Does anyone have an idea how to make a lighthack for Medivia.org?
Im very intersted in learning stuff like this, i have some basic programming knowledge.
Does anyone have an idea how to make a lighthack for Medivia.org?
Im very intersted in learning stuff like this, i have some basic programming knowledge.
This is in C#, and it only works with the DirectX client.
Code:using System; using System.Diagnostics; using System.Runtime.InteropServices; using System.Windows.Forms; namespace MediviaLightHack { publicpartialclassMediviaLightHack : Form { Process MediviaProcess; IntPtr MediviaProcessHandle; uint MediviaBaseAddress; uint WorldLightAddress; uint WorldLightPointer = 0xDE18A; uint WorldLightNop1 = 0xDE188; uint WorldLightNop2 = 0xCCD23; byte[] WorldLightNopArray1 = new byte[6] { 0x90, 0x90, 0x90, 0x90, 0x90, 0x90 }; byte[] WorldLightNopArray2 = new byte[10] { 0x90, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90 }; uint SelfLightAddress; uint SelfLightPointer = 0x54C090; System.Timers.Timer LightHackTimer; [DllImport("kernel32.dll")] static extern IntPtr OpenProcess(uint dwDesiredAccess, int bInheritHandle, uint dwProcessId); [DllImport("kernel32.dll")] public static extern int ReadProcessMemory(IntPtr hProcess, IntPtr lpBaseAddress, [In, Out] byte[] buffer, uint size, out IntPtr lpNumberOfBytesRead); [DllImport("kernel32.dll")] static extern int WriteProcessMemory(IntPtr hProcess, IntPtr lpBaseAddress, [In, Out] byte[] buffer, uint size, out IntPtr lpNumberOfBytesWritten); public MediviaLightHack() { InitializeComponent(); } private void MediviaLightHack_Load(object sender, EventArgs e) { label1.Text = "Looking for Medivia client."; foreach (Process process in Process.GetProcesses()) { if (process.MainWindowTitle.Equals("Medivia Online", StringComparison.CurrentCultureIgnoreCase)) { label1.Text = "Medivia client found."; MediviaProcess = process; // use OpenProcess to retrieve and store the handle to the Medivia client for future use with Read/WriteProcessMemory MediviaProcessHandle = OpenProcess(0x1F0FFF, 0, (uint)MediviaProcess.Id); // same with the base address MediviaBaseAddress = (uint)MediviaProcess.MainModule.BaseAddress.ToInt32(); IntPtr ptrBytesRead; IntPtr bytesWritten; byte[] buffer = new byte[4]; // read and store the value from the pointer for the world light address ReadProcessMemory(MediviaProcessHandle, new IntPtr(WorldLightPointer + MediviaBaseAddress), buffer, 4, out ptrBytesRead); WorldLightAddress = BitConverter.ToUInt32(buffer, 0); // nop (fill with 0x90) the two addresses that alter the world light value WriteProcessMemory(MediviaProcessHandle, new IntPtr(WorldLightNop1), WorldLightNopArray1, 6, out bytesWritten); WriteProcessMemory(MediviaProcessHandle, new IntPtr(WorldLightNop2), WorldLightNopArray2, 6, out bytesWritten); // write 250 (max light value) to the world light address WriteProcessMemory(MediviaProcessHandle, new IntPtr(WorldLightAddress), BitConverter.GetBytes(250), 1, out bytesWritten); // read and store the value from the pointer for the self light address ReadProcessMemory(MediviaProcessHandle, new IntPtr(SelfLightPointer + MediviaBaseAddress), buffer, 4, out ptrBytesRead); SelfLightAddress = BitConverter.ToUInt32(buffer, 0) + 0xA4; // create and start a timer to continuously set the self light address value every 100ms // alternately, you could set this value once like the world light address and nop anything that modifies it (I never took the time to find the addresses that does that) LightHackTimer = new System.Timers.Timer(100); LightHackTimer.Elapsed += LightHackTimer_Elapsed; LightHackTimer.Start(); label1.Text = "Light hack actively patching."; return; } } label1.Text = "Medivia client not found."; } private void LightHackTimer_Elapsed(object sender, System.Timers.ElapsedEventArgs e) { // this will set the self light address to 250 (max light value) IntPtr bytesWritten; WriteProcessMemory(MediviaProcessHandle, new IntPtr(SelfLightAddress), BitConverter.GetBytes(250), 1, out bytesWritten); } } }
im curious... how did you find the light value? I mean how did you know that bright is a value greater than dark etc. What was your process? I found the light in Zezenia, but I couldnt find in medivia
Unsurprisingly, they still use the same game protocol as tibia (packets and their corresponding structure). So, I found the function that parses the world light packet which includes the address of where the value is stored. For the player's light level, I used cheat engine and changed my character's light level by turning a torch on and off and searching for the different values. Again, they still use Tibia's values, so a full torch is 10 (I believe) and no light is, of course, 0.
