[WoW] 1.12.1.5875 Info Dump Thread

[tutrakan]

Thanks for the pertinent response. Considering that I'm not experienced with directx, i will do some research and will post a feedback soon.

Update: Still I have the same problem: It occurs only when my pet is summoned - the text drawn is visible only when a tooltip is shown at the same time:

Code:

font.DrawString(null, text, x, y, Color.White);

Solved: After dumping the whole device, i realized that it was related to the viewport .

P.S. So, I understand that nobody is interested about vanilla stuff, (or nobody cares about drawing lines in 1.12.1 client) but still: if someone feel needs to do so - set up the VertexFormat = VertexFormat.Position | VertexFormat.Diffuse.

[prospectingemu]

Hey guys i'm playing around with lua atm, anyone know how to register a lua Event (As in create a custom one)?

The plan is to use

Code:

this:RegisterEvent("MY_EVENT_PULSE");

And trigger the event every Xms. Right now I'm doing the reverse (calling the 'pulse' function from my injected code) and really think it would be cleaner / easier if I just extend the wow API for missing funcitons and do everything else in lua

[tutrakan]

What do you guys think for Kronos server? (offtopic/intopic(severe warden bans))

[luckruns0ut]

I have only just started playing it but the fact that the org auction house is full of windrider taxis doesn't give me much hope...

[Saridormi]

What do you guys think for Kronos server? (offtopic/intopic(severe warden bans))

Warden is the same on all private servers that implement it. So far, I think the only modules used are the ones to scan addresses and modules.

None of the private servers have particularly good server side detection, so you probably don't need to do a lot to humanise your bot. No idea about hacks.

[tutrakan]

How the warden scanning for dlls works and how to bypass it?

[Vandra]

You need to hook LoadWardenModule (not sure for 1.12.1 actually)

You have a nice exemple here: http://www.ownedcore.com/forums/worl...tial-code.html ([Howto]Bypassing Warden [theory with partial code])

But i'm not sure about warden back in 1.12

[tutrakan]

The scan function is still the same (i've already detoured it both in asm and with .net delegate), thanks for the link btw.
I was wondering how to prevent the scanning for loaded modules because now there are bans for using SlimDX.dll for example.

[luckruns0ut]

How do you know SlimDX causes it? I really doubt that would trigger Warden, even if they've figured out how to make it use custom modules...

[tutrakan]

How do you know SlimDX causes it? I really doubt that would trigger Warden, even if they've figured out how to make it use custom modules...

That was easy

I am doing research about how to bypass it, but this can take me some time considering it's a learning process for me.

[luckruns0ut]

That seems weird to me, I wonder if they have made a custom module for that or something. I think I remember Namreeb saying it was possible a while ago, but considering that its normal for innocent DirectX stuff to be injected (like Steam Overlay, Fraps etc) I don't think Blizzard's modules would be finding that.

By the way I hook EndScene in c++ by creating a new device and finding the function in the vtable. I think that's the easiest and most common way to do it but I haven't gotten banned for it.

[namreeb]

It is easy to check if a certain module is scanned for by having a list of module names you compare against the hashes you receive from the server. It would look something like this:

Code:

        private static readonly List<string> ModuleNames = new List<string>
                                                           {
                                                               "DLL1", "DLL2"
                                                           };

        private static bool HashRecognized(uint seed, byte[] hash, out string name)
        {
            name = string.Empty;

            foreach (var module in ModuleNames)
            {
                var sha = new SHA1CryptoServiceProvider();

                var bytes = new List<byte>(4 + hash.Length);

                bytes.AddRange(BitConverter.GetBytes(seed));

                var moduleBytes = new byte[module.Length];
                Buffer.BlockCopy(module.ToCharArray(), 0, moduleBytes, 0, moduleBytes.Length);

                bytes.AddRange(moduleBytes);

                var result = sha.ComputeHash(bytes.ToArray(), 0, bytes.Count);

                Logging.Write("Result: {0}", BytesToHexString(result));
                Logging.Write("Hash:   {0}", BytesToHexString(hash));
            }

                                    case CheckCode.ModuleCheck:
                                        {
                                            var seed = reader.ReadUInt32();
                                            var hash = reader.ReadBytes(20);

                                            Logging.Write("ModuleCheck: seed = 0x{0} hash = {1}", seed.ToString("X"),
                                                BytesToHexString(hash));

                                            string moduleName;
                                            if (HashRecognized(seed, hash, out moduleName))
                                            {
                                                
                                            }

                                            break;
                                        }

[tutrakan]

By the way I hook EndScene in c++ by creating a new device and finding the function in the vtable. I think that's the easiest and most common way to do it but I haven't gotten banned for it.

Yeah, for us - the poor users of .net languages are forced to use libraries like slimdx or sharpdx, in order to deal with 3D drawing because the MS managed directx supports only .net 1.1 and 2.0 so far (i wonder if XNA can be used instead for d3d9?).

[luckruns0ut]

There's a post in the screenshot thread where someone is drawing to the game via XNA, so it's possible but I don't know if it's worth doing

[tutrakan]

It is easy to check if a certain module is scanned for by having a list of module names you compare against the hashes you receive from the server. It would look something like this:

Code:

...

I suppose you are detouring 0x006CA5C0, but how do you get CheckCode.ModuleCheck?
Thanks.