My current tools auto fisher, runemaker or tool to pick up spears doesn't require reading client's memory and works perfectly fine. Altough, I will try dig into this new client. Luckily, the source of basic client is public and maybe it will be easier to compare it to tibianic clientOriginally Posted by chi3
Then I'm guessing it's either reading colors on the screen, or it's pretty much just using macros?
And yeah, most basic structures are the same as the open source code, so that part isn't that hard, but it's a bit of work to figure out every STL-structure and such. I'd say the new client is quite a bit more complex compared to the old one, but thanks to the source it's not super hard. However, I wouldn't say it's easier than the old client because you can find almost everything from the old client on here without having to reverse much yourself.
I've started a bit on it, but since he releases a new update every few days I'm too lazy to keep updating the addresses. I might start again when it's more stable, but until then I'm just gonna enjoy a bot free server.
Last edited by chi3; 06-27-2015 at 01:47 AM.
These tools works like macros, but doesn't block keyboard or mouse.
Yea, I agree, it's kinda harder to find values in new client. Firstly, it uses ASLR, but it's easy to disable it with hex editor or in whole OS. Altough, I noticed that there are no static structures and it hard to find specific pointers, adresses change with every login.
If it's not a secret could you tell how did manage to find these adresses? For example I couldn't change my own name displayed in the client (in old client I could find object on battle_list and simply change the name).
ASLR is hardly a problem, just do everything in offsets from the base address.
I just found the location where my mana was stored and backtracked from there. For example, the g_game structure is located at base + 0x42FB60 in the latest version, and the first structure in g_game happens to be the localPlayer structure, in which the offset to the std::string which contains the name is 0x20.
However, I haven't been able to change my own name either and I have no idea why it's not working. Changing your outfit by modifying the value at localPlayer + 0x44 is possible though.
Last edited by chi3; 06-27-2015 at 01:50 PM.
It's because your name on screen is in another address.
How did you manage to get g_game address? I can find some address from localplayer, like direction, outfit, light, etc, but I don't know how to track it to g_game structure.
Yeah, name on screen is probably loaded in to somewhere else in memory through lua once logging in or so, and wont change after that.
I found the g_game address through simple pointer scanning. Search for pointers to something that's located in localplayer and follow the offsets, it's very easy to figure out with the source.
Last edited by chi3; 07-10-2015 at 04:20 PM.
Thank you, I found it. Now I have at least full light and a mana trainer.
Next task is try to do a rune maker, but this will be a bit harder since I have no assembly skills to discovery how containers list are structured.
I did manage to find the basics for the container list and its items, but I stopped right after that.
Here's the two lua scripts I made to use with cheat engine, they're far from perfect or finished but it's a start:
IIRC the items were contained in a std::deque:
The containers were located in a std::map structure:Code:function deque_at(i) --The deque's location in memory local deque = 0x7F6156C; --Load all the information from the deque local vectormap = readInteger(deque+4); local chunkamount = readInteger(deque+8); local firstelement = readInteger(deque+12); local maxelements = chunkamount * 4; local dequesize = readInteger(deque+16); --If element wanted is out of the deque's range, return false if(i >= dequesize) then return false end --Calculate what location the wanted element is at local location = (firstelement+i)%maxelements; --Calculate what chunk the element should be in local chunk_n = math.floor(location/4) --Calculate element in the chunk local chunkelement_n = location%4 --Find the chunk local chunk = readInteger(vectormap + (4*chunk_n)); --Find the element in the chunk local element = readInteger(chunk + (4*chunkelement_n)); --Get member variable with offset local value = readInteger(element+0x1a); return value; end print(deque_at(0))
Code:function getContainer(contId) local containerPointer = getAddress("Tibianic.exe") + 0x3DC960 + 0x10 local containerAmount = readInteger(containerPointer + 0x4) local containerList = {} local ptr = readInteger(containerPointer) local next = readInteger(ptr+4) local found = false local lastNode = false while not lastNode and not found do if (next == ptr) then print("last node reached") lastNode = true break end local id = readInteger(next + 0x10) --print("found id: ".. id) if (contId < id) then next = readInteger(next + 0x00) --print("read left") elseif (contId > id) then --print("read right") next = readInteger(next + 0x08) else found = true --print("found = true") end end local foundcontainer if found and readInteger(next + 0x14) ~= 0 then local containerptr = readInteger(next + 0x14) foundcontainer ={ id = readInteger(containerptr + 0xc), vol = readInteger(containerptr + 0x10), name = readString(containerptr + 0x18), hasParent = readBytes(containerptr + 0x30, 1, false), closed = readBytes(containerptr + 0x31, 1, false), unlocked = readBytes(containerptr + 0x32, 1, false), hasPages = readBytes(containerptr + 0x33, 1, false), size = 0, firstIndex = 0 } print("found container!") print("id: " .. foundcontainer.id) print("volume: " .. foundcontainer.vol) print("name: " .. foundcontainer.name) print("hasParent: " .. foundcontainer.hasParent) print("closed: " .. foundcontainer.closed) print("unlocked: " .. foundcontainer.unlocked) print("hasPages: " .. foundcontainer.hasPages) else print("not found") end end getContainer(0)
It's really shitty written and I honestly don't even remember much of it myself even though it was just ~1 month ago I made it, but maybe it can help a bit.
I am a little lost here, do these fetures still work with the new tibianic?
Cheers
@w8w8w8 hello there. i'm interested in buying this for medivia if it still works.
Posting Permissions
Reply With Quote