1.15.2 - call command function

[kovarex]

Hello, could anyone provide me any help with seeding commands?

We need it for developing of the bwapi - it will be library that can be used to make bw ai in c++.
(some basic info can be found here http://www.broodwarai.com/forums/index.php?showtopic=295)

We can already acces all unit information we want, but now we want to be able to order commands, we already searched (from web, and the incomplete nexiouz source that ordering commans is connected with these addresses:

const int BWFXN_CommandUnit = 0x4BFF80;
const int IssueCommand = 0x4858F0;
and the sendCommand function MIGHT be like this:
void (_stdcall*sendCommand)(int, int int, int) = (void(_stdcall*)(int, int, int, int))BW::BWFXN_CommandUnit;

So questions are
a) Are these offsets correct?
b) Are function parameters correct?
c) What are their meaning?
d) If the function orders selected unit, how can I issue order to select other unit(s)?

I found somehwere that it could be like this
sendCommand(commandCode, 0xe4, target.x, target.y);
but I tried all possible command codes and nothing happened (expect the replay couldn't be opened in bwchart (so something strange happened atleast)

Any hints/redirection are apprecieted.

I also found these memory locations:
IssueCommand 4858F0
CancelUnit 423480
PrintXY 4202A0
SetFont 41FB20
Small 6CE0DC
Normal 6CE0E0
Large 6CE0E4
Huge 6CE0E8

But how can I use them when I don't know their parameters?
(For example I guessed the PrintXY to be char*,int,int and it crashed bw)

Ok, seems like the problem really is, that all these addresses are 1.15.1, is there any source of 1.15.2 values?

[SC_Modder]

I highly recommend you look into learning how to reverse engineer starcraft yourselves if you want to figure out where these addresses are. An obvious hint is that in order to send commands to units you have to also select them first.

Also, that "nexus" hack is a pile of sh*t that you should completely disregard. I could probably make a better open-source hack completely from the ground up.

[kovarex]

So there isn't single program with public sourcecodes involving seeding commands in version 1.15.2?

[ulliklliwi]

So there isn't single program with public sourcecodes involving seeding commands in version 1.15.2?

think about it, if your going to be a noob, and copy/ paste code then how the **** will you even make an AI program . . . let alone even compile the program.?

[kovarex]

I'm sorry if you misunderstood me, I'm c++ programmer with lot of experience (I do it for living), but I just want to know how to seed commands in bw.

[kovarex]

I would really like to avoid to learn reverse engineering, I regard it as waste of time, especially when I know that they are ppl who already discovered these things, why don't they want to share it??

[nano351]

you're a c++ programmer but you have no idea how to use a debugger, eh?

[kovarex]

Omg, if I wanted dumb responses without any value, I would say it.

[nano351]

Just to save you some time. No one here's going to spoon feed you the information. You'll get the information much quicker if you just took a couple days to learn how to use a debugger than waiting for someone to just tell you.

[-187-]

So questions are
a) Are these offsets correct?
b) Are function parameters correct?
c) What are their meaning?
d) If the function orders selected unit, how can I issue order to select other unit(s)?

I found somehwere that it could be like this
sendCommand(commandCode, 0xe4, target.x, target.y);
but I tried all possible command codes and nothing happened (expect the replay couldn't be opened in bwchart (so something strange happened atleast)

Any hints/redirection are apprecieted.

I also found these memory locations:
IssueCommand 4858F0
CancelUnit 423480
PrintXY 4202A0
SetFont 41FB20
Small 6CE0DC
Normal 6CE0E0
Large 6CE0E4
Huge 6CE0E8

But how can I use them when I don't know their parameters?
(For example I guessed the PrintXY to be char*,int,int and it crashed bw)

Ok, seems like the problem really is, that all these addresses are 1.15.1, is there any source of 1.15.2 values?

a) Yes those offsets are correct.
b) Yes those function parameters are correct.
c) You need to learn to find these offsets on your own and learn to reverse engineer starcraft, once you've gotten good these things will start making sense.
d) it will come clear when you follow the above "c)"

Oh and by the way, ripping source code and calling it yours is naughty.

