Repost from darksteam.net by kingteam
Mình sẽ build source chỉ việc hook cho các bạn
Việc còn lại là các bạn test
SERVER
CLIENT
UPDATE:
Link download DLL
Client: http://mega.nz/#!9TgmVaSL!bgRHtIzlYeqa2sp-52NmFZbgQYON-9x0Q3EeLYLuhu4
Server: http://mega.nz/#!xfBF3YxZ!gfmquenSt-fgBu7n3hBZx8C9d17uEuh2Pw_x5RF4BYc
Hướng dẫn: Hook với StudPE hoặc LordPE bằng API XSTeam
Mình sẽ build source chỉ việc hook cho các bạn
Việc còn lại là các bạn test
SERVER
Mã:
//Struct
struct PMSG_CHARINFOMAIN
{
PBMSG_HEAD h;
BYTE Code;
BYTE Class;
WORD Dexterity;
WORD AttackSpeed;
WORD MagicSpeed;
};
Mã:
//Functions.cpp
#include "StdAfx.h"
Functions func;
BOOL Functions::gObjSetCharacterEx(LPBYTE lpdata, int aIndex)
{
BOOL retornar = gObjSetCharacter(lpdata,aIndex);
if(retornar == TRUE)
{
PMSG_CHARINFOMAIN Result;
Result.h.c = 0xC1;
Result.h.size = sizeof(Result);
Result.h.head = 0xFE;
Result.Code = 0x07;
Result.Class = gObj[aIndex].Class;
Result.Dexterity = (WORD)(gObj[aIndex].Dexterity);
Result.AttackSpeed = (WORD)(gObj[aIndex].m_AttackSpeed);
Result.MagicSpeed = (WORD)(gObj[aIndex].m_MagicSpeed);
DataSend(aIndex, (LPBYTE)(&Result), Result.h.size);
}
return retornar;
}
void Functions::gObjCalCharacterEx(int aIndex)
{
gObjCalCharacter(aIndex);
PMSG_CHARINFOMAIN Result;
Result.h.c = 0xC1;
Result.h.size = sizeof(Result);
Result.h.head = 0xFE;
Result.Code = 0x07;
Result.Class = gObj[aIndex].Class;
Result.Dexterity = (WORD)(gObj[aIndex].Dexterity);
Result.AttackSpeed = (WORD)(gObj[aIndex].m_AttackSpeed);
Result.MagicSpeed = (WORD)(gObj[aIndex].m_MagicSpeed);
DataSend(aIndex, (LPBYTE)(&Result), Result.h.size);
}
Mã:
//Functions.h:
#pragma once
class Functions
{
public:
static BOOL gObjSetCharacterEx(LPBYTE lpdata, int aIndex);
static void gObjCalCharacterEx(int aIndex);
};
extern Functions func;
Mã:
//Defines:
#define gObjSetCharacter ((bool(*)(LPBYTE lpdata, int aIndex)) 0x0045C370)
#define gObjCalCharacter ((void(*)(int aIndex)) 0x00451DE0)
Mã:
//Hooks:
func.HookThis((DWORD)&Functions::gObjSetCharacterEx,0x004026CB);
func.HookThis((DWORD)&Functions::gObjCalCharacterEx,0x004015AF);CLIENT
Mã:
//Struct
-------------------------------
struct PMSG_CHARINFOMAIN
{
PBMSG_HEAD h;
BYTE Code;
BYTE Class;
WORD Dexterity;
WORD AttackSpeed;
WORD MagicSpeed;
};
Mã:
//Naked.h
-------------------------------
#pragma once
DWORD nProtocolCoreBack = 0x4384FB;
LPBYTE nProtocolCoreData = nullptr;
void __declspec(naked) nProtocolCore()
{
__asm MOV nProtocolCoreData, EBP;
ProtocolCore(nProtocolCoreData);
__asm MOV EDX, DWORD PTR DS : [0x8311134];
__asm JMP nProtocolCoreBack;
}
Mã:
//Protocol.cpp
#include "StdAfx.h"
BYTE PlayerClass = 0;
WORD PlayerDexterity = 0;
WORD PlayerASpeed = 0;
WORD PlayerMSpeed = 0;
void ProtocolCore(LPBYTE aRecv)
{
if (aRecv[0] == 0xC1 || aRecv[0] == 0xC3)
{
switch (aRecv[2])
{
case 0xF3:
{
switch(aRecv[3])
{
case 0x03:
{
ApplyDexterityFix();
}
break;
}
}
break;
case 0xFE:
{
switch(aRecv[3])
{
case 0x07:
{
PMSG_CHARINFOMAIN* Info = (PMSG_CHARINFOMAIN*)(aRecv);
PlayerClass = Info->Class;
PlayerDexterity = Info->Dexterity;
PlayerASpeed = Info->AttackSpeed;
PlayerMSpeed = Info->MagicSpeed;
ApplyDexterityFix();
}
break;
}
}
break;
}
}
}
void ApplyDexterityFix()
{
switch (PlayerClass)
{
case 0:
{
if (PlayerMSpeed >= 455 && PlayerMSpeed <= 479)
{
*eMainSpeedFrame2 = 0.0024700f;
}
