Deprecated: The behavior of unparenthesized expressions containing both '.' and '+'/'-' will change in PHP 8: '+'/'-' will take a higher precedence in /home/iano/public_html/tpforums-vb5/forum/includes/class_core.php on line 5842

PHP Warning: Use of undefined constant MYSQL_NUM - assumed 'MYSQL_NUM' (this will throw an Error in a future version of PHP) in ..../includes/init.php on line 165

PHP Warning: Use of undefined constant MYSQL_ASSOC - assumed 'MYSQL_ASSOC' (this will throw an Error in a future version of PHP) in ..../includes/init.php on line 165

PHP Warning: Use of undefined constant MYSQL_BOTH - assumed 'MYSQL_BOTH' (this will throw an Error in a future version of PHP) in ..../includes/init.php on line 165

PHP Warning: "continue" targeting switch is equivalent to "break". Did you mean to use "continue 2"? in ..../includes/functions_navigation.php on line 588

PHP Warning: "continue" targeting switch is equivalent to "break". Did you mean to use "continue 2"? in ..../includes/functions_navigation.php on line 612

PHP Warning: Use of undefined constant misc - assumed 'misc' (this will throw an Error in a future version of PHP) in ..../global.php(29) : eval()'d code(6) : eval()'d code on line 1

PHP Warning: Use of undefined constant index - assumed 'index' (this will throw an Error in a future version of PHP) in ..../global.php(29) : eval()'d code(6) : eval()'d code on line 1

PHP Warning: Use of undefined constant misc - assumed 'misc' (this will throw an Error in a future version of PHP) in ..../includes/class_bootstrap.php(1422) : eval()'d code(4) : eval()'d code on line 1

PHP Warning: Use of undefined constant index - assumed 'index' (this will throw an Error in a future version of PHP) in ..../includes/class_bootstrap.php(1422) : eval()'d code(4) : eval()'d code on line 1

PHP Warning: Use of undefined constant onlinestatusphrase - assumed 'onlinestatusphrase' (this will throw an Error in a future version of PHP) in ..../includes/class_core.php(4684) : eval()'d code on line 6

PHP Warning: Use of undefined constant onlinestatusphrase - assumed 'onlinestatusphrase' (this will throw an Error in a future version of PHP) in ..../includes/class_core.php(4684) : eval()'d code on line 6

PHP Warning: Use of undefined constant onlinestatusphrase - assumed 'onlinestatusphrase' (this will throw an Error in a future version of PHP) in ..../includes/class_core.php(4684) : eval()'d code on line 6

PHP Warning: Use of undefined constant onlinestatusphrase - assumed 'onlinestatusphrase' (this will throw an Error in a future version of PHP) in ..../includes/class_core.php(4684) : eval()'d code on line 6
My first Tibia Program
Results 1 to 4 of 4

Thread: My first Tibia Program

  1. 02-05-2013, 11:16 AM #1
    ResQue1980
    ResQue1980 is offline
    Junior Member
    Join Date
    Jan 2013
    Location
    Interwebz
    Posts
    22

    My first Tibia Program

    Thanks so much guys for posting all these tutorial, its really helping my improve my skills.

    in the spirit of sharing i though i would share what i have written so far, its very simple just reads what items your player has equipped. Designed for Tibia 9.8.1.0. I used cheat engine (http://www.cheatengine.org/), to get the memory addresses

    Extra thanks to ManInTheCave, as its mostly his code (I hand typed my version, no copy and paste from him, only way to learn).

    Code:
    using System;
using System.Collections.Generic;
using System.ComponentModel;
using System.Data;
using System.Drawing;
using System.Linq;
using System.Text;
using System.Windows.Forms;

using System.Runtime.InteropServices;
using System.Diagnostics;

namespace TibiaInfo
{
    public partial class Form1 : Form
    {

        #region DLLImports

        //Import WindowsAPI function to read process memory
        [DllImport("kernel32.dll")]
        public static extern Int32 ReadProcessMemory(IntPtr hProcess, IntPtr IpBaseAddress, [In, Out]byte[] buffer, UInt32 size, out IntPtr lpNumberOfBytesRead);

