Regarding Hacking WOW Catch-all Info-

[ShoniShilent]

I am coming into the WOW game kind of late but have always messed around with games. I have working hacks for bf2 and bf2142 for instance.

I have already created a completely contained program that does nothing more than simulate keypresses which allows my character to attack a creature that respawns in the same place over and over (thus generating XP every 5 to 7 minutes or so which can be left on overnight to generate XP while I am not playing, etc.) all it does is simulate the same keypressed over and over (target enemy with pet which is shift-TAB, send pet to attack shift-F , shoot with certain spells (1-0 keys) etc.) this is just so i could generate XP while not at the game.

however, I'd like to get more into the guts of this game and maybe make something more useful, especially while actually playing or perhaps making a better 'bot' that doesn't just attack the same creature over and over (moves around ,etc.)

with all of that said, maybe some of the senior hackers or those with knowledge can help me with the following questions:

regarding WARDEN:

1) is this built-into the wow.exe? or a .dll that is loaded and runs with it?
2) does it scan the .exe? if so, just at the beginning or over and over while playing?
3) does it scan for anything else? any info appreciated

regarding what can be modified:

1) what is client sided?
2) can spell cooldowns be modified? (for instance you can't use your rez stone as warlock for a bit after you use it)
3) can you speed up spell casting times?
4) can you teleport?

regarding bot making:

1) how would one gather the x,y,z if self as well as other NPC's and your pets? is there a code segment that can be captured for this?
2) same for minerals, etc.?
3) are there any known addresses or pointers (perhaps a link to this) of current version of game for (player x,y,z health current targeted enemy x,y,z health etc.)

regarding what can be used to access the game:

1) can cheat engine or any other memory searchers be safely used? if so how? does the game check for these only at the beginning when it launches?

2) can ollydbg be safely used? if so is there a specific way to use it?

3) can breakpoints be used? if so just hardware only?


alot of questions there. i hope i get some feedback. i will try to be active in these forums as i venture forth with this-

[Xarg0]

You can use ollydbg safely and you can use any type of breakpoint, if you like to extract a lot of information out of wow you should take a look at Knyox WoWObjectDumper, it uses WoWs TLS to get the pointer to the ObjectManager of WoW.
You can also use a modified CheatEngine or TSearch.

And what I know about Warden is, that it looks for know hacks or known editings of the wow memory space, ofcourse it doesn't Protect the hole memory region of WoW, it's also been said to check for certain function hooks especially Detour functions hooks, you just shouldn't use detour unless you do something to prevent Warden from detecting it.

You can do as much inprocess stuff as you want, after logging into wow, because they do a version check every logging with some sort of hash function to make shure your wow isn't Changed in any way.

[kynox]

Wall of text inc

1) is this built-into the wow.exe? or a .dll that is loaded and runs with it?
Downloaded and allocated into memory each time you select a realm

2) does it scan the .exe? if so, just at the beginning or over and over while playing?
Every 15 seconds at very most

3) does it scan for anything else? any info appreciated
Module name hashes, signature scans, and possibly window name/process's. (I think the windowname/process scan was removed)

regarding what can be modified:

1) what is client sided?
Jump Height, Speed, etc
2) can spell cooldowns be modified? (for instance you can't use your rez stone as warlock for a bit after you use it)
No
3) can you speed up spell casting times?
No
4) can you teleport?
Yes, but no i can't tell you how

regarding bot making:

1) how would one gather the x,y,z if self as well as other NPC's and your pets? is there a code segment that can be captured for this?
Have a look at my Object Dumper in the Memory Editing forum

2) same for minerals, etc.?
Yes

3) are there any known addresses or pointers (perhaps a link to this) of current version of game for (player x,y,z health current targeted enemy x,y,z health etc.)
If you do a quick search for WoW Framework you'll find a framework i released, which allows you to read such values.

regarding what can be used to access the game:

1) can cheat engine or any other memory searchers be safely used? if so how? does the game check for these only at the beginning when it launches?
As far as i know, you need a hidden cheat engine. I don't use it.

2) can ollydbg be safely used? if so is there a specific way to use it?
Yes, although having a stealth plugin wouldn't hurt

3) can breakpoints be used? if so just hardware only?
Yes, depending on where you place them. Warden scans some functions which are publicly hooked

[KOS0937]

[QUOTE=ShoniShilent;827084]
regarding WARDEN:

2) does it scan the .exe? if so, just at the beginning or over and over while playing?
a CRC check at the beginnen... don't think they will check again while you are playing, though the might in a later version of warden...
3) does it scan for anything else? any info appreciated
all running processes, some folders of your hdd, repeating key-patterns.... the thing is, that noone really knows what it does...[/b]


regarding what can be modified:

1) what is client sided?
Position and movement / colission. SO you can teleport, speedhack and no-clip-hack. Nothing more.
2) can spell cooldowns be modified?
no
3) can you speed up spell casting times?
no
4) can you teleport?
yes

regarding bot making:

1) how would one gather the x,y,z if self as well as other NPC's and your pets? is there a code segment that can be captured for this?
search for TLS or check out the "mob struct" thread in this forum where i've posted a lot of useful beginners knowledge
2) same for minerals, etc.?
a bit harder, but see 1)
3) are there any known addresses or pointers (perhaps a link to this) of current version of game for (player x,y,z health current targeted enemy x,y,z health etc.)
search the forum... not too hard to find if you check out the topmost 10 threads oO (mob struct thread for example ^^)

[ShoniShilent]

regarding the teleport, i think i read somewhere if you modify the x,y,z values then the game disconnects. is this true?

thanks for the posts. i have alot done already regarding setting up and gettting the pID and the handle. i am sure i will have more questions.

very helpful forum here! any more that people want to add is great!

[KOS0937]

if you change the x,y,z values by more than your walk-speed + 4% it will disc you... as soon as you start walking again. Just changing it, looking around and changing it back (within like 20 seks) will not disc you.

[Sychotix]

if you change the x,y,z values by more than your walk-speed + 4% it will disc you... as soon as you start walking again. Just changing it, looking around and changing it back (within like 20 seks) will not disc you.

nothing loads cept the client side stuff if you dont update your position with the server.

[ShoniShilent]

if you change the x,y,z values by more than your walk-speed + 4% it will disc you... as soon as you start walking again. Just changing it, looking around and changing it back (within like 20 seks) will not disc you.

this seems to be incorrect. i saved my coords, teleported (which worked) waited a few seconds (and did not move at all), and then teleported back to same original coordinates. the game disconnected immediately-

i am using warlock with voidwalker pet-

[KOS0937]

well, the point was: you can't code a teleport-hack simply by changing the x/y/z coords, even though you won't get a dc the instant you change the coords

[Xarg0]

Well, there is a way to teleport, it has got something to do with a fake lagg but I don't exactly know what you need to do to teleport.
Yet I think there is a way of doing it, record your packets while doing a lagg teleport with netlimiter, then try to find out why you didn't got dc'ed -> Profit

[Demonshade]

X and Y have a protection on them. The server checks and if its too far off then you will get disconnected. The Z value can be changed freely but any movement on the x and y axis after this will result in a disconnection (meaning you must jump before doing anything after modifying this value). After modifying the Z and taking off a buff the buff remains there till a loading screen if i remember correctly (atleast mount speed does). In regards to teleportation, kynox and his friend, the developer of WoWInfinity have successfully achieved teleportation and this is kept private and is unreleased so far. These are two things i know of teleportation (they may be wrong): Kynox's and Unknowned's teleportation uses the same method as the program posted in the thread http://www.mmowned.com/forums/bots-p...ters-only.html. It uses a series of smaller teleporations. Also, i know from chazz that there is a certain amount of movement done in a certain amount of frames (i think XD) and this value has to be changed in order to achieve teleportation (This value is held in the memory somewhere).

[ShoniShilent]

well i tried just the z axis. even though you are apparently far higher than the enemies below, they still can attack you. so the fact that you have moved your camera position higher doesn't matter. the enemies can still strike you even though your body is supposedly higher up. my guess is that there is more than one location that has to be modified to truly 'move' the character.

i could teleport way up and then teleport back to same exact location and there was no disconnect. however, the server x,y,z remained the same or there is some other x,y,z that truly holds the position because i could still be attacked even though i supposedly wasn't below-

[KOS0937]

only changing the x/y/z coords will not update those values on the server. So to have the server-sided values changed you must either call the corresponding function to send the packets or you must move your character yourself (pressing asdw / space ).
Though of course the server will then check the values for their credibility....

[ShoniShilent]

only changing the x/y/z coords will not update those values on the server. So to have the server-sided values changed you must either call the corresponding function to send the packets or you must move your character yourself (pressing asdw / space ).
Though of course the server will then check the values for their credibility....

thanks for the info! sadly i think that teleportation is not possible with the method i am using for now-



also, i saw this posted elsewhere:


Speedhack Forwards:
[00E8AA38]+0xC70

Speedhack Backwards:
[00E8AA38]+0xC74

Speedhack Swimming:
[00E8AA38]+0xC78

Speedhack Flying:
[00E8AA38]+0xC80

X Coord:
[00E8AA38]+0xBF4

Y Coord:
[00E8AA38]+0xBF0

Z Coord:
[00E8AA38]+0xBF8

Facing Direction:
[00E8AA38]+0xBFC

Movement State:
[00E8AA38]+0xC23

Movement State 2: (mostly useful on P-Servers since setting to -1 or -2 results in walking up stairs)
[00E8AA38]+0xC20

Tilt Forward:
[00E8AA38]+0xC08

Tilt Backward:
[00E8AA38]+0xC04



this is what i am using to collect my x,y,z

X Coord:
[00E8AA38]+0xBF4

Y Coord:
[00E8AA38]+0xBF0

Z Coord:
[00E8AA38]+0xBF8


where is the values for healh/mana, etc.? will be hard to do bot without that data. i see no listing for that on the forums that corresponds to the same base+offset as this list (which DOES work)

for instance max health = [00E8AA38]+ ??? (offset)

same for current health, current mana, etc.

still trying to also find a method to list all the objects/enemies around me-

[Demonshade]

well i tried just the z axis. even though you are apparently far higher than the enemies below, they still can attack you. so the fact that you have moved your camera position higher doesn't matter. the enemies can still strike you even though your body is supposedly higher up. my guess is that there is more than one location that has to be modified to truly 'move' the character.

This is a sort of protection implemented by blizzard where the npc's dont care which altitude you are at, it works on other players though so it can come in handy in pvp.