public static List <TabStructure> FindTabStructures(Process p, Player player) { bool firstScan = ReadMemoryManager.TabStructureCount() == 0; List <TabStructure> structs = new List <TabStructure>(); /*int statsValue = -1, expValue = -1; * if (MemoryReader.MemorySettings.ContainsKey("tibia11statsvalue")) { * int.TryParse(MemoryReader.MemorySettings["tibia11statsvalue"], out statsValue); * } * if (MemoryReader.MemorySettings.ContainsKey("tibia11expvalue")) { * int.TryParse(MemoryReader.MemorySettings["tibia11expvalue"], out expValue); * }*/ int playerMaxLife = -1, playerMaxMana = -1, playerLevel = -1; long playerMinExperience = -1, playerMaxExperience = -1; if (player != null) { playerMaxLife = player.MaxLife(); playerMaxMana = player.MaxMana(); playerMinExperience = ExperienceBar.GetExperience(player.level - 1); playerMaxExperience = ExperienceBar.GetExperience(player.level); playerLevel = player.level; } foreach (var tpl in ReadMemoryManager.ScanProcess(p)) { int length = tpl.Item1.RegionSize; int baseAddress = tpl.Item1.BaseAddress; byte[] bytes = tpl.Item2; for (int i = 0; i < length - 20; i += 4) { int value = BitConverter.ToInt32(bytes, i); if (value > 0x40000 && value != baseAddress + i) { int messageptr = BitConverter.ToInt32(bytes, i + 4); int maxsize = BitConverter.ToInt32(bytes, i + 8); int size = BitConverter.ToInt32(bytes, i + 16); if (messageptr > 0x40000 && IsPowerOfTwo(maxsize) && size < maxsize && maxsize < 10000 && size >= 0 && maxsize > 0) { if ((baseAddress + i) == MemoryReader.ReadInt32(value)) { structs.Add(new TabStructure((uint)(baseAddress + i))); } } } if (player != null) { int maxhealth = BitConverter.ToInt32(bytes, i + 0x4); int maxmana = BitConverter.ToInt32(bytes, i + 0xC); if (maxhealth == playerMaxLife && maxmana == playerMaxMana) { int health = BitConverter.ToInt32(bytes, i); int mana = BitConverter.ToInt32(bytes, i + 0x8); if (health <= maxhealth && health >= 0 && mana <= maxmana && mana >= 0) { MemoryReader.SetStatsAddress((uint)(baseAddress + i - 0x24)); } } else { int bla = BitConverter.ToInt32(bytes, i); long experience = BitConverter.ToInt64(bytes, i + 0x4); if (bla == 0 && experience > playerMinExperience && experience < playerMaxExperience) { short level = BitConverter.ToInt16(bytes, i + 0xC); if (level == playerLevel) { double percentage = BitConverter.ToInt32(bytes, i + 0xE) / 100.0; long diff = playerMaxExperience - playerMinExperience; if (percentage >= 0 && percentage <= 1 && experience > playerMinExperience + diff * (percentage - 1) && experience < playerMinExperience + diff * (percentage + 1)) { MemoryReader.SetExpAddress((uint)(baseAddress + i - 0x14)); } } } } } } if (!firstScan) { System.Threading.Thread.Sleep(10); } } return(structs); }
/// <summary> /// Scan the memory for any chunks that are missing from the whitelist table /// </summary> public static void ScanMissingChunks() { SYSTEM_INFO sys_info; GetSystemInfo(out sys_info); IntPtr proc_min_address = sys_info.minimumApplicationAddress; IntPtr proc_max_address = sys_info.maximumApplicationAddress; long proc_min_address_l = (long)proc_min_address; long proc_max_address_l = (long)proc_max_address; long sys_min_address_l = (long)proc_min_address; Process[] processes = ProcessManager.GetTibiaProcesses(); if (processes == null || processes.Length == 0) { return; } var newWhitelistedAddresses = whiteListedAddresses.ToDictionary(x => x.Key, x => new HashSet <long>(x.Value)); foreach (Process process in processes) { HashSet <long> whitelist; if (!newWhitelistedAddresses.TryGetValue(process.Id, out whitelist)) { whitelist = new HashSet <long>(); newWhitelistedAddresses[process.Id] = whitelist; } proc_min_address_l = sys_min_address_l; IntPtr processHandle = MemoryReader.OpenProcess(process); MEMORY_BASIC_INFORMATION mem_basic_info; List <int> stamps = TimestampManager.getLatestStamps(3, ignoreStamp); int bytesRead = 0; // number of bytes read with ReadProcessMemory try { while (proc_min_address_l < proc_max_address_l) { proc_min_address = new IntPtr(proc_min_address_l); // 28 = sizeof(MEMORY_BASIC_INFORMATION) VirtualQueryEx(processHandle, proc_min_address, out mem_basic_info, 28); long addr = (long)proc_min_address; // check if this memory chunk is accessible if (mem_basic_info.Protect == PAGE_READWRITE && mem_basic_info.State == MEM_COMMIT) { if (!whitelist.Contains(addr)) { if (missingChunksBuffer == null || missingChunksBuffer.Length < mem_basic_info.RegionSize) { missingChunksBuffer = new byte[mem_basic_info.RegionSize]; } // read everything in the buffer above ReadProcessMemory((int)processHandle, mem_basic_info.BaseAddress, missingChunksBuffer, mem_basic_info.RegionSize, ref bytesRead); // scan the memory for strings that start with timestamps and end with the null terminator ('\0') IEnumerable <string> timestampLines; if (!FlashClient) { timestampLines = Parser.FindTimestamps(missingChunksBuffer, bytesRead); // if there are any timestamps found, add the address to the list of whitelisted addresses if (timestampLines.Any(x => stamps.Contains(TimestampManager.getStamp(int.Parse(x.Substring(0, 2)), int.Parse(x.Substring(3, 2)))))) { whitelist.Add(addr); } } else { if (Parser.HasAnyValidTimestampsFlash(missingChunksBuffer, bytesRead, stamps)) { whitelist.Add(addr); } } } } // move to the next memory chunk proc_min_address_l += mem_basic_info.RegionSize; } } catch (Exception ex) { Console.WriteLine(ex.Message); return; } } Interlocked.Exchange(ref whiteListedAddresses, newWhitelistedAddresses); }
public static Process[] GetTibiaProcesses() { if (TibiaProcessID >= 0) { Process process = Process.GetProcessById(TibiaProcessID); if (process != null) { MemoryReader.OpenProcess(process); return(new Process[] { process }); } return(null); } if (TibiaClientName == null) { Dictionary <int, string> candidateProcess = new Dictionary <int, string>(); foreach (Process proc in Process.GetProcesses()) { string name = proc.ProcessName.ToLower(); if (TibiaClientType == "Flash-Firefox") { if (proc.ProcessName.Contains("flashplayerplugin", StringComparison.InvariantCultureIgnoreCase)) { if (!candidateProcess.ContainsKey(3)) { candidateProcess.Add(3, proc.ProcessName); } } else if (proc.ProcessName.Contains("flashplayer", StringComparison.InvariantCultureIgnoreCase)) { if (!candidateProcess.ContainsKey(2)) { candidateProcess.Add(2, proc.ProcessName); } } else if (proc.ProcessName.Contains("flash", StringComparison.InvariantCultureIgnoreCase)) { if (!candidateProcess.ContainsKey(1)) { candidateProcess.Add(1, proc.ProcessName); } } } else if (TibiaClientType == "Flash-Chrome") { if (proc.ProcessName.Contains("chrome", StringComparison.InvariantCultureIgnoreCase)) { if (!candidateProcess.ContainsKey(3)) { candidateProcess.Add(3, proc.ProcessName); } } } } if (candidateProcess.Count == 0) { return(null); } TibiaClientName = candidateProcess[candidateProcess.Keys.Max()]; } Process[] p = Process.GetProcessesByName(TibiaClientName); if (p.Length > 0) { if (ReadMemoryManager.FlashClient) { return(p); } if (TibiaClientName.Contains("tibia", StringComparison.OrdinalIgnoreCase)) { MemoryReader.OpenProcess(p[0]); } return(new Process[1] { p[0] }); } return(null); }