        #endregion



        #region Global Vars

        public static UInt32 Base = 0; // Base Address
        public static Process Tibia = null; // Tibia process

        //Player Variables (Not used yet, working on xor function now)
        public int hp;
        public int mp;
        public int xp;
        public int ml;
        public int lvl;
        public int cap;
        public int xpos;
        public int ypos;
        public int zpos;
        public int xpup;

        public string name;
        public string quest;


        UInt32 Pxor = 0x3ABF8C; //XOR Address (Check if this is right)

        //EXP Address
        UInt32 XpAdr = 0x3ABF98;
        UInt32 XpAdrL = 0x3ABF98 + 0x400000;

        //Mana Address
        UInt32 MpAdr = 0x3ABFE0;
        UInt32 MpAdrL = 0x3ABFE0 + 0x400000;

        //Health Address
        UInt32 HpAdr = 0x541000;
        UInt32 HPAdrL = 0x541000 + 0x400000;

        //Cap Address
        UInt32 CapAdr = 0x578E94;
        UInt32 CapAdrL = 0x578E94 + 0x400000;

        //Level Address
        UInt32 LvlAdr = 0x3ABFC8;
        UInt32 LvlAdrL = 0x3ABFC8 + 0x400000;

        //Magic Adress
        UInt32 MlAdr = 0x3ABFD0;
        UInt32 MlAdrL = 0x3ABFD0 + 0x400000;

        //Name Address
        UInt32 NameAdr = 0x3ADF0B;
        UInt32 NameAdrL = 0x3ADF08 + 0x400000;

        //XPos Address
        UInt32 XAdr = 0x578EA8;
        UInt32 XAdrL = 0x578EA8 + 0x400000;

        //YPos Addrees
        UInt32 YAdr = 0x578EAC;
        UInt32 YAdrL = 0x578EAC + 0x400000;

        //ZPos Address
        UInt32 ZAdr = 0x578EB0;
        UInt32 ZAdrL = 0x578EB0 + 0x400000;

        //First Quest Address
        UInt32 QstAdr = 0x3AD0D5;
        UInt32 QstAdrL = 0x3AD0D5 + 0x400000;


        //Player Item Slot Address
        UInt32 RingSlotL = 0x5DA548;
        UInt32 BootsSlotL = 0x5DA554;
        UInt32 LegsSlotL = 0x5DA560;
        UInt32 WeaponSlotL = 0x5DA56C;
        UInt32 ShieldSlotL = 0x5DA578;
        UInt32 ArmourSlotL = 0x5DA584;
        UInt32 BagSlotL = 0x5DA590;
        UInt32 NecklessSlotL = 0x5DA59C;
        UInt32 HelmetSlotL = 0x5DA5A8;
        UInt32 HandSlotL = 0x5DA53C;

        #endregion



        #region Init Code

        public Form1()
        {
            InitializeComponent();
        }

        private void Form1_Load(object sender, EventArgs e)
        {
            Process[] TibiaProcess = Process.GetProcessesByName("Tibia");            
            //Process[] TibiaProcess = Process.GetProcessesByName("Tibia981");
            Tibia = TibiaProcess[0];
            Base = Convert.ToUInt32(Tibia.MainModule.BaseAddress.ToInt32());


            //TODO: Fills in combobox (cmbTibiaClient) with all running tibia clients, this will be used later on for muticlient support
            Dictionary<string, Process> filterItems = new Dictionary<string, Process>();
            for (int x = 0; x < TibiaProcess.Count(); x++)
            {
                filterItems.Add("[" + x + "] " + TibiaProcess[x].MainModule.BaseAddress.ToString(), TibiaProcess[x]);
            }

            this.cmbTibiaClient.DataSource = new BindingSource(filterItems, null);
            this.cmbTibiaClient.DisplayMember = "Key";
            this.cmbTibiaClient.ValueMember = "Value";
        }

        #endregion



        #region Main Code

        public static byte[] ReadBytes(IntPtr Handle, Int64 Address, uint BytesToRead)
        {
            IntPtr ptrBytesRead;

            //Declare a bugger, this is the no mans land in which the information travels to get from the memory address to our programs memory
            byte[] buffer = new byte[BytesToRead];

