Tibia 10.00 - Memory Addresses [Random ?]

**ReptileReX** · 06-06-2013, 09:16 PM

I checked yesterday new Tibia Version (10.00) (meybe earlier versions have this issue too but I dont know)
I noticed that some memory addresses are now random?

It means that i.e once you can find value in $XYZ384 and after tibia restart the same value is in $ABC384.
How can I find my valid value now ?

Thanks

**Blequi** · 06-06-2013, 09:40 PM

give a pratical example, i.e., what addresses?

**ReptileReX** · 06-06-2013, 09:48 PM

For example password and acc number (for reconnect feature)

**Farsa** · 06-06-2013, 09:52 PM

Search the forum for "base address" and "ASLR"... you will need it for your "reconnect feature" lol

**Blequi** · 06-06-2013, 09:57 PM

read this post and the 2 following
http://tpforums.org/forum/threads/58...ll=1#post51240

**Milice** · 06-11-2013, 06:34 AM

This is a shitty working method:

Code:

#include <windows.h>
#pragma comment(lib, "User32.lib")
#pragma comment(lib, "psapi.lib")
#include <psapi.h>
#include <TlHelp32.h>
#using <System.dll>

using namespace System;

BYTE* GetRemoteBase(unsigned long pId, char *module)
{
   MODULEENTRY32 modEntry;
   HANDLE tlh = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE, pId);

   modEntry.dwSize = sizeof(MODULEENTRY32);
    Module32First(tlh, &modEntry);

   do
   {
	   System::String^ modx = gcnew String(modEntry.szModule);
	   System::String^ mody = gcnew String(module);
	   if(modx == mody)
		  return modEntry.modBaseAddr;
      modEntry.dwSize = sizeof(MODULEENTRY32);
   }
   while(Module32Next(tlh, &modEntry));

   return NULL;
}

Code:

char user[128];
char pass[128];

int base = (int)GetRemoteBase(PIDZz, "Tibia.exe");

int userAddr = base + 5570108;
int passAddr = base + 5570136;

ReadProcessMemory(Booz, (void*)userAddr, user, 30, NULL);
ReadProcessMemory(Booz, (void*)passAddr, pass, 30, NULL);

And i'm quite sure this really is a "reconnect" thinggy you're looking for and absolutely not a way to steal accounts lol xD

**DarkstaR** · 06-11-2013, 01:21 PM

Holy fuck c++.NET is hideous.

Please go to C# if you want to use .NET.

**~~XtrmJash~~** · 06-11-2013, 06:26 PM

Originally Posted by DarkstaR

Holy fuck c++.NET is hideous.

Please go to C# if you want to use .NET.

C# + .NET = elegant.
C++ + MFC = elegant.
C++ + .NET = DAFUQ?

For the record I am aware that MFC is a calling convention, not an API as such, but still, I don't know enough about C++ to make this statement correctly, here's my best attempt.

**Blequi** · 06-11-2013, 06:58 PM

the only reason I'm still in the .net world is wpf, due its data bindings and advanced design support through expression blend.

**Milice** · 06-17-2013, 05:38 PM

Originally Posted by DarkstaR

Holy fuck c++.NET is hideous.

Please go to C# if you want to use .NET.

Told ya it's shit XD i'm not to hightec when it comes to C++, i'm still learning :P if anyone have a better way of fetching the base address, feel free to correct me xD

Thread: Tibia 10.00 - Memory Addresses [Random ?]

Thread Tools

Search Thread

Display

Tibia 10.00 - Memory Addresses [Random ?]

Tags for this Thread

Posting Permissions