private void CreateTrampolineDX()
{
_mTrampolineDX = Memory.AllocateMemory(0x1000);
Console.WriteLine("m_trampoline : " + _mTrampolineDX.ToString("X"));
var fasm = new ManagedFasm(Memory.ProcessHandle);
fasm.SetMemorySize(0x1000);
fasm.SetPassLimit(100);
fasm.AddLine("pushad");
fasm.AddLine("pushfd");
fasm.AddLine("mov eax, [{0}]", _mLocked); // _mLockedDX
fasm.AddLine("@execution:");
fasm.AddLine("mov eax, [{0}]", _mExecuteRequested); // DX
fasm.AddLine("test eax, eax");
fasm.AddLine("je @lockcheck");
/*fasm.AddLine("mov ebx, [{0}]", (Wow.Memory.WowProcess.WowModule + (uint) Addresses.FunctionWow.SpellChecker));
* fasm.AddLine("mov eax, [ebx+" + (uint) Addresses.FunctionWow.SpellCheckerOff1 + "]");
* fasm.AddLine("mov esi, [ebx+" + (uint) Addresses.FunctionWow.SpellCheckerOff2 + "]");
* fasm.AddLine("mov [" + _mSavedAntiban + "], esi");
* fasm.AddLine("mov [ebx+" + (uint) Addresses.FunctionWow.SpellCheckerOff2 + "], eax");*/
fasm.AddLine("call {0}", _mInjectionCode);
fasm.AddLine("mov [" + _mResult + "], eax");
/*fasm.AddLine("mov edx, {0}", (uint) (Wow.Memory.WowProcess.WowModule + (uint) Addresses.FunctionWow.CTMChecker));
* fasm.AddLine("call " + (uint) (Wow.Memory.WowProcess.WowModule + (uint) Addresses.FunctionWow.WoWTextCaller));
* fasm.AddLine("push happilyeverafter");
* fasm.AddLine("push " + (uint) (Wow.Memory.WowProcess.WowModule + (uint) Addresses.FunctionWow.RetFromFunctionBelow));
* fasm.AddLine("jmp " + (uint) (Wow.Memory.WowProcess.WowModule + (uint) Addresses.FunctionWow.CTMChecker2));
* fasm.AddLine("happilyeverafter:");*/
/*fasm.AddLine("mov ebx, [{0}]", (Wow.Memory.WowProcess.WowModule + (uint) Addresses.FunctionWow.SpellChecker));
* fasm.AddLine("mov esi, [" + _mSavedAntiban + "]");
* fasm.AddLine("mov [ebx+" + (uint) Addresses.FunctionWow.SpellCheckerOff2 + "], esi");*/
fasm.AddLine("xor eax, eax");
fasm.AddLine("mov [" + _mExecuteRequested + "], eax"); // DX
fasm.AddLine("@lockcheck:");
fasm.AddLine("mov eax, [{0}]", _mLocked); // DX
fasm.AddLine("test eax, eax");
fasm.AddLine("jne @execution");
fasm.AddLine("push 0");
fasm.AddLine("add esp, 4");
fasm.AddLine("popfd");
fasm.AddLine("popad");
Memory.WriteBytes(_mTrampolineDX, D3D.OriginalBytesDX);
fasm.AddLine("jmp " + (JumpAddressDX + D3D.OriginalBytesDX.Length));
fasm.Inject((uint)(_mTrampolineDX + D3D.OriginalBytesDX.Length));
}
public void DoString(string lua)
{
Thread.Sleep(75);
utf_8 = System.Text.Encoding.UTF8;
lua += '\0';
// Convert a string to utf-8 bytes.