            ReadProcessMemory(Handle, new IntPtr(Address), buffer, BytesToRead, out ptrBytesRead);

            return buffer;
        }

        //Convert the contents of "buffer", or any other byte variable to a usable Int32
        public static int ReadInt32(IntPtr Handle, long Address)
        {
            return BitConverter.ToInt32(ReadBytes(Handle, Address, 4), 0);
        }

        private void button1_Click(object sender, EventArgs e)
        {
            scan();
        }

        private void scan()
        {
            //MessageBox.Show(Convert.ToString(ReadInt32(Tibia.Handle, 0x5DA56C + Base))); //2752512

            this.txtRing.Text = Convert.ToString(ReadInt32(Tibia.Handle, RingSlotL + Base));
            this.txtBoots.Text = Convert.ToString(ReadInt32(Tibia.Handle, BootsSlotL + Base));
            this.txtLegs.Text = Convert.ToString(ReadInt32(Tibia.Handle, LegsSlotL + Base));
            this.txtWeapon.Text = Convert.ToString(ReadInt32(Tibia.Handle, WeaponSlotL + Base));
            this.txtShield.Text = Convert.ToString(ReadInt32(Tibia.Handle, ShieldSlotL + Base));
            this.txtArmour.Text = Convert.ToString(ReadInt32(Tibia.Handle, ArmourSlotL + Base));
            this.txtBag.Text = Convert.ToString(ReadInt32(Tibia.Handle, BagSlotL + Base));
            this.txtNeckless.Text = Convert.ToString(ReadInt32(Tibia.Handle, NecklessSlotL + Base));
            this.txtHelmet.Text = Convert.ToString(ReadInt32(Tibia.Handle, HelmetSlotL + Base));
            this.txtHand.Text = Convert.ToString(ReadInt32(Tibia.Handle, HandSlotL + Base));
        }


        private void cmbTibiaClient_SelectedIndexChanged(object sender, EventArgs e)
        {

        }

        #endregion 



    }
}
    Last edited by ResQue1980; 02-05-2013 at 11:28 AM.
    Reply With Quote Reply With Quote
  2. 02-05-2013, 11:20 AM #2
    ResQue1980
    ResQue1980 is offline
    Junior Member
    Join Date
    Jan 2013
    Location
    Interwebz
    Posts
    22
    Working on that xor encryption/obfuscation stuff now.

    Thanks for the heads up Sketchy:
    A ^ B = C
    A ^ C = B
    B ^ C = A

    Its so simple when you think about it, it just never occurred to me


    XOR Encryption: www.cprogramming.com/tutorial/xor.html
    Reply With Quote Reply With Quote
  3. 02-07-2013, 08:56 AM #3
    ResQue1980
    ResQue1980 is offline
    Junior Member
    Join Date
    Jan 2013
    Location
    Interwebz
    Posts
    22
    Another update, just managed to read xor encrypted/obfuscated data from the tibia client (HP)

    this one was a bitch i couldnt find the values in memory, but thanks to anderkiu tutorial (tpforums.org/forum/threads/5055-Tutorial-9-44-Windows-7-Getting-tibia-base-address-reading-HP-with-xor?p=45185&viewfull=1#post45185) and the address list at BlackD (http://www.blackdtools.com/forum/sho...addresses-9-81) i got it working in the end.


    Here is the updated code (100% working on Tibia 9.8.1.0):
    Code:
    using System;
using System.Collections.Generic;
using System.ComponentModel;
using System.Data;
using System.Drawing;
using System.Linq;
using System.Text;
using System.Windows.Forms;

using System.Runtime.InteropServices;
using System.Diagnostics;

namespace TibiaInfo
{
  
    public partial class Form1 : Form
    {

        #region DLLImports
        //Import WindowsAPI function to read process memory
        [DllImport("kernel32.dll")]
        public static extern Int32 ReadProcessMemory(IntPtr hProcess, IntPtr IpBaseAddress, [In, Out]byte[] buffer, UInt32 size, out IntPtr lpNumberOfBytesRead);
        #endregion



        #region Global Vars
        public static UInt32 Base = 0; // Base Address
        public static Process Tibia = null; // Tibia process

        Int32 HealthPointsL = 0x7B6EF0;
        Int32 XorL = 0x94C000;

