static void Main(string[] args) { uint dwCodeLoc; wow = new BlackMagic(); if (wow.OpenProcessAndThread(SProcess.GetProcessFromProcessName("wow"))) { Console.WriteLine(wow.GetModuleFilePath()); DateTime dt = DateTime.Now; //dwCodeLoc = SPattern.FindPattern(wow.ProcessHandle, wow.MainModule, PATTERN_CLIENT_CONNECTION, MASK_CLIENT_CONNECTION, ' '); dwCodeLoc = wow.FindPattern(PATTERN_CLIENT_CONNECTION, MASK_CLIENT_CONNECTION); Console.WriteLine("Pattern found in {0}ms", DateTime.Now.Subtract(dt).TotalMilliseconds); Console.WriteLine("Code loc: 0x{0:X08}", dwCodeLoc); Console.WriteLine("CLIENT_CONNECTION: 0x{0:X08}", wow.ReadUInt(dwCodeLoc + 0x16)); Console.WriteLine("CURMGR_OFFSET: 0x{0:X08}", wow.ReadUInt(dwCodeLoc + 0x1C)); } else { Console.WriteLine("World of Warcraft could not be opened for read/write."); } Console.ReadLine(); }
static void Main(string[] args) { if (!Helper.MineProcess.OpenProcessAndThread(SProcess.GetProcessFromWindowTitle("Minesweeper"))) { Console.WriteLine("Minesweeper is not running."); Environment.Exit(1); } uint width = Helper.MineProcess.ReadUInt(0x1005334); uint height = Helper.MineProcess.ReadUInt(0x1005338); Console.WriteLine(width); Console.WriteLine(height); uint result = 0; for (uint w = 1; w <= width; w++) { for (uint h = 1; h <= height; h++) { byte cellValue = Helper.MineProcess.ReadByte(0x1005340 + (h << 5) + w); if (cellValue == 0x0F) // No mine { result = Helper.ClickBox(w, h); } } } Helper.MineProcess.Close(); }
private void button1_Click(object sender, EventArgs e) { magic = new BlackMagic(); if (magic.OpenProcessAndThread(SProcess.GetProcessFromProcessName("WoW"))) { handle = FindWindow(null, "World of Warcraft"); attachLabel.Text = "Attached to WoW"; if (profileLoaded && spellsLoaded) { startButton.Show(); start = 3; } attached = true; menuButton3.Show(); newProfile = new CreateProfile(magic, pointsTextBox); // //check this profileThread = new Thread(newProfile.DoWork); profileThread.Start(); sendMsgBox.Show(); sendMsgButton.Show(); sayLabel.Show(); whisperLabel.Show(); replyLabel.Show(); partyLabel.Show(); guildLabel.Show(); //testLabel.Text = magic.ReadShort((uint)TbcOffsets.General.Cursor)+""; } else { attachLabel.Text = "World of Warcraft does not appear to be running"; } }
static void Main(string[] args) { //Open the proccess wow = new BlackMagic(); wow.OpenProcessAndThread(SProcess.GetProcessFromWindowTitle(PROCESS_WINDOW_TITLE)); //Setup Object Manager and First object base address ObjMgrAddr = wow.ReadUInt(wow.ReadUInt((uint)wow.MainModule.BaseAddress + (uint)Constants.Const.ObjectManager.CurMgrPointer) + (uint)Constants.Const.ObjectManager.CurMgrOffset); FirstObject = new GameObject(wow.ReadUInt(ObjMgrAddr + (uint)Constants.Const.ObjectManager.FirstObject)); //Read TargetGUID from globals and find in the Object Manager //UInt64 CurrTargetGUID = wow.ReadUInt64((uint)wow.MainModule.BaseAddress + (uint)Const.Globals.CurrentTargetGUID); UInt64 CurrTargetGUID = wow.ReadUInt64((uint)wow.MainModule.BaseAddress + (uint)Constants.Const.Globals.CurrentTargetGUID); PlayerObject = new GameObject(wow.ReadUInt64((uint)wow.MainModule.BaseAddress + (uint)Constants.Const.Globals.PlayerGUID)); TargetObject = new GameObject(CurrTargetGUID); PlayerObject.Wowclass = wow.ReadByte(PlayerObject.DescriptorArrayAddress + (uint)Const.descriptors.Class8); System.Timers.Timer aTimer = new System.Timers.Timer(); aTimer.Interval = 100; if (PlayerObject.Wowclass == 9) { Console.WriteLine("Initiate Affliction Warlock DPS BOT v1.0"); aTimer.Elapsed += WarlockDPS.DpsEvent; } else if (PlayerObject.Wowclass == 11) { Console.WriteLine("Initiate Feral Druid DPS BOT v0.1"); aTimer.Elapsed += DruidDPS.DpsEvent; } aTimer.AutoReset = true; aTimer.Enabled = true; while (true) { switch (Console.ReadLine()) { case "stop": Console.WriteLine("STOP"); aTimer.Elapsed -= DruidDPS.DpsEvent; aTimer.Elapsed -= WarlockDPS.DpsEvent; aTimer.Elapsed -= PrinterEvent; break; case "printer": aTimer.Elapsed += PrinterEvent; break; case "start": if (PlayerObject.Wowclass == 9) { Console.WriteLine("Initiate Affliction Warlock DPS BOT v1.0"); aTimer.Elapsed += WarlockDPS.DpsEvent; } else if (PlayerObject.Wowclass == 11) { Console.WriteLine("Initiate Feral Druid DPS BOT v0.1"); aTimer.Elapsed += DruidDPS.DpsEvent; } break; } } }
