public void DisposeHooking()
{
try
{
txtDebug.Text += "VirtualAlloc Dispose: " + vaHookPtr + " | " + Memory.ReadByte(vaHookPtr).ToString("X") + "\r\n";
if (Memory.ReadByte(vaHookPtr) == 0xE9) // check if wow is already hooked and dispose Hook
{
// Restore origine VirtualAlloc:
Memory.Asm.Clear();
Memory.Asm.AddLine("retn 10");
Memory.Asm.AddLine("int3");
Memory.Asm.AddLine("int3");
Memory.Asm.AddLine("int3");
Memory.Asm.AddLine("int3");
Memory.Asm.AddLine("int3");
Memory.Asm.Inject(vaHookPtr);
}
// free memory:
Memory.FreeMemory(injected_code);
Memory.FreeMemory(eaxStore);
Memory.FreeMemory(retnInjectionAsm);
}
catch { }
}
public void LuaDoString(string command)
{
int nSize = command.Length + 0x100;
uint codeCave = process.AllocateMemory(nSize);
uint moduleBase = (uint)process.MainModule.BaseAddress;
process.WriteASCIIString(codeCave, command);
process.Asm.Clear();
String[] asm = new String[]
{
"mov eax, " + codeCave,
"push 0",
"push eax",
"push eax",
"mov eax, " + (moduleBase + Offsets.Endscene.Lua_DoStringAddress),
"call eax",
"add esp, 0xC",
"retn",
};
aHook.InjectAndExecute(asm);
process.FreeMemory(codeCave);
}
private void DisposeOfHook()
{
if (!process.IsProcessOpen)
{
throw new Exception("Process is not open");
}
uint baseAddress = (uint)process.MainModule.BaseAddress;
uint pDevice = process.ReadUInt(baseAddress + Offsets.Direct3D.Direct3D9__Device);
uint pEnd = process.ReadUInt(pDevice + Offsets.Direct3D.Direct3D9__Device__OffsetA);
uint pScene = process.ReadUInt(pEnd);
uint pEndScene = process.ReadUInt(pScene + Offsets.Direct3D.Direct3D9__Device__OffsetB);
try
{
if (process.ReadByte(pEndScene) == 0xE9) // check if wow is already hooked and dispose Hook
{
// Restore origine endscene:
process.Asm.Clear();
process.Asm.AddLine("mov edi, edi");
process.Asm.AddLine("push ebp");
process.Asm.AddLine("mov ebp, esp");
process.Asm.Inject(pEndScene);
}
// free memory:
process.FreeMemory(codeCave);
process.FreeMemory(injectionAddress);
process.FreeMemory(returnAddress);
}
catch
{
}
}
public void DisposeHooking()
{
try
{
// Offset:
uint DX_DEVICE = 0xAD773C + baseAdress;
uint DX_DEVICE_IDX = 0x27F8;
uint ENDSCENE_IDX = 0xA8;
// Get address of EndScene:
uint pDevice = Memory.ReadUInt(DX_DEVICE);
uint pEnd = Memory.ReadUInt(pDevice + DX_DEVICE_IDX);
uint pScene = Memory.ReadUInt(pEnd);
uint pEndScene = Memory.ReadUInt(pScene + ENDSCENE_IDX);
if (Memory.ReadByte(pEndScene) == 0xE9) // check if wow is already hooked and dispose Hook
{
// Restore origine endscene:
Memory.Asm.Clear();
Memory.Asm.AddLine("mov edi, edi");
Memory.Asm.AddLine("push ebp");
Memory.Asm.AddLine("mov ebp, esp");
Memory.Asm.Inject(pEndScene);
}
// free memory:
Memory.FreeMemory(injected_code);
Memory.FreeMemory(addresseInjection);
Memory.FreeMemory(retnInjectionAsm);
}
catch { }
}
/// <summary>
/// Target an player/mob usefull for friendly players and bg peps.
