The Bot I'm Working On

Discussion in 'MapleStory 2 Global' started by Trollerton, Apr 3, 2019.

Discuss The Bot I'm Working On in the MapleStory 2 Global area at GameKiller.net

  1. Trollerton

    Trollerton United States Godly Hacker

    Post Count:
    721
    Likes Received:
    1,185
    Stats
    Cheers! :emoji_tophat:
    Yes, currently undetected.
     

    Mr. Ad Advertisement

     
  2. dvs61

    dvs61 Canada The New Guy

    Post Count:
    17
    Likes Received:
    0
    Stats
    Do you will publiate a full download version ?
     
  3. Trollerton

    Trollerton United States Godly Hacker

    Post Count:
    721
    Likes Received:
    1,185
    Stats
    Yes, once I get a good version going, I will release it in the MapleStory 2 Global Hacks and Bots section.
     
    dvs61 and Blaze like this.
  4. PositivePlayer

    PositivePlayer Netherlands Lurker

    Post Count:
    3
    Likes Received:
    2
    Stats
    Your bot is looking pretty good, i would rather pay a monthly fee for it then having it detected within a week. Me personally would only use it for multi clienting.
     
    Trollerton likes this.
  5. Trollerton

    Trollerton United States Godly Hacker

    Post Count:
    721
    Likes Received:
    1,185
    Stats
    I'll consider making the bot public but the multi-client private, perhaps then.

    Update:
    Upon further testing with AttachThreadInput, it turns out I just forgot to log output on when the function did fail. So I've noticed that the function does fail on a few threads here and there. I've read up more on the reasons behind why ATI fails and it's one of 2 reasons:
    1. A journal record hook is installed, or:
    2. Either one of the threads doesn't have a message queue.
    Just specific ones fail. One that caught my eye is a DINPUT8.dll thread. DirectInput. Most likely has a journal record hook(? Anyone with more knowledge on what dinput8 actually contains out there?) that we need to cancel.(which I've also studied up on some more, I wasn't aware of cancelling journalrecordhooks last week or so)

    Going to do some further testing and studying with the cancellation of journalrecordhooks and then re-attempting ATI on the threads that it failed on.

    Also, just some minor update on other progress; added a gear icon button next to the close button that brings up the settings menu which currently only contains the hotkey preference with 0-9 and A-Z which just shows/hides the bot window when you press the selected key. The settings menu is going to follow the current color scheme of GK.
    Before clicking settings button:
    [​IMG]
    After clicking settings button:
    [​IMG]
    Fun fact; the settings menu in the editor is that single dark pixel I've circled in red.
    It grows when you click the gear icon.
    [​IMG]
    I see why people put their own dinput8.dll into the ms data folder now so it runs theirs instead. Going to avoid this route as that method seems detected.

    Update:
    I can now confirm that the dinput8 thread is the one that handles keyboard input. It doesn't handle the mouse input. I suspended it and was not able to move my char around via physically pressing the keys, however I was able to with the mouse.

    So in theory, calling a cancel of a journalrecordproc and journalplaybackproc hook on that thread should allow me to attach that thread's IPM to my IPM and then send input to my IPM which will send it to that thread's IPM which should then control the character.
    Shall test it after work.

    This is not going to be the same as replacing the dinput8 with my own dinput8.
    I'm not even hooking directly into dinput8 at all. My bot will not utilize any of the dinput8 API functions. Just to clarify that this is still going to be different than the aforementioned most-likely detected method.

    Update:
    Hello all, I apologize for the delay on this project, my net's been down the past week. Shall continue this tonight.

    Update:
    Currently getting all the character stats to display correctly. Got HP(health),SP(spirit),EP(energy/stamina),and character Z coordinate so far. X and Y are giving me troubles atm but I'll get 'em.
    These are all important because the bot needs to know where to go and when to press heal potion/skill key and such.
    [​IMG]
    Also, once I've collected 'em all, I'll post the pointers, offsets, and AOBs to hopefully inspire some more content for the public MS2 scene. :emoji_tophat:

    CharZ shows as 2401 which just means I'm 24 blocks up, so I'm going to slim that a bit later.

