No Key Walking (bot while minimized) - MMOwned - World of Warcraft Exploits, Hacks, Bots and Guides

UnknOwned · (#1)

All of us with Innerspace or people with EliteGlider enjoy the minimize capabilities. And most indie botting scripts suffer on their lack of this.
Its awfull to not be able to do something else while botting like surf the net, write topics on MMowned or even play another great game. And its even more awfull that you have to pause the bot to be able to talk with someone else.

Now to avoid this you can inject a dll into wow can call the movement functions right away from inside the game. This gives a wide range of possibilities and full control of your toon as you would have it if you were playing it yourself. Doing so is not a hard procedure but a little complicated to just explain.
But there are other ways of doing this.
Now some might have tried to change the movement state and found out that this won't help since it only changes the state if you run allready.

Now here is a little trick to toggle movement states.

MovementState(Uint16) = PlayerBase + 0xC28
MovementForce(Uint16) = PlayerBase + 0xC2A

First change the movement state to the desired movement.
For example "1" as forward.
Now change MovementForce to "32800"
Wait a little sec and then wolla, you are running forward.
Now this can be done while your window is minimized too. Then you just need to find you needed movement states and the casts you need to use and you should be on your way to a bot that can be minimized and where you can chat ingame etc while the bot is running.

Hope this could help someone.

kynox · (#2)

I'm not sure if these will work using your method (They should).

Code:

enum MovementFlags
{
    // Byte 1 (Resets on Movement Key Press)
    MOVEFLAG_MOVE_STOP                  = 0x00,            //verified
    MOVEFLAG_MOVE_FORWARD                = 0x01,            //verified
    MOVEFLAG_MOVE_BACKWARD                = 0x02,            //verified
    MOVEFLAG_STRAFE_LEFT                = 0x04,            //verified
    MOVEFLAG_STRAFE_RIGHT                = 0x08,            //verified
    MOVEFLAG_TURN_LEFT                    = 0x10,            //verified
    MOVEFLAG_TURN_RIGHT                    = 0x20,            //verified
    MOVEFLAG_PITCH_DOWN                    = 0x40,            //Unconfirmed
    MOVEFLAG_PITCH_UP                    = 0x80,            //Unconfirmed

    // Byte 2 (Resets on Situation Change)
    MOVEFLAG_WALK                        = 0x100,        //verified
    MOVEFLAG_TAXI                        = 0x200,        
    MOVEFLAG_NO_COLLISION                = 0x400,
    MOVEFLAG_FLYING                        = 0x800,        //verified
    MOVEFLAG_REDIRECTED                    = 0x1000,        //Unconfirmed
    MOVEFLAG_FALLING                    = 0x2000,       //verified
    MOVEFLAG_FALLING_FAR                = 0x4000,        //verified
    MOVEFLAG_FREE_FALLING                = 0x8000,        //half verified

    // Byte 3 (Set by server. TB = Third Byte. Completely unconfirmed.)
    MOVEFLAG_TB_PENDING_STOP            = 0x10000,        // (MOVEFLAG_PENDING_STOP)
    MOVEFLAG_TB_PENDING_UNSTRAFE        = 0x20000,        // (MOVEFLAG_PENDING_UNSTRAFE)
    MOVEFLAG_TB_PENDING_FALL            = 0x40000,        // (MOVEFLAG_PENDING_FALL)
    MOVEFLAG_TB_PENDING_FORWARD            = 0x80000,        // (MOVEFLAG_PENDING_FORWARD)
    MOVEFLAG_TB_PENDING_BACKWARD        = 0x100000,        // (MOVEFLAG_PENDING_BACKWARD)
    MOVEFLAG_SWIMMING                      = 0x200000,        //  verified
    MOVEFLAG_FLYING_PITCH_UP            = 0x400000,        // (half confirmed)(MOVEFLAG_PENDING_STR_RGHT)
    MOVEFLAG_TB_MOVED                    = 0x800000,        // (half confirmed) gets called when landing (MOVEFLAG_MOVED)