byte[] utf8Bytes = System.Text.Encoding.UTF8.GetBytes(lua);
Memory.WriteBytes(codeCave + 0x1024, utf8Bytes);
// Memory.WriteASCIIString(codeCave + 0x1024, lua+'\0');
// Memory.WriteUnicodeString(codeCave + 0x1024, lua + '\0');
Memory.WriteInt(codeCave + 256, 0xBABABA);
}
/// <summary>
/// Execute the given LUA command inside WoW's MainThread
/// </summary>
/// <param name="command">lua command to run</param>
public static void LuaDoString(string command)
{
AmeisenLogger.Instance.Log(LogLevel.VERBOSE, $"Doing string: Command [{command}]", "AmeisenCore");
uint argCC = BlackMagic.AllocateMemory(Encoding.UTF8.GetBytes(command).Length + 1);
BlackMagic.WriteBytes(argCC, Encoding.UTF8.GetBytes(command));
string[] asm = new string[]
{
$"MOV EAX, {(argCC)}",
"PUSH 0",
"PUSH EAX",
"PUSH EAX",
$"CALL {(Offsets.luaDoString)}",
"ADD ESP, 0xC",
"RETN",
};
HookJob hookJob = new HookJob(asm, false);
AmeisenHook.AddHookJob(ref hookJob);
while (!hookJob.IsFinished)
{
Thread.Sleep(1);
}
AmeisenLogger.Instance.Log(LogLevel.VERBOSE, $"Command returned: Command [{command}]", "AmeisenCore");
BlackMagic.FreeMemory(argCC);
}
/// <summary>
/// Get Localized Text for command
/// </summary>
/// <param name="command">lua command to run</param>
/// <param name="variable">variable to read</param>
/// <returns>localized text for the executed functions return value</returns>
public static string GetLocalizedText(string command, string variable)
{
if (command.Length > 0 && variable.Length > 0)
{
uint argCCCommand = BlackMagic.AllocateMemory(Encoding.UTF8.GetBytes(command).Length + 1);
BlackMagic.WriteBytes(argCCCommand, Encoding.UTF8.GetBytes(command));
string[] asmDoString = new string[]
{
$"MOV EAX, {(argCCCommand) }",
"PUSH 0",
"PUSH EAX",
"PUSH EAX",
$"CALL {(Offsets.luaDoString)}",
"ADD ESP, 0xC",
"RETN",
};
uint argCC = BlackMagic.AllocateMemory(Encoding.UTF8.GetBytes(variable).Length + 1);
BlackMagic.WriteBytes(argCC, Encoding.UTF8.GetBytes(variable));
uint playerBase = BlackMagic.ReadUInt(Offsets.playerBase);
playerBase = BlackMagic.ReadUInt(playerBase + 0x34);
playerBase = BlackMagic.ReadUInt(playerBase + 0x24);
string[] asmLocalText = new string[]
{
$"CALL {(Offsets.clientObjectManagerGetActivePlayerObject)}",
"MOV ECX, EAX",
"PUSH -1",
$"PUSH {(argCC)}",
$"CALL {(Offsets.luaGetLocalizedText)}",
"RETN",
};
HookJob hookJobLocaltext = new HookJob(asmLocalText, true);
ReturnHookJob hookJobDoString = new ReturnHookJob(asmDoString, false, hookJobLocaltext);
AmeisenHook.AddHookJob(ref hookJobDoString);
while (!hookJobDoString.IsFinished || !hookJobDoString.IsFinished)
{
Thread.Sleep(5);
}
string result = Encoding.UTF8.GetString((byte[])hookJobDoString.ReturnValue);
AmeisenLogger.Instance.Log(LogLevel.VERBOSE, "DoString(" + command + "); => " + variable + " = " + result, "AmeisenCore");
BlackMagic.FreeMemory(argCCCommand);
BlackMagic.FreeMemory(argCC);
return(result);
}
return("");
}
public void DisposeHooking()
{
// get D3D9 Endscene Pointer
uint endscene = GetEndScene();
endscene += ENDSCENE_HOOK_OFFSET;
// check if WoW is hooked
if (BlackMagic.ReadByte(endscene) == 0xE9)
{
BlackMagic.WriteBytes(endscene, originalEndscene);
BlackMagic.FreeMemory(codeCave);
BlackMagic.FreeMemory(codeToExecute);
BlackMagic.FreeMemory(codeCaveForInjection);
}
isHooked = false;
hookWorker.Join();
}
private void RemoveHook()
{
d3.WriteBytes(oEndScene, origEndSceneBytes);
}
