Blizzhackers

Return of the Jedi

* Login   * Register    * FAQ    * Search

Join us on IRC: #bh@irc.synirc.net (or Mibbit Web IRC)


MuleFactory
It is currently Fri May 24, 2013 2:37 am

View unanswered posts | View active topics



Board index » Diablo II » Diablo II Hacking Development

All times are UTC [ DST ]




Post new topic Reply to topic  Page 5 of 7
  [ 94 posts ]  Go to page Previous  1, 2, 3, 4, 5, 6, 7  Next
  Print view Previous topic | Next topic 
Author Message
Chaos Hammers
 Post subject:
PostPosted: Thu Jun 17, 2010 10:07 pm 
 
User
User

Joined: Wed Mar 24, 2010 11:19 am
Well you shouldn't be worried about game hacking until you learn a real language.
Top
 Profile  
AutoIT
 Post subject:
PostPosted: Fri Jun 18, 2010 12:18 am 
 
User
User
User avatar

Joined: Sun Oct 11, 2009 10:19 pm
Location: Poland
Chaos Hammers wrote:
Well you shouldn't be worried about game hacking until you learn a real language.


Yeah i know that AutoIT is... sth like toy :lol:

but AutoIT have many possibities and i wont go to C++ (now).

Anyway why i cant find static adres of Current Gold in EQ?

I tried OllyDbg to know sth more, but fail :P

_________________
Image
Top
 Profile  
lord2800
 Post subject:
PostPosted: Fri Jun 18, 2010 12:52 am 
 
Section Leader
Section Leader

Joined: Fri Jul 05, 2002 8:51 pm
Location: /sbin/
There is no static address for it.

_________________
D2BS
Programming motherfuckers... DO YOU SPEAK IT?!
I, for one, welcome our new black overlo... I mean, president!
  1. Create signature generator.
  2. ???
  3. Profit!
Top
 Profile  
TheUnknownSoldier
 Post subject:
PostPosted: Fri Jun 18, 2010 6:35 am 
 
Moderator
Moderator
User avatar

Joined: Thu Apr 30, 2009 12:31 pm
Location: %scrdir%
just use my stat reading method and scan for stat 14(player gold) and 15(stash gold)

_________________
Learn C++, not Crap++ http://tinyurl.com/so-cxxbooks
Hackito Ergo Sum
Cthulhon: No, I am a dancer. I am in charge of popping and locking.
Top
 Profile  
AutoIT
 Post subject:
PostPosted: Fri Jun 18, 2010 11:30 am 
 
User
User
User avatar

Joined: Sun Oct 11, 2009 10:19 pm
Location: Poland
Nvm now i have BAN for my shit ^^

Hmm i used only Read functions :f

_________________
Image
Top
 Profile  
neo3
 Post subject:
PostPosted: Thu Jul 15, 2010 12:57 pm 
 
User
User

Joined: Tue Sep 29, 2009 7:29 am
Telemarketer wrote:
neo3 wrote:
can anyone please post the ptr for GetUnitState2 and GetUnitState3 from D2COMMON?

I need it for exp stats lol

also is pUnitTable the same as 1.12?


I've never used the other ones you mentioned, but I have this if it is what you were looking for.

Code: Select all
VARIABLE(D2CLIENT, pUnitList, LPUNITANY, 0x10A608) // 6FBBA608


hmm still looking for pUnitTable, GetUnitState2 and GetUnitState3! thanks in advance!

cheers,
Ofer
Top
 Profile  
lexatwo
 Post subject:
PostPosted: Thu Jul 29, 2010 3:41 am 
 
User
User
User avatar

Joined: Tue Jul 13, 2010 7:43 am
Location: Moscow, Russia
Looks like D2CMP_DeleteCellFile ordinal is incorrect for 1.13c. Reversing proves that the ordinal should be 10065 instead of 10106.

I.e., the correct code is:
Code: Select all
FUNCPTR(D2CMP, DeleteCellFile, void __stdcall, (CellFile *cellfile), -10065)
Top
 Profile  
lord2800
 Post subject:
PostPosted: Thu Jul 29, 2010 4:10 am 
 
Section Leader
Section Leader

Joined: Fri Jul 05, 2002 8:51 pm
Location: /sbin/
lexatwo wrote:
Looks like D2CMP_DeleteCellFile ordinal is incorrect for 1.13c. Reversing proves that the ordinal should be 10065 instead of 10106.

I.e., the correct code is:
Code: Select all
FUNCPTR(D2CMP, DeleteCellFile, void __stdcall, (CellFile *cellfile), -10065)


...that might explain some of the crashes D2BS has been having.