Code:

http://www.ollydbg.de

Learn to use that debugger, it's pretty nice when you know how to use it.

edit: A certain function has to be called before you use the PrintXY buddy. (I think, I don't really remember).

[kovarex]

With your approach, everyone in school should invent his own mathematics, and find out how to construct his computer.

[kovarex]

Ok, if there is someone who can provide some working example how to seed
a) order command to selected unit
or
b) select unit(s)

I would welcome it, but pls no more msgs like "find it yourself" or "Oh and by the way, ripping source code and calling it yours is naughty", if you call offset and information what arguments and how do you pass to call some function "ripping code" you really know NOTHING about programming.
In other words, only ppl over 13 years answer in this tread pls.

(All I found out with ollydbg is that these offsets are at least not accurate as the BWFXN_CommandUnit function is really called when I order command, but it's arguments contain only position and doesn't contain command code (and is also not called when using right-click), so it is probably just some help function)

I tried to call that function with exaclty same arguments as it was called from bw and nothing happened, so the function just does something else.

[nano351]

Try looking at the IssueCommand offset.

Oh and by the way, not using the edit button and double posting is naughty

[kovarex]

The select unit offset that I found around (:0x0049ABA0) is actually 0x0049AB90 in 1.15.2, and voila, The select seeding works perfectly instead of crashing bw.
THe issue command is called very often (evry frame) and I don't give any orders.

[ulliklliwi]

The select unit offset that I found around (:0x0049ABA0) is actually 0x0049AB90 in 1.15.2, and voila, The select seeding works perfectly instead of crashing bw.
THe issue command is called very often (evry frame) and I don't give any orders.

wrong, not even close.

here u ****ing crying noob

PHP Code:


void __fastcall IssueCommand(PBYTE pbBuffer, int iSize) {
static const int BWFXNIssuseCommand = 0x4858F0;
    __asm {
        MOV ECX, pbBuffer
        MOV EDX, iSize
        CALL [BWFXNIssuseCommand]
    }
}
// heres how u use
// Zerg Mineral hack
// NOTE: must select an egg and must be able to build a drone for this to work
BYTE BuildDrone[] = {0x23, 0x23, 0x00};
BYTE CancelLastQueue[] = {0x20, 0xFE, 0x00};
IssueCommand((PBYTE)BuildDrone, 3);
IssueCommand((PBYTE)CancelLastQueue, 3); 


[nano351]

The select unit offset that I found around (:0x0049ABA0) is actually 0x0049AB90 in 1.15.2, and voila, The select seeding works perfectly instead of crashing bw.
THe issue command is called very often (evry frame) and I don't give any orders.

you need to NOP out the call to issue command that happens every frame. After it pops just do run till return and step into. Then NOP the call.

[kovarex]

I compiled ulliklliwi info + nano 351 info to find out that the drone code is
BYTE BuildDrone[] = {0x23, 0x29, 0x00} instead of BYTE BuildDrone[] = {0x23, 0x23, 0x00}, and it really works, so thank you.

[K? Pŕo?ćtiόnŹ]

Yah, but seriously, if you want to make what you're wanting to make you are going to have to do so some reverse engineering, might as well get some practice and start with anything. Unless you have some douche constantly spoon feedining that is.

[kovarex]

As noone is providing precise information here, I will maybe start tread with info that I discovered, for example:
here is data structure for move command

Code:

    class Move
    {
      public :
        Move(u16 x, u16 y);
      private :
        u8 always0x14;
        u16 x;
        u16 y;
        u16 alwaysZero;
        u8 always0xe4;
        u16 alwaysZero2;
    };
  }

size 10, so I call it

Code:

IssueCommand((PBYTE)&BW::Orders::Move(x,y), 0xA);

[MasterOfChaos]

probably it also includes a target-UnitID and a flag for shift-queue. The CommandIDs are probably the same as in replays, so you can use the table from the replaylib.