Once you find the addresses you can simply modify them with cheat engine or WriteProcessMemory to see what values do what. It's a byte, so anything over 255 will overflow, and when it's daytime in Tibia their light value is 250 and you can tell a difference using anything higher.
Last edited by jo3bingham; 01-30-2016 at 05:30 AM.
If you want to write your tools for Medivia, the best info source can be found in otclient source code https://github.com/edubart/otclient
Maybe a month ago, I wrote a light hack for it too mostly following the source code.
I will describe my process to find Light and other things:
Not only light address, but you can find a pointer to their Creature (or inherited objects) searching with Cheat Engine for the creature direction.
For instance, here is the creature structure https://github.com/edubart/otclient/...ent/creature.h
You can see that Direction is a few members above Light member and its type is enum
- Direction: https://github.com/edubart/otclient/...t/const.h#L154
- Light: https://github.com/edubart/otclient/...ingtype.h#L114
So, turn north and search for 0, turn east and search for 1, ... until you get the correct Direction address (probably, not static). Once you got the Direction address, browse memory region with Cheat Engine and turn a torch on/off to see where the light gets stored (the source says Light spans up to 2 bytes, the first reserved for intensity and second for color, it is useful when using writeprocessmemory)
After that, pointer scan for this address with Cheat Engine and you will find the pointer path.
When I get time, I will post a mini tutorial how to write a light hack for medivia in a step-by-step way
Last edited by Blequi; 01-30-2016 at 10:35 AM.
interesting.... I thought they might use same values as Tibia. In zezenia, no light is 100, and full light is 0
Thanks for sharing!
btw, to make it work on OpenGL client all we have to do is change this addresses?
Code:uint WorldLightPointer = 0xDE18A; uint WorldLightNop1 = 0xDE188; uint WorldLightNop2 = 0xCCD23;
[QUOTE=Jo3Bingham;55679]This is in C#, and it only works with the DirectX client.
Im having some trouble getting this code to work, is it a form or console application ? looking at the code it seems like a form app to me (im a noob yes)
Code:Severity Code Description Project File Line Suppression State Error CS0103 The name 'MediviaBaseAddress' does not exist in the current context WindowsFormsApplication5 d:\users\pc-pc\documents\visual studio 2015\Projects\WindowsFormsApplication5\WindowsFormsApplication5\Form1.cs 54 Active Error CS1022 Type or namespace definition, or end-of-file expected WindowsFormsApplication5 d:\users\pc-pc\documents\visual studio 2015\Projects\WindowsFormsApplication5\WindowsFormsApplication5\Form1.cs 8 Active Error CS1022 Type or namespace definition, or end-of-file expected WindowsFormsApplication5 d:\users\pc-pc\documents\visual studio 2015\Projects\WindowsFormsApplication5\WindowsFormsApplication5\Form1.cs 9 Active Error CS1022 Type or namespace definition, or end-of-file expected WindowsFormsApplication5 d:\users\pc-pc\documents\visual studio 2015\Projects\WindowsFormsApplication5\WindowsFormsApplication5\Form1.cs 93 Active Error CS0246 The type or namespace name 'Form1' could not be found (are you missing a using directive or an assembly reference?) WindowsFormsApplication5 d:\users\pc-pc\documents\visual studio 2015\Projects\WindowsFormsApplication5\WindowsFormsApplication5\Program.cs 19 Active Error CS0103 The name 'WriteProcessMemory' does not exist in the current context WindowsFormsApplication5 d:\users\pc-pc\documents\visual studio 2015\Projects\WindowsFormsApplication5\WindowsFormsApplication5\Form1.cs 64 Active Error CS0117 'object' does not contain a definition for 'Dispose' WindowsFormsApplication5 d:\users\pc-pc\documents\visual studio 2015\Projects\WindowsFormsApplication5\WindowsFormsApplication5\Form1.Designer.cs 20 Active Error CS0115 'Form1.Dispose(bool)': no suitable method found to override WindowsFormsApplication5 d:\users\pc-pc\documents\visual studio 2015\Projects\WindowsFormsApplication5\WindowsFormsApplication5\Form1.Designer.cs 14 Active Error CS1061 'Form1' does not