Sign in to follow this  
Followers 0
bvr

.dll functions to hook any game .dll's

4 posts in this topic

this was a question over at edgeofnowhere that we want to confirm.

Just took a look at the latest beta of AutoIt and noticed quite a few dll functions in the help file. Ummm....is it possible to use the .dll functions to hook any game .dll's, namley Diablo's, and therefore use AutoIt to control Diablo? Or, am I just stupid? Here are some of the .dll functions:

Code:

DllOpen

Opens a dll file for use in DllCall.

DllCall

Dynamically calls a function in a DLL.

DllStructCreate

Creates a C/C++ style structure to be used in DllCall.

DllStructSetData

Sets the data in an element of the struct.

That is a just a few of them, there are a lot more.

Share this post


Link to post
Share on other sites



this was a question over at edgeofnowhere that we want to confirm.

assuming that you know how to structure requests to the specific functions in the diablo II dll's. The dll functions provided in autoit are just a means to communicate calls to specific functions inside dll's. if you call a non-existant function, it won't work, or if you call with incorrect arguments, etc etc. you typically can't just 'guess' what functions are in dll's...

1100111 00001011101111 00011101101111 00010111100100 00001111110100 00110111110010 00101101111001 0011100i didn't make up this form of encryption, but i like it.credit to the lvl 6 challenge on arcanum.co.nz

Share this post


Link to post
Share on other sites

GetPlayerID

Code:

DWORD __declspec(naked) GetPlayerID(VOID) {

__asm {

MOV EAX,DWORD PTR DS:[0x6FBCC1E0]

MOV ECX,DWORD PTR DS:[EAX+0xC]

mov eax, ecx

ret

}

}

GetPlayerArea

Code:

DWORD __declspec(naked) GetPlayerArea(void) {

__asm {

MOV EAX,DWORD PTR DS:[0x6FBCC1E0]

push eax

mov ebx, 0x6FABC0BC

call ebx

push eax

mov ebx, 0x6FABC0B6

call ebx

ret

}

}

SendGamePacket

Code:

void SendGAMEPacket(BYTE* Packet,DWORD PacketSize) {

DWORD size1 = PacketSize;

__asm {

mov eax, Packet

push Packet

mov ebx, size1

mov edx, 0x6FB0DE40

call edx

}

}

GetCurrentLife

Code:

DWORD __declspec(naked) GetCurrentLife() {

__asm {

mov eax, 6

mov ebx, 0x6FB653A0

call ebx

SAR eax,8

ret

}

}

GetMaxLife

Code:

DWORD __declspec(naked) GetMaxLife() {

__asm

mov eax, 6

mov ebx, 0x6FB653A0

call ebx

SAR edx,8

mov eax,edx

ret

}

}

GetCurrentMana

Code:

DWORD __declspec(naked) GetCurrentMana() {

__asm {

mov eax, 8

mov ebx, 0x6FB653A0

call ebx

SAR eax,8

ret

}

}

GetMaxMana

Code:

DWORD __declspec(naked) GetMaxMana() {

__asm {

mov eax, 8

mov ebx, 0x6FB653A0

call ebx

SAR edx,8

mov eax,edx

ret

}

}

GamePrintMessage

Code:

enum { colWhite, colRed, codGreen, colBlue, colGold, colGrey, colBlack, colBrown, colOrange, colYellow };

typedef void (_stdcall *pPrint)(wchar_t* Text, BYTE Color);

void GamePrintMessage(char *Message, BYTE color)

{

pPrint Print = (pPrint)0x6FAC6780;

wchar_t Buffer[256];

MultiByteToWideChar(CP_ACP, MB_PRECOMPOSED, Message, sizeof(Message), Buffer, sizeof(Buffer));

Print(Buffer, color);

}

GetPlayerID

Code:

DWORD __declspec(naked) GetPlayerID(VOID) { __asm { MOV EAX,DWORD PTR DS:[0x6FBCC1E0] MOV ECX,DWORD PTR DS:[EAX+0xC] mov eax, ecx ret } }

GetPlayerArea

Code:

DWORD __declspec(naked) GetPlayerArea(void) { __asm { MOV EAX,DWORD PTR DS:[0x6FBCC1E0] push eax mov ebx, 0x6FABC0BC call ebx push eax mov ebx, 0x6FABC0B6 call ebx ret } }

SendGamePacket

Code:

void SendGAMEPacket(BYTE* Packet,DWORD PacketSize) { DWORD size1 = PacketSize; __asm { mov eax, Packet push Packet mov ebx, size1 mov edx, 0x6FB0DE40 call edx } }

GetCurrentLife

Code:

DWORD __declspec(naked) GetCurrentLife() { __asm { mov eax, 6 mov ebx, 0x6FB653A0 call ebx SAR eax,8 ret } }

GetMaxLife

Code:

DWORD __declspec(naked) GetMaxLife() { __asm mov eax, 6 mov ebx, 0x6FB653A0 call ebx SAR edx,8 mov eax,edx ret } }

GetCurrentMana

Code:

DWORD __declspec(naked) GetCurrentMana() { __asm { mov eax, 8 mov ebx, 0x6FB653A0 call ebx SAR eax,8 ret } }

GetMaxMana

Code:

DWORD __declspec(naked) GetMaxMana() { __asm { mov eax, 8 mov ebx, 0x6FB653A0 call ebx SAR edx,8 mov eax,edx ret } }

GamePrintMessage

Code:

enum { colWhite, colRed, codGreen, colBlue, colGold, colGrey, colBlack, colBrown, colOrange, colYellow }; typedef void (_stdcall *pPrint)(wchar_t* Text, BYTE Color); void GamePrintMessage(char *Message, BYTE color) { pPrint Print = (pPrint)0x6FAC6780; wchar_t Buffer[256]; MultiByteToWideChar(CP_ACP, MB_PRECOMPOSED, Message, sizeof(Message), Buffer, sizeof(Buffer)); Print(Buffer, color); }

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0