public static void SuspendMainWowThread()
{
ProcessThread wowMainThread = SThread.GetMainThread((int)MyHook._processId);
IntPtr hThread = SThread.OpenThread(wowMainThread.Id);
SThread.SuspendThread(hThread);
}
public static void ResumeMainWowThread()
{
ProcessThread wowMainThread = SThread.GetMainThread(process.Id);
IntPtr hThread = SThread.OpenThread(wowMainThread.Id);
SThread.ResumeThread(hThread);
}
public static void resumeMainThread(int dwProcessId)
{
ProcessId = dwProcessId;
ProcessThread wowMainThread = SThread.GetMainThread(ProcessId);
IntPtr hThread = SThread.OpenThread(wowMainThread.Id);
SThread.ResumeThread(hThread);
}
public static void suspendMainThread(int dwProcessId)
{
ProcessId = dwProcessId;
ProcessThread wowMainThread = SThread.GetMainThread(ProcessId);
IntPtr hThread = SThread.OpenThread(wowMainThread.Id);
SThread.SuspendThread(hThread);
}
public static void ResumeMainWowThread()
{
if (MyHook == null)
{
MyHook = new Hook((uint)ObjectManager.WowProcess.Id, (uint)ObjectManager.WowProcess.MainModule.BaseAddress);
}
ProcessThread wowMainThread = SThread.GetMainThread((int)MyHook._processId);
IntPtr hThread = SThread.OpenThread(wowMainThread.Id);
SThread.ResumeThread(hThread);
}
public void Stop() //bool requeue)
{
_stopped = true;
//Cant lock both _Threads and _workItems
//That might cause a deadlock
lock (_Threads)
foreach (System.Threading.Thread SThread in _Threads.Keys)
{
SThread.Abort();
}
}
protected override void WndProc(ref Message m)
{
base.WndProc(ref m);
if (m.Msg == 0xBEEF)
{
Console.WriteLine("0xBEEF message recieved, resuming main thread!");
ProcessThread wowMainThread = SThread.GetMainThread(ProcessId);
IntPtr hThread = SThread.OpenThread(wowMainThread.Id);
SThread.ResumeThread(hThread);
}
}
private static bool InjectDll(IntPtr processHandle, string dllPath)
{
IntPtr parameterAddress = IntPtr.Zero;
try
{
parameterAddress = SMemory.AllocateMemory(processHandle, dllPath.Length,
Win32.MemoryAllocationType.MEM_COMMIT, Win32.MemoryProtectionType.PAGE_READWRITE);
byte[] buffer = UTF8Encoding.UTF8.GetBytes(dllPath);
bool isMemoryWritten = SMemory.WriteProcessMemory(processHandle, parameterAddress, buffer, buffer.Length + 1);
if (!isMemoryWritten)
{
throw new Exception("WriteProcessMemory failed.");
}
IntPtr kernel32dllHandle = Imports.GetModuleHandle("kernel32.dll");
IntPtr loadLibraryAddress = SProcess.GetProcAddress(kernel32dllHandle, "LoadLibraryA");
IntPtr remoteThreadHandle = SThread.CreateRemoteThread(processHandle, (uint)loadLibraryAddress, (uint)parameterAddress);
if (remoteThreadHandle != IntPtr.Zero)
{
Imports.WaitForSingleObject(remoteThreadHandle, (uint)WaitValues.INFINITE);
Imports.CloseHandle(remoteThreadHandle);
return(true);
}
return(false);
}
finally
{
if (parameterAddress != IntPtr.Zero)
{
SMemory.FreeMemory(processHandle, (uint)parameterAddress);
}
}
}
/// <summary>
/// Resumes WoW's main thread
/// </summary>
private static void ResumeMainthread()
=> SThread.ResumeThread(
SThread.OpenThread(
SThread.GetMainThread(BlackMagic.ProcessId).Id));
/// <summary>
/// Hold WoW's main thread, be careful things get dangerous here
/// </summary>
private static void PauseMainThread()
=> SThread.SuspendThread(
SThread.OpenThread(
SThread.GetMainThread(BlackMagic.ProcessId).Id));
public static int GetWowMainThread()
{
ProcessThread wowMainThread = SThread.GetMainThread(process.Id);
return(wowMainThread.Id);
}
public void LoadAssembly(string path, string entryNamespace, string entryClass, string entryFunction)
{
uint num = this.AllocRemoteString(path);
uint num2 = this.AllocRemoteString(entryNamespace);
uint num3 = this.AllocRemoteString(entryClass);
uint num4 = this.AllocRemoteString(entryFunction);
byte[] array = new byte[]
{
232,
0,
0,
0,
0,
80,
232,
0,
0,
0,
0,
184,
0,
0,
0,
0,
106,
0,
80,
232,
0,
0,
0,
0,
80,
232,
0,
0,
0,
0,
186,
0,
0,
0,
0,
82,
185,
0,
0,
0,
0,
81,
80,
232,
0,
0,
0,
0,
106,
0,
185,
0,
0,
0,
0,
81,
80,
232,
0,
0,
0,
0,
106,
0,
106,
0,
106,
0,
80,
232,
0,
0,
0,
0,
131,
196,
56,
195
};
uint num5 = this.memory.AllocateMemory(array.Length);
this.memory.WriteBytes(num5, array);
this.memory.WriteUInt(num5 + 1u, this.GetRelativeAddress(this.FindFuncAdress("mono.dll", "mono_get_root_domain"), num5 + 1u));
this.memory.WriteUInt(num5 + 7u, this.GetRelativeAddress(this.FindFuncAdress("mono.dll", "mono_thread_attach"), num5 + 7u));
this.memory.WriteUInt(num5 + 12u, num);
this.memory.WriteUInt(num5 + 20u, this.GetRelativeAddress(this.FindFuncAdress("mono.dll", "mono_assembly_open"), num5 + 20u));
this.memory.WriteUInt(num5 + 26u, this.GetRelativeAddress(this.FindFuncAdress("mono.dll", "mono_assembly_get_image"), num5 + 26u));
this.memory.WriteUInt(num5 + 31u, num3);
this.memory.WriteUInt(num5 + 37u, num2);
this.memory.WriteUInt(num5 + 44u, this.GetRelativeAddress(this.FindFuncAdress("mono.dll", "mono_class_from_name"), num5 + 44u));
this.memory.WriteUInt(num5 + 51u, num4);
this.memory.WriteUInt(num5 + 58u, this.GetRelativeAddress(this.FindFuncAdress("mono.dll", "mono_class_get_method_from_name"), num5 + 58u));
this.memory.WriteUInt(num5 + 70u, this.GetRelativeAddress(this.FindFuncAdress("mono.dll", "mono_runtime_invoke"), num5 + 70u));
IntPtr hObject = this.memory.CreateRemoteThread(num5, 0u);
bool flag = false;
if (SThread.WaitForSingleObject(hObject, 3000u) != 0u)
{
flag = true;
}
this.memory.FreeMemory(num);
this.memory.FreeMemory(num3);
this.memory.FreeMemory(num2);
this.memory.FreeMemory(num4);
this.memory.FreeMemory(num5);
if (flag)
{
throw new Exception("Timeout in mono loader");
}
}