public bool Init() { // Open the Diablo III process int processID = SProcess.GetProcessFromProcessName(PROCESS_NAME); if (processID == 0) { Log.Error("Diablo III process not found"); return(false); } // Attempt to open the D3 process with read/write permission if (!d3.IsProcessOpen && !d3.Open(processID)) { d3 = null; Log.Error("Failed to open Diablo III process " + processID); return(false); } if (!computedHash) { // Compute the MD5 hash of the D3 executable to make sure we're working with the right version byte[] md5Bytes; using (FileStream exeStream = File.OpenRead(d3.GetModuleFilePath())) md5Bytes = new MD5CryptoServiceProvider().ComputeHash(exeStream); string md5Hash = ProcessUtils.BytesToHexString(md5Bytes); if (md5Hash != Offsets.MD5_CLIENT) { throw new Exception("MD5 checksum failed: " + md5Hash); } computedHash = true; } // Initialize the memory reader, including important global pointer addresses if (!memReader.UpdatePointers()) { return(false); } // Install our detour into the DirectX9 EndScene() method try { injector = new Injector(d3, memReader.EndSceneAddr); } catch (Exception ex) { Log.Error("Failed to inject custom code", ex); return(false); } return(true); }
private void Sample_Load(object sender, EventArgs e) { try { Game.Attach(SProcess.GetProcessesFromWindowTitle("Diablo III")[0]); Debug.Print("DEBUG: count: " + Game.ObjectManager.Storage.GetActorContainer().GetList().Count); int i = 0; foreach (D3x.Structures.Actor actor in Game.ObjectManager.Storage.GetActorContainer().GetList()) { String tmp = (i++).ToString() + ": "; tmp += System.Text.Encoding.ASCII.GetString(actor.name).TrimEnd(new char[] { (char)0 }); /*try * { * float hp = actor.GetFAG().GetFloat((uint)D3x.Enumerators.ActorAttribute.Hitpoints_Cur); * if (hp > 0) * { * tmp += ", HP: " + hp.ToString(); * } * } * catch (Exception) { }*/ lstActors.Items.Add(tmp); } i = 0; foreach (D3x.Structures.ActorCommonData acd in Game.ObjectManager.Storage.GetActorCommonDataContainer().GetList()) { String tmp = (i++).ToString() + ": "; tmp += acd.GetName(); tmp += " ------ " + Enum.GetName(typeof(D3x.Enumerators.ItemLocation), acd.itemLoc); /*try * { * float hp = actor.GetFAG().GetFloat((uint)D3x.Enumerators.ActorAttribute.Hitpoints_Cur); * if (hp > 0) * { * tmp += ", HP: " + hp.ToString(); * } * } * catch (Exception) { }*/ lstACDs.Items.Add(tmp); } } catch (Exception ex) { throw ex; } }
//finzonetest public ManageMem() { if (WowReader.OpenProcessAndThread(SProcess.GetProcessFromProcessName("Wow"))) { Console.WriteLine("Found and Attached the World of Warcraft Process!"); if (LoadAddresses()) { Console.WriteLine("ok"); } } else { Console.WriteLine("Process not found"); } }
public bool TryToConnect() { try { this.Connection = new BlackMagic(); this.Connection.OpenProcessAndThread(SProcess.GetProcessFromWindowTitle(this.WindowTitle)); if (TryToRefreshObjectManager()) { return(true); } else { return(false); } } catch { return(false); } }
static void Main(string[] args) { NixLite nix = new NixLite(); Console.WriteLine("Press ENTER for start"); Console.ReadLine(); try { if (nix.OpenProcessAndThread(SProcess.GetProcessFromProcessName("NostaleX.dat"))) { Console.WriteLine("Nostale openned"); } } catch (Exception ex) { Console.WriteLine(ex.Message); } }