/// </summary>
public void Target()
{
try
{
uint CodeLocation = 0x0725AA0;
uint codeCave = Memory.AllocateMemory(0x108);
ThreadManager.suspendMainThread(objectList.getProcessId());
Memory.WriteUInt64(codeCave + 0x100, GUID);
Memory.Asm.Clear();
Memory.Asm.AddLine("MOV EAX,[0x{0}]", (codeCave + 0x100 + 0x4).ToString("X"));
Memory.Asm.AddLine("PUSH EAX");
Memory.Asm.AddLine("MOV EAX,[0x{0}]", (codeCave + 0x100 + 0x0).ToString("X"));
Memory.Asm.AddLine("PUSH EAX");
Memory.Asm.AddLine("CALL 0x{0}", CodeLocation.ToString("X"));
Memory.Asm.AddLine("ADD ESP, 0x08");
Memory.Asm.AddLine("RETN");
Memory.Asm.InjectAndExecute(codeCave);
Memory.FreeMemory(codeCave);
Thread.Sleep(50);
ThreadManager.resumeMainThread(objectList.getProcessId());
objectList.DoString("TargetUnit(\"playertarget\")");
}
catch { };
}
/// <summary>
/// Execute the given LUA command inside WoW's MainThread
/// </summary>
/// <param name="command">lua command to run</param>
public static void LuaDoString(string command)
{
AmeisenLogger.Instance.Log(LogLevel.VERBOSE, $"Doing string: Command [{command}]", "AmeisenCore");
uint argCC = BlackMagic.AllocateMemory(Encoding.UTF8.GetBytes(command).Length + 1);
BlackMagic.WriteBytes(argCC, Encoding.UTF8.GetBytes(command));
string[] asm = new string[]
{
$"MOV EAX, {(argCC)}",
"PUSH 0",
"PUSH EAX",
"PUSH EAX",
$"CALL {(Offsets.luaDoString)}",
"ADD ESP, 0xC",
"RETN",
};
HookJob hookJob = new HookJob(asm, false);
AmeisenHook.AddHookJob(ref hookJob);
while (!hookJob.IsFinished)
{
Thread.Sleep(1);
}
AmeisenLogger.Instance.Log(LogLevel.VERBOSE, $"Command returned: Command [{command}]", "AmeisenCore");
BlackMagic.FreeMemory(argCC);
}
public void Dispose()
{
RemoveHook();
foreach (KeyValuePair <string, Tuple <uint, int> > kvp in allocatedMemory)
{
d3.FreeMemory(kvp.Value.Item1);
}
}
/// <summary>
/// Get Localized Text for command
/// </summary>
/// <param name="command">lua command to run</param>
/// <param name="variable">variable to read</param>
/// <returns>localized text for the executed functions return value</returns>
public static string GetLocalizedText(string command, string variable)
{
if (command.Length > 0 && variable.Length > 0)
{
uint argCCCommand = BlackMagic.AllocateMemory(Encoding.UTF8.GetBytes(command).Length + 1);
BlackMagic.WriteBytes(argCCCommand, Encoding.UTF8.GetBytes(command));
string[] asmDoString = new string[]
{
$"MOV EAX, {(argCCCommand) }",
"PUSH 0",
"PUSH EAX",
"PUSH EAX",
$"CALL {(Offsets.luaDoString)}",
"ADD ESP, 0xC",
"RETN",
};
uint argCC = BlackMagic.AllocateMemory(Encoding.UTF8.GetBytes(variable).Length + 1);
BlackMagic.WriteBytes(argCC, Encoding.UTF8.GetBytes(variable));
uint playerBase = BlackMagic.ReadUInt(Offsets.playerBase);
playerBase = BlackMagic.ReadUInt(playerBase + 0x34);
playerBase = BlackMagic.ReadUInt(playerBase + 0x24);
string[] asmLocalText = new string[]
{