    Update:
    Found the Char X and Y coords, I was just over-complicating it.
    [​IMG]
     
    Last edited: May 25, 2019
  6. Forensicsman

    Forensicsman United States Lurker

    Post Count:
    7
    Likes Received:
    5
    Stats
    Thank you for the update! I so wish I was able to help you with this, has always been something I wish I could learn!
     
  7. Trollerton

    Trollerton United States Godly Hacker

    Post Count:
    721
    Likes Received:
    1,185
    Stats
    No prob! I was actually thinking after this of starting a vid tutorial series on a lot of this.

    Update:
    Since I've still got a ways to go with the bot, I'll be releasing a public version of the standalone multi client part of it that I've also worked on the past couple days, in the meantime while I work on the bot. The public version will allow 2 clients. Private version will work for as many as your comp can handle.
    Will be releasing it
    , in the releases section of GK and GK only. If you see it on a rival site, warn people to be skeptical of it, or just report it. I don't promote leeching(taking content from one site and posting it to another by someone other than the creator). It annoys me.
    [​IMG]

    Updates on the bot progress shall continue in this thread. :emoji_tophat:

    Update:
    The Char XYZ coordinates are a bit more complex than I thought. Upon further messing with them and testing botting functions I've realized they seem to be polymorphic or some shit. x_x
    Example:
    In your character's home, The base pointer address, along with it's offsets are all different than the base pointer and offsets in Lith Harbor(just the place I've been testing)
    So I went ahead and got the base pointer and it's offsets there and figured, "Oh okay, these must be the "general" or "world" xyz that shouldn't change unless I go into my char's home. Then it'll switch to those char xyz addy and offsets. Right?" No...
    So my next thought was, "Ah, bastards. They probably have a different char base with different offsets per every single map in the game."
    But then it got even more complex when I walked into one a the little buildings in Lith Harbor and then walked back out to Lith Harbor to find that the XYZ were wrong...
    And this is where it leads me to believe the code is polymorphic:
    I logout in Lith Harbor, exit the game, go back in, inject my bot, char XYZ coords are correct again. Run around whole map, yada yada, do some stress testing to see what exactly changes them again, find out that going into any portal or to home and back changes them.

    tl;dr:
    Long story short,
    I got a nice little complex algorithm on my hands that I gotta figure out. Well played, Nexon. Well played.
    More summary; the XYZ coords are correct when you login on Lith Harbor. But the second you change maps and go back, they're incorrect and show random numbers.

    Aside from that, logging in on any other map, they're incorrect. So every single map has it's own mutating XYZ char coords. It's interesting.


    Update:
    But not well played enough, we're back on track lads, the Char XYZ now stay correct no matter what map you're on.

    Update:
    Well balls, I forgot the Awakening update was at this time. It'll at least be easier updating it with this patch this time around.

    Update:
    The offsets didn't change in the patch so that was nice. And only the CharStatsBase pointer changed.(the current/max HP, SP, and EP pointer)

    Update:
    Char X,Y,Z, Mesos, and Current Exp all showing properly.
    Working on a scripting tab currently for making your own botting functions as well.
    So far I got:
    Walk(direction,seconds)
    Working correctly.
    Ex:
    Code:
    Walk(up,6)
    
    Will make your character walk up(currently uses MS2 default keyboard/mouse keys so this will press W key) for 6 seconds.
    Any of the following are also currently functional in that aspect of default MS2 keyboard/mouse gameplay:
    Code:
    Walk(upleft,6)
    Walk(upright,6)
    Walk(left,6)
    Walk(right,6)
    Walk(down,6)
    Walk(downleft,6)
    Walk(downright,6)
    
    [​IMG]
    Working on Coords Method Walk next.
    Walk(x,y)

    As well as KeyPress(key)

    Update:
    Still some jankiness and kinks that I gotta work out, like shown in the new vid here when I had to click the keys a bit manually to get the script working but, the scripting functionality is comin' along.

    This is going to be so you guys can write your own specific scripts that you don't feel like waiting for in the next release of the bot for once I get it out there. Or things that I just haven't added in.
    Like, "Ahh, man, wish there was a botting function that did this." Well, don't wait up for me, I'm bad with timing.

    Also don't worry, it won't be that ugly, I just temporarily slapped the textBox and button there for testing purposes.

