PDA

View Full Version : BCEL and the RS Client?



TravisV10
09-20-2008, 10:14 PM
Can anyone explain to me how RSBot and programs like that work? How could you create a Java program to inject variables? (excuse me if my Java lingo isn't correct xD)

Thanks!
~Travis

MylesMadness
09-20-2008, 10:25 PM
Rsbot makes a function(I know that not the real name) that returns the value of the hook.

public final int[] getNPCIndexArray()
{
return se.z;
}

public final NPC[] getNPCArray()
{
return sf.db;
}

public final int getNPCCount()
{
return of.N;
}

public final int[] getPlayerIndexArray()
{
return jh.d;
}

public final Player[] getPlayerArray()
{
return we.i;
}

public final int getPlayerCount()
{
return kd.B;
}

public final int getBaseX()
{
return j.s;
}

public final Player getMyPlayer()
{
return wi.T;
}

public final int getBaseY()
{
return fd.Y;
}

public final int getPublicChatMode()
{
return uf.W;
}

public final int getLoopCycle()
{
return fj.a;
}

public final int getSelfInteracting()
{
return mj.I;
}

public final int[][][] getGroundIntArray()
{
return ec.N;
}

public final byte[][][] getGroundByteArray()
{
return je.C;
}

public final int getPlane()
{
return f.E;
}

public final int getCamPosX()
{
return n.a;
}

public final int getCamPosY()
{
return ha.T;
}

public final int getCamPosZ()
{
return rb.h;
}

public final int getCameraCurveY()
{
return mh.A;
}

public final int getCameraCurveX()
{
return ig.cb;
}

public final boolean[] getValidInterfaceArray()
{
return hg.N;
}

public final RSString getCurrentPassword()
{
return fk.B;
}

public final RSString getCurrentUsername()
{
return fk.J;
}

public final Interface[][] getInterfaceCache()
{
return ri.bb;
}

public final int getIdleTime()
{
return hf.P;
}

public final Mouse getMouse()
{
return p.t;
}

public final Keyboard getKeyboard()
{
return si.c;
}

public final Callback getCallback()
{
return callback;
}

public final void setCallback(Callback arg0)
{
callback = arg0;
}

public final int getMouseX()
{
return tf.w;
}

public final int getMouseY()
{
return sb.E;
}

public final int getMousePressX()
{
return cd.y;
}

public final int getMousePressY()
{
return bf.q;
}

public final int getMousePressButton()
{
return hb.W;
}

public final int getMousePressLastButton()
{
return ng.t;
}

public final long getMousePressTime()
{
return da.g;
}

public final int getLoginIndex()
{
return cj.a;
}

public final int[] getSettingArray()
{
return dj.eb;
}

public final Ground[][][] getGroundArray()
{
return eg.e;
}

public final int[] getSkillExperiencesMax()
{
return bc.c;
}

public final int[] getSkillLevelMaxes()
{
return bi.d;
}

public final int[] getSkillLevels()
{
return of.t;
}

public final int[] getSkillExperiences()
{
return wc.T;
}

public final int getMinimapInt3()
{
return ad.f;
}

public final int[] getCURVECOS()
{
return qg.d;
}

public final int[] getCURVESIN()
{
return qg.g;
}

public final int getMinimapInt2()
{
return ee.mb;
}

public final int getMinimapInt1()
{
return sg.hb;
}

public final NodeList[][][] getNodeListArray()
{
return jg.d;
}

public final RSString[] getChatMessages()
{
return sh.d;
}

public final RSString[] getChatNames()
{
return wd.n;
}

public final int[] getChatTypes()
{
return ja.d;
}

public final int getMenuOptionsCount()
{
return gj.h;
}

public final boolean isMenuOpen()
{
return kd.C;
}

public final int getMenuY()
{
return pd.b;
}

public final int getMenuX()
{
return ig.gb;
}

public final RSString[] getMenuOptions()
{
return pe.nb;
}

public final RSString[] getMenuActions()
{
return bb.j;
}

public final short[] getActionID()
{
return ke.m;
}

public final long[] getActionCmd1()
{
return pd.r;
}

public final int[] getActionCmd2()
{
return fd.T;
}

public final int[] getActionCmd3()
{
return oj.o;
}

public final Signlink getSignlink()
{
return sc.o;
}

public final boolean isFlagged()
{
return mh.B;
}

public final boolean isSpellSelected()
{
return r.E;
}

public final int getItemSelected()
{
return wb.db;
}

public final RSString getSelectedItemName()
{
return ik.ub;
}

public final int spellUsableOn()
{
return ud.d;
}

public final RSString getSelectedSpellName()
{
return vd.m;
}

public final MRUNodes getObjectDefMRUNodes()
{
return wc.H;
}

public final MRUNodes getItemDefMRUNodes()
{
return th.D;
}

public final boolean isMembers()
{
return rg.d;
}

public final Sprite getMinimapSprite()
{
return (Sprite)ba.fb;
}

public final Sprite[] getMapDots()
{
return (Sprite[])nf.v;
}

public final long[] getFriendListAsLongs()
{
return jd.B;
}

public final int[] getFriendNodeIDs()
{
return td.S;
}

public final int getFriendCount()
{
return tf.F;
}

public final int getDestX()
{
return oa.u;
}

public final int getDestY()
{
return ja.e;
}

public final Sprite[] getMapMarkers()
{
return (Sprite[])pb.q;
}

public final int[][] getCost()
{
return jg.v;
}

public final int[][] getVia()
{
return lc.cb;
}

public final GroundData[] getGroundDataArray()
{
return db.j;
}

TravisV10
09-20-2008, 10:27 PM
Rsbot makes a function(I know that not the real name) that returns the value of the hook.

