[WoW] [6.2.3.20886] Release Info Dump Thread menu

User Tag List

Page 2 of 2 FirstFirst 12
Results 16 to 30 of 30
  1. #16
    lolp1's Avatar Site Donator CoreCoins Purchaser
    Reputation
    190
    Join Date
    Feb 2013
    Posts
    210
    Thanks G/R
    43/77
    Trade Feedback
    3 (100%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Originally Posted by aeo View Post
    Sorry, wont happen again Just figured I'd contributed so it was fair to ask for a little help and save me some time.
    It says right in the rules that the rules in this section are not "one fits all" and just use common sense more-so than other forums here. I think you're okay to assume asking for a simple offset after providing a x64 ida a while back and all major x64 offsets right away every patch is not a big deal.. I think it's to keep "leechers" from spamming too much for stuff like that.

    So this is not total spam..
    Code:
      "CgParty_GetActiveParty": {
        "value": 7774432
      },

    [WoW] [6.2.3.20886] Release Info Dump Thread
  2. #17
    namreeb's Avatar Legendary

    Reputation
    658
    Join Date
    Sep 2008
    Posts
    1,023
    Thanks G/R
    7/215
    Trade Feedback
    0 (0%)
    Mentioned
    8 Post(s)
    Tagged
    0 Thread(s)
    Originally Posted by aeo View Post
    Sorry, wont happen again Just figured I'd contributed so it was fair to ask for a little help and save me some time.
    I wasn't going to call you on it. Then the one post leacher asked the same question. Besides, the layout of CDataStore is generally fairly easy to determine.

  3. #18
    -Ryuk-'s Avatar Elite User CoreCoins Purchaser Authenticator enabled
    Reputation
    529
    Join Date
    Nov 2009
    Posts
    1,028
    Thanks G/R
    38/51
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Warden Scans x64:

    30 minute scan time:
    Code:
    [AntiCheat Shield] New scanned address detected: 6DFCA1 for 5 bytes! ->CanPerformAction
    [AntiCheat Shield] New scanned address detected: 6DFCC9 for 4 bytes! ->CanPerformAction
    [AntiCheat Shield] New scanned address detected: 100038C for 8 bytes! ->WalkClimb Angle
    [AntiCheat Shield] New scanned address detected: 1143E0 for 6 bytes! ->lua_load
    |Leacher:11/2009|Donor:02/2010|Established Member:09/2010|Contributor:09/2010|Elite:08/2013|

  4. #19
    noctural's Avatar Active Member Captain Copypasta CoreCoins Purchaser Authenticator enabled
    Reputation
    26
    Join Date
    Apr 2009
    Posts
    76
    Thanks G/R
    1/3
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Originally Posted by -Ryuk- View Post
    Warden Scans x64:

    30 minute scan time:
    Code:
    [AntiCheat Shield] New scanned address detected: 6DFCA1 for 5 bytes! ->CanPerformAction
    Strange.. I've been detouring CanPerformAction for a few months and not banned yet. I wonder why?

  5. #20
    namreeb's Avatar Legendary

    Reputation
    658
    Join Date
    Sep 2008
    Posts
    1,023
    Thanks G/R
    7/215
    Trade Feedback
    0 (0%)
    Mentioned
    8 Post(s)
    Tagged
    0 Thread(s)
    They will sometimes build a queue of accounts to ban, and do it in a wave.

  6. #21
    -Ryuk-'s Avatar Elite User CoreCoins Purchaser Authenticator enabled
    Reputation
    529
    Join Date
    Nov 2009
    Posts
    1,028
    Thanks G/R
    38/51
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Originally Posted by noctural View Post
    Strange.. I've been detouring CanPerformAction for a few months and not banned yet. I wonder why?

    Did you detour at any of the watched bytes? It you did, your already flagged and they are just waiting to ban you,
    |Leacher:11/2009|Donor:02/2010|Established Member:09/2010|Contributor:09/2010|Elite:08/2013|

  7. #22
    noctural's Avatar Active Member Captain Copypasta CoreCoins Purchaser Authenticator enabled
    Reputation
    26
    Join Date
    Apr 2009
    Posts
    76
    Thanks G/R
    1/3
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Originally Posted by -Ryuk- View Post
    Did you detour at any of the watched bytes? It you did, your already flagged and they are just waiting to ban you,
    Yup, definitely write the first 6 bytes. Well it's been a good run, been using it since 2009. I wonder if I xfer my main toon to another account, if that account will be safe.

  8. #23
    Tambel's Avatar Member
    Reputation
    6
    Join Date
    Nov 2013
    Posts
    36
    Thanks G/R
    5/1
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    What about questcache, guys? I could read rows from cache with "GetQuestCacheRow" and get some quest information, but theres no info after string fields :name, description , etc. In https://wowdev.wiki/QuestCache.wdb or http://www.ownedcore.com/forums/worl...ml#post2474347 (Accessing WDB cache files (QuestCache.wdb)) says that it has more information after string fields, there must be creatures to kill, items to gather, and other objectives. Maybe it has other structure now, or i am doing something wrong?

    Code:
    QuestCache: 0xD7BC28
    GetQuestCacheRow: 0x1D01E8
    UPD:
    If i am not wrong, now its a seperate stucture thats stores info about cretures to kill. I found pointer to one of them at QuestRow+0x2E0C. Pretty far=) quest strings became bigger, than in examples.
    Last edited by Tambel; 03-05-2016 at 03:31 AM.

