I'll start by explaining my problem and things I've tried.

I'm writing a Cursor Attack hack for Diablo II. It works for all technical purposes, but because the cursor highlight routine I'm using is called roughly 200 times a second when I highlight a monster to grab its ID, name and send the attack data it's sending my packet data to the realm server way too fast -- at a rate of 200 packets a second, thus causing a ban for flooding the server with godly amounts of data in a short period of time.

Anyway, my solution for solving this packet flooding issue was to create some sort of timer, but I soon realized after compiling my code that it wouldn't work. It would only lag the client down, which it did AND still sent enormous amounts of data in a short period of time. Here is what I did though:

[code]
#Packet delay code
Some D2 send() address here
jmp @ start

#start
cmp byte ptr [ecx], 0d // Attack packet
je @ settime
cmp byte ptr [ecx], 3c // Switch skill packet
je @ settime
jmp @ end

#delay1
dec eax
cmp dword ptr eax, 00000000
je @ end
jmp @ delay1

#settime
mov dword ptr eax, 00002000
jmp @ delay1

#end
return codes here
[/code]


Instead, the other solution that presented itself to me was to hook the send() in the D2 client again and code something that did the following because the timer code I tried isn't working:

If data is passed to the send() too quickly, destroy that data and exit send()

I can’t think of any way of doing this in ASM at the moment… Any suggestions?

Edit:
Another way of putting it would be, how would I write some sort of wait-time code before a function can be called again?

You could use an api settimer() function that auto-resets to call your code once/second or something like that. That may be the easiest way.

You could also store the value of GetTickCount and check current GetTickCount against stored when your routine is called - only continue (and store new GetTickCount) if X ms have passed.

Is there a way of doing it without using Windows APIs? An example of something you could show me in ASM would be greatly appreciated.

[quote author=Paul link=board=7;threadid=5333;start=0#msg44797 date=1077058292]
Is there a way of doing it without using Windows APIs? An example of something you could show me in ASM would be greatly appreciated.
[/quote]

You could skip doing anything except every X times it is called. That won't be very accurate though. You should use Windows APIs.

[quote author=Adron link=board=7;threadid=5333;start=0#msg44799 date=1077058474]
You could skip doing anything except every X times it is called. That won't be very accurate though. [/quote]

I never thought of doing it that way, thanks! ;)

Edit:
Works! Here is what I did:

[code]
dec eax
cmp dword ptr eax, 00000000
jne @ nono

#settime
mov dword ptr eax, 50000000

#do action
call more code

#nono
kill it code down here + return
[/code]

The only problem with that is that it's computer-dependant.. it won't necessarely work at that speed on other computers. At least, if you were using the windows API, it would be consistant across windows computer. And d2 won't run on anything besides windows, so life would be good.

Optimization police.

[quote author=Paul link=board=7;threadid=5333;start=0#msg44800 date=1077059145]
[code]dec eax
cmp dword ptr eax, 00000000
jne @ nono
[/code]
[/quote]

The second line (cmp) is not necessary.
If dec reduces its argument to zero, it sets ZF, the zero flag (which is the same as the "equal" flag - jz and je are the same instruction, as well as jnz and jne).
So you could just use:

[code]dec eax
jnz @ nono[/code]

Also, in general cases (i.e. not immediately following an instruction like dec), instead of "cmp eax, 0" you should use "test eax, eax" (or other registers) - does the same thing, either faster or with smaller code (or both).

Edit: Punctuation ::)

I tend to use test eax,eax because that's what I see in most compiled code :)

I like to use cmp for clarity when I'm really testing for the explicit value of zero, and not writing anything critical. Much like using if(a) vs if(a == 0), although in a high level language it hopefully makes no difference to the generated code.

[quote author=Adron link=board=7;threadid=5333;start=0#msg44943 date=1077148982]
I like to use cmp for clarity when I'm really testing for the explicit value of zero, and not writing anything critical. Much like using if(a) vs if(a == 0), although in a high level language it hopefully makes no difference to the generated code.
[/quote]

It depends which language; Java can *only* accept booleans inside if, so if(a) causes a compile error. That's often very frustrating, but it does add clarity.

I've never seen "test" used for anything besides "test eax, eax" or the like; what's it actually used for?

[quote author=iago link=board=7;threadid=5333;start=0#msg44969 date=1077156341]
It depends which language; Java can *only* accept booleans inside if, so if(a) causes a compile error. That's often very frustrating, but it does add clarity.

I've never seen "test" used for anything besides "test eax, eax" or the like; what's it actually used for?
[/quote]

"Test performs a logical and on its two operands and updates the flags (CF, OF). Neither destination nor source is changed."

http://202.114.22.131/mirrors/www_litespeed_org/Tutorials/Drme2.htm#TEST

[quote author=K link=board=7;threadid=5333;start=0#msg44970 date=1077156757]
[quote author=iago link=board=7;threadid=5333;start=0#msg44969 date=1077156341]
It depends which language; Java can *only* accept booleans inside if, so if(a) causes a compile error. That's often very frustrating, but it does add clarity.

I've never seen "test" used for anything besides "test eax, eax" or the like; what's it actually used for?
[/quote]

"Test performs a logical and on its two operands and updates the flags (CF, OF). Neither destination nor source is changed."

http://202.114.22.131/mirrors/www_litespeed_org/Tutorials/Drme2.htm#TEST
[/quote]

Doesn't it affect the ZF? Since generally a jz or jnz are used afterwards.

And how is that different from cmp? Is cmp an or?

[quote author=iago link=board=7;threadid=5333;start=0#msg44972 date=1077157068]And how is that different from cmp? Is cmp an or?[/quote]

cmp determines an arithmetic relation between the two operands (which is greater/less). test determines the bit relation between the two operands (whether there are any bits enabled in both of them).

[quote author=Kp link=board=7;threadid=5333;start=0#msg44990 date=1077163344]
[quote author=iago link=board=7;threadid=5333;start=0#msg44972 date=1077157068]And how is that different from cmp? Is cmp an or?[/quote]

cmp determines an arithmetic relation between the two operands (which is greater/less). test determines the bit relation between the two operands (whether there are any bits enabled in both of them).
[/quote]

aah, ok, so test doesn't care about nearly as many different things. So you can't use a test then jle, and such?

[quote author=iago link=board=7;threadid=5333;start=0#msg45028 date=1077200302]
aah, ok, so test doesn't care about nearly as many different things. So you can't use a test then jle, and such?[/quote]

You could, actually. According to the x86 instruction set reference, test sets OF to 0 and SF to the MSB (among other things). jle branches on ZF=1 or SF!=OF, so it would indeed work properly. However, I'd suggest consulting the instruction set reference to determine what the behaviors of the various flags are for test and what the Jcc instructions are going to be examining before you go trying to extend this to other types of jumps.

Just wanted to thank Adron for suggesting the delay idea once again. I finished a build of my program, if you play D2 and wanna check it out you can find it here:

http://www.blizzhackers.com/phpBB2/viewtopic.php?t=131082

Thanks again!