    // Byte 4 (Script Based Flags. Never reset, only turned on or off.)
    MOVEFLAG_AIR_SUSPENSION                    = 0x1000000,    // confirmed allow body air suspension(good name? lol).
    MOVEFLAG_AIR_SWIMMING                = 0x2000000,    // confirmed while flying.
    MOVEFLAG_SPLINE_MOVER                = 0x4000000,    // Unconfirmed
    MOVEFLAG_IMMOBILIZED                = 0x8000000,
    MOVEFLAG_WATER_WALK                    = 0x10000000,
    MOVEFLAG_FEATHER_FALL                = 0x20000000,    // Does not negate fall damage.
    MOVEFLAG_LEVITATE                    = 0x40000000,
    MOVEFLAG_LOCAL                        = 0x80000000,    // This flag defaults to on. (Assumption)

    // Masks
    MOVEFLAG_MOVING_MASK                = 0x03,
    MOVEFLAG_STRAFING_MASK                = 0x0C,
    MOVEFLAG_TURNING_MASK                = 0x30,
    MOVEFLAG_FALLING_MASK                = 0x6000,
    MOVEFLAG_MOTION_MASK                = 0xE00F,        // Forwards, Backwards, Strafing, Falling
    MOVEFLAG_PENDING_MASK                = 0x7F0000,
    MOVEFLAG_PENDING_STRAFE_MASK        = 0x600000,
    MOVEFLAG_PENDING_MOVE_MASK            = 0x180000,
    MOVEFLAG_FULL_FALLING_MASK            = 0xE000,
};

Taken from Ascent Emulator, all credit goes to them.

pipelinecache · (#3)

But writing to process makes your bot detectable, right? I'm wondering how glider does the mouse movement.

swollen · (#4)

Sending keystrokes to a directed window will work too.

AutoIt Example:

Code:

 ControlSend ("World of Warcraft", "", "", "{UP DOWN}")

Will start you running whether WoW is open or not.

UnknOwned · (#5)

Quote:

Originally Posted by swollen

Sending keystrokes to a directed window will work too.

AutoIt Example:

Code:

 ControlSend ("World of Warcraft", "", "", "{UP DOWN}")

Will start you running whether WoW is open or not.

But if you try do a chat with someone ingame it suddently becomes quite anoying.

swollen · (#6)

Quote:

Originally Posted by UnknOwned

But if you try do a chat with someone ingame it suddently becomes quite anoying.

Just thought, you could use

Code:

ControlSend ("World of Warcraft", "", "", "{NUMLOCK}")

and still type, but
If your there chatting you may as well be playing in my opinion.

your way is definitely better for a more stable bot, but then you have to deal with warden, making sure that your constantly secure and what not.

But if you know what your doing, I'm sure it works excellently.

Cypher · (#7)

SetControlBit ftw.

Vivacity · (#8)

nice

Xarg0 · (#9)

Setting movement Flags and then the forcemovement dc's me ^^
even if I do something harmless like forward moving ^^

Lucani · (#10)

could you gimme addresses You used?

I've got offset 0xC20 and this is 1 byte (0- stop, 1-forward, 2-backward, .....) , but second offset?

kynox · (#11)

Quote:

Site n00b.. (A leecher if I've been here for more than a month and can't earn 5 rep)

I noticed you seem to be leaching everything you're "making". Do you even know what the hell it is you're doing?

Lucani · (#12)

No comment....

Xarg0 · (#13)

@Lucani
I guess you're using the non tls pointer, you might take a look at the wow player struct posted somewhere in this forum to understand the stuff about offsets and dynamic memory adresses...
If you'd understand only the half of what you're doing you needn't ask for an offset you already got >.<

@topic
Is it important how fast I set the force movent after editing the movement flag or did they just hotfix it ^^