    Update:
    So the scripter is pretty functional currently, just a few more tweaks to it and it's solid. I could do an early release of that for now if you guys would like so you can make your own botting scripts. But the downside to it is that the window needs to be focused.
    So it's incompatible with multiple clients currently(BUT actually-and I literally just thought of this as I was typing this-I could also include a function for the scripter that says, SwitchWindow(OtherMS2InstanceWindow And Run the script in that one) so you could have multiple bots still doing scripts, it's just that they would have to take turns. E.g.: Bot1 has a script that does X dungeon and then at the end says to switch to Bot2 window and run that script which is the exact same as the other one except it'll either say to switch back to the first bot or to a third one, etc.).

    But anyways, aside from that, I believe I'm on the verge of figuring out the unfocused keypresses/botting. :)
    This is my notes on the matter:
    [​IMG]
    Oh also GK themed Scripting tab looks like this currently(satisfied enough with it currently but will probably make some tweaks down the road to it.)
    [​IMG]
    ^^It's reading a buncha jibberish numbers down there in this screeny 'cause this one is just the C++ debugger version running and not actually injected.
     
    Last edited: Jun 10, 2019
    Qybah and ResistanceBand like this.
  8. Trollerton

    Trollerton United States Godly Hacker

    Post Count:
    721
    Likes Received:
    1,185
    Stats
    UPDATE:
    Great news, lads! Got unfocused botting working. :emoji_skull::emoji_tophat:

    Char now walks while I'm typing in notepad or doin' some other sheezy in another window. Gonna be settin' the bot up for the first release now very soon.(still just the scripting version but hey, go crazy with makin' your own botting scripts/functions in the meantime!)
     
    Shadowx93 and ResistanceBand like this.
  9. Forensicsman

    Forensicsman United States Lurker

    Post Count:
    7
    Likes Received:
    5
    Stats
    So exciting!
     
    Trollerton likes this.
  10. gipal

    gipal United States Prominent Hacker

    Post Count:
    452
    Likes Received:
    439
    Stats
    seems like you may have already figured this out the hard way but be careful testing anything in your house there's a good bit of just weirdly different factors between house maps and field maps

    for key input you don't have to worry ofc but beyond that things like teleport/speed/noclip/camera are all completely unrestricted in your house, and if you're still looking for any offsets are all still valid just replace the 0x1B4's with 0x1B0 :emoji_innocent: cool stuff thought, curious for your background windowed input are you able to actually send input to the window or are you forcing the character to move ?
     
    cosmoruless and Trollerton like this.
  11. Trollerton

    Trollerton United States Godly Hacker

    Post Count:
    721
    Likes Received:
    1,185
    Stats
    Yeah, definitely figured that the hard way haha. :P

    It appears I'm hooking the character movement function and forcing the char to move. But it's a little puzzling 'cause in the same data structure it shows certain values for every key bring pressed. It's handled by a few different addresses as shown in the pic below, with each of their values. However, changing the values in that same data structure to attempt other keys doesn't work. So I assume for now that it's the character movement function I'm hooking into, I just don't quite understand why it shows other keypress values in that same structure. Perhaps for different checks? Like, "If char is moving and they press dash/teleport key then do some extra bit of code"? :emoji_thinking: Gotta look into it further.
    [​IMG]

    Update:
    Working on getting "reactors" x,y,z currently.(for easier faming and such)
    Trying to make it so you can just put Walk(FarmX,FarmY) in a script or similar and then it'll automatically find your farming blocks for you and walk to them.
     
    Last edited: Jun 13, 2019 at 12:42 AM
    Shadowx93 likes this.
  12. mrgorungo

    mrgorungo Japan The New Guy

    Post Count:
    38
    Likes Received:
    10
    Stats
    it lookes like sending keypress by sendinput/postmessage not working
    mouse button works tho
     
  13. Trollerton

    Trollerton United States Godly Hacker

    Post Count:
    721
    Likes Received:
    1,185
    Stats
    For using SendInput with keys use this; I've included comments to explain.
    Info

    //SENDINPUT METHOD(WORKS, BUT WINDOW MUST BE FOCUSED)
    //Setup INPUT structure

    INPUT SIKeyPress;

