public bool tryAttach(int dwProcessId) { try { //Lets Open wow for manipulation tempMem.OpenProcessAndThread(dwProcessId); //Lets find the Pattern - Shynd dwCodeLoc = SPattern.FindPattern(tempMem.ProcessHandle, tempMem.MainModule, PatternClientConnection, MaskClientConnection, ' '); //Lets find the s_curMgr g_clientConnection = tempMem.ReadUInt(dwCodeLoc + 0x16); clientConnection = tempMem.ReadUInt(g_clientConnection); curMgrOffset = tempMem.ReadUInt(dwCodeLoc + 0x1C); //Lets find the CurMgr Offset curMgr = tempMem.ReadUInt(clientConnection + curMgrOffset); //clientConnection + CurMgrOffest = Win getDescriptors = new Descriptors(tempMem); localPlayerObject = getObjectByGUID(tempMem.ReadUInt64(curMgr + LocalGuidOffset)); if (XP != -10) { return(true); } } catch { return(false); } return(false); }
/// <summary> /// Try to find the Thread Local Storage, aka WoW must be running /// </summary> public static bool FindTLS() { try { // search for the code pattern that we want (in this case, WoW TLS) TLS = SPattern.FindPattern(process.Handle, process.MainModule, "EB 02 33 C0 8B D 00 00 00 00 64 8B 15 00 00 00 00 8B 34 8A 8B D 00 00 00 00 89 81 00 00 00 00", "xxxxxx????xxx????xxxxx????xx????"); if (TLS == uint.MaxValue) { Debug("char", "Looking for the TLS returned an invalid value"); return(false); } Debug("char", "TLS found"); return(true); } catch (Exception) { Debug("char", "Cannot find the TLS"); return(false); } }
/// <summary> /// Quick and dirty method for finding patterns in the wow executable. /// Note: this is not perfect and should not be relied on, verify results. /// </summary> public uint FindPattern(string pattern, string mask, int add, uint rel) { uint loc = SPattern.FindPattern(wow.ProcessHandle, wow.MainModule, pattern, mask); uint mod = 0; if (add != 0) { mod = wow.ReadUInt((uint)(loc + add)); } Output.Instance.Debug(string.Format("final: 0x{0:X08} + 0x{1:X} + 0x{2:X} = 0x{0:X08}", loc, mod, rel, loc + mod + rel), this); return(loc + mod + rel); }
public MemoryFunctions(int ProcessIdOfWoW) { this.ProcessIdOfWoW = ProcessIdOfWoW; //Lets Open wow for manipulation Memory.OpenProcessAndThread(ProcessIdOfWoW); //Lets find the Pattern - Shynd dwCodeLoc = SPattern.FindPattern(Memory.ProcessHandle, Memory.MainModule, PatternClientConnection, MaskClientConnection, ' '); //Lets find the s_curMgr try { g_clientConnection = Memory.ReadUInt(dwCodeLoc + 0x16); clientConnection = Memory.ReadUInt(g_clientConnection); curMgrOffset = Memory.ReadUInt(dwCodeLoc + 0x1C); //Lets find the CurMgr Offset curMgr = Memory.ReadUInt(clientConnection + curMgrOffset); //clientConnection + CurMgrOffest = Win } catch { } }
public GObjectList(int ProcessIdOfWoW) { bool didit = false; this.ProcessIdOfWoW = ProcessIdOfWoW; while (didit == false) { Memory = new BlackMagic(); //this.form = form; //Lets Open wow for manipulation Memory.OpenProcessAndThread(ProcessIdOfWoW); //Lets find the Pattern - Shynd dwCodeLoc = SPattern.FindPattern(Memory.ProcessHandle, Memory.MainModule, PatternClientConnection, MaskClientConnection, ' '); //Lets find the s_curMgr try { g_clientConnection = Memory.ReadUInt(dwCodeLoc + 0x16); clientConnection = Memory.ReadUInt(g_clientConnection); curMgrOffset = Memory.ReadUInt(dwCodeLoc + 0x1C); //Lets find the CurMgr Offset curMgr = Memory.ReadUInt(clientConnection + curMgrOffset); //clientConnection + CurMgrOffest = Win LocalGUIDVariable = Memory.ReadUInt64(curMgr + LocalGuidOffset); localPlayerObject = getObjectByGUID(LocalGUIDVariable); localPlayer = new GPlayerSelf(this, localPlayerObject); } catch { } Descriptor = new Descriptors(Memory); //Lets start the object refresher objectRefresher = new Refresher(ProcessIdOfWoW); objectRefresher.GameObjectCreated += new EventHandler <GameObjectEventArgs>(addToLists); objectRefresher.GameObjectReleased += new EventHandler <GameObjectEventArgs>(removeFromLists); didit = true; } }