  9. #24
    WiNiFiX's Avatar Banned
    Reputation
    242
    Join Date
    Jun 2008
    Posts
    447
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Originally Posted by dragonbane24 View Post
    I've been re-writing quite a bit of Lazybot in the past month for a few reasons.
    1) To move it into the x64 bit world.
    2) To optimize some of the worker threads to make them more CPU efficient and respond faster
    3) Fix some of the stuff that hasn't worked in a while. (Duct-tape code in the past few years I had to remove.)
    4) Add some new features and figure out things that I didn't have working right in the past (like druid eclipse states, etc.)
    5) Comment the code properly - just an obsessive compulsive thing.
    It is still a work in progress, but here's my offsets that should be 99% up and running.
    Once I get all the current stuff working better in the 64 bit world, I'll update it for Legion alpha/beta.
    Glad someone has taken on this task, this will be the first x64 opensource bot :P
    Will be great to have in Legion - I find it harder and harder to trust bots using injection.

  10. #25
    lolp1's Avatar Site Donator CoreCoins Purchaser
    Reputation
    190
    Join Date
    Feb 2013
    Posts
    210
    Thanks G/R
    43/77
    Trade Feedback
    3 (100%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Originally Posted by WiNiFiX View Post
    Glad someone has taken on this task, this will be the first x64 opensource bot :P
    Will be great to have in Legion - I find it harder and harder to trust bots using injection.
    I don't see why manually mapping a .dll into a process and only accessing direct memory (such as what lazybot does) is much more of a risk than some external code using readprocessmemory. I would be more concerned with the individual applications actions than if it is 'injected' or not.

  11. #26
    -Ryuk-'s Avatar Elite User CoreCoins Purchaser Authenticator enabled
    Reputation
    529
    Join Date
    Nov 2009
    Posts
    1,028
    Thanks G/R
    38/51
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Originally Posted by WiNiFiX View Post
    Glad someone has taken on this task, this will be the first x64 opensource bot :P
    Will be great to have in Legion - I find it harder and harder to trust bots using injection.

    In reality its a terrible idea, trust me; I have been there. If you want to make a good quality product don't someones code that is years old. By the time you have updated it and fixed it all you have have started from scratch and make a much better product. Not to mention that Lazybot was nowhere near good enough to run correctly.

    Also like lolp1 said, OOP bots are now pointless as blizzard are already detecting them for Hearthstone & Diablo, do you really think they wont do it for wow?
    Your better of injecting, hiding your module the best you can and patching/avoiding their checks.
    |Leacher:11/2009|Donor:02/2010|Established Member:09/2010|Contributor:09/2010|Elite:08/2013|

  12. #27
    WiNiFiX's Avatar Banned
    Reputation
    242
    Join Date
    Jun 2008
    Posts
    447
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I am curios, is blizz only able to detect memory reading (with the new warden in d3 etc..) or are they able to detect bots that read pixels off the screen and send key presses?

  13. #28
    aeo's Avatar Contributor
    Reputation
    126
    Join Date
    Apr 2007
    Posts
    270
    Thanks G/R
    84/62
    Trade Feedback
    7 (100%)
    Mentioned
    2 Post(s)
    Tagged
    0 Thread(s)
    If you open a handle to their process they probably know about it. I have nothing to confirm that but it's generally how antI cheats detect external processes.

  14. #29
    WiNiFiX's Avatar Banned
    Reputation
    242
    Join Date
    Jun 2008
    Posts
    447
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    So basically call your bot "Fraps.exe" or "svchost.exe" etc.. and blizzard will ignore it :P

  15. #30
    -Ryuk-'s Avatar Elite User CoreCoins Purchaser Authenticator enabled
    Reputation
    529
    Join Date
    Nov 2009
    Posts
    1,028
    Thanks G/R
    38/51
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Originally Posted by aeo View Post
    If you open a handle to their process they probably know about it. I have nothing to confirm that but it's generally how antI cheats detect external processes.
    Yeah, I would think so

    Originally Posted by WiNiFiX View Post
    So basically call your bot "Fraps.exe" or "svchost.exe" etc.. and blizzard will ignore it :P

    And no not really, why they COULD just check the exe name/title text, they already have everything they needed to check for a specific hash from your module.
    |Leacher:11/2009|Donor:02/2010|Established Member:09/2010|Contributor:09/2010|Elite:08/2013|

Page 2 of 2 FirstFirst 12

Similar Threads

  1. [WoW] [6.1.0 19678] Release Info Dump Thread
    By aeo in forum WoW Memory Editing
    Replies: 13
    Last Post: 02-27-2015, 09:54 PM
  2. [WoW] [6.0.3 19342] Release Info Dump Thread
    By danwins in forum WoW Memory Editing
    Replies: 19
    Last Post: 02-19-2015, 12:35 PM
  3. [WoW] [6.0.3 19103] Release Info Dump Thread
    By Torpedoes in forum WoW Memory Editing
    Replies: 30
    Last Post: 12-12-2014, 06:27 PM
  4. [WoW] [6.0.3 19243] Release Info Dump Thread
    By drizz in forum WoW Memory Editing
    Replies: 15
    Last Post: 12-12-2014, 05:06 AM
  5. [WoW] [6.0.3 19116] Release Info Dump Thread
    By evil2 in forum WoW Memory Editing
    Replies: 32
    Last Post: 12-03-2014, 09:40 PM
All times are GMT -5. The time now is 06:28 PM. Powered by vBulletin® Version 4.2.3
Copyright © 2024 vBulletin Solutions, Inc. All rights reserved. User Alert System provided by Advanced User Tagging (Pro) - vBulletin Mods & Addons Copyright © 2024 DragonByte Technologies Ltd.
Digital Point modules: Sphinx-based search