Player collision with NPC/Mobs

[Seifer]

That sounds too good to be true...

edit: sorry for the spam. that guy makes me go nerdrage...

Rightfully so. He hasn't a clue in the slightest what he's on about, and who he's arguing with.

[Megamike55]

OP: I'm sorry I can't post something constructive to your question, but, this thread delivers. Haha.

[KOS0937]

My guess is, that this problem is rather deep. Unlike a first-person game we only have click-to-move. Every click will invoke a simple path-finding (that probably stops after n steps so that you can only use it to walkk around small things. maybe its worth it to medify this to have a nice pathfinding for bots? ^^) so that it's not enough to find the actual function doing the movement.

The way i see it the following happens:
1. Click is translated to game coords (very basic really and faulty at large slopes)
2. a path is created to this position or closest reachable point. At this point you need to interfere
3. the (now somewhere stored) path is traversed (this is what you can easily find)

To interfere at step two, I can think of two things. Either (as you already stated) you try to modify the model data or you find the pathfinding and remove the colision part.

To avoid wasting time I would suggest, that you first try this with something as packetinjection. This does not rely on step (2) and should reveal whether the servers check for collisions with npcs. Then you can either try to modify the packets to remove every collision flag (does mooege know this?) or reverse your way to the pathfinding.

For the reversind part you can either work your way up (you know the location where the position is modified, uptrace it to find the stored path and hope that it's always in the same location so that you may find the function that writes there) or work your way down (start at invokePower(move,location) and see where it access the map and collision data).

I'm sorry if I have only stated the obvious. I have not done this yet so I cannot give you any more concrete pointers.

[ShoniShilent]

i must say, this thread made me chuckle. thanks for all the replies, good bad or simply epic. at any rate, there is at least one 'public' hack that you have to pay for that says it has this ability. so i have to assume (right or wrong) that this must be client side (the checks). i thought about the path stuff too, since when you click behind certain NPC, your character walks up to them and then walks around them, as if they had a pre-formed path. likely either there is a 'flag' in each actor/npc that is simply on or off for checks OR there is code that is used when you click to determine if you are trying to walk 'through' something and then it modifies the 'path'.

at any rate, having this ability would be killer since your bot won't get trapped surrounded by a bunch of enemies. you can program 'escape path' or whatever or 'safe zones' to run to when your health gets below a certain point, etc.

i am still looking at it, but any more help or info is certainly appreciated.

[ejt]

Some spells have the ability to move trough objects/NPC's so maybe theres some answers there.

Just an idea.

[UnknOwned]

My guess is, that this problem is rather deep. Unlike a first-person game we only have click-to-move. Every click will invoke a simple path-finding (that probably stops after n steps so that you can only use it to walkk around small things. maybe its worth it to medify this to have a nice pathfinding for bots? ^^) so that it's not enough to find the actual function doing the movement.

The way i see it the following happens:
1. Click is translated to game coords (very basic really and faulty at large slopes)
2. a path is created to this position or closest reachable point. At this point you need to interfere
3. the (now somewhere stored) path is traversed (this is what you can easily find)

To interfere at step two, I can think of two things. Either (as you already stated) you try to modify the model data or you find the pathfinding and remove the colision part.

To avoid wasting time I would suggest, that you first try this with something as packetinjection. This does not rely on step (2) and should reveal whether the servers check for collisions with npcs. Then you can either try to modify the packets to remove every collision flag (does mooege know this?) or reverse your way to the pathfinding.

For the reversind part you can either work your way up (you know the location where the position is modified, uptrace it to find the stored path and hope that it's always in the same location so that you may find the function that writes there) or work your way down (start at invokePower(move,location) and see where it access the map and collision data).

I'm sorry if I have only stated the obvious. I have not done this yet so I cannot give you any more concrete pointers.

Instead of looking through the path finding algorithm you could go in and see what is causing the collision in the first place.



@OP

Took me 5 minutes with cheat engine to locate the function that loads up all the variable collision boxes (located at 0x00F1C5C0) .
Since all collisions in D3 are "2D" you could simply take the single byte at 00F1C5d0 (wich by default is 4) and change it to 8 or just nop it all away.
This will achieve your goal and make it possible for you to walk through NPC's and variable objects.

If you want to take this further look into mesh flags (Allow_Walk).

[ShoniShilent]

how did you 'locate the function' using cheatengine? this is a learning opportunity for me so i appreciate an explanation how you derived the function by using cheatengine.

btw i had figured this out by sheer accident and i did a different method and changed a compare to skip the collision in a function that is calling this function in another function here:

00F1C62B 7E 1D JLE SHORT Diablo_I.00F1C64A

but this was after tracing back from character movements being 'reversed' when i forced new x/y/z. this was SHEER ACCIDENT so learning how to do this like you did with C.E. would be enlightening. there's another function that calls this function as well but it seems to not be necessary to get the no-clip effect.

thanks for info and I await your bounty knowledge on how you determined this in 5 mins. you guys are great!

[UnknOwned]

how did you 'locate the function' using cheatengine? this is a learning opportunity for me so i appreciate an explanation how you derived the function by using cheatengine.

btw i had figured this out by sheer accident and i did a different method and changed a compare to skip the collision in a function that is calling this function in another function here:

00F1C62B 7E 1D JLE SHORT Diablo_I.00F1C64A

but this was after tracing back from character movements being 'reversed' when i forced new x/y/z. this was SHEER ACCIDENT so learning how to do this like you did with C.E. would be enlightening. there's another function that calls this function as well but it seems to not be necessary to get the no-clip effect.

thanks for info and I await your bounty knowledge on how you determined this in 5 mins. you guys are great!

Its kinda hard to explain.

But you can easily do it from the x/y/z offsets.
You can kinda estimate the range in which the collision box is inside, and with that info you should be able to find how D3 checks them every time you move.

[Cypher]

Signing in to +1 the notion that BitHacker is a spastic.

Cypher out.

[nableng]

bithekker is epic nano troll