public Rectangle MinimapCoords() { if (this.Process == null) { return(Rectangle.Empty); } string sPattern = "00 6D 6C 64 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 14 00 00 00 E0 0F 4D 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 FF FF FF FF 00 00 00 00 28 03 00 00 1C 00 00 00 2A 04 00 00 22 01 00 00 28 03 00 00 1C 00 00 00 2A 04 00 00 22 01 00 00"; byte[] bPattern = { 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00, 0x28, 0x03, 0x00, 0x00, 0x1C, 0x00, 0x00, 0x00, 0x2A, 0x04, 0x00, 0x00, 0x22, 0x01, 0x00, 0x00, 0x28, 0x03, 0x00, 0x00, 0x1C, 0x00, 0x00, 0x00, 0x2A, 0x04, 0x00, 0x00, 0x22, 0x01, 0x00, 0x00 }; List <uint[]> RegionList = Utilities.MemoryHandling.ReadWriteMemory.getProcessDynamicMemoryRegions(this.Process.ProcessHandle); Comparison <uint[]> comp = delegate(uint[] val1, uint[] val2) { uint center = 0x30000000; uint location1 = val1[0] + val1[1] / 2; uint location2 = val2[0] + val2[1] / 2; if (location1 > center) { location1 = location1 - center; } else { location1 = center - location1; } if (location2 > center) { location2 = location2 - center; } else { location2 = center - location2; } if (location1 == location2) { return(0); } if (location1 > location2) { return(1); } return(-1); }; RegionList.Sort(comp); uint Address = 0; foreach (uint[] region in RegionList) { Address = region[0]; uint OldAddress = Address; do { OldAddress = Address; try { BlackMagic.PatternDataEntry dataentry = new BlackMagic.PatternDataEntry(OldAddress, (int)(region[0] + region[1]) - (int)OldAddress - 1 , this.Process.ReadBytes(OldAddress, (int)(region[0] + region[1]) - (int)OldAddress - 1)); //Address = this.Process.FindPattern(OldAddress, (int)(region[0] + region[1]) - (int) OldAddress - 1, sPattern, "xxxx????????????????xxxx????????????????????xxxxxxxx??xx??xx??xx??xx??xx??xx??xx??xx"); Address = SPattern.FindPattern(dataentry.bData, bPattern, "xxxxxxxx??xx??xx??xx??xx??xx??xx??xx??xx") + OldAddress; } catch { int oops = System.Runtime.InteropServices.Marshal.GetLastWin32Error(); continue; } if (Address != OldAddress) { byte[] temp = this.Process.ReadBytes(Address, 40); if (temp != null && temp[0x08] == temp[0x18] && temp[0x09] == temp[0x19] && temp[0x0c] == temp[0x1c] && temp[0x0d] == temp[0x1d] && temp[0x10] == temp[0x20] && temp[0x11] == temp[0x21] && temp[0x14] == temp[0x24] && temp[0x15] == temp[0x25]) { int Y = (temp[0x0b] << 24) + (temp[0x0a] << 16) + (temp[0x09] << 8) + temp[0x08]; int X = (temp[0x0f] << 24) + (temp[0x0e] << 16) + (temp[0x0d] << 8) + temp[0x0c]; int Y2 = (temp[0x13] << 24) + (temp[0x12] << 16) + (temp[0x11] << 8) + temp[0x10]; int X2 = (temp[0x17] << 24) + (temp[0x16] << 16) + (temp[0x15] << 8) + temp[0x14]; if (Y > 1 && X > 1 && Y < Y2 && X < X2 && X < Y / 10 && X2 < Y2 / 2) { Rectangle ScreenRect = Screen.GetBounds(Point.Empty); if (X > ScreenRect.Left && Y > ScreenRect.Bottom / 3 && X2 < ScreenRect.Right && Y2 < ScreenRect.Bottom) { return(new Rectangle(X, Y, X2 - X, Y2 - Y)); } } } } Address += 40; } while (Address > OldAddress + 40 && Address < (region[0] + region[1]) - 40); } return(Rectangle.Empty); }