BorderGame
AutoIT: Sorgente packet logger [Beta Shadow992] - Versione stampabile

+- BorderGame (https://www.bordergame.it)
+-- Forum: NosTale (/Forum-NosTale)
+--- Forum: Hack e Bot Nostale - Utenti (/Forum-Hack-e-Bot-Nostale-Utenti)
+--- Discussione: AutoIT: Sorgente packet logger [Beta Shadow992] (/Thread-AutoIT-Sorgente-packet-logger-Beta-Shadow992)

AutoIT: Sorgente packet logger [Beta Shadow992] - scl - 26-11-2012 07:40 PM

Vi lascio due release di Shadow992, che ha donato in beneficenza al mondo Wink

Mirraccomando utilizzate la libreria CCInject!

Codice:
#include <CCInject.au3>
#include <ButtonConstants.au3>
#include <EditConstants.au3>
#include <GUIConstantsEx.au3>
#include <WindowsConstants.au3>
#Include <GuiEdit.au3>
#include <ScrollBarConstants.au3>

Local $packets_recv[5000]
Local $address[1][3]
Local $old_opcode_recv
Local $found_recv,$activated=0

$address[0][0] = 0x0051CE08
$address[0][1] = "E8 ?? ?? ?? ?? 8B D0 8B 5D ?? 8B 4D ?? 8B 43 ?? FF 53 ?? EB ?? 8B 45"
$address[0][2] = -1

if Not ProcessExists("NostaleX.dat") Then
    MsgBox(0,"Error","Please start Nostale first.")
EndIf

While Not ProcessExists("NostaleX.dat")
    Sleep(111)
WEnd

$memopen = _MemoryManipulationOpen(ProcessExists("NostaleX.dat"))

$found_recv=_MemorySearchForBytes($memopen, $address[0][1], $address[0][0]-1000000, $address[0][0]+1000000)
$found_recv[0]=$found_recv[0]-$address[0][2]

$alloc_var=_AllocateMemoryForVariable($memopen)
$allocated_arr = _AllocateMemoryFor2DArray($memopen,Ubound($packets_recv),128,"char")

$asm_code = _CreateASM_CopyRegisterTo2DArrayEx($allocated_arr,$alloc_var,"edx")

Opt("GUIOnEventMode", 1)
#Region ### START Koda GUI section ### Form=
$Form2 = GUICreate("Recv-Packets-Logger", 239, 401, 324, 218)
GUISetOnEvent($GUI_EVENT_CLOSE, "Form1Close")
$Edit1 = _GUICtrlEdit_Create($Form2,"", 8, 64, 225, 329,BitOR($ES_WANTRETURN, $WS_VSCROLL, $WS_HSCROLL,$ES_MULTILINE,$WS_TABSTOP))
$Button1 = GUICtrlCreateButton("Start", 8, 32, 105, 25)
GUICtrlSetOnEvent($Button1, "Button1Click")
$Button2 = GUICtrlCreateButton("Stop", 128, 32, 105, 25)
GUICtrlSetOnEvent($Button2, "Button2Click")
$Label1 = GUICtrlCreateLabel("...", 8, 8, 105, 16)
GUISetState(@SW_SHOW)
#EndRegion ### END Koda GUI section ###

While ProcessExists("NostaleX.dat")
    Sleep(3000)
    if IsArray($old_opcode_recv) and $activated=1 Then
        $read=GUICtrlRead($Edit1)
        $temp1=""
        For $i=0 To Ubound($packets_recv)-1
            $packets_recv[$i]=_ReadMemory2DArrayString($memopen,$allocated_arr,$i)
            if $packets_recv[$i]<>chr(0) and $activated=1 Then
                _MemoryReset2DArray($memopen,$allocated_arr,$i)
                $temp1=$temp1&"["&@HOUR&":"&@MIN&":"&@SEC&"] "&$packets_recv[$i]&@CRLF
            EndIf
        Next
        _GUICtrlEdit_BeginUpdate($Edit1)
        $sel=_GUICtrlEdit_GetSel($Edit1)
        _GUICtrlEdit_AppendText($Edit1, $temp1)
        _GUICtrlEdit_SetSel($Edit1, $sel[0], $sel[1])
        _GUICtrlEdit_EndUpdate($Edit1)
        GUICtrlSetData($Label1,"Recv-Packets: "&_GUICtrlEdit_GetLineCount($Edit1))
    EndIf
WEnd

Func Button1Click()
    if NOT IsArray($old_opcode_recv) and $activated=0 Then
        $old_opcode_recv=_InjectASMAtAddress($memopen, $found_recv[0], 6, $asm_code)
        $activated=1
    EndIf
EndFunc