public final int[] getNPCIndexArray()
{
return se.z;
}

public final NPC[] getNPCArray()
{
return sf.db;
}

public final int getNPCCount()
{
return of.N;
}

public final int[] getPlayerIndexArray()
{
return jh.d;
}

public final Player[] getPlayerArray()
{
return we.i;
}

public final int getPlayerCount()
{
return kd.B;
}

public final int getBaseX()
{
return j.s;
}

public final Player getMyPlayer()
{
return wi.T;
}

public final int getBaseY()
{
return fd.Y;
}

public final int getPublicChatMode()
{
return uf.W;
}

public final int getLoopCycle()
{
return fj.a;
}

public final int getSelfInteracting()
{
return mj.I;
}

public final int[][][] getGroundIntArray()
{
return ec.N;
}

public final byte[][][] getGroundByteArray()
{
return je.C;
}

public final int getPlane()
{
return f.E;
}

public final int getCamPosX()
{
return n.a;
}

public final int getCamPosY()
{
return ha.T;
}

public final int getCamPosZ()
{
return rb.h;
}

public final int getCameraCurveY()
{
return mh.A;
}

public final int getCameraCurveX()
{
return ig.cb;
}

public final boolean[] getValidInterfaceArray()
{
return hg.N;
}

public final RSString getCurrentPassword()
{
return fk.B;
}

public final RSString getCurrentUsername()
{
return fk.J;
}

public final Interface[][] getInterfaceCache()
{
return ri.bb;
}

public final int getIdleTime()
{
return hf.P;
}

public final Mouse getMouse()
{
return p.t;
}

public final Keyboard getKeyboard()
{
return si.c;
}

public final Callback getCallback()
{
return callback;
}

public final void setCallback(Callback arg0)
{
callback = arg0;
}

public final int getMouseX()
{
return tf.w;
}

public final int getMouseY()
{
return sb.E;
}

public final int getMousePressX()
{
return cd.y;
}

public final int getMousePressY()
{
return bf.q;
}

public final int getMousePressButton()
{
return hb.W;
}

public final int getMousePressLastButton()
{
return ng.t;
}

public final long getMousePressTime()
{
return da.g;
}

public final int getLoginIndex()
{
return cj.a;
}

public final int[] getSettingArray()
{
return dj.eb;
}

public final Ground[][][] getGroundArray()
{
return eg.e;
}

public final int[] getSkillExperiencesMax()
{
return bc.c;
}

public final int[] getSkillLevelMaxes()
{
return bi.d;
}

public final int[] getSkillLevels()
{
return of.t;
}

public final int[] getSkillExperiences()
{
return wc.T;
}

public final int getMinimapInt3()
{
return ad.f;
}

public final int[] getCURVECOS()
{
return qg.d;
}

public final int[] getCURVESIN()
{
return qg.g;
}

public final int getMinimapInt2()
{
return ee.mb;
}

public final int getMinimapInt1()
{
return sg.hb;
}

public final NodeList[][][] getNodeListArray()
{
return jg.d;
}

public final RSString[] getChatMessages()
{
return sh.d;
}

public final RSString[] getChatNames()
{
return wd.n;
}

public final int[] getChatTypes()
{
return ja.d;
}

public final int getMenuOptionsCount()
{
return gj.h;
}

public final boolean isMenuOpen()
{
return kd.C;
}

public final int getMenuY()
{
return pd.b;
}

public final int getMenuX()
{
return ig.gb;
}

public final RSString[] getMenuOptions()
{
return pe.nb;
}

public final RSString[] getMenuActions()
{
return bb.j;
}

public final short[] getActionID()
{
return ke.m;
}

public final long[] getActionCmd1()
{
return pd.r;
}

public final int[] getActionCmd2()
{
return fd.T;
}

public final int[] getActionCmd3()
{
return oj.o;
}

public final Signlink getSignlink()
{
return sc.o;
}

public final boolean isFlagged()
{
return mh.B;
}

public final boolean isSpellSelected()
{
return r.E;
}

public final int getItemSelected()
{
return wb.db;
}

public final RSString getSelectedItemName()
{
return ik.ub;
}

public final int spellUsableOn()
{
return ud.d;
}

public final RSString getSelectedSpellName()
{
return vd.m;
}

public final MRUNodes getObjectDefMRUNodes()
