public RemoteLoLReplays(String region) { if (!_leagueClientMemoryEditor.SetModule("rcp-be-lol-replays.dll")) { return; } uint off; //getDownloadUrl String: _leagueClientMemoryEditor.FindPattern(@"\x67\x65\x74\x44\x6F\x77\x6E\x6C\x6F\x61\x64\x55\x72\x6C", "xxxxxxxxxxxxxx", out off); byte[] offB = BitConverter.GetBytes(off); offB.Reverse(); //Find the Push getDownloadUrl: _leagueClientMemoryEditor.FindPattern(String.Format(@"\x68\x{0}\x{1}\x{2}\x{3}", offB[0].ToString("X2"), offB[1].ToString("X2"), offB[2].ToString("X2"), offB[3].ToString("X2")), "xxxxx", out off); //Scan Backwards to find the start of the call _leagueClientMemoryEditor.FindPatternReverse(@"\x55\x8b\xEC\x6A\xFF", "xxxxx", (IntPtr)off, out off); //Store the Call _functionAddress = off; //Scan Memory for Where a vtable is located which points to the function offB = BitConverter.GetBytes(_functionAddress); _leagueClientMemoryEditor.FindPattern(String.Format(@"\x{0}\x{1}\x{2}\x{3}", offB[0].ToString("X2"), offB[1].ToString("X2"), offB[2].ToString("X2"), offB[3].ToString("X2")), "xxxx", out off); //Find the base of the vtable, its currently -0xc, not hard code it? off -= 0xC; offB = BitConverter.GetBytes(off); offB.Reverse(); //Find the Class, Its always got the function we call in its vtable, 8 unknown bytes then the region of the player _leagueClientMemoryEditor.ScanAllModules(String.Format(@"\x{0}\x{1}\x{2}\x{3}\x00\x00\x00\x00\x00\x00\x00\x00" + GetRegionPattern(region), offB[0].ToString("X2"), offB[1].ToString("X2"), offB[2].ToString("X2"), offB[3].ToString("X2")), "xxxx????????" + new String('x', region.Length), out off); _classAddress = off; Enabled = true; }
private static void FindGame() { while (true) { switch (ThreadState) { case State.FindGame: string error; FindGameResult result = MemoryEditor.FindGame("League of Legends (TM) Client", out error); //MemoryEditor.Context context = MemoryEditor.GetThreadContext(); if (result == FindGameResult.GameFound) { ThreadState = State.LoadWads; } break; case State.LoadWads: uint addr; if (MemoryEditor.FindPattern(@"\xE8\x00\x00\x00\x00\x8B\x4C\x24\x2C\x8A\xD8\x85\xC9", "x????xxxxxxxx", out addr)) { uint thisFunc; MemoryEditor.FindPatternReverse(@"\x81\xEC\x3C\x01\x00\x00\xA1", "xxxxxxx", (IntPtr)addr, out thisFunc); uint ECDSA; MemoryEditor.FindPattern(@"\xE8\x00\x00\x00\x00\x84\xC0\x75\x34\x8D\x84\x24\x00\x00\x00\x00", @"x????xxxxxxx????", out ECDSA); int offset; MemoryEditor.ReadInt((IntPtr)ECDSA + 1, out offset); ECDSA = (uint)(ECDSA + offset + 5); int callOffset = (int)addr - (int)thisFunc; MemoryEditor.ReadInt((IntPtr)addr + 1, out offset); addr = (uint)(addr + offset + 5); LoadWadFiles((IntPtr)thisFunc, callOffset, (IntPtr)addr, (IntPtr)ECDSA); ThreadState = State.WaitForNewGame; } break; } Thread.Sleep(1); } }