First post. Not strictly related to memory editing in the client but probably relevant enough to be in this section.
Has anyone looked in to coding something to masquerade as the phone-based clients? Search doesn't yield much, but I'm sure I'm not the only one that has thought about it.
Decompiling the Android Armory app yields some fairly readable sources, but it's a huge project. If someone has some hints about it it would make things a lot easier. Decompiled "source" is attached for the curious. Unsurprisingly com.blizzard is where most of the action is happening. Here are some scattered notes of interesting sections. They are in no way comprehensive but might help in jump-starting exploration of the sources.
com.blizzard.wow.service.ArmoryService seems to indicate we're connecting on port 8743 (line 367) on whatever server is used for our region (us.battle.net, eu.battle.net, et. al.) This port is accepting connections on those servers. InitSession() (line 409) stores some info about the device.
com.blizzard.wow.net.session.Session seems to handle the actual connection and has some relevant challenge/response stuff.
Things under com.blizzard.wow.service.auction are all related to remote auction house stuff, appear to define the actual binary protocol handling the exchanges. (Noteworthy since remote auction house is a potentially interesting route to automation.)
com.blizzard.wow.app.page seem to hold the logically segmented subpages of the app (auction.CreateAuctionPage, chat.ChatConversationPage, etc.) and they appear to use an HTTP-like request system. Request() is in com.blizzard.wow.net.message.Request along with com.blizzard.wow.net.message.Response and appears to maybe store messages to be send by another part of the code. There is a queueRequest() function declared as abstract in com.blizzard.wow.net.protocol.ProtocolConnection and this and the related functions appear to all be defined in com.blizzard.wow.net.protocol.binary and they seem to implement that but I haven't explored the source thoroughly enough to be sure how things tie together.
Some other odds and ends too. com.blizzard.bma.service handles auth token stuff (Blizzard Mobile Authenticator) and com.blizzard.security.srp handles Blizzards implementation of SRP, which apparently does auth and session stuff in a manner somewhat similar to the DH key exchange and session key used in SSH. Good jumping off point about that is available here. There's also of course a lot of code dedicated to drawing etc. which is pretty dull and not really worth exploring or describing.
Interested in any insight or commentary the community might have on the analysis and potential emulation of the mobile client.