Jump to content

Recommended Posts

Posted

I have join a few servers and 3 dupes have worked.

 

Here are a few fixes like Html, Pet dupe, Warehouse deposit dupe.

 

Check out these opcodes ( Interlude )

 

First make an check bool named bSendPacket = true in the top of your Incoming Packet Hook, If trade found in any of these functions you will return false to block the current packet ( bSendPacket will be false ) then return this result in your incoming packet hook.

 

  • 0x21: bSendPacket  = HtmlCMD( pSocket );
  • 0x8C: bSendPacket  = CheckPet( pSocket );
  • 0x8B: bSendPacket  = CheckPet( pSocket );
  • 0x31: bSendPacket  = DepositItem( pSocket,  &RecvPacket[ 1 ] );

 

Then deal with these packets, many of these dupes have to trade. So, these packets have to check if player are in trade when send this sort of opcodes.

 

So if we are to check if a user is in the trade and be able to close the trade, we must check offsets of these functions located in User class.

 

Normal PTS offsets, Get a function list and find the offsets for them.

 

bool User::IsNowTrade()  = 0x80F840

User::TradeCancel() = 0x80F370

 

Now let us look at the function we call when send html command ( opcode 0x21)

 

bool HtmlCMD(CSocket *pSocket)
{
//First get pointer to User located in the Socket class ( user ).
User *pUser = pSocket->user;

//Next we will do the check for trade.
if (pUser->IsNowTrade())
{
	//Cancel the trade.
	pUser->TradeCancel();
	return false;
}

// We will also check the StopType so we are not moving ( state 2 )
if (pUser->SD->nStopType == 2)
{
	return false;
}

// All went ok.
return true;
}

 

Now let us look at the function we call when take items from pet ( opcode 0x8C ) or give items to pet ( opcode 0x8B )

 

bool CheckPet(CSocket *pSocket)
{
//First get pointer to User located in the Socket class ( user ).
User *pUser = pSocket->user;

//Next we will do the check for trade.
if (pUser->IsNowTrade())
{
	//Cancel the trade.
	pUser->TradeCancel();
	return false;
}

// All went ok.
return true;
}

 

Note: You can also check the item amount is less then 0 or greater then max amount of 2000000000 inside this function.

 

Now let us look at the function we call when try find duplicated item ID's when Deposit Items to WH( opcode 0x31 )

 

bool DepositItem( CSocket *pSocket, u8 *packet )
{
u32  pCounter = *(u32*)packet;
u32* pData    = (u32*)&packet[ 4 ];

// Loop the amount first time.
for (u32 x = 0; x < pCounter; x++)
{
	// Take out the first object.
	u32 pItemID1 = pData[x * 2];

	// Loop the amount second time.
	for(u32 t = 0; t < pCounter; t++)
	{
		if( x != t )
		{
			// Take out the second object.
			u32 pItemID2 = pData[t * 2];

			//We found same ID then return false on this.
			if(pItemID1 == pItemID2) return false;
		}
	}
}

// All went ok, no duplicated items found.
return true;
}

 

I hope you got a picture of how the patching of dupes are made by using incoming opcodes, If anyone has a problem with a dupe, write here so we can help each other to solve it.

 

This was a simple review of how it works. If you have any questions about this, Feel free to contact me.

 

Good luck all L2OFF users!!.

 

Have a great weekend.

 

-Manton

  • 2 months later...
  • 2 weeks later...
  • 5 weeks later...
  • 7 months later...
  • Vision changed the title to Patching dupes using opcodes.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...