Func Button2Click()
    if IsArray($old_opcode_recv) and $activated=1 Then
        _MemoryBytesWrite($memopen,$found_recv[0],$old_opcode_recv[3])
        $activated=0
    EndIf
EndFunc

Func Form1Close()
    if IsArray($old_opcode_recv) Then
        _MemoryBytesWrite($memopen,$found_recv[0],$old_opcode_recv[3])
    EndIf
    Exit
EndFunc

Codice:
#include <CCInject.au3>
#include <Array.au3>
#include <ButtonConstants.au3>
#include <EditConstants.au3>
#include <GUIConstantsEx.au3>
#include <WindowsConstants.au3>
#Include <GuiEdit.au3>

Local $packets_recv[5000]
Local $packets_send[1000]
Local $address[2][3]
Local $old_opcode_recv,$old_opcode_send
Local $found_recv,$activated=0

$address[0][0] = 0x0051CE08
$address[0][1] = "E8 ?? ?? ?? ?? 8B D0 8B 5D ?? 8B 4D ?? 8B 43 ?? FF 53 ?? EB ?? 8B 45"
$address[0][2] = -1

$address[1][0] = 0x0051C969
$address[1][1] = "01 00 00 00 0A 00 00 00 53 56 8B F2"
$address[1][2] = 3


if Not ProcessExists("NostaleX.dat") Then
    MsgBox(0,"Error","Please start Nostale first.")
EndIf

While Not ProcessExists("NostaleX.dat")
    Sleep(111)
WEnd

$memopen = _MemoryManipulationOpen(ProcessExists("NostaleX.dat"))

$found_recv=_MemorySearchForBytes($memopen, $address[0][1], $address[0][0]-1000000, $address[0][0]+1000000)
$found_recv[0]=$found_recv[0]-$address[0][2]

$found_send=_MemorySearchForBytes($memopen, $address[1][1], $address[1][0]-1000000, $address[1][0]+1000000)
$found_send[0]=$found_send[0]-$address[1][2]

$alloc_var_recv=_AllocateMemoryForVariable($memopen)
$allocated_arr_recv = _AllocateMemoryFor2DArray($memopen,Ubound($packets_recv),128,"char")
$asm_code_recv = _CreateASM_CopyRegisterTo2DArrayEx($allocated_arr_recv,$alloc_var_recv,"edx")

$alloc_var_send=_AllocateMemoryForVariable($memopen)
$allocated_arr_send = _AllocateMemoryFor2DArray($memopen,Ubound($packets_send),128,"char")
$asm_code_send = _CreateASM_CopyRegisterTo2DArrayEx($allocated_arr_send,$alloc_var_send,"edx")

Opt("GUIOnEventMode", 1)
#Region ### START Koda GUI section ### Form=
$Form2 = GUICreate("Packet-Logger", 606, 413, 161, 191)
GUISetOnEvent($GUI_EVENT_CLOSE, "Form1Close")
$Edit1 = _GUICtrlEdit_Create($Form2,"", 8, 72, 193, 337,BitOR($ES_WANTRETURN, $WS_VSCROLL, $WS_HSCROLL,$ES_MULTILINE,$WS_TABSTOP))
$Edit2 = _GUICtrlEdit_Create($Form2,"", 216, 72, 193, 337,BitOR($ES_WANTRETURN, $WS_VSCROLL, $WS_HSCROLL,$ES_MULTILINE,$WS_TABSTOP))
$Button1 = GUICtrlCreateButton("Start", 30, 32, 105, 25)
GUICtrlSetOnEvent($Button1, "Button1Click")
$Button2 = GUICtrlCreateButton("Stop", 270, 32, 105, 25)
GUICtrlSetOnEvent($Button2, "Button2Click")
$Button3 = GUICtrlCreateButton("Clear All", 150, 32, 105, 25)
GUICtrlSetOnEvent($Button3, "Button3Click")
$Label1 = GUICtrlCreateLabel("...", 8, 8, 193, 16)
$Label2 = GUICtrlCreateLabel("...", 216, 8, 193, 16)
$Label3 = GUICtrlCreateLabel("Filtered Packets", 416, 160, 80, 17)
$Label4 = GUICtrlCreateLabel("Packets to filter (uses RexEx)", 416, 8, 142, 17)
$Edit3 = GUICtrlCreateEdit("", 416, 32, 177, 121)
$Edit4 = _GUICtrlEdit_Create($Form2,"", 416, 184, 185, 225,BitOR($ES_WANTRETURN, $WS_VSCROLL, $WS_HSCROLL,$ES_MULTILINE,$WS_TABSTOP))
GUISetState(@SW_SHOW)
#EndRegion ### END Koda GUI section ###

