Ir para conteúdo
Faça parte da equipe! (2024) ×
Conheça nossa Beta Zone! Novas áreas a caminho! ×
  • Quem está por aqui   0 membros estão online

    • Nenhum usuário registrado visualizando esta página.

hacker perfect world [ECLUSIVO]


torrone
 Compartilhar

Posts Recomendados

Isso ae nao é rack exclusivo coisa nenhuma e nem tem virus, é um arquivo .rar q dentro tem 2 html.

em uma tem a propaganda do noob que postou o suposto virus e na outra uma pgina fajuta mandando baixa o hack mais velho do planeta <cheat engine> porq é speed, e da dica sobre BOT.

 

Aqui tem um hack com tutorial p voces

 

 

 

Release part:

Included in the CT (For PW english):

XYZ coords of your display name

XYZ coords of your camera

jump modifier

That's all I've been able to get updating pointers for. However, there's some other stuff on the CT, too. Remember this is completely unpolished; use at your own risk of getting confused

Codes:

Codes that write to the zoom1 and zoom2 modifiers

Codes that you can change to get infinite zoom out/in

As well as some others that are more or less useless

 

In the EXE:

Alt+0: enable infinite jump

Alt+456789: move around

Alt+1: Store location\n

Alt+2: Return to stored location

Alt+/: Set movement distance to .5; For moving around

Alt+*: Set movement distance to 4;For exploring the map

Alt++: Double the movement distance

Alt+-: Halve the movement distance

Alt+3: Update Addresses. Use after you change characters

Alt+Q: Quit

Alt+H: Help

 

Use:

3 seconds after you open the exe, it'll attach to whatever program has focus, so quickly switch to PW. After it attaches, it'll sound a beep to let you know and also print out your XYZ coords so you can make sure it's working right.

To have infinite jumps, hit Alt+0 to toggle. Whenever you're on your second jump, the program will change it so you're now only on your first jump. This is better than just freezing the value in CE as, now, you won't look strange when you're walking and it'll be more difficult to tell you're hacking.

If you want to look/move around, face north. The 8456 keys will act like WASD and 7 will be up while 9 is down.

Moving around vs just looking around: When you use the movement keys, the program is changing your XYZ position. However, your real XYZ position that the server sees is only updated when you're in real movement. So if you change your XYZ coords, you're just looking around and not actually moving. But, if you actually move (WASD), your position will be updated and you will be moved to the changed XYZ position. However, there's a Server side check on your location. So fas as I can tell, the check happens every 500ms and if you move more than ~.5 units since the last check, you'll be moved back to you original position by the server. (You may have experienced this while running down a steep hill or falling from something and you keep getting moved back to where you fell from) This would be pretty useless if you could only move .5 units and then have to walk again. But, there is a little glitch that makes this hack valuable. If you jump, you're continuously updating your ss location. Meaning if your jump modifier is at 1 or 2, you will be able to move around at will.

So, to look around, just use the 789456 keys while standing. To actually move around, make sure your distance is set to .5 or less and freeze your jump at 1. Make sure you're on the ground and not moving (If you're moving and you leave the ground, you'll fall back down). Now just use alt+789456 to go wherever you want. With this, you can even go inside objects. And, if you go up in the air, you won't fall until you move or jump. So you can also hunt monsters from up there: Just change your jump to 0 and don't move or do anything but cast and and you'll stay in the air.

Updating addys: Whenever you change change accounts or characters, you pointers will change, so just update them with alt+3 to be able to use hacks again.

 

Source:

This is written in C++ using Dev-C++ although it should compile under VC or anything else.

 

 

Tut part:

Finding addresses:

For those of you who want to try to find these addys yourself, (And I suggest you do as it's a good learning experience) I'll be giving a few hints if you're having trouble.

Before you start searching, you need to set memory searched to "All" instead of 32-bit. These addresses can land in some pretty weird places for some reason.

 

Jump:4 bytes

Set the game to pause when you search or the jump could end before the scan has finished.

Hint: standing = 0, jump = 1, double jump = 2.

 

XYZ coords: float

Whenever looking for coords, always try to find Z first as it's the easiest to not mess up.

You'll get several different address that change with you. Try changing each of them. You're looking for your camera to change.

After you've found the Z, X is that addy -4 and Y is that addy +4.

If you look at your location in-game, Real Z is what it says times 10.

 

Zoom:float

There's 2 different zoom addresses. One is where you're currently zoomed to and one is where you will zoom to when you zoom.

