14 replies to this topic

[Slang]

The following code stopped working after the latest update, I have tried several things such as Hex(x,8) in _Reverse_Bytes as well as ,1 and ,3 in Dec.
Using Dec(x,1) will send an empty packet to the server, so I would assume something is wrong there rather than the _Reverse_Bytes.
Did anyone else experience the same problem? Or could anyone tell me what -exactly- changed in Hex() and Dec()?
I have been working on updating my scripts to be compitable with the last autoit update with some success, any support is very much appreciated.

AutoIt        expandcollapse  popup

Func _Send_Packet($PACKET_DATA)
$PROCESS_HANDLE = DllCall("kernel32.dll", "HANDLE", "OpenProcess", "DWORD", 0x1F0FFF, "BOOL", 1, "DWORD", $PROCESS_IDENTIFIER)
$CODE_ADDRESS = DllCall("kernel32.dll", "ULONG_PTR", "VirtualAllocEx", "HANDLE", $PROCESS_HANDLE[0], "ptr", 0, "ULONG_PTR", 0x46, "DWORD", 0x1000, "DWORD", 0x40)
$DATA_ADDRESS = DllCall("kernel32.dll", "ULONG_PTR", "VirtualAllocEx", "HANDLE", $PROCESS_HANDLE[0], "ptr", 0, "ULONG_PTR", StringLen($PACKET_DATA) / 2, "DWORD", 0x1000, "DWORD", 0x40)

$OPCODE = "60" ; pushad
$OPCODE &= "B8" & _Reverse_Bytes($SEND_PACKET_ADDRESS) ; mov eax, Send Packet Address
$OPCODE &= "8B0D" & _Reverse_Bytes($REAL_BASE_ADDRESS) ; mov ecx, dword ptr [Real Base Address]
$OPCODE &= "8B4920" ; mov ecx, dword ptr [ecx+20]
$OPCODE &= "BF" & _Reverse_Bytes($DATA_ADDRESS[0]) ; mov edi, Packet Address
$OPCODE &= "6A" & _Reverse_Bytes(StringLen($PACKET_DATA) / 2, 2) ; push Packet Size
$OPCODE &= "57" ; push edi
$OPCODE &= "FFD0" ; call eax
$OPCODE &= "61" ; popad
$OPCODE &= "C3" ; ret

$OPCODE_BUFFER = DllStructCreate("byte[" & StringLen($OPCODE) / 2 & "]")
For $i = 1 To DllStructGetSize($OPCODE_BUFFER)
DllStructSetData($OPCODE_BUFFER, 1, Dec(StringMid($OPCODE, ($i - 1) * 2 + 1, 2)), $i)
Next

$PACKET_BUFFER = DllStructCreate("byte[" & StringLen($PACKET_DATA) / 2 & "]")
For $i = 1 To DllStructGetSize($PACKET_BUFFER)
DllStructSetData($PACKET_BUFFER, 1, Dec(StringMid($PACKET_DATA, ($i - 1) * 2 + 1, 2)), $i)
Next

; No AutoIt conversion for LPCVOID and SIZE_T * - Int will do.
DllCall("kernel32.dll", "BOOL", "WriteProcessMemory", "HANDLE", $PROCESS_HANDLE[0], "ptr", $CODE_ADDRESS[0], "struct*", $OPCODE_BUFFER, "ULONG_PTR", DllStructGetSize($OPCODE_BUFFER), "int", 0)
DllCall("kernel32.dll", "BOOL", "WriteProcessMemory", "HANDLE", $PROCESS_HANDLE[0], "ptr", $DATA_ADDRESS[0], "struct*", $PACKET_BUFFER, "ULONG_PTR", DllStructGetSize($PACKET_BUFFER), "int", 0)

; LPSECURITY_ATTRIBUTES is a pointer
; No AutoIt conversion for LPSECURITY_ATTRIBUTES, LPTHREAD_START_ROUTINE, and LPDWORD - Int will do.
$REMOTE_THREAD = DllCall("kernel32.dll", "HANDLE", "CreateRemoteThread", "HANDLE", $PROCESS_HANDLE[0], "int", 0, "ULONG_PTR", 0, "int", $CODE_ADDRESS[0], "ptr", 0, "DWORD", 0, "int", 0)
Do
$RET = DllCall("kernel32.dll", "DWORD", "WaitForSingleObject", "HANDLE", $REMOTE_THREAD[0], "DWORD", 50)
Until $RET[0] <> 258

DllCall("kernel32.dll", "BOOL", "VirtualFreeEx", "HANDLE", $PROCESS_HANDLE[0], "ptr", $CODE_ADDRESS[0], "ULONG_PTR", 0, "DWORD", 0x8000)
DllCall("kernel32.dll", "BOOL", "VirtualFreeEx", "HANDLE", $PROCESS_HANDLE[0], "ptr", $DATA_ADDRESS[0], "ULONG_PTR", 0, "DWORD", 0x8000)
DllCall("kernel32.dll", "BOOL", "CloseHandle", "HANDLE", $REMOTE_THREAD[0])
DllCall("kernel32.dll", "BOOL", "CloseHandle", "HANDLE", $PROCESS_HANDLE[0])
EndFunc ;==>_Send_Packet