While ProcessExists("NostaleX.dat")
    Sleep(3000)
    if IsArray($old_opcode_recv) and $activated=1 Then
        $temp1=""
        $temp2=""
        $temp3=""
        $read=GUICtrlRead($Edit3)
        $splited=StringSplit($read,@CRLF,2)

        For $i=0 To Ubound($packets_recv)-1
            $packets_recv[$i]=_ReadMemory2DArrayString($memopen,$allocated_arr_recv,$i)
            if $packets_recv[$i]<>chr(0) and $activated=1 Then
                _MemoryReset2DArray($memopen,$allocated_arr_recv,$i)
                $temp1=$temp1&"["&@HOUR&":"&@MIN&":"&@SEC&"] "&$packets_recv[$i]&@CRLF
                if IsArray($splited) and $read<>"" Then
                    For $i2=0 To UBound($splited)-1
                        if $splited[$i2]<>"" and StringRegExp($packets_recv[$i], $splited[$i2])=1 Then
                            $temp3=$temp3&"{Recv: "&@HOUR&":"&@MIN&":"&@SEC&"} "&$packets_recv[$i]&@CRLF
                            ExitLoop
                        EndIf
                    Next
                endif
            EndIf
        Next
        For $i=0 To Ubound($packets_send)-1
            $packets_send[$i]=_ReadMemory2DArrayString($memopen,$allocated_arr_send,$i)
            if $packets_send[$i]<>chr(0) and $activated=1 Then
                _MemoryReset2DArray($memopen,$allocated_arr_send,$i)
                $temp2=$temp2&"["&@HOUR&":"&@MIN&":"&@SEC&"] "&$packets_send[$i]&@CRLF
                if IsArray($splited)  and $read<>"" Then
                    For $i2=0 To UBound($splited)-1
                        if $splited[$i2]<>"" and StringRegExp($packets_send[$i], $splited[$i2])=1 Then
                            $temp3=$temp3&"{Sent: "&@HOUR&":"&@MIN&":"&@SEC&"} " &$packets_send[$i]&@CRLF
                            ExitLoop
                        EndIf
                    Next
                EndIf
            EndIf
        Next
        _GUICtrlEdit_BeginUpdate($Edit1)
        $sel=_GUICtrlEdit_GetSel($Edit1)
        _GUICtrlEdit_AppendText($Edit1, $temp1)
        _GUICtrlEdit_SetSel($Edit1, $sel[0], $sel[1])
        _GUICtrlEdit_EndUpdate($Edit1)

        _GUICtrlEdit_BeginUpdate($Edit2)
        $sel=_GUICtrlEdit_GetSel($Edit2)
        _GUICtrlEdit_AppendText($Edit2, $temp2)
        _GUICtrlEdit_SetSel($Edit2, $sel[0], $sel[1])
        _GUICtrlEdit_EndUpdate($Edit2)

        _GUICtrlEdit_BeginUpdate($Edit4)
        $sel=_GUICtrlEdit_GetSel($Edit4)
        _GUICtrlEdit_AppendText($Edit4, $temp3)
        _GUICtrlEdit_SetSel($Edit4, $sel[0], $sel[1])
        _GUICtrlEdit_EndUpdate($Edit4)

        GUICtrlSetData($Label1,"Recv-Packets: "&_GUICtrlEdit_GetLineCount($Edit1))
        GUICtrlSetData($Label2,"Send-Packets: "&_GUICtrlEdit_GetLineCount($Edit2))
    EndIf
WEnd

Func Button1Click()
    if $activated=0 Then
        $old_opcode_recv=_InjectASMAtAddress($memopen, $found_recv[0], 6, $asm_code_recv)
        $old_opcode_send=_InjectASMAtAddress($memopen, $found_send[0], 5, $asm_code_send)
        $activated=1
    EndIf
EndFunc

Func Button2Click()
    if IsArray($old_opcode_recv) and $activated=1 Then
        _MemoryBytesWrite($memopen,$found_recv[0],$old_opcode_recv[3])
        _MemoryBytesWrite($memopen,$found_send[0],$old_opcode_send[3])
        $activated=0
    EndIf
EndFunc

Func Button3Click()
    _GUICtrlEdit_SetText($Edit1,"")
    _GUICtrlEdit_SetText($Edit4,"")
    _GUICtrlEdit_SetText($Edit2,"")
EndFunc

Func Form1Close()
    if IsArray($old_opcode_recv) Then
        _MemoryBytesWrite($memopen,$found_recv[0],$old_opcode_recv[3])
        _MemoryBytesWrite($memopen,$found_send[0],$old_opcode_send[3])
    EndIf
    Exit
EndFunc