Custom memory allocation menu
Follow us:

User Tag List

Results 1 to 1 of 1
  1. 04-08-2015 #1
    provirus's Avatar
    provirus
    provirus is offline
    Member
    Reputation
    3
    Join Date
    Mar 2012
    Posts
    16
    Thanks G/R
    5/2
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Custom memory allocation

    Hello everyone.
    I have read this thread: New 32-bit Detection Method Added and tried to understand the scopes of trusted addresses in HBDetectionPacketHandler, but without success. Then I found a big space at the end of Wow.exe image, filled with zeroes. Googled it, but haven't found reliable information about this segment. My question: is it safe to write to this part of process memory (I mean client crushes)? Thank you.

    Code:
    private class AllocatedMemory : IDisposable
{
	private IntPtr Address;
	private readonly int Length;
	private readonly uint ReferenceProtectionType;
	private const uint PAGE_EXECUTE_READWRITE = 64;
	
	public AllocatedMemory(IntPtr address, int length)
	{
		Address = address;
		Length = length;
		if (!VirtualProtectEx(_wowProcess.Memory.ProcessHandle, address, (UIntPtr) length, PAGE_EXECUTE_READWRITE, out ReferenceProtectionType))
		{
			throw new Exception("Can't change memory protection type, address: 0x" + Address.ToInt32().ToString("X") + ", length: " + length);
		}
	}

	public void Dispose()
	{
		_wowProcess.Memory.WriteBytes(Address, new byte[Length]);
		uint temp;
		if (!VirtualProtectEx(_wowProcess.Memory.ProcessHandle, Address, (UIntPtr)Length, ReferenceProtectionType, out temp))
		{
			throw new Exception("Can't change memory protection type (Dispose()), address: 0x" + Address.ToInt32().ToString("X") + ", length: " + Length);
		}
	}

	public static AllocatedMemory Find(int length)
	{
		byte[] emptyBytes = new byte[length];
		int start = (int)(_wowProcess.Memory.ImageBase + _wowProcess.Memory.Process.MainModule.ModuleMemorySize - 100 - emptyBytes.Length);
		int end = (int)_wowProcess.Memory.ImageBase;
		for (int i = start; i > end; i--)
		{
			byte[] temp = _wowProcess.Memory.ReadBytes((IntPtr) i, emptyBytes.Length);
			if (temp.SequenceEqual(emptyBytes))
			{
				Log.Print("AllocatedMemory: Found address: 0x" + i.ToString("X"));
				return new AllocatedMemory((IntPtr) i, length);
			}
		}
		throw new Exception("AllocatedMemory: can't find memory!");
	}

	[DllImport("kernel32.dll")]
	private static extern bool VirtualProtectEx(SafeMemoryHandle hProcess, IntPtr lpAddress, UIntPtr dwSize, uint flNewProtect, out uint lpflOldProtect);

}
    Reply With Quote Reply With Quote
    Custom memory allocation
« Previous Thread | Next Thread »

Similar Threads

  1. Memory Access Violation when using custom loading screen
    By Aodhann in forum WoW EMU Questions & Requests
    Replies: 5
    Last Post: 04-09-2015, 09:09 AM
  2. mmowned special: custom item names
    By Relz in forum World of Warcraft Guides
    Replies: 58
    Last Post: 09-27-2006, 11:51 PM
  3. How do you find memory offsets in the game?
    By koalaz2004 in forum World of Warcraft General
    Replies: 0
    Last Post: 08-18-2006, 09:40 PM
  4. Custom Computer Build (opinions/comments?)
    By Matt in forum Community Chat
    Replies: 11
    Last Post: 07-23-2006, 12:57 PM
  5. New Custom Model Swapping Fix (1.11 Working)
    By Matt in forum World of Warcraft Exploits
    Replies: 5
    Last Post: 06-23-2006, 06:05 PM
All times are GMT -5. The time now is 08:49 AM. Powered by vBulletin® Version 4.2.3
Copyright © 2024 vBulletin Solutions, Inc. All rights reserved. User Alert System provided by Advanced User Tagging (Pro) - vBulletin Mods & Addons Copyright © 2024 DragonByte Technologies Ltd.
Digital Point modules: Sphinx-based search