Func _Reverse_Bytes($Value, $Size = 8)
Local $tmp1, $tmp2, $i
$tmp1 = StringRight("000000000" & Hex($Value), $Size)
For $i = 0 To StringLen($tmp1) / 2 - 1
$tmp2 = $tmp2 & StringMid($tmp1, StringLen($tmp1) - 1 - 2 * $i, 2)
Next
Return $tmp2
EndFunc ;==>_Reverse_Bytes

Edit:
What happens internally is that it simply does not send any thing, and I am calling _Send_Packet("030000")

Plain Text        expandcollapse  popup

[0065057E] Packet: 80 00 E5 E8 40 12
[0064CE9E] Packet: 02 00 B4 3A 10 80
[01D80019] Packet:  ################################################################<--------------
[0064D5CB] Packet: 27 00 01 01 00
[0064D7BC] Packet: 31 00 03 00 00 00 07 00 00
[0064D7BC] Packet: 31 00 03 00 00 00 08 00 00
[0064E361] Packet: 79 00 00 00
[0064E55B] Packet: 7F 00 03 11 00 00 00 0D 62 42 00 00 00 00
[0064E55B] Packet: 7F 00 FF 10 00 00 00 0D 62 42 00 00 00 00
[0065057E] Packet: 80 00 17 7C 41 12
[0064E55B] Packet: 7F 00 01 11 00 00 00 0D 62 42 04 4F B4 83 AE 4F B4 83 AF 4F B4 83 B0 4F B4 83 B1 00 00 00 00
[0064D7BC] Packet: 31 00 03 00 00 00 09 00 00
[0064D7BC] Packet: 31 00 03 00 00 00 0C 00 00
[0064CE9E] Packet: 02 00 B4 3A 10 80
[01D80019] Packet:  ################################################################<--------------
[0064D5CB] Packet: 27 00 01 01 00
[0064D7BC] Packet: 31 00 03 00 00 00 07 00 00
[0064D7BC] Packet: 31 00 03 00 00 00 08 00 00
[0064E361] Packet: 79 00 00 00
[0064E55B] Packet: 7F 00 03 11 00 00 00 0D 62 42 00 00 00 00
[0064E55B] Packet: 7F 00 FF 10 00 00 00 0D 62 42 00 00 00 00
[0065057E] Packet: 80 00 BB 12 42 12
[0064D7BC] Packet: 31 00 03 00 00 00 09 00 00
[0064D7BC] Packet: 31 00 03 00 00 00 0C 00 00
[0064E55B] Packet: 7F 00 01 11 00 00 00 0D 62 42 04 4F B4 83 AE 4F B4 83 AF 4F B4 83 B0 4F B4 83 B1 00 00 00 00
[0064CE9E] Packet: 02 00 86 3A 10 80
[0064CE9E] Packet: 02 00 B7 3A 10 80
[01D80019] Packet:  ################################################################<--------------
[0064D5CB] Packet: 27 00 01 01 00
[0064D7BC] Packet: 31 00 03 00 00 00 07 00 00
[0064D7BC] Packet: 31 00 03 00 00 00 08 00 00
[0064E361] Packet: 79 00 00 00
[0064E55B] Packet: 7F 00 03 11 00 00 00 0D 62 42 00 00 00 00
[0064E55B] Packet: 7F 00 FF 10 00 00 00 0D 62 42 00 00 00 00
[0065057E] Packet: 80 00 5C C2 42 12
[0064D7BC] Packet: 31 00 03 00 00 00 09 00 00
[0064D7BC] Packet: 31 00 03 00 00 00 0C 00 00
[0064E55B] Packet: 7F 00 01 11 00 00 00 0D 62 42 04 4F B4 83 AE 4F B4 83 AF 4F B4 83 B0 4F B4 83 B1 00 00 00 00
[01D80019] Packet: ################################################################<--------------
[0064D5CB] Packet: 27 00 01 01 00
[0064D7BC] Packet: 31 00 03 00 00 00 07 00 00
[0064D7BC] Packet: 31 00 03 00 00 00 08 00 00
[0064E361] Packet: 79 00 00 00
[0064E55B] Packet: 7F 00 03 11 00 00 00 0D 62 42 00 00 00 00
[0064E55B] Packet: 7F 00 FF 10 00 00 00 0D 62 42 00 00 00 00
[0065057E] Packet: 80 00 50 49 43 12
[0064D7BC] Packet: 31 00 03 00 00 00 09 00 00
[0064D7BC] Packet: 31 00 03 00 00 00 0C 00 00
[0064E55B] Packet: 7F 00 01 11 00 00 00 0D 62 42 04 4F B4 83 AE 4F B4 83 AF 4F B4 83 B0 4F B4 83 B1 00 00 00 00
[01D80019] Packet: ################################################################<-------------- 

Edited by Slang, 18 May 2012 - 03:13 AM.