_________________
D2BS
Programming motherfuckers... DO YOU SPEAK IT?!
I, for one, welcome our new black overlo... I mean, president!
  1. Create signature generator.
  2. ???
  3. Profit!
Top
 Profile  
lexatwo
 Post subject:
PostPosted: Thu Jul 29, 2010 5:25 am 
 
User
User
User avatar

Joined: Tue Jul 13, 2010 7:43 am
Location: Moscow, Russia
Structure correction:
Code: Select all
#pragma pack(push, 1)
struct AutomapCellContext
{
  DWORD dwCellFileNo;
  DWORD _1[12];
  CellFile *pCellFile;
  DWORD _2[4];
};
#pragma pack(pop)


Change: Added dwCellFileNo member.
Top
 Profile  
lexatwo
 Post subject:
PostPosted: Thu Jul 29, 2010 6:28 am 
 
User
User
User avatar

Joined: Tue Jul 13, 2010 7:43 am
Location: Moscow, Russia
Another struct correction:
Code: Select all
struct AutomapLayer {
   DWORD nLayerNo;               //0x00
   DWORD fExtrasTileset;            //0x04
   AutomapCell *pFloors;         //0x08
   AutomapCell *pWalls;         //0x0C
   AutomapCell *pObjects;         //0x10
   AutomapCell *pExtras;         //0x14
   AutomapLayer *pNextLayer;      //0x18
};

enum D2_EXTRAS_TILESET {
  D2_EXTRAS_TILESET_NORMAL = 0x0,
  D2_EXTRAS_TILESET_ACT2 = 0x1,
  D2_EXTRAS_TILESET_ACT4 = 0x2,
  D2_EXTRAS_TILESET_LOD = 0x3
};


Change: member previously called "fSaved" has nothing to do with "saves", reversing code shows that it is used to select what Automap cellfile to use when displaying extras sub-layer.
Top
 Profile  
lolet
 Post subject:
PostPosted: Thu Sep 16, 2010 11:54 am 
 
User
User
User avatar

Joined: Thu Apr 09, 2009 4:31 pm
Some in-game ESC Menu info/pointers, useful when u want to create own menu. Credits to Gnarmock for main idea I've seen in his AutoTele.

Code: Select all
struct D2Menu // size 0x18
{
DWORD dwEntriesNo;      //0x00
DWORD dwInterline;      //0x04
DWORD dwTextHeight;      //0x08
DWORD dwMenuOffset;      //0x0C
DWORD dwBarHeight;      //0x10
DWORD _1;            //0x14 unused?
};

struct D2MenuEntry //size 0x550, array[dwEntriesNo]
{
DWORD dwMenuType;                            //0x00  //-1 - static text, 0 -selectable, 1- switchbar , 2- with bar
DWORD dwExpansion;                            //0x04  //if set, shows only in d2exp
DWORD dwYOffset;                            //0x08  //generated dynamically
char szCellFile[260];                         //0x0C  DATA\\LOCAL\\UI\\LANG\\%s used only in LoadMenu Func
BOOL (__fastcall* EnableCheck)(D2MenuEntry*);       //0x110 if return false, its disabled
BOOL (__fastcall* OnPress)(D2MenuEntry*);          //0x114 these all are __thiscall funcs
BOOL (__fastcall* OptionHandle)(D2MenuEntry*);       //0x118 called when option value is changed
BOOL (__fastcall* ChangeHandle)(D2MenuEntry*);       //0x11C if return true OnPress is called, and option gfx is switched
union {
DWORD dwMaxValue;                            //0x120
DWORD dwSwitchesNo;                            //0x120  (max 4)
}
union {
DWORD dwCurrentValue;                         //0x124
DWORD dwCurrentSwitch;
}
DWORD dwBarType;                            //0x128
char szSwitchCellFiles[4][260];                   //0x12C DATA\\LOCAL\\UI\\LANG\\%s used only in LoadMenu Func
CellFile* ptCellFile;                         //0x53C
CellFile* ptSwitchCellFile[4];                   //0x540
};


Code: Select all
D2FUNCPTR(D2CLIENT, InitD2Menu, int __stdcall, (D2Menu * ptD2Menu, D2MenuEntry *ptD2MenuEntry),0x63E90) // it loads cellfiles

DeleteD2Menu(D2MenuEntry*<eax>, D2Menu*<ecx>), 0x63270 //used automatically

D2VARPTR(D2CLIENT, SelectedMenu, int, 0x11C058)
D2VARPTR(D2CLIENT, D2Menu, D2Menu*, 0x11C05C)
D2VARPTR(D2CLIENT, D2MenuEntries, D2MenuEntry*, 0x11C060)


Code: Select all
D2FUNCPTR(D2WIN, LoadCellFile, CellFile* __fastcall, (const char* szFile, int Type), -10180) //Non-asm LoadCellFile func


Last edited by lolet on Sun Sep 19, 2010 6:15 pm, edited 1 time in total.
Top
 Profile  
TheUnknownSoldier
 Post subject:
PostPosted: Thu Sep 16, 2010 2:01 pm 
 
Moderator
Moderator
User avatar

Joined: Thu Apr 30, 2009 12:31 pm
Location: %scrdir%
I actually reversed that stuff to other day, i can tell you however that the embedded callbacks are __fastcall and not __thiscall as the notes say, they also have an used second param(its always 0). I've also got the menu struct being 0x154 in size, not 0x18, with the name being stored at +0x24(256 bytes in length), i'll post my structs when i get a chance.