else if (PlayerMSpeed >= 605 && PlayerMSpeed <= 636)
{
*eMainSpeedFrame2 = 0.0019000f;
}
else if (PlayerMSpeed >= 637 && PlayerMSpeed <= 668)
{
*eMainSpeedFrame2 = 0.0018000f;
}
else if (PlayerMSpeed >= 669 && PlayerMSpeed <= 688)
{
*eMainSpeedFrame2 = 0.0017000f;
}
else if (PlayerMSpeed >= 855 && PlayerMSpeed <= 1040)
{
*eMainSpeedFrame2 = 0.0016300f;
}
else if (PlayerMSpeed >= 1041 && PlayerMSpeed <= 1104)
{
*eMainSpeedFrame2 = 0.0015500f;
}
else if (PlayerMSpeed >= 1301 && PlayerMSpeed <= 1500)
{
*eMainSpeedFrame2 = 0.0017500f;
}
else if (PlayerMSpeed >= 1501 && PlayerMSpeed <= 1524)
{
*eMainSpeedFrame2 = 0.0015000f;
}
else if (PlayerMSpeed >= 1525 && PlayerMSpeed <= 1800)
{
*eMainSpeedFrame2 = 0.0014500f;
}
else if (PlayerMSpeed >= 1801 && PlayerMSpeed <= 1999)
{
*eMainSpeedFrame2 = 0.0013000f;
}
else if (PlayerMSpeed >= 2000 && PlayerMSpeed <= 2167)
{
*eMainSpeedFrame2 = 0.0012500f;
}
else if (PlayerMSpeed >= 2168 && PlayerMSpeed <= 2354)
{
*eMainSpeedFrame2 = 0.0011500f;
}
else if (PlayerMSpeed >= 2855 && PlayerMSpeed <= 3011)
{
*eMainSpeedFrame2 = 0.0009000f;
}
else if (PlayerMSpeed >= 3011)
{
*eMainSpeedFrame2 = 0.0008100f;
}
else
{
*eMainSpeedFrame2 = 0.0020000f;
}
}
break;
case 1:
{
*eMainSpeedFrame1 = 0.0040000f;
*eMainSpeedFrame2 = 0.0020000f;
}
break;
case 2:
{
if (PlayerASpeed >= 509 && PlayerASpeed <= 549)
{
*eMainSpeedFrame1 = 0.0026000f;
}
else if (PlayerASpeed >= 550 && PlayerASpeed <= 750)
{
*eMainSpeedFrame1 = 0.0017000f;
}
else
{
*eMainSpeedFrame1 = 0.0040000f;
}
}
break;
case 3:
{
if (PlayerMSpeed >= 455 && PlayerMSpeed <= 479)
{
*eMainSpeedFrame2 = 0.0024700f;
}
else if (PlayerMSpeed >= 605 && PlayerMSpeed <= 636)
{
*eMainSpeedFrame2 = 0.0019000f;
}
else if (PlayerMSpeed >= 637 && PlayerMSpeed <= 668)
{
*eMainSpeedFrame2 = 0.0018000f;
}
else if (PlayerMSpeed >= 669 && PlayerMSpeed <= 688)
{
*eMainSpeedFrame2 = 0.0017000f;
}
else if (PlayerMSpeed >= 855 && PlayerMSpeed <= 1040)
{
*eMainSpeedFrame2 = 0.0016300f;
}
else if (PlayerMSpeed >= 1041 && PlayerMSpeed <= 1104)
{
*eMainSpeedFrame2 = 0.0015500f;
}
else if (PlayerMSpeed >= 1301 && PlayerMSpeed <= 1500)
{
*eMainSpeedFrame2 = 0.0017500f;
}
else if (PlayerMSpeed >= 1501 && PlayerMSpeed <= 1524)
{
*eMainSpeedFrame2 = 0.0015000f;
}
else if (PlayerMSpeed >= 1525 && PlayerMSpeed <= 1800)
{
*eMainSpeedFrame2 = 0.0014500f;
}
else if (PlayerMSpeed >= 1801 && PlayerMSpeed <= 1999)
{
*eMainSpeedFrame2 = 0.0013000f;
}
else if (PlayerMSpeed >= 2000 && PlayerMSpeed <= 2167)
{
*eMainSpeedFrame2 = 0.0012500f;
}
else if (PlayerMSpeed >= 2168 && PlayerMSpeed <= 2354)
{
*eMainSpeedFrame2 = 0.0011500f;
}
else if (PlayerMSpeed >= 2855 && PlayerMSpeed <= 3011)
{
*eMainSpeedFrame2 = 0.0009000f;
}
else if (PlayerMSpeed >= 3011)
{
*eMainSpeedFrame2 = 0.0008100f;
}
else
{
*eMainSpeedFrame2 = 0.0020000f;
}
}
break;
}
}
Mã:
//Protocol.h
#pragma once
void ProtocolCore(LPBYTE aRecv);
void ApplyDexterityFix();
Mã:
//Defines:
#define eMainSpeedFrame1 (float*)(0x54D4BC)
#define eMainSpeedFrame2 (float*)(0x54D8CC)
Mã:
//Hook
HookOffset((DWORD)&nProtocolCore,0x4384F5,0xE9);UPDATE:
Link download DLL
Client: http://mega.nz/#!9TgmVaSL!bgRHtIzlYeqa2sp-52NmFZbgQYON-9x0Q3EeLYLuhu4
Server: http://mega.nz/#!xfBF3YxZ!gfmquenSt-fgBu7n3hBZx8C9d17uEuh2Pw_x5RF4BYc
Hướng dẫn: Hook với StudPE hoặc LordPE bằng API XSTeam