{
return wc.H;
}

public final MRUNodes getItemDefMRUNodes()
{
return th.D;
}

public final boolean isMembers()
{
return rg.d;
}

public final Sprite getMinimapSprite()
{
return (Sprite)ba.fb;
}

public final Sprite[] getMapDots()
{
return (Sprite[])nf.v;
}

public final long[] getFriendListAsLongs()
{
return jd.B;
}

public final int[] getFriendNodeIDs()
{
return td.S;
}

public final int getFriendCount()
{
return tf.F;
}

public final int getDestX()
{
return oa.u;
}

public final int getDestY()
{
return ja.e;
}

public final Sprite[] getMapMarkers()
{
return (Sprite[])pb.q;
}

public final int[][] getCost()
{
return jg.v;
}

public final int[][] getVia()
{
return lc.cb;
}

public final GroundData[] getGroundDataArray()
{
return db.j;
}


How does it do that?

Buckleyindahouse
09-20-2008, 11:02 PM
How does it do that?

I would guess taking RuneScape's variables?
Im intrested in this too.

Da 0wner
09-20-2008, 11:14 PM
I don't know much java but my assumption is that it works pretty much like reflection.

TViYH
09-21-2008, 05:16 AM
Kyle -.- What we're talking about here is basically reflection and how it works.

Runescape Pro
09-21-2008, 07:58 AM
I just google'd it and found this: http://www.smfsupport.com/support/java/bcel_tutorial-t5178.0.html
It's a BCEL tutorial... with credits to Yakman. It's times like these where i wish i knew java so i could write my own bot... anyways, this tutorial confused the sh*t out of me so i skimmed through it for 30 secs =P

n3ss3s
09-21-2008, 09:05 AM
Somebody might find this enlightening -


Not going to read the another new pages, so just to make it clear, RSBot is a client hacking bot, it is not a reflection bot.

Sometimes these two are called Reflection and Injection, the latter one being the hacking one. Injection bots inject accessor methods to their RuneScape.jar that they use for the game, when reflection bots usually just read it from the server's RuneScape.jar. Accessor methods could be explained in SCAR like this -



Program New;

Var
I: Integer;


Function getBaseX: Integer;

// Here is our accessor method.

Begin
Result := i;
End;


begin
I := 3; // Now, by looking for different patterns that the updater author
// has found to be good, his updater can find that
// Our variable I, which wouldn't be alone like this normally,
// is for example the BaseX.
end.



The above code was a pretty overall description, if someone with more knowledge about this area has something to say, go ahead :)





What we call hooks, are paths of specific fields in the client (field = e.g " int i = 0;"), so Injection bots have methods that return the fields, like in the above code, kinda.

Buckleyindahouse
09-21-2008, 01:17 PM
Anyone know how this could be done in C#. I saw Jaco make a bot in C# he called it the Cosmo Bot I believe and it was like nexus and rsbot.

TravisV10
09-21-2008, 02:37 PM
Anyone know how this could be done in C#. I saw Jaco make a bot in C# he called it the Cosmo Bot I believe and it was like nexus and rsbot.

Why would you want to even do it in C#? Do you not know Java?

ShowerThoughts
09-21-2008, 05:42 PM
Anyone know how this could be done in C#. I saw Jaco make a bot in C# he called it the Cosmo Bot I believe and it was like nexus and rsbot.


Why would you want to even do it in C#? Do you not know Java?

Meh, we just like C# :)

Buckleyindahouse
09-21-2008, 06:08 PM
Why would you want to even do it in C#? Do you not know Java?

Well if I Learned C# instead of Java apparently I like C# more then Java seeing as their almost the same but C# is faster.

Bobarkinator
09-22-2008, 04:52 AM
n3ss3s has the right explanation. BTW, Injection bots make the bot coding easier to read.

@BuckleyInDaHouse: If you can find a Java bytecode editing library for C# then yes you can do it.