private static bool InjectDll(IntPtr processHandle, string dllPath) { IntPtr parameterAddress = IntPtr.Zero; try { parameterAddress = SMemory.AllocateMemory(processHandle, dllPath.Length, Win32.MemoryAllocationType.MEM_COMMIT, Win32.MemoryProtectionType.PAGE_READWRITE); byte[] buffer = UTF8Encoding.UTF8.GetBytes(dllPath); bool isMemoryWritten = SMemory.WriteProcessMemory(processHandle, parameterAddress, buffer, buffer.Length + 1); if (!isMemoryWritten) { throw new Exception("WriteProcessMemory failed."); } IntPtr kernel32dllHandle = Imports.GetModuleHandle("kernel32.dll"); IntPtr loadLibraryAddress = SProcess.GetProcAddress(kernel32dllHandle, "LoadLibraryA"); IntPtr remoteThreadHandle = SThread.CreateRemoteThread(processHandle, (uint)loadLibraryAddress, (uint)parameterAddress); if (remoteThreadHandle != IntPtr.Zero) { Imports.WaitForSingleObject(remoteThreadHandle, (uint)WaitValues.INFINITE); Imports.CloseHandle(remoteThreadHandle); return(true); } return(false); } finally { if (parameterAddress != IntPtr.Zero) { SMemory.FreeMemory(processHandle, (uint)parameterAddress); } } }
/// <summary> /// Inject .DLL into program. /// </summary> /// <param name="process">Process handle</param> /// <param name="dllPath">Path to the .DLL file</param> /// <returns>Returns true if function succeed.</returns> public static bool InjectDll(Process process, string dllPath) { if (SProcess.ContainsDll(process, dllPath)) { OnDllInjectErrorEventHandler(0, new InjectorExceptionEventArgs("Dll already injected.", InjectorExceptionType.Notification)); return(false); } IntPtr processHandle = Win32.Imports.OpenProcess( Win32.AccessRights.PROCESS_VM_OPERATION | Win32.AccessRights.PROCESS_VM_READ | Win32.AccessRights.PROCESS_VM_WRITE | Win32.AccessRights.PROCESS_CREATE_THREAD | Win32.AccessRights.PROCESS_QUERY_INFORMATION, false, process.Id); if (processHandle == IntPtr.Zero) { return(false); } try { return(InjectDll(processHandle, dllPath)); } catch (Exception ex) { OnDllInjectErrorEventHandler(0, new InjectorExceptionEventArgs(ex, InjectorExceptionType.Fatal)); return(false); } finally { if (processHandle != IntPtr.Zero) { Win32.Imports.CloseHandle(processHandle); } } }
private void cmdAttach_Click(object sender, EventArgs e) { try { //wowProc = SProcess.GetProcessFromWindowTitle("is1 Fuzixia-Ysera - toontest"); wowProc = SProcess.GetProcessFromWindowTitle("World of Warcraft"); wowApp = Process.GetProcessById(wowProc); /* notwendig für das Finden der Endscene */ wowMem.OpenProcessAndThread(wowProc); wowProcHandle = OpenProcess(PROCESS_WM_READ, false, wowApp.Id); wowProcMod = FindProcessModules.GetProcessModule(wowApp.Id, "wow.exe"); VirtualAllocReturnAddress = FindProcessModules.GetProcessModuleBase(wowApp.Id, "KERNELBASE.dll"); txtDebug.Text += "wowBase: " + wowMem.MainModule.BaseAddress.ToString("X") + "\r\n"; //txtDebug.Text += "Login: "******"X") + "\r\n"; txtDebug.Text += "AllocReturn: " + (VirtualAllocReturnAddress + (uint)MiscOffsets.VirtualAlloc).ToString("X") + "\r\n"; txtDebug.Text += "AllocReturn: " + (VirtualAllocReturnAddress + (uint)MiscOffsets.VirtualAlloc).ToString("X") + "\r\n"; } catch (IndexOutOfRangeException exc) { txtDebug.Text += exc.ToString() + "Kein WoW gefunden"; } tmrCheckLogin.Interval = 2000; if (tmrCheckLogin.Enabled == false && wowMem.IsProcessOpen) { tmrCheckLogin.Start(); cmdAttach.BackColor = Color.FromArgb(200, 200, 0); //txtDebug.Text += "\r\n" + "waiting for login sequence"; } else if (!wowMem.IsProcessOpen) { txtDebug.Text += "\r\n" + "no process found!"; } }