        //Player Item Slot Address
        UInt32 RingSlotL = 0x5DA548;
        UInt32 BootsSlotL = 0x5DA554;
        UInt32 LegsSlotL = 0x5DA560;
        UInt32 WeaponSlotL = 0x5DA56C;
        UInt32 ShieldSlotL = 0x5DA578;
        UInt32 ArmourSlotL = 0x5DA584;
        UInt32 BagSlotL = 0x5DA590;
        UInt32 NecklessSlotL = 0x5DA59C;
        UInt32 HelmetSlotL = 0x5DA5A8;
        UInt32 HandSlotL = 0x5DA53C;       
        #endregion



        #region Init Code
        public Form1()
        {
            InitializeComponent();
        }

        private void Form1_Load(object sender, EventArgs e)
        {    
            Process[] TibiaProcess = Process.GetProcessesByName("Tibia");            
            
            Tibia = TibiaProcess[0];
            Base = Convert.ToUInt32(Tibia.MainModule.BaseAddress.ToInt32());


            //TODO: Fills in combobox (cmbTibiaClient) with all running tibia clients, this will be used later on for muticlient support
            Dictionary<string, Process> filterItems = new Dictionary<string, Process>();
            for (int x = 0; x < TibiaProcess.Count(); x++)
            {
                filterItems.Add("[" + TibiaProcess[x].Handle.ToString() + "] " + TibiaProcess[x].MainModule.FileName.ToString(), TibiaProcess[x]);
            }

            this.cmbTibiaClient.DataSource = new BindingSource(filterItems, null);
            this.cmbTibiaClient.DisplayMember = "Key";
            this.cmbTibiaClient.ValueMember = "Value";           
        }
        #endregion



        #region Main Code
        public static byte[] ReadBytes(IntPtr Handle, Int64 Address, uint BytesToRead)
        {
            IntPtr ptrBytesRead;

            //Declare a bugger, this is the no mans land in which the information travels to get from the memory address to our programs memory
            byte[] buffer = new byte[BytesToRead];

            ReadProcessMemory(Handle, new IntPtr(Address), buffer, BytesToRead, out ptrBytesRead);

            return buffer;
        }

        //Convert the contents of "buffer", or any other byte variable to a usable Int32
        public static int ReadInt32(IntPtr Handle, long Address)
        {
            return BitConverter.ToInt32(ReadBytes(Handle, Address, 4), 0);
        }

        private void button1_Click(object sender, EventArgs e)
        {
            scan();
        }

        private void scan()
        {
            //MessageBox.Show(Convert.ToString(ReadInt32(Tibia.Handle, 0x5DA56C + Base))); //2752512

            this.txtRing.Text = Convert.ToString(ReadInt32(Tibia.Handle, RingSlotL + Base));
            this.txtBoots.Text = Convert.ToString(ReadInt32(Tibia.Handle, BootsSlotL + Base));
            this.txtLegs.Text = Convert.ToString(ReadInt32(Tibia.Handle, LegsSlotL + Base));
            this.txtWeapon.Text = Convert.ToString(ReadInt32(Tibia.Handle, WeaponSlotL + Base));
            this.txtShield.Text = Convert.ToString(ReadInt32(Tibia.Handle, ShieldSlotL + Base));
            this.txtArmour.Text = Convert.ToString(ReadInt32(Tibia.Handle, ArmourSlotL + Base));
            this.txtBag.Text = Convert.ToString(ReadInt32(Tibia.Handle, BagSlotL + Base));
            this.txtNeckless.Text = Convert.ToString(ReadInt32(Tibia.Handle, NecklessSlotL + Base));
            this.txtHelmet.Text = Convert.ToString(ReadInt32(Tibia.Handle, HelmetSlotL + Base));
            this.txtHand.Text = Convert.ToString(ReadInt32(Tibia.Handle, HandSlotL + Base));


            
            Int32 Xor = ReadInt32(Tibia.Handle, Base - 0x400000 + XorL);            
            txtxorKey.Text = Convert.ToString(Xor);

            Int32 HealthPointsEncrypted = ReadInt32(Tibia.Handle, Base - 0x400000 + HealthPointsL); 
            txtlifeEncrypted.Text = Convert.ToString(HealthPointsEncrypted);
            
