Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #include "stdafx.h"
- #include <windows.h>
- #include <string>
- #include <MMsystem.h>
- #include <vector>
- #pragma comment(lib, "winmm.lib")
- std::string ProcessWindow;
- HANDLE hProcess;
- HANDLE hThread;
- DWORD ThreadID;
- DWORD proc_id;
- HWND hwnd;
- HWND ghWnd;
- DWORD ADDR_SMM;
- /* private server
- DWORD KO_CHRBMA = 0x93C98C;
- DWORD KO_SMMB= 0x93C914;
- DWORD KO_DLGP = 0x0093CC10;
- DWORD KO_SKLF = 0x0060A750;
- DWORD KO_SKLO = 0x01CC;
- */
- // usko v1804
- DWORD KO_CHRBMA =0x00C2DD10;
- DWORD KO_SMMB= 0x00C2DC40;
- DWORD KO_DLGP = 0x00C2E05C;
- DWORD KO_SKLF = 0x007896B0;// /$ 64:A1 0000000>MOV EAX, DWORD PTR FS:[0]
- DWORD KO_SKLO = 0x03DC;
- WORD KO_TAID = 0x0590;
- WORD KO_MEID = 0x05C4;
- /*
- DWORD Skills[] = {
- 108655,//Spike
- 108635,//Thrust
- 108615,//Pierce
- 108670,//Bloody Beast
- 108675,//Blinding
- 108640,//Cut
- 108620,//shock
- 108600,//Jab
- 108005,//stab
- 108006,//stab2
- 108680};//Beast Hiding
- */
- DWORD Skills[] = {
- 111511,
- 111723
- };
- int lol=0;
- HANDLE memory()
- {
- printf("%s\n",ProcessWindow.c_str());
- if (FindWindowA(NULL,"Error")) return NULL;
- ghWnd = FindWindowA(NULL,ProcessWindow.c_str());
- GetWindowThreadProcessId(ghWnd,&proc_id);
- hProcess = OpenProcess(0x1F0FFF,FALSE,proc_id);
- printf("%d\n",hProcess);
- return hProcess;
- }
- DWORD RDWORD(DWORD addy){
- DWORD Pointed;
- ReadProcessMemory(hProcess, (LPVOID*)(DWORD) addy, &Pointed, 4, NULL);
- return Pointed;
- }
- float RFLOAT(DWORD addy){
- float Vaule;
- ReadProcessMemory(hProcess, (LPVOID*)(DWORD) addy, &Vaule, 4, NULL);
- return Vaule;
- }
- DWORD SearchSkillAddress(DWORD SkillID){
- DWORD SkillBase,CurrentPtr,CurrentID;
- CurrentPtr = RDWORD(ADDR_SMM + 0x04);
- while(CurrentPtr != 0){
- CurrentID = RDWORD(CurrentPtr + 0x0C);
- if( CurrentID >= SkillID ){
- if( CurrentID == SkillID ){
- SkillBase = CurrentPtr;
- }
- CurrentPtr = RDWORD(CurrentPtr);
- }else{
- CurrentPtr = RDWORD(CurrentPtr + 0x08);
- }
- }
- return SkillBase;
- }
- void ExecuteRemoteCode(BYTE* pBytes, size_t nBytes){
- LPVOID FuncPtr;
- FuncPtr = VirtualAllocEx(hProcess, 0, nBytes, MEM_COMMIT, PAGE_READWRITE);
- if ( FuncPtr == NULL ) return;
- WriteProcessMemory(hProcess, (LPVOID)FuncPtr, pBytes, nBytes, 0);
- hThread = CreateRemoteThread(hProcess, 0, 0, (LPTHREAD_START_ROUTINE)FuncPtr, 0, 0, 0);
- if ( hThread != NULL ) WaitForSingleObject(hThread, INFINITE);
- CloseHandle(hThread);
- VirtualFreeEx(hProcess, FuncPtr, 0, MEM_RELEASE);
- }
- void SendsSkill(DWORD SkillB, DWORD TargetID)
- {
- BYTE Code[] = { 0x60, //PUSHAD
- 0x8B, 0x0D, 0, 0, 0, 0,//MOV ECX,DWORD PTR DS:[KO_DLGP]
- 0x8B, 0x89, 0, 0, 0, 0,//MOV ECX,DWORD PTR DS:[ECX+1CCh]
- 0x68, 0, 0, 0, 0, //PUSH TargetID
- 0x68, 0, 0, 0, 0, //PUSH SkillB
- 0xB8, 0, 0, 0, 0, //MOV EAX,KO_SKLF
- 0xFF,0xD0, //CALL EAX
- 0x61, //POPAD
- 0xC3}; //RET
- memcpy(Code + 3,&KO_DLGP,4);
- memcpy(Code + 9,&KO_SKLO,4);
- memcpy(Code + 14,&TargetID,4);
- memcpy(Code + 19,&SkillB,4);
- memcpy(Code + 24,&KO_SKLF,4);
- ExecuteRemoteCode(Code, sizeof(Code));
- }
- float TimeGet()
- {
- static bool bInit = false;
- static bool bUseHWTimer = FALSE;
- static LARGE_INTEGER nTime, nFrequency;
- if(bInit == false)
- {
- if(TRUE == ::QueryPerformanceCounter(&nTime))
- {
- ::QueryPerformanceFrequency(&nFrequency);
- bUseHWTimer = TRUE;
- }
- else
- {
- bUseHWTimer = FALSE;
- }
- bInit = true;
- }
- if(bUseHWTimer)
- {
- ::QueryPerformanceCounter(&nTime);
- return (float)((double)(nTime.QuadPart)/(double)nFrequency.QuadPart);
- }
- return (float)timeGetTime();
- }
- void SkillAttack(){
- DWORD ADDR_CHR = RDWORD(KO_CHRBMA);
- DWORD TID = RDWORD(ADDR_CHR + KO_TAID);
- if(TID!=-1){
- DWORD pSkill= SearchSkillAddress(Skills[lol]);
- if(!(DWORD)RFLOAT(pSkill +0x90)){
- SendsSkill(pSkill + 0x10,TID);
- printf("%d %d\n",(DWORD)RFLOAT(pSkill +0x90),TID);
- Sleep(400);// sonraki skill bekle 400 ms
- }else{
- if (lol ==7){// lol kullanilcak skill sayisi
- lol = 0;
- }else{
- lol = lol +1;}
- }
- }
- }
- void Tick()// timer
- {
- float fTime = TimeGet();
- static float fTimePrev = fTime;
- static float fInterval2 = 0;
- fInterval2 += fTime - fTimePrev;
- if(fInterval2 > 0.02f){
- SkillAttack();
- fInterval2 = 0.0f;
- }
- fTimePrev = fTime;
- }
- void loop(){//thread döngüsü
- while(1){
- Tick();
- Sleep(900);
- }
- }
- int _tmain(int argc, _TCHAR* argv[])
- {
- ProcessWindow = "5660";// ko wnd
- memory();//ged handle
- ADDR_SMM = RDWORD(RDWORD(KO_SMMB)+ 0x18);// skill pointerine git
- CreateThread(0,0,(LPTHREAD_START_ROUTINE) &loop,0,0,&ThreadID);// döngüyü başlat
- while(1){
- Sleep(100);
- }
- return 0;
- }
Add Comment
Please, Sign In to add comment