[Release]WoW 2.4.1 Addresses

**unknow2k** · 04-06-2008

1. login wow
2. use memory editor ( CE or etc...) goto address and replace code:

0054fecf c2,04,00,cc,cc,cc -> c6,07,39,c2,04,00

3. back to wow , in chat input box , type :

/console SET CombatLogRangeHostilePlayers "49"

/console SET CombatLogRangeCreature "49"

/console SET targetNearestDistance "49"

/console SET targetNearestDistanceRadius "49"

4. hack active!! max range -> 99 ft

**Forb1d** · 04-06-2008

Good stuff, I got mine working.

**deadca7** · 04-07-2008

Originally Posted by unknow2k

code address:

005a8bad test eax,edx

eax:

Nothing: 0
Beasts: 1
Dragonkin: 2
Demons: 4
Elementals: 8
Giants: 16
Undead: 32
Humanoids: 64
Misc: 132
Everything: 255

you can modify code -> test edx,edx

to Everything

Hex Edit: 005a8bad 85,c2 -> 85,d2

Could someone explain how to do this ?

**Sychotix** · 04-07-2008

he is giving you two options (i think). Change the EAX register to the value that you want or change the asm to test edx,edx (basicly return true)

**kynox** · 04-08-2008

FYI guys, any of the offsets in the following list are UNSAFE and you will be banned if modified. http://kynox.gamedeception.net/WardenLog.txt

**Sychotix** · 04-08-2008

lol are you sure you will get banned? is it a CRC or does it just check for any memory writing to it? If its just a check for memory writing to it, then that is easily bypassed with the program i use but if its a CRC, not much we can do unless we bypass Warden.

**kynox** · 04-08-2008

It reads the bytes and then sends it back to the server for verification. A simple way to bypass it is just to remove any hooks, call the scan function and then re apply your hooks.

**Sychotix** · 04-09-2008

yeah you used to be able to do the same thing with GameGuard (hooking Read Process Memory) but i never learned how to do that stuff >_<

**kynox** · 04-09-2008

Warden is run under WoW.exe's main thread, so it doesn't need to use ReadProcessMemory to read memory, it just uses the REP opcode which reads directly from memory.

**Ermok** · 04-09-2008

Originally Posted by kynox

Warden is run under WoW.exe's main thread, so it doesn't need to use ReadProcessMemory to read memory, it just uses the REP opcode which reads directly from memory.

So bassicly.. wardem has priority to access wow.exe which means it is faster at checking your memory write...? in which it can boot you off and tell wow.exe what to do?

**Sychotix** · 04-09-2008

im guessing that REP means Read Entry Point? (or something like that) maybe you could allocate memory and have it thing that the begining of the allocation is the correct memory (since you cant simply tell it to read a .cem since its not an external program like GG)... If this is possible, i would think that it would be heavy on the CPU usage though. I'ma ask a good friend of mine about how we might go about bypassing warden.

**kynox** · 04-09-2008

No, it looks like this REP MOVS DWORD PTR ES:[EDI],DWORD PTR DS:[ESI]. It copies ECX DWORD's from ESI into EDI.

The function itself is very easy to find, just set a memory on access BP on the SendChatMessage function, its one of its scanned functions.

From here you can easily make a bypass like i have. Just look for a certain pattern of API and you should be fine!.

**~~Manky~~** · 04-10-2008

the speed hacks dont work for me?

**Sychotix** · 04-10-2008

it works just fine. All of them.

**Anic** · 04-10-2008

good job

Shout-Out

User Tag List

Thread: [Release]WoW 2.4.1 Addresses

Thread Tools

Search Thread

Target/Range Hack for 2.4.1

Similar Threads

[Release]WoW 2.4 Addresses

(Best release) WoW Together!!|Instant 70 Fun server!|Vendors!|Blizz-like!|

RELEASE: WoW 2.2.3 Mountain Climb Trainer(V3) (CE)

RELEASE: WoW 2.2.0 Mountain Climb Trainer(V2) (CE)

OwnedCore Forums

casino

CoreCoins

My OwnedCore

About Us

Casino