[jchd]

Dec and Hex are now working with 64_bit integers.

Maybe this line in the v3.3.8.0 changelog has some relation with your issue.

[Slang]

Dec and Hex are now working with 64_bit integers.

Maybe this line in the v3.3.8.0 changelog has some relation with your issue.

I have patched several scripts already by using Hex($val, 8) because I required 4 byte pointers, and it converted to 8 byte pointers sometimes.
I am however, completely stuck on this one there is little to none additional information provided; besides that additional flags have been added.
I have tried all of the flags too Dec(x,1); Dec(x,2); Dec(x,3) and none of them work. In 3.3.6.1 it is working fine.

Edited by Slang, 18 May 2012 - 03:18 AM.

[jchd]

Could you post one-line examples of instances where Hex or Dec results are different from what you would expect?

[Slang]

When I add a file write with the same StringMid(Dec(etc)) in the For loops, the only difference between 3.3.6.1 and 3.3.8.1 is

Plain Text        expandcollapse  popup

opcodeBuffer: 96
opcodeBuffer: 184
opcodeBuffer: 128
opcodeBuffer: 170
opcodeBuffer: 99
opcodeBuffer: 0
opcodeBuffer: 139
opcodeBuffer: 13
opcodeBuffer: 192
opcodeBuffer: 33
opcodeBuffer: 165
opcodeBuffer: 0
opcodeBuffer: 139
opcodeBuffer: 73
opcodeBuffer: 32
opcodeBuffer: 191
opcodeBuffer: 0
opcodeBuffer: 0
opcodeBuffer: 203
opcodeBuffer: 2
opcodeBuffer: 106
opcodeBuffer: 3 <-- 0 ((THIS WHERE 3 IS WHAT IT SHOULD BE))
opcodeBuffer: 87
opcodeBuffer: 255
opcodeBuffer: 208
opcodeBuffer: 97
opcodeBuffer: 195
packetBuffer: 3
packetBuffer: 0
packetBuffer: 0

[ProgAndy]

Sorry, I'd like to help you, but this looks like a part of a bot for perfect world.

[Slang]

Sorry, I'd like to help you, but this looks like a part of a bot for perfect world.

I am merely asking what changed in Hex() and Dec() as there is no additional information besides " recognizes 16 bit integers ".
I do not see how that falls under the gamebot category; it worked in 3.3.6.1 and stopped working in 3.3.8.1, simple as that.

[Slang]

Okay, I think I am qualified to state that no one has any clue what happened. Back to 3.3.6.1?

Edited by Slang, 18 May 2012 - 03:45 PM.

[trancexx]

No, you don't have a fucking clue.

[Slang]

So, does any one actually know what changed instead of writing one sentence completely unrelated to the problem or stating the obvious?

[JFX]

Read the help file, carefully.

[NinerSevenTango]

Distressing to see this.

[JohnOne]

Okay, I think I am qualified to state that no one has any clue what happened. Back to 3.3.6.1?

Is this your attempt at reverse psychology, to get everyone rallying around to prove how clever they are?

You're good you, really really good, I'll be back with the answer in 1 minute.

[Melba23]

Slang,

For someone who has been here such as short a time as you have to report an MVP for "bumping his post count" is not a very sensible thing to do. It is particularly stupid because it prompted me to PM the MVP in question - which resulted in him showing me some pretty good evidence that his suspicions were very well founded. However, as there is nothing explicitly game-related in your question I am not going to lock it just yet.

You have been pointed to the changes in the functions you are using. Many other members (including myself) needed to amend their scripts following those changes - careful reading of the Help file avoided too many problems. A Dev has indicated (in their normal succinct manner) that the problem is your use of the functions rather than the functions themselves - so I propose that you return to the Help file and reread the relevant sections again.

NinerSevenTango,

I would suggest that if you find threads like this "distressing" then you refrain from posting in them - or even reading them in the first place.

All,

I have not had a good day. Please do not make my evening go the same way - you might regret it.

M23

[Slang]

Figured this out myself. Time to quit this board; this is probably the most active topic in the past 5 days, and it's funny how none of them helped.
Hex() and Dec() have nothing to do with gaming whatsoever, therefore it is childish to put it under that category, any code injection, for any purpose would have the same problem.
The help file does not help much either, as I have tried every flag for Dec() and Hex(), the functions broke, they do not work like they used to any more, at all whatsoever.
I haven't been pointed to any thing, as I already stated that I was aware of the Dec() and Hex() changes in the first post.

This is rather immature, and I think for such a big change in functions, you should give more information of the exact changes performed.
Since obviously, no one is actually aware what changed. ( Otherwise, I do not see a reason for them not posting, besides being off-line ).

Again, before more incorrect statements.
I TRIED EVERY FLAG POSSIBLE FOR BOTH DEC AND HEX, AND IT STILL DOES NOT WORK. I WROTE MY OWN FUNCTIONS TO DO WHAT I EXPECTED IT TO DO; AS OF 3.3.8.0 HEX() IS BROKE.


You can delete my account.