    SIKeyPress.type = INPUT_KEYBOARD;//initialize the type as keyboard input(ki)
    //Since the type has been initialized as ki(keyboard input) from here, we use INPUT.ki.X as so:

    SIKeyPress.ki.time = 0;//not needed, just leave it as 0
    SIKeyPress.ki.wVk = 0; //We're doing scan codes instead of wVk(Windows Virtual Keys) so this stays 0
    SIKeyPress.ki.dwExtraInfo = 0;//not needed just leave as 0
    SIKeyPress.ki.dwFlags = KEYEVENTF_SCANCODE;//enable hardware scan codes
    SIKeyPress.ki.wScan = KeyScanCode;//hexadecimal scancode for the key here

    //Send the keydown
    SendInput(1, &SIKeyPress, sizeof(INPUT));//SendInput(number of INPUT structures(we only have 1 structure to send), &(address of our INPUT structure), declare the size of the structure that you're sending in bytes. In this case it's the size of the INPUT structure)
    Sleep(250);//Required Sleep here(can only go as low as 25ms, any lower SendInput will be ignored. Any higher than 250ms, is too long of a Sleep when sending input, especially if you plan on sending more or multiple at a time, so I would suggest just keeping it at 250.)

    //Send Keyup
    SIKeyPress.ki.dwFlags = KEYEVENTF_SCANCODE | KEYEVENTF_KEYUP;
    SendInput(1, &SIKeyPress, sizeof(INPUT));

    Replace "KeyScanCode" with a Scan Code Key NOT a Virtual Key.
    Here's a list of the scan codes for the keys:

    Also on that page; ignore the first part that looks like this:
    [​IMG]

    Scroll down and get the scan codes from the table below:
    [​IMG]

    Update:
    First things first, I apologize to those who had to read the shit show before it was gone(my own replies included, as it "takes two to Tango" per say.)(but also sorry to those who missed it. :P Can't help it sometimes with the alias "Trollerton" :emoji_upside_down:)

    And with that out of the way; I can say I've figured out the "keypesses"
    (quoted 'cause I guess the lad wasn't completely wrong, you can't technically send keypresses through Cheat Engine/ASM[Assembly] however, you can change values to make the game think the keys are down which in turn does the exact same shit. 'Cause I mean if we're getting even more technical, you can't programmatically send a keypress in general. In any code language. It's impossible-unless-you're programming an actual robot that will literally trigger things to make the keys on your physical keyboard go up and down as if your finger was pressing/decompressing it.)

    So! I'll get back to you all with another video once I get this code wrapped up and such, as quickly as possible.
    And then after that, a release of this WIP(Work In Progress) bot.
     
    Last edited: Jun 16, 2019 at 4:13 AM
    Shadowx93 likes this.
  14. Trollerton

    Trollerton United States Godly Hacker

    Post Count:
    721
    Likes Received:
    1,185
    Stats
    Update:
    Latest showcase vid of it :emoji_tophat:


    Update:
    I know I'm awful with timing guys, I apologize, I keep sayin' "soon" and a "bit longer", but I just want to make sure it does what it's supposed to in it's current state before the first release.
    First release will mostly just be the Scripter.
    But to make it easier on you guys, I'm making a "Script Assistant" function that when you toggle it on and set the hotkey, it'll help you make the script with less typing.
    Ex:
    >Set Script Assistant key to F
    >Toggle Script Assistant on
    >Go in game window and press F; it'll put, "Walk(xYourCurrentXCoordHere,yYourCurrentYCoordHere)" on the first line for you
    >Walk to a different spot and press F again; it'll put, "Walk(xYourCurrentXCoordHere,yYourCurrentYCoordHere)" on the second line, and so on and so forth.

    And then for keypresses it would go as such:
    >Hold Script Assistant Key(Ex: F) and press another key(say you have a potion on 1 that you want it to use), so you hold F and then press 1 and it'll put, "SIKP(SC_1)" on the Nth line for you.

    I'll make another vid demonstrating this if it sounds confusing, once I'm finished with it.
     
    Last edited: Jun 17, 2019 at 4:50 AM
    Blaze and ResistanceBand like this.

Share This Page

  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies.
    Dismiss Notice
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies.
    Dismiss Notice