All the way in is 0 all the way out is 8

 

Mouse go coords: float

This is where your destination will be put when you click the mouse

same as the other XYZ coords

 

Changing those addys into updating pointers:

Every time you change characters, the addresses will change because they're not tracked directly. They're tracked view pointers. To find a pointer, right click an address > find out what writes to this address. When one pops up, it'll probably be something like "mov [esi+40], eax". This means EAX is copied into 40 + the address that's pointed to by ESI. Now click on more information. It'll say "the value of the pointer needed to find this address is probably XXXXXXX". Using the previous example, this value would be the address of the current value (zoom/XYZ etc) - 40. Anyway, close all that and make a new search: 4 bytes, exact value, Hex, and search for the XXXXXX value CE gave you. What comes up should be the pointer to your variable.

 

 

Debugging tut:

You'll need OllyDBG for this: ollydbg.de

And basic debugging knowledge

If you want to save any of the changes you make, right click >copy to executable > all changes. Then right click > backup > save data to file.

 

Don't have to go through the patcher:

Try to run the game without going through the patcher. What happens?

A little message box comes up and says "Please start game from launcher.exe". Remember that.

Before you start, you have to know that when you start a program, you can start it with extra information. This is normally the way a program checks if it was started directly or through a launcher.

Open elementclient.exe in olly.

There's 2 ways you can proceed from here

First way:

When that message box comes up, the client is calling MessageBoxA.

Hit ctrl+N to bring up everything called by the client and look for MessageBoxA. Right click on it can go to "find all references to import". Double click on any of the names in the new window to go to where it's called in the client. You'll see that before it's called, 4 things are PUSHed: style, title, text, and owner. Go through all the different calls until you see "Please start game from launcher.exe" PUSHed before the call.

Second way:

Right lcick>search for>All referenced text strings

Right click in the new window>Search for text

Search for "Please start game from launcher.exe" and double click what it finds to go to where it's called. You'll notice there's a call to MessageBoxA under that.

 

Now that you've found the consequence of what happens if don't start from the launcher, let's find out exactly what decides whether we really did or not.

Directly before messagebox is called, there's a JNZ (jump if not zero) to past the message box. So, depending on what that JNZ is testing, we will either show or not show that message box and execute extra code.

You'll also not that above that JNZ is a call to another function: wcsstr. This function takes 2 strings and searches for the second inside the first. Basically it's being used to compare the 2 strings. In this case, it's "game:cpw" and it's startup info.

Now that we've found exactly what tells the client whether or not it's been started directly or through a launcher, we have a few options as to what we can do. We can bypass the compare (wcsstr), bypass the check (JNZ) or, what I did, we can just start elementclient from a shortcut that passes the correct information. If you don't want to use the shortcut method, just change the JNZ to JMP(unconditional jump) and it will always jump over the bad stuff.

 

Disabling pwprotector.exe:

Since we now longer have to go through through the patcher, we can just delete pwprotector.exe and make a new blank exe (Just make a new file and rename it).

 

Multiclienting:

When you try to start the game when another is running, it'll come up with a message box that says "Game is currently running. You cna't start another process!"

This is basically the same thing as running it without the patcher, so we do the same thing to find this address.

Lo and behold, there's a JE (jump if equal) right above this call to the message box.

Simply change that to JMP and you've got multiclient.

Hint: the call is at 43bb0b

 

Infinite Zoom in/out

After you've found the zoom2 variable, go right click > find out what writes to this variable. You'll see that there's 2 codes that write to it only when you try to zoom too far in or too far out. Select one and click "show disassembler". Depending on which one you chose, it either comes directly after a JNE(jump if not equal) or a JP(jump if parity). Now, if you change those to JMPs, then it will always jump over those instructions. Now you've got infinite zoom out/in. But, when you close the game, this change will be lost. Note the addresses of the jumps (4056b2 and 4056d7) and go to those addresses when you've got the program open in olly and change them and save to always have inf zoom out.in.

 

 

 

DOWNLOAD

 

É necessário se cadastrar para acessar o conteúdo.

 

 

Fonte cheat engine forum

Link para o comentário
Compartilhar em outros sites

  • 4 semanas atrás...

<a href="

É necessário se cadastrar para acessar o conteúdo.
src="
É necessário se cadastrar para acessar o conteúdo.
border="0"><br>Click here to feed me a Star Fruit!</a><br><a href="
É necessário se cadastrar para acessar o conteúdo.
your own at Flyffables!</a>

Link para o comentário
Compartilhar em outros sites

  • 2 semanas atrás...
Este tópico está impedido de receber novos posts.
 Compartilhar

×
×
  • Criar Novo...

Informação Importante

Nós fazemos uso de cookies no seu dispositivo para ajudar a tornar este site melhor. Você pode ajustar suas configurações de cookies , caso contrário, vamos supor que você está bem para continuar.