Yakman
09-22-2008, 11:05 AM
no you cant, even if you found a java bytecode library for c#
if you inject the getter methods, you need to invoke them to get the useful data,

c# cannot invoke java methods, therefore you cant make a bot like that.

runescape is written in java, to make stuff like this you have to use java as well.


another thing you can do with bcel is inject callbacks so they behave a bit like events, like every time an Item spawns, you can make it invoke a method in your bot, then your bot can easily go pick it up or something.
more efficient then just looping through the item array.
^ not even reflection can do that.


<rant-about-c#>
java came years before c#, it seems to me to be a typical example of microsoft copying everything thats good and trying to piggyback its success.
c# is windows-only and its closed source.



in short, c# is useless for writing a bot like this, but it is possible to write a colour-clicker like nexus as someone mentioned before,
for a colour-clicker, i would still suggest c/c++ or delphi

n3ss3s
09-22-2008, 11:38 AM
another thing you can do with bcel is inject callbacks so they behave a bit like events, like every time an Item spawns, you can make it invoke a method in your bot, then your bot can easily go pick it up or something.
more efficient then just looping through the item array.

Holy mackerel! Might want to share your wisdom about that? x)

Buckleyindahouse
09-22-2008, 04:59 PM
no you cant, even if you found a java bytecode library for c#
if you inject the getter methods, you need to invoke them to get the useful data,

c# cannot invoke java methods, therefore you cant make a bot like that.

runescape is written in java, to make stuff like this you have to use java as well.


another thing you can do with bcel is inject callbacks so they behave a bit like events, like every time an Item spawns, you can make it invoke a method in your bot, then your bot can easily go pick it up or something.
more efficient then just looping through the item array.
^ not even reflection can do that.


<rant-about-c#>
java came years before c#, it seems to me to be a typical example of microsoft copying everything thats good and trying to piggyback its success.
c# is windows-only and its closed source.



in short, c# is useless for writing a bot like this, but it is possible to write a colour-clicker like nexus as someone mentioned before,
for a colour-clicker, i would still suggest c/c++ or delphi

Hmph, Thanks for the info/slam :D.
What do you think Nexus is made in? Java?

Yakman
09-22-2008, 10:55 PM
nexus is a colour-clicker (afaik)
you can make them in any language you want, as long as it can read from the video driver or however it works,

you cant easily make a client-reading bot in any language other then java,
if runescape was written in c#, you couldnt make it in anything except c#


n3ss3s, you look here


//some stuff with the client

//this bit gets called when a new item spawns
int newPosX =
int newPosY =
int newItemID =

/** callback inserted here with bcel **/
MyBotClass.itemSpawned(newPosX, newPosY, newItemID);

//other stuff


then in MyBotClass



public class MyBotClass {

public static void itemSpawned(int newPosX, int newPosY, int newItemID) {

//do stuff with this information, like check what the item is and pick if up if you want
}
}

TravisV10
09-22-2008, 11:43 PM
So how difficult would it be for you (Yakman), with your knowledge, to start a bot and have it get 1 or 2 variables from the RS Client.

Method
09-23-2008, 12:02 AM
So how difficult would it be for you (Yakman), with your knowledge, to start a bot and have it get 1 or 2 variables from the RS Client.

Making the bot correctly load your modified client and getting it to run takes a lot more work than using accessor methods that you injected earlier for your bot to use to get variables that you've identified.

n3ss3s
09-23-2008, 05:15 AM
Yakman, yeah, interested in the BCEL part then,


//this bit gets called when a new item spawns

chrisn2323
09-23-2008, 07:41 PM
yakman is saying edit the client so that it calls the method


//some stuff with the client

//this bit gets called when a new item spawns
int newPosX =
int newPosY =
int newItemID =

/** callback inserted here with bcel **/
MyBotClass.itemSpawned(newPosX, newPosY, newItemID);

//other stuff

so then in MyBotClass you have


public class MyBotClass {

public static void itemSpawned(int newPosX, int newPosY, int newItemID) {

//do stuff with this information, like check what the item is and pick if up if you want
}
}
and when itemSpawned method in your bot gets called by your client you could do something like


public static void itemSpawned(int newPosX, int newPosY, int newItemID) {

clickItem(newPosX, newPosY, newItemID);
}
}

so that the bot will click the item when it spawns.

Yakman
09-23-2008, 08:08 PM
yeah that works,
but watch out, i assume clickMouse() doesn't return until the mouse is all the way over there, which could take up to 500 msec or so.

since itemSpawned() is invoked in a thread in the client, the whole thread would block until your mouse moved, which is very bad, cause who knows what that thread might be doing.
it might be reading data from the socket or rendering the main screen, so you blocking it would be very bad.

you should start your own thread and move the mouse on that.
make the itemSpawned() method return as fast as you can, in the example below, i just get the lock on the queue, add to the queue and notify the other thread to wake up.

sorry if this is confusing, threading is a difficult subject and i never actually defined the Job class.



private static Object jobLock;
private static Queue<Job> jobQueue;

public static void itemSpawned(int newPosX, int newPosY, int newItemID) {
synchronized(jobLock) {
jobQueue.add(new ClickItemJob(newPosX, newPosY, newItemID));
jobLock.notify();
}
}

}

//this runs in another thread
public void run() {
try {
while(true) {

Job job;
synchronized(jobLock) {
if(jobQueue.isEmpty())
jobLock.wait();
job = jobQueue.poll();
}
job.doJob();
}
}
catch(InterruptedException ex) {
//to stop this thread, you do thread.interrupt() which makes it jump
//outside the while loop to here, so it ends.
}
}





the thing with bcel or any client-reading bot is not how you inject the bytecode in, but keeping it updated all the time.

injecting bytecode is easy once you learn it, the hard part is finding the right place to inject and the right field names to access.
and you have to do this every update.

if you want to see the injecting with bcel, i do have a section on it in that old tutorial.

TravisV10
09-23-2008, 08:30 PM
Yakman, am I missing something? Have you created a bot before?

MylesMadness
09-23-2008, 09:47 PM
Yakman, am I missing something? Have you created a bot before?Maybe private. He is just uber in java and C(++?)

Yakman
09-24-2008, 12:10 PM
not private, thats against my philosophies,

iv made two or three bots in my time, but in all cases, i simply dont have the patience to maintain an updater.
reading through a deob is intresting at first, but now its seriously annoying and dull.

also, i could never auto for long periods, that always made it difficult for me, even with scar.


iv helped a bit with rsbot as well. And i take my time reading through the source files of some older bots.

Tniffoc
09-24-2008, 11:50 PM
I just google'd it and found this: http://www.smfsupport.com/support/java/bcel_tutorial-t5178.0.html
It's a BCEL tutorial... with credits to Yakman. It's times like these where i wish i knew java so i could write my own bot... anyways, this tutorial confused the sh*t out of me so i skimmed through it for 30 secs =P
Hi guys,
I am following this tutorial but, when I got to the end, it seemed un-finished. Is this the case? If so, could someone point me to a better one?

Thanks,
Tniffoc

Method
09-24-2008, 11:56 PM
Hi guys,
I am following this tutorial but, when I got to the end, it seemed un-finished. Is this the case? If so, could someone point me to a better one?

Thanks,
Tniffoc

What are you looking for beyond what the tutorial mentions?

Tniffoc
09-25-2008, 12:38 AM
What are you looking for beyond what the tutorial mentions?

This is the part of the last line of the tutorial. It doesn't seem to me like it came to a good stopping point. (What really big long constructor???).

Also, I downloaded bcel but I don't know how to install it. I know that I probably just place bcel-5.2.jar somewhere. Would you please help me again?

Quote no longer needed!!

Thanks,
Tniffoc

Method
09-25-2008, 12:42 AM
The constructor is this:


MethodGen(int access_flags, Type return_type, Type[] arg_types, String[] arg_names, String method_name, String class_name, InstructionList il, ConstantPoolGen cp)

It gives the basics of BCEL and client hacking, but if you'd like to learn more, check out tutorials and updaters at MoparIsTheBest.com (http://www.moparisthebest.com/smf/index.php?board=21.0).

Also, you don't install BCEL. You just reference its classes from a class file. For example, you can create a project in EasyEclipse and include it as an external jar to be able to access its classes.

Tniffoc
09-25-2008, 12:46 AM
The constructor is this:


MethodGen(int access_flags, Type return_type, Type[] arg_types, String[] arg_names, String method_name, String class_name, InstructionList il, ConstantPoolGen cp)

It gives the basics of BCEL and client hacking, but if you'd like to learn more, check out tutorials and updaters at MoparIsTheBest.com (http://www.moparisthebest.com/smf/index.php?board=21.0).

Also, you don't install BCEL. You just reference its classes from a class file. For example, you can create a project in EasyEclipse and include it as an external jar to be able to access its classes.

Oh.. Wow... It's been along time since I've used Java... I'm so used to having to put all the includes in the includes folder! Thanks for the tutorial and help!

Markus
09-26-2008, 07:24 PM
They only copied the first post out of two: http://moparisthebest.com/smf/index.php/topic,160681.0.html