            Int32 HealthPointsDecrypted = HealthPointsEncrypted ^ Xor;
            txtlifeDecrypted.Text = Convert.ToString(HealthPointsDecrypted);

        }

        private void cmbTibiaClient_SelectedIndexChanged(object sender, EventArgs e)
        {
            KeyValuePair<string, Process> selectProcess = (KeyValuePair<string, Process>)cmbTibiaClient.SelectedItem;
            Tibia = (Process)selectProcess.Value;
            Base = Convert.ToUInt32(Tibia.MainModule.BaseAddress.ToInt32());            
        }

        #endregion     
    }
}

    reps go to anderkiu, Sketchy, maninthecave, blackd the info they posted really helped
    Last edited by ResQue1980; 02-07-2013 at 08:59 AM.
    Reply With Quote Reply With Quote
  4. 02-07-2013, 09:08 PM #4
    XtrmJash
    XtrmJash is offline
    Senior Member
    Join Date
    Jan 2008
    Location
    Cambridge, England
    Posts
    725
    Quote Originally Posted by thegrassfields View Post
    Another update, just managed to read xor encrypted/obfuscated data from the tibia client (HP)

    this one was a bitch i couldnt find the values in memory, but thanks to anderkiu tutorial (tpforums.org/forum/threads/5055-Tutorial-9-44-Windows-7-Getting-tibia-base-address-reading-HP-with-xor?p=45185&viewfull=1#post45185) and the address list at BlackD (http://www.blackdtools.com/forum/sho...addresses-9-81) i got it working in the end.


    Here is the updated code (100% working on Tibia 9.8.1.0):
    Code:
    using System;
using System.Collections.Generic;
using System.ComponentModel;
using System.Data;
using System.Drawing;
using System.Linq;
using System.Text;
using System.Windows.Forms;

using System.Runtime.InteropServices;
using System.Diagnostics;

namespace TibiaInfo
{
  
    public partial class Form1 : Form
    {

        #region DLLImports
        //Import WindowsAPI function to read process memory
        [DllImport("kernel32.dll")]
        public static extern Int32 ReadProcessMemory(IntPtr hProcess, IntPtr IpBaseAddress, [In, Out]byte[] buffer, UInt32 size, out IntPtr lpNumberOfBytesRead);
        #endregion



        #region Global Vars
        public static UInt32 Base = 0; // Base Address
        public static Process Tibia = null; // Tibia process

        Int32 HealthPointsL = 0x7B6EF0;
        Int32 XorL = 0x94C000;

        //Player Item Slot Address
        UInt32 RingSlotL = 0x5DA548;
        UInt32 BootsSlotL = 0x5DA554;
        UInt32 LegsSlotL = 0x5DA560;
        UInt32 WeaponSlotL = 0x5DA56C;
        UInt32 ShieldSlotL = 0x5DA578;
        UInt32 ArmourSlotL = 0x5DA584;
        UInt32 BagSlotL = 0x5DA590;
        UInt32 NecklessSlotL = 0x5DA59C;
        UInt32 HelmetSlotL = 0x5DA5A8;
        UInt32 HandSlotL = 0x5DA53C;       
        #endregion



        #region Init Code
        public Form1()
        {
            InitializeComponent();
        }

        private void Form1_Load(object sender, EventArgs e)
        {    
            Process[] TibiaProcess = Process.GetProcessesByName("Tibia");            
            
            Tibia = TibiaProcess[0];
            Base = Convert.ToUInt32(Tibia.MainModule.BaseAddress.ToInt32());


            //TODO: Fills in combobox (cmbTibiaClient) with all running tibia clients, this will be used later on for muticlient support
            Dictionary<string, Process> filterItems = new Dictionary<string, Process>();
            for (int x = 0; x < TibiaProcess.Count(); x++)
            {
                filterItems.Add("[" + TibiaProcess[x].Handle.ToString() + "] " + TibiaProcess[x].MainModule.FileName.ToString(), TibiaProcess[x]);
            }

            this.cmbTibiaClient.DataSource = new BindingSource(filterItems, null);
            this.cmbTibiaClient.DisplayMember = "Key";
            this.cmbTibiaClient.ValueMember = "Value";           
        }
        #endregion