contain a definition for 'Text' and no extension method 'Text' accepting a first argument of type 'Form1' could be found (are you missing a using directive or an assembly reference?) WindowsFormsApplication5 d:\users\pc-pc\documents\visual studio 2015\Projects\WindowsFormsApplication5\WindowsFormsApplication5\Form1.Designer.cs 50 Active Error CS1061 'Form1' does not contain a definition for 'SuspendLayout' and no extension method 'SuspendLayout' accepting a first argument of type 'Form1' could be found (are you missing a using directive or an assembly reference?) WindowsFormsApplication5 d:\users\pc-pc\documents\visual studio 2015\Projects\WindowsFormsApplication5\WindowsFormsApplication5\Form1.Designer.cs 32 Active Error CS1061 'Form1' does not contain a definition for 'ResumeLayout' and no extension method 'ResumeLayout' accepting a first argument of type 'Form1' could be found (are you missing a using directive or an assembly reference?) WindowsFormsApplication5 d:\users\pc-pc\documents\visual studio 2015\Projects\WindowsFormsApplication5\WindowsFormsApplication5\Form1.Designer.cs 52 Active Error CS1061 'Form1' does not contain a definition for 'PerformLayout' and no extension method 'PerformLayout' accepting a first argument of type 'Form1' could be found (are you missing a using directive or an assembly reference?) WindowsFormsApplication5 d:\users\pc-pc\documents\visual studio 2015\Projects\WindowsFormsApplication5\WindowsFormsApplication5\Form1.Designer.cs 53 Active Error CS1061 'Form1' does not contain a definition for 'Name' and no extension method 'Name' accepting a first argument of type 'Form1' could be found (are you missing a using directive or an assembly reference?) WindowsFormsApplication5 d:\users\pc-pc\documents\visual studio 2015\Projects\WindowsFormsApplication5\WindowsFormsApplication5\Form1.Designer.cs 49 Active Error CS1061 'Form1' does not contain a definition for 'Load' and no extension method 'Load' accepting a first argument of type 'Form1' could be found (are you missing a using directive or an assembly reference?) WindowsFormsApplication5 d:\users\pc-pc\documents\visual studio 2015\Projects\WindowsFormsApplication5\WindowsFormsApplication5\Form1.Designer.cs 51 Active Error CS1061 'Form1' does not contain a definition for 'Form1_Load' and no extension method 'Form1_Load' accepting a first argument of type 'Form1' could be found (are you missing a using directive or an assembly reference?) WindowsFormsApplication5 d:\users\pc-pc\documents\visual studio 2015\Projects\WindowsFormsApplication5\WindowsFormsApplication5\Form1.Designer.cs 51 Active Error CS1061 'Form1' does not contain a definition for 'Controls' and no extension method 'Controls' accepting a first argument of type 'Form1' could be found (are you missing a using directive or an assembly reference?) WindowsFormsApplication5 d:\users\pc-pc\documents\visual studio 2015\Projects\WindowsFormsApplication5\WindowsFormsApplication5\Form1.Designer.cs 48 Active Error CS1061 'Form1' does not contain a definition for 'ClientSize' and no extension method 'ClientSize' accepting a first argument of type 'Form1' could be found (are you missing a using directive or an assembly reference?) WindowsFormsApplication5 d:\users\pc-pc\documents\visual studio 2015\Projects\WindowsFormsApplication5\WindowsFormsApplication5\Form1.Designer.cs 47 Active Error CS1061 'Form1' does not contain a definition for 'AutoScaleMode' and no extension method 'AutoScaleMode' accepting a first argument of type 'Form1' could be found (are you missing a using directive or an assembly reference?) WindowsFormsApplication5 d:\users\pc-pc\documents\visual studio 2015\Projects\WindowsFormsApplication5\WindowsFormsApplication5\Form1.Designer.cs 46 Active Error CS1061 'Form1' does not contain a definition for 'AutoScaleDimensions' and no extension method 'AutoScaleDimensions' accepting a first argument of type 'Form1' could be found (are you missing a using directive or an assembly reference?) WindowsFormsApplication5 d:\users\pc-pc\documents\visual studio 2015\Projects\WindowsFormsApplication5\WindowsFormsApplication5\Form1.Designer.cs 45 Active
Last edited by Engerd; 02-04-2016 at 01:28 AM.