[Release / Request] changing client side players name in c++

[macintox]

Here we are, I wrote a small app in c++ that scan the whole wow memory and change a string to another, it works but i have a problem : Scanning the whole memory is Very slow :/, I post the code here if someone has some tips to improve the speed I'll +rep and thanks him

Code:

#include <iostream>
#include <Windows.h>

using namespace std;

//window handles
HANDLE toWin;
HWND tWin = FindWindow(NULL, "World Of Warcraft");

//DWORDs
DWORD pID;
DWORD wTP = GetWindowThreadProcessId(tWin, &pID);
BYTE buf;
char bufx[255]; //to store a string
DWORD memAddr = 0x00400000; //wow memory start
DWORD tmpAddr = 0x00000000;
//ints / longs
int myTime = 1;

void main(void){
  if(tWin != NULL){
		//give us access to the program
		toWin = OpenProcess(PROCESS_ALL_ACCESS, 0, pID);
		char name[255];
		char chg[255];
		//display process ID
		cout << "Process ID: " << pID << endl;
		cout << "Name to search : ";
		cin >> name;
		cout<< "Replace to : ";
		cin >> chg;
		int nbchar = strlen(name);
		int nbchar2= strlen(chg);
		while(memAddr <= 0x23B4C052) // scanning till the end
		{
			for(int i=0;i<nbchar;i++) //to fill bufx with a memory chunck
			{
				tmpAddr=memAddr+i;
				ReadProcessMemory(toWin, (LPVOID)tmpAddr,&buf, 1, NULL);		
				bufx[i]=buf;
			}	
			//cout<<hex<<memAddr<<endl;
			if(strcmp(bufx,name) ==0) //compare the memory with what the user entered
			{
				cout<<"Finded at 0x"<<hex<<memAddr<<", Changing Value to: "<<chg<<endl;
				for(int i=0;i<nbchar2;i++) //change the memory
				{
					tmpAddr=memAddr+i;
					WriteProcessMemory(toWin, (LPVOID)tmpAddr,&chg[i], 1, NULL);					
				}	
			}
			//cout<<hex<<memAddr<<endl;
			memAddr++;
		}
		system("pause");
   }
   else{
      cout << "Window not Found!" << endl;
      system("pause");
   }
}

The code it self works, it replace a string by another

[craby987]

To be honest unless you increase the process priority of the searcher you wont get faster results. If you got really into it you could find out where WoW's data section begins and ends. Starting a search from 00400000 would contain only the code (maybe the PE header. I have to check) and no dynamic data. Otherwise good code!

[macintox]

In T search, doing a search/replace on wow memory is fast, like 30-60 sec, here we need like 15 min maybe instead of storing 1 chunk of memory for each offset, updating the bufx, i ll code that it may divide the duration by 8

[suicidity]

when I get the time later today, I'll post my memory search function for VB, can easily convert it to C# / C++ for ya.

[macintox]

thanks =)

[suicidity]

Take directly from my code:

Code:

    Function scan()
        Dim current As String
        Dim zCompare As String
        Dim data As Byte() = New Byte(255) {}
        Dim zCom As Byte() = New Byte(255) {}
        mem.Peek(gproc, pYLoc, zCom)
        zCompare = System.BitConverter.ToSingle(zCom, 0)
        While found = 0
            mem.Peek(gproc, baseY, data)
            current = System.BitConverter.ToSingle(data, 0)
            If current = zCompare Then
                found = 1
                dYa = baseY
                pBase = baseY - &HBE8
                loggedCheck.Enabled = True
            Else
                If baseY < stopY Then
                    baseY += offset
                Else
                    found = 1
                    log.report("Player Not Found.")
                End If
            End If
        End While
        Return found
    End Function

To show you what this could be in C++: (This will not work)

Code:

Func scan {
  found Integer
  current String
  zComp String
  data Byte
  zCByte Byte
  scanZ Integer = 0x900BE8 // Where it will start scanning, notice the BE8 for the offset of Z that we are scanning for
  stopZ Integer = 0x2F000BE8 // Where it will stop scanning, you can set this lower

  readprocessmemory(Process, 0x0-Static Z Address, zCByte) // Read the Static Z Address and buffer it to zCBye
  zComp = Converter->Single(zCByte, 0)  // Use a converter to convert bytes -> single, YOU DO NOT HAVE TO USE THIS AS IT MAY SLOW SCAN SPEEDS DOWN - I Used it so it was easier debugging for me. IF YOU DO NOT USE THIS, DON'T USE IT BELOW

  While found == 0 { // Use an equivalent to While, I'm using it because of my code above
    readproccessmemory(Process, scanZ, data) // Buffer the current scanZ Address to the Data that we declared
    current == Converter->Single(data, 0)  // Use a converter to compare to before, ONLY USE THIS IF YOU CONVERTED BEFORE.
    if current == zComp {
      found == 1
      // Do your player-base saving here, eg; subtract the 0xBE8 Offset for player base
    } else {
      if scanZ < stopZ {
        scanZ += offset
      } else {
        found = 1
        // If you like Report you didn't find the playerbase, I use Found=1 as a cheap way to stop the function
      }
    }
  }

As I said, it won't compile but it's quick at scanning and if you call it as a function it's nice and tidy.

You should be able to easily code a function from what I have provided you.