Bot Developers -- Useful Information

[tA-Kane]

My guess would be a Handle, but that's probably more like HNDL instead of HDL.

Perhaps *something* dynamic library?

[Zakath]

It's a type of hack file. I would guess it modifies things in memory when the program it affects is running? Adron has some info about HDLs at his site, IIRC.

[indulgence]

its sexy

a dll with local access to a process' memory...

[Etheran]

It's a hook DLL, I believe.  I know about windows hooks, but I don't understand HDL's.

EDIT: When I said I know about windows hooks, I mean I only know of them.  I have yet to read about them, but I will in time.

[tA-Kane]

Sounds like fun  

[Yoni]

http://www.valhallalegends.com/yoni/SampleHDL.zip

[Coltz]

heh you got the link in the right place this time yoni  

[Zorm]

Found the function in IDA, now how do i go figuring out the args it takes and what it returns?

[Etheran]

think about how it works.. look at the instructions.

Code Select Expand

.text:19015D80                 cmp     ecx, 5Bh
.text:19015D83                 ja      loc_19015F0C
.text:19015D89                 xor     eax, eax
.text:19015D8B                 mov     al, ds:byte_19016024[ecx]
.text:19015D91                 jmp     ds:off_19015F28[eax*4]

ecx is the id.  if it's above 5B it breaks out of the "switch".  so instead of pushing onto the stack, put your id in ecx.

[indulgence]

since this is apparently public domain now -- heres my lil c++ routine contribution... did at 4 am lol...

Code Select Expand

           FILE *stream;
            BYTE bSID = 0;
            char* szTemp;

            if (!(stream = fopen ("C:\\SID_Output.txt", "a")))
            {
                  sprintf (t, "Unable to append C:\\PktID.txt");
                  server->GamePrintError (t);
                  return TRUE;
            }
            __asm
            {
sidloop:
                  mov ecx, bSID
                  push 0x19015D80
                  ret
                  mov szTemp, eax
            }
            sprintf (swi, "%#.2x: %s", b, *szTemp);
            fprintf (stream, "%s\n", swi);

            if (bSID == 0xFF) { goto closesid }

            bSID++;
            goto sidloop;
closesid:
            fclose (stream);
            delete stream;

This is assuming its being called from within SC Memory space... Obviously

[Skywing]

Aren't you going to need to push your return address too?  Otherwise I don't see how that will avoid crashing.

[Adron]

Alternative #1, using call

Code Select Expand

           __asm  
            {
sidloop:
                  mov ecx, bSID
                  mov eax, 0x19015D80
                  call eax
                  mov szTemp, eax
            }
            sprintf (swi, "%#.2x: %s", b, *szTemp);
            fprintf (stream, "%s\n", swi);
 
            if (bSID == 0xFF) { goto closesid }
 
            bSID++;
            goto sidloop;

Alternative #2, using no assembly (should work in msvc++)

Code Select Expand

         typedef char *__fastcall sid2sfunc(BYTE);
          sid2sfunc *sid2s = (sid2sfunc*)0x19015D80;
          do {
            szTemp = sid2s(bSID);
            sprintf (swi, "%#.2x: %s", b, *szTemp);
            fprintf (stream, "%s\n", swi);
          } while(bSid++ != 0xff)
                 

[tA-Kane]

Is it not possible to display those tables, but for something else? Such as, event IDs for packet SID_CHATEVENT? Or perhaps getting all the names of possible values in various unknown?

[Skywing]

Is it not possible to display those tables, but for something else? Such as, event IDs for packet SID_CHATEVENT? Or perhaps getting all the names of possible values in various unknown?

Those have been available for years in the GreetBot source code provided by Blizzard.

[Zorm]

ah thanks for the info.