public static Structs.PatternList FindPatternList(Structs.PatternList patternList) { Structs.PatternList newPatternList = new Structs.PatternList(); newPatternList.processName = patternList.processName; uint baseModule = 0; BlackMagic memread = new BlackMagic(); if (memread.OpenProcessAndThread(SProcess.GetProcessFromProcessName(patternList.processName))) { try { // Dump module ProcessModuleCollection modules = Process.GetProcessById(memread.ProcessId).Modules; foreach (ProcessModule o in modules) { Structs.ModuleList m = new Structs.ModuleList(); m.Name = o.ModuleName; m.baseAddressDec = (int)o.BaseAddress; m.baseAddressHex = (o.BaseAddress).ToString("X"); patternList.Modules.Add(m); // Check module base if exist. if (patternList.baseModuleName != "") { if (patternList.baseModuleName.ToLower() == o.ModuleName.ToLower()) { baseModule = (uint)o.BaseAddress; } } } } catch { } foreach (Structs.Pattern p in patternList.Patterns) { try { uint dwCodeLoc = memread.FindPattern(p.pattern, p.mask); uint offset = memread.ReadUInt((uint)((int)dwCodeLoc + p.offsetLocation)); if (offset > 0) { offset = offset - baseModule; dwCodeLoc = dwCodeLoc - baseModule; } if (offset > 0) { // Dump offset p.offset = offset.ToString("X"); p.offsetDec = offset; p.offsetUsedAtDec = (uint)((int)dwCodeLoc + p.offsetLocation); p.offsetUsedAt = ((int)dwCodeLoc + p.offsetLocation).ToString("X"); try { switch (p.type) { case "int64": p.value = Convert.ToString(memread.ReadUInt64(p.offsetDec)); break; case "int": p.value = Convert.ToString(memread.ReadInt(p.offsetDec)); break; case "float": p.value = Convert.ToString(memread.ReadFloat(p.offsetDec)); break; case "string": p.value = Convert.ToString(memread.ReadASCIIString(p.offsetDec, 30)); break; } } catch { p.value = "No Found"; } } else { p.offset = "No Found"; } } catch { p.offset = "No Found"; } newPatternList.Patterns.Add(p); } memread.Close(); } else { MessageBox.Show("Process no found."); } return(patternList); }
public bool IsDiabloRunning() { return(SProcess.GetProcessFromProcessName(PROCESS_NAME) != 0); }
private void button2_Click(object sender, EventArgs e) { if (Utils.IsUserAdministrator()) { Utils.SYSTEM_INFO sys_info = new Utils.SYSTEM_INFO(); Utils.GetSystemInfo(out sys_info); IntPtr proc_min_address = sys_info.minimumApplicationAddress; IntPtr proc_max_address = sys_info.maximumApplicationAddress; long proc_min_address_l = (long)proc_min_address; long proc_max_address_l = (long)proc_max_address; logDebug(String.Format("Min {0} Max {1}", proc_min_address_l, proc_max_address_l)); BlackMagic bm = new BlackMagic(); if (bm.OpenProcessAndThread(SProcess.GetProcessFromProcessName(windowName[0]))) { logDebug("Found"); Utils.MEMORY_BASIC_INFORMATION mem_basic_info = new Utils.MEMORY_BASIC_INFORMATION(); while (proc_min_address_l < proc_max_address_l) { // 28 = sizeof(MEMORY_BASIC_INFORMATION) Utils.VirtualQueryEx(bm.ProcessHandle, proc_min_address, out mem_basic_info, 28); //logDebug(mem_basic_info.ToString()); // if this memory chunk is accessible if ((mem_basic_info.Protect == Utils.PAGE_READWRITE || mem_basic_info.Protect == Utils.PAGE_READONLY) && mem_basic_info.State == Utils.MEM_COMMIT) { //logDebug(String.Format("Addr={0:X8} Size={1}", mem_basic_info.BaseAddress, mem_basic_info.RegionSize)); byte[] buffer = new byte[mem_basic_info.RegionSize]; // read everything in the buffer above buffer = bm.ReadBytes((uint)mem_basic_info.BaseAddress, mem_basic_info.RegionSize); //Utils.ReadProcessMemory((int)bm.ProcessHandle, mem_basic_info.BaseAddress, buffer, mem_basic_info.RegionSize, ref bytesRead); MemoryStream ms = new MemoryStream(buffer); BinaryReader br = new BinaryReader(ms); while (ms.Position != ms.Length) { int data = br.ReadInt32(); if ((data == 18248) || (data == 18622)) { int readData = bm.ReadInt((uint)(mem_basic_info.BaseAddress + ms.Position - 4)); logDebug(String.Format("Found Addr={0:X8} Size={1}", mem_basic_info.BaseAddress + ms.Position - 4, readData)); } } // then output this in the file //for (int i = 0; i < mem_basic_info.RegionSize; i++) // sw.WriteLine("0x{0} : {1}", (mem_basic_info.BaseAddress + i).ToString("X"), (char)buffer[i]); } // move to the next memory chunk proc_min_address_l += mem_basic_info.RegionSize; proc_min_address = new IntPtr(proc_min_address_l); } bm.Close(); logDebug("Done"); } } else { logDebug("Need admin user"); } }