using windsocks hook to get location of objects
I was really bored and decided to do some research
Code:
//0000 2 word psize 1274 | $04FA
//0002 2 word ID 2 | $0002
//0004 4 integer id 0 | $00000000
//0008 4 integer next 360 | $00000168
//000C 4 integer count 30 | $0000001E
//0010 3 array[const] bc 198488 $30758($)
//0013 4 integer type Õëîïîê($00000706)
//0017 3 array[const] X 11709812 ($)
//001A 3 array[const] Y 6083341 ($)
//001D 3 array[const] Z 387929 ($)
//0020 2 word rot_x 0 | $0000
//0022 2 word rot_y 0 | $0000
//0024 2 word rot_z 6977 | $1B41
//0026 4 single scale 1 | $3F800000
//002A 4 integer type 3443 | $00000D73
//002E 4 integer growing 16.02.1970 21:36 : 09 ($003DD4C9)
//0032 8 int64 plantTime 13.10.2014 8 : 16 : 38 ($543B8A66)
//003A 3 array[const] bc 37552 $92B0($)
//003D 4 integer type Èâà($00000182)
//0041 3 array[const] X 11710755 ($)
//0044 3 array[const] Y 6082726 ($)
//0047 3 array[const] Z 387985 ($)
//004A 2 word rot_x 0 | $0000
//004C 2 word rot_y 0 | $0000
//004E 2 word rot_z 48834 | $BEC2
//0050 4 single scale 1 | $3F800000
//0054 4 integer type 882 | $00000372
//0058 4 integer growing 13.01.1970 8:48 : 25 ($00104DD9)
//005C 8 int64 plantTime 13.10.2014 8 : 16 : 28 ($543B8A5C)
more .....
byte Inline(unsigned int cry)
{
cry += 3532013U;
byte n = (byte)(cry >> 16);
return (byte)(((int)n == 0) ? 254 : n);
}
byte* StoCDecrypt(byte* BodyPacket, int Length)
{
//int Length = sizeof(BodyPacket);
byte* Array = new byte[Length];
unsigned int cry = (unsigned int)(Length ^ 522286496);
int n = 4 * (Length / 4);
for (int i = n - 1; i >= 0; i--)
Array[i] = (byte)((unsigned int)BodyPacket[i] ^ (unsigned int)Inline(cry));
for (int i = n; i < Length; i++)
Array[i] = (byte)((unsigned int)BodyPacket[i] ^ (unsigned int)Inline(cry));
return Array;
}
int i = 0;
BOOL DumpFile(CHAR *szFileName, BYTE *pbData, DWORD dwSize) {
FILE *f = fopen(szFileName, "wb");
if (f) {
fwrite(pbData, 1, dwSize, f);
fflush(f);
fclose(f);
return TRUE;
}
return FALSE;
}
int WINAPI hook_WSARecv(SOCKET s, LPWSABUF lpBuffers, DWORD dwBufferCount, LPDWORD lpNumberOfBytesRecvd, LPDWORD lpFlags, LPWSAOVERLAPPED lpOverlapped, LPWSAOVERLAPPED_COMPLETION_ROUTINE lpCompletionRoutine)
{
__asm pushad;
//printf("root: hook_WSARecv\n");
unsigned char* buff = (unsigned char*)lpBuffers->buf;
StoCDecrypt(buff, lpBuffers->len);
//hexdump(buff, lpBuffers->len);
WORD psize = (WORD)buff;
WORD ID = (WORD)buff + 2;
if (ID = 2){
printf("root: Get mobs\n");
char msg[512];
sprintf(msg, "c:\\WSA\\mobs_%i_%i.bin", i++, ID);
DumpFile(msg, buff, 0xFA04);
int id = (int)buff + 0x4;
int next = (int)buff + 0x8;
int count = (int)buff + 0xC;
char* name = (char*)buff + 0x13;
float X = *(float*)buff + 0x17;
float Y = *(float*)buff + 0x1A;
float Z = *(float*)buff + 0x1D;
int type = (int)buff + 0x2A;
}
__asm popad;
return o_WSARecv(s, lpBuffers, dwBufferCount, lpNumberOfBytesRecvd, lpFlags, lpOverlapped, lpCompletionRoutine);
}