE_1,
	E_STONE_1,
	E_STONE_2,
	E_STONE_3,
	E_LUCKYKEY,
	E_LUCKSTONE,
	E_DAMAGED,
	E_UPPER_CHANCE_STONE = 29,
	E_GUNNERY,
};

//Send to all in Sight of the Target
WriteInSight(m_Player->GetnObject(), S2C_EFFECT, "db", m_Player->GetId(), E_HP);

//Send to all inside a Rectangle at the Target location. Rectangle size can be set.
int Range = 15;
WriteInRect(m_Player->GetnObject(), S2C_EFFECT, Range, "db", m_Player->GetId(), E_HP);

//Send to every Player
WriteAll(S2C_EFFECT, "db", m_Player->GetId(), E_HP);

//send to a single Target
Write(m_Player->GetnObject(), S2C_EFFECT, "db", m_Player->GetId(), E_HP);

Monster Summon Function

Darn

Skilled Illusionist

LittleMaffia

Junior Spellweaver

Chale001

Junior Spellweaver

Darn

Skilled Illusionist

About Us

Online statistics

Forum statistics

RaGEZONE Sponsor