_________________
Learn C++, not Crap++ http://tinyurl.com/so-cxxbooks
Hackito Ergo Sum
Cthulhon: No, I am a dancer. I am in charge of popping and locking.
Top
 Profile  
lolet
 Post subject:
PostPosted: Sun Sep 19, 2010 6:14 pm 
 
User
User
User avatar

Joined: Thu Apr 09, 2009 4:31 pm
TheUnknownSoldier wrote:
I actually reversed that stuff to other day, i can tell you however that the embedded callbacks are __fastcall and not __thiscall as the notes say, they also have an used second param(its always 0). I've also got the menu struct being 0x154 in size, not 0x18, with the name being stored at +0x24(256 bytes in length), i'll post my structs when i get a chance.


no no menu struct is 0x18, when i was reversing it at begining i thought the same, but look on this image:
Image

Thia struct cannot be larger cuz it would overlap the MenuEntries* struct
Top
 Profile  
TheUnknownSoldier
 Post subject:
PostPosted: Tue Sep 21, 2010 8:59 am 
 
Moderator
Moderator
User avatar

Joined: Thu Apr 30, 2009 12:31 pm
Location: %scrdir%
lolet wrote:
no no menu struct is 0x18, when i was reversing it at begining i thought the same, but look on this image:
[snip]
Thia struct cannot be larger cuz it would overlap the MenuEntries* struct
right you are! taking another look at it it seems I was looking at the wrong looping constant, anyways these are my structs(revised them when I re-checked the size):
Code: Select all
#define MAX_CHOICES 4

enum eMenuItemTypes
{
   MENUITEM_HEADING   = -1,
   MENUITEM_SUBMENU   = 0,
   MENUITEM_OPTION      = 1,
   MENUITEM_SLIDER      = 2
};

enum eMenuSliderTypes
{
   SLIDER_NORMAL      = 0,
   SLIDER_DIVIDED      = 1,
};


typedef BOOL (__fastcall * MENUITEM)(struct MenuItem* pThis, DWORD dwZero);

struct MenuItem   //sizeof 0x550
{
   DWORD dwType;                     //+000
   BOOL bExpansion;                  //+004
   int nHeight;                     //+008
   char szImage[260];                  //+00C
   MENUITEM pfEnabled;                  //+110
   MENUITEM pfSelect;                  //+114            
   MENUITEM pfOption;                  //+118
   MENUITEM pfUpdate;                  //+11C
   DWORD dwCount;                     //+120
   DWORD dwMoveCount;                  //+124
   DWORD dwSliderType;                  //+128
   char szChoices[MAX_CHOICES][260];            //+12C
   D2CellFile* pImage;                  //+53C
   D2CellFile* pChoices[MAX_CHOICES];            //+540
};

struct MenuInfo            //sizeof 0x18
{
   size_t nItems;            //+000
   int nTextHeight;         //+004
   int nDrawYOffset;         //+008
   int nSelectYOffset;         //+00C
   int nSliderYOffset;         //+010
   int nYpos;            //+014 - this is recalculated each frame for each item
};

_________________
Learn C++, not Crap++ http://tinyurl.com/so-cxxbooks
Hackito Ergo Sum
Cthulhon: No, I am a dancer. I am in charge of popping and locking.
Top
 Profile  
vxsw
 Post subject: Re: 1.13c Diablo II Information: Function Pointers & Structs
PostPosted: Mon Nov 29, 2010 11:44 am 
 
User
User

Joined: Mon Nov 29, 2010 11:22 am
can anybody tell me, how I can find "last buff" offset?
I can find it "manually", but this address and link on it not fixed((

p.s. sorry for my english.
Top
 Profile  
Display posts from previous:  Sort by  
Post new topic Reply to topic  Page 5 of 7
  [ 94 posts ]  Go to page Previous  1, 2, 3, 4, 5, 6, 7  Next

Board index » Diablo II » Diablo II Hacking Development

All times are UTC [ DST ]

Who is online

Users browsing this forum: No registered users and 1 guest

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum

Search for:
Jump to:  
cron