$"CALL {(Offsets.clientObjectManagerGetActivePlayerObject)}",
"MOV ECX, EAX",
"PUSH -1",
$"PUSH {(argCC)}",
$"CALL {(Offsets.luaGetLocalizedText)}",
"RETN",
};
HookJob hookJobLocaltext = new HookJob(asmLocalText, true);
ReturnHookJob hookJobDoString = new ReturnHookJob(asmDoString, false, hookJobLocaltext);
AmeisenHook.AddHookJob(ref hookJobDoString);
while (!hookJobDoString.IsFinished || !hookJobDoString.IsFinished)
{
Thread.Sleep(5);
}
string result = Encoding.UTF8.GetString((byte[])hookJobDoString.ReturnValue);
AmeisenLogger.Instance.Log(LogLevel.VERBOSE, "DoString(" + command + "); => " + variable + " = " + result, "AmeisenCore");
BlackMagic.FreeMemory(argCCCommand);
BlackMagic.FreeMemory(argCC);
return(result);
}
return("");
}
/* public void DoString(string pszString)
* {
* uint s_curMgr = wow.ReadUInt(wow.ReadUInt(CurrMgr_Ptr) + CurrMgr_Offs);
* uint pScript = wow.AllocateMemory(0x1024);
* wow.WriteASCIIString(pScript + 0x1024, pszString);
*
* uint codeCave = wow.AllocateMemory(0x1024);
*
* wow.Asm.Clear();
* wow.Asm.AddLine("FS mov EAX, [0x2C]");
* wow.Asm.AddLine("mov eax, [eax]");
* wow.Asm.AddLine("add eax, 8");
* wow.Asm.AddLine("mov edx, {0}", s_curMgr);
* wow.Asm.AddLine("mov [eax], edx");
*
* wow.Asm.AddLine("mov ecx, {0}", pScript + pszString.Length - 1);
* wow.Asm.AddLine("mov eax, " + pScript);
*
* wow.Asm.AddLine("push ecx");
* wow.Asm.AddLine("push eax");
* wow.Asm.AddLine("push eax");
*
* wow.Asm.AddLine("mov eax, 0x004B32B0");
* wow.Asm.AddLine("call eax");
* wow.Asm.AddLine("add esp, 0xC");
* wow.Asm.AddLine("retn");
*
* wow.Asm.InjectAndExecute(codeCave);
* wow.FreeMemory(codeCave);
*
* return;
* }*/
public void Lua_DoString(string luaString)
{
uint cave = 0;
try
{
wow.SuspendThread(wow.ThreadHandle);
cave = wow.AllocateMemory(0x2048);
wow.WriteASCIIString(cave + 0x1024, luaString);
wow.Asm.Clear();
wow.Asm.AddLine("mov EDX, [0x00BB43F0]");
wow.Asm.AddLine("mov EDX, [EDX+0x00002EB0]");
wow.Asm.AddLine("FS mov EAX, [0x2C]");
wow.Asm.AddLine("mov EAX, [EAX]");
wow.Asm.AddLine("add EAX, 10");
wow.Asm.AddLine("mov [EAX], edx");
wow.Asm.AddLine("push 0");
wow.Asm.AddLine("mov eax, " + (cave + 0x1024));
wow.Asm.AddLine("push eax");
wow.Asm.AddLine("push eax");
wow.Asm.AddLine("call 0x004B32B0");
wow.Asm.AddLine("add esp, 0xC");
wow.Asm.AddLine("retn");
wow.Asm.InjectAndExecute(cave);
wow.ResumeThread(wow.ThreadHandle);
wow.FreeMemory(cave);
wow.Asm.Clear();
}
catch
{
wow.ResumeThread(wow.ThreadHandle);
wow.FreeMemory(cave);
wow.Asm.Clear();
}
}
public void DisposeHooking()
{
// get D3D9 Endscene Pointer
uint endscene = GetEndScene();
endscene += ENDSCENE_HOOK_OFFSET;
// check if WoW is hooked
if (BlackMagic.ReadByte(endscene) == 0xE9)
{
BlackMagic.WriteBytes(endscene, originalEndscene);
BlackMagic.FreeMemory(codeCave);
BlackMagic.FreeMemory(codeToExecute);
BlackMagic.FreeMemory(codeCaveForInjection);
}
isHooked = false;
hookWorker.Join();
}
