[AH Bot] HappyAuction

[ChuiChu]

ok this is for the curious hackers out there:


D3 Bnet Unencrypted Packet Sniffer

TUTORIAL
1. Have D3 running at the main lobby
2. Open CheatEngine ( http://www.cheatengine.org/ )
- 2.1. <File/Open Process/Diablo III.exe>
- 2.2. Hit [Memory View] button
- 2.3. <Tools/Lua Engine>
- 2.4. Pasted the code below into the lower section and hit [Execute]
- 2.5. uncheck: <view/show on print>
3. In D3 open chat window and say something.
- 3.1. You will see that packet in the CheatEngine LUA window.
- 3.2. Now explore the AH!

NOTES
- Bnet packets are split into multiple messages. These are seperated out by this sniffer
- Each message is displayed in character then byte format. Paste into a fixed width editor like notepad to see it aligned.
- Each message is in the format
id: 1 bytes
length: 1 or 2 bytes
content: <length> bytes
- If you guys find this useful I'll find the recv version next
- WARNING: Warden may detect this!

Code:

local send_call = getAddress('battle.net.dll') + 0x158c72

function debugger_onBreakpoint()
    if EIP == send_call then
        print('SIZE:' .. EDI)

        local packet = readBytes(EBX, EDI, true)
        local offset = 0

        while offset < #packet do
            local length
            local p1, p2 = packet[offset + 2] or 0, packet[offset + 3] or 0
            if p1 >= 0x80 then
                 length = (p1 % 0x80) + (p2 * 0x80) + 3
            else
                 length = p1 + 2
            end

            local bytes  = ''
            local chars = ''
            for i=1, length do
                local value = packet[offset+i] or 0
                bytes = bytes .. string.format('%0.2X ', value)
                if value >= 0x20 and value <= 0x7e then
                    chars = chars .. string.format('%c  ', value)
                else
                    chars = chars .. '.  '
                end
            end
            print(chars)
            print(bytes)

            offset = offset + length
        end

        print('')
        debug_continueFromBreakpoint(co_run)

        return 1
    end
end

debug_setBreakpoint(send_call)

[Lewis662]

Has anyone used both this and Blizzkrieg ah bot? What are the major differences and which do you prefer?


Oakley Sunglasses

[alcor75]

is this with 44? i fixed quite a few of those.

No, were ver 41, you probably already fixedit.

Tnx you Chui. Even for that hack.. testing it...

[CHandest]

Are you guys still getting crashes with the diablo client? I get atleast one crash pr. hour.

[alcor75]

Are you guys still getting crashes with the diablo client? I get atleast one crash pr. hour.

Yea i crash also, but not that much, once a day if i'm unlucky...
Still i don't think is HA related.

[ChuiChu]

if you are getting d3 crashes plz post the crash info you see


also is anyone running 44 getting relogin issues? im trying to figure out the reason its failing for sehai before i post another update

[alcor75]

give me a minute, i'll adapt and test, i'll be online from this moment and for the entire next day, ask whatever you need tested and i'll try it, with all this time in my hand i'm drilling for the new baby

[alcor75]

My toon even relog from the lobby, using v 44, is awesome ! !!

haFilterStatClear seem to always fail (if haFilterStatClear() then newer fire ) in v44, is it deprecated or removed?

[unrealaz]

The Chinese hack could emulate the Diablo 3 client and request from the servers items that aren't past the 5 minutes. This could be done with a direct query on the database somehow.
Another thing they might do is emulate the client and read the items directly from the bnet packets and send out a buy command from the emulation thus not time to display the item would be lost. Just some ideas a very good programmer could implement.

[MATRASUS]

As it was confirmed with crit mempos the "chinese" can not pass 5 min wall. But I think they made clientless AH bot and it successfully beats all the others because

not time to display the item would be lost

[Sehae]

As it was confirmed with crit mempos the "chinese" can not pass 5 min wall. But I think they made clientless AH bot and it successfully beats all the others because

+1

PS: does anyone have a relog issue using multiclient with the new version or its just me? IF you do and you fixed it - how ?

[alcor75]

+1

PS: does anyone have a relog issue using multiclient with the new version or its just me? IF you do and you fixed it - how ?

If with new version you mean v44b then ChuiChu said it is not ment for multiclient, i believe Chui were testing multiclient after v44b
Pls test v44b with only 1 client (work perfectly for me, even from the lobby ) and report here, i believe Chui is digging your problem befor to updato to the new stable.

I actually use v41 and multiclient work (if you accept the know flaw in it)

[KillerJohn]

The Chinese hack could emulate the Diablo 3 client and request from the servers items that aren't past the 5 minutes. This could be done with a direct query on the database somehow.
Another thing they might do is emulate the client and read the items directly from the bnet packets and send out a buy command from the emulation thus not time to display the item would be lost. Just some ideas a very good programmer could implement.

If they would have no protection on the server side against invalid queries or transactions the entire economy would be already collapsed about 14 months ago...

[ChuiChu]

latest version multiclient should be fine.

also if you have relogin issue in 44B plz report with the following:

if it improves with:
- checked: vsync
- checked: max fg/bg FPS @ 20

note that you must have:
- haSetLogin() set at the beginning of your script, below the 3 Core.* requires. like so:

Code:

require('Core.Api')
require('Core.Events')
require('Core.Old')

haSetLogin('[email protected]','ikilledblizzard')

[ChuiChu]

also i just posted 45B with several fixes including something that may solve relogin. let me know if its better with and without vsync/fps limits

hopefully this is the last beta. for 46 ill document the new API and add some stuff form my todo list