        #region Main Code
        public static byte[] ReadBytes(IntPtr Handle, Int64 Address, uint BytesToRead)
        {
            IntPtr ptrBytesRead;

            //Declare a bugger, this is the no mans land in which the information travels to get from the memory address to our programs memory
            byte[] buffer = new byte[BytesToRead];

            ReadProcessMemory(Handle, new IntPtr(Address), buffer, BytesToRead, out ptrBytesRead);

            return buffer;
        }

        //Convert the contents of "buffer", or any other byte variable to a usable Int32
        public static int ReadInt32(IntPtr Handle, long Address)
        {
            return BitConverter.ToInt32(ReadBytes(Handle, Address, 4), 0);
        }

        private void button1_Click(object sender, EventArgs e)
        {
            scan();
        }

        private void scan()
        {
            //MessageBox.Show(Convert.ToString(ReadInt32(Tibia.Handle, 0x5DA56C + Base))); //2752512

            this.txtRing.Text = Convert.ToString(ReadInt32(Tibia.Handle, RingSlotL + Base));
            this.txtBoots.Text = Convert.ToString(ReadInt32(Tibia.Handle, BootsSlotL + Base));
            this.txtLegs.Text = Convert.ToString(ReadInt32(Tibia.Handle, LegsSlotL + Base));
            this.txtWeapon.Text = Convert.ToString(ReadInt32(Tibia.Handle, WeaponSlotL + Base));
            this.txtShield.Text = Convert.ToString(ReadInt32(Tibia.Handle, ShieldSlotL + Base));
            this.txtArmour.Text = Convert.ToString(ReadInt32(Tibia.Handle, ArmourSlotL + Base));
            this.txtBag.Text = Convert.ToString(ReadInt32(Tibia.Handle, BagSlotL + Base));
            this.txtNeckless.Text = Convert.ToString(ReadInt32(Tibia.Handle, NecklessSlotL + Base));
            this.txtHelmet.Text = Convert.ToString(ReadInt32(Tibia.Handle, HelmetSlotL + Base));
            this.txtHand.Text = Convert.ToString(ReadInt32(Tibia.Handle, HandSlotL + Base));


            
            Int32 Xor = ReadInt32(Tibia.Handle, Base - 0x400000 + XorL);            
            txtxorKey.Text = Convert.ToString(Xor);

            Int32 HealthPointsEncrypted = ReadInt32(Tibia.Handle, Base - 0x400000 + HealthPointsL); 
            txtlifeEncrypted.Text = Convert.ToString(HealthPointsEncrypted);
            
            Int32 HealthPointsDecrypted = HealthPointsEncrypted ^ Xor;
            txtlifeDecrypted.Text = Convert.ToString(HealthPointsDecrypted);

        }

        private void cmbTibiaClient_SelectedIndexChanged(object sender, EventArgs e)
        {
            KeyValuePair<string, Process> selectProcess = (KeyValuePair<string, Process>)cmbTibiaClient.SelectedItem;
            Tibia = (Process)selectProcess.Value;
            Base = Convert.ToUInt32(Tibia.MainModule.BaseAddress.ToInt32());            
        }

        #endregion     
    }
}

    reps go to anderkiu, Sketchy, maninthecave, blackd the info they posted really helped
    Hi dude, appreciate the mention here. It's good to see new people entering the world of programming for Tibia, in spite of how difficult it can be to get started. If you want more values to read, or want to be able to control as well as read from Tibia, you should check out JAPI. You might find it useful if you wanna read battle list / containers or whatever. I don't advise using it as an API yet, but there is probably a considerable amount of code there which you can use. For example, your "client chooser" or "MC compatability" thing, it is based on the base address of the tibia client, but you could do it by using a function from JAPI called GetMyName(), if you look at how the function works, you'll see it reads battle list by incrementing through each entry, and gets the name / CID of each creature, it then compares the CID to your CID which it reads from your player information (same place your HP, MP, Exp, level, etc is stored) and when it finds a match it knows your name.

    Good luck with your programming, and if you have any questions just ask
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules