Results 1 to 4 of 4

Thread: 2017 NXT - Does SPS still work?

  1. #1
    Join Date
    Dec 2011
    Location
    Toronto, Ontario
    Posts
    6,424
    Mentioned
    84 Post(s)
    Quoted
    863 Post(s)

    Default 2017 NXT - Does SPS still work?

    After I finish my current skill, I plan on writing a script which requires SPS to use. Does it still work with NXT? @Kasi mentioned that I could scan memory in order to position/walk. Is there a guide/documentation that I could look at?

    Thanks.

  2. #2
    Join Date
    Dec 2007
    Posts
    2,112
    Mentioned
    71 Post(s)
    Quoted
    580 Post(s)

    Default

    You should look into CheatEngine if you're starting out with memory scanning. I haven't personally done any memory scanning on NXT but im 100% sure you can at least get the local position then do some SPS magic (finding a smaller map on a bigger map). The main thing you're looking to find in memory is the local position.

    NXT doesnt run on my trash computer. I have other projects atm but if you're still struggling, i can try offer more help.

  3. #3
    Join Date
    Feb 2012
    Location
    Portugal
    Posts
    91
    Mentioned
    3 Post(s)
    Quoted
    41 Post(s)

    Default

    @Sin any luck so far scanning for the position? Or any news on making SPS working with NXT?
    I also need SPS

  4. #4
    Join Date
    Dec 2010
    Posts
    483
    Mentioned
    30 Post(s)
    Quoted
    328 Post(s)

    Default

    Player location position is stored within several places in the NXT client. You could target the array of currently loaded Actors (both players and NPCs) or several other places, such as the drawing routines.

    Current tile X and Y are stored as 4-byte values - either with or without a region offset depending on which ones you are targeting.

    To find them:
    Scan NXT's memory for a 4 byte memory sector of unknown value. Then move your character one tile in a direction and rescan for a +/- 1 change. Repeat this until you have located the X and Y axis of location. I'd recommend using Ollydbg to debug the region offset if necessary.

    Next you'll need to find a "static" path to those memory regions that will be consistent between restarts. The base will be the start in memory of the game dll itself, and will step through 3-4 pointers to consistently lead to your desired memory. This will take some time to find but once you do you'll be set until they release a newer NXT version (or modify the current one in anyway, including just recompiling in some cases). To reliably update in such a situation you will want to find a pattern in memory of that region so you can scan and find it later, very similar to how current Java updaters scan through bytecode identifying patterns to find desired fields. You'll be doing an AOB scan (Array of Bytes - makes sense right?). Look for static information, such as maybe your testing character's username to help you find the player struct in memory.

    I think I've given you some useful things to google and look into further so I will end this post here. Cheers and good luck.

    EDIT:

    Fuck it. Your script got me 99 magic/smith a couple years ago so why not? First post back as a spoonfeed ftw. Enjoy.

    Code:
            [StructLayout(LayoutKind.Sequential)]
            public struct PlayerInfo
            {
                public int playerX;
                public int playerY;
                public int playerXEx;
                public int playerYEx;
            }
    
            public PlayerInfo getPlayerInfo()
            {
                IntPtr infoHead = IntPtr.Zero;
                IntPtr temp = IntPtr.Zero;
                byte[] buffer = new byte[16];
                readPointer64(threadStack0 - 0x2b0, 4, new int[] { 0xfc8, 0x140, 0x50 }, out infoHead);
                ReadProcessMemory(p.Handle, infoHead, buffer, 16, out temp);
                GCHandle handle = GCHandle.Alloc(buffer, GCHandleType.Pinned);
                PlayerInfo result = (PlayerInfo) Marshal.PtrToStructure(handle.AddrOfPinnedObject(), typeof(PlayerInfo));
                handle.Free();
                return result;
            }
    threadstack0 is a variable represting the TebBaseAddress of a thread, in this case Thread-0. This is our static start not the game dll. Its proven to be more reliable in my tests. To find it do:

    Code:
                IntPtr appHandle = (IntPtr) FindWindow(null, "RuneScape");
                List<IntPtr> handles = app.GetAllChildrenWindowHandles(app.GetAllChildrenWindowHandles(app.GetAllChildrenWindowHandles(app.GetAllChildrenWindowHandles(appHandle, 1)[0], 1)[0], 1)[0], 1);
                app.draw = Graphics.FromHwnd(handles[0]);
                app.pBaseAddress = app.p.MainModule.BaseAddress;
                UIntPtr k0 = app.GetStackStart(0);
                UIntPtr k1 = app.GetStackStart(1);
                app.threadStack0 = unchecked((IntPtr)(long)(ulong)k0);
    Now you need to compute a world2screen method and world2minimap method and your walking is done. Can't give you everything

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •