I am currently writing my own version of something similar to PQR( loading lua scripts on the fly and executing them). I use DoString/Executbuffer to do so and simply call them from inside my EndScene detour. I'm doing this in c++ so i'm just using detours library and then calling DoString/GetText with the function pointers. I have all of it working. However, I'd like to know from a security stand point how safe this is. From what i have read:
1) im hooking endscene which is safe
2) im not writing any changes to the wow memory.
Given those 2 things id assume I'm safe as long as this stay private. However, I found the following thread a bit concerning:
http://www.ownedcore.com/forums/worl...ion-calls.html (detection of engine function calls)
as you can see kynox states:
You forget two things.
1) Warden already implements a lua scan
Other then the scans for removing the in game protection usage( luaninja) what action does warden take with regards LUA? Also after multiple searches came up empty could warden tell that the function is being called from my dll even though injected into wow? Can you tell its jumping to my DLL and then back to wow? I think i just don't know the correct term to search for more info.
Any help and or Info would be great. I didn't want to clutter up the Memory editing section with a probably simple question for most.
Thanks,
Ace
edit.: just saw wardenmon page if this are indeed the only scans warden executed i believe I'm safe.