Code:
using System;
using System.Collections.Generic;
using System.Text;
using System.Diagnostics;
namespace Wow_Bot
{
classProgram
{
constlong clientConnection = 0x011CA260;
constlong mgrOffset = 0x2864;
constlong s_curMgr = clientConnection + mgrOffset;
staticProcessMemoryReader reader = newProcessMemoryReader();
staticvoid Main(string[] args)
{
Process[] processes = Process.GetProcessesByName("Wow");
reader.ReadProcess = processes[0];
reader.OpenProcess();
string name = "";
long currentIndex = 0x011CA298;
byte currentByte = reader.ReadByte(currentIndex);
while (currentByte != 0)
{
name += (char)currentByte;
currentIndex++;
currentByte = reader.ReadByte(currentIndex);
}
uint curObj, nextObj, localObj = 0;
UInt64 localGUID;
localGUID = reader.ReadUInt64((s_curMgr + 0xC0));
Console.WriteLine("LocalGUID: 0x{0:X016}", localGUID);
curObj = reader.ReadUInt32((s_curMgr + 0xAC));
nextObj = curObj;
while (curObj != 0 && (curObj & 1) == 0)
{
UInt64 cGUID = reader.ReadUInt64((curObj + 0x30));
float X = reader.ReadFloat((curObj + 0x7D0));
float Y = reader.ReadFloat((curObj + 0x7D4));
float Z = reader.ReadFloat((curObj + 0x7D8));
if (cGUID == localGUID)
localObj = curObj;
Console.WriteLine("0x{0:X08} -- GUID: 0x{1:X016} | {2} {3} {4}", curObj, cGUID, X, Y, Z);
nextObj = reader.ReadUInt32((curObj + 0x3C));
if (nextObj == curObj)
break;
else
curObj = nextObj;
}
}
staticvoid FindAddress()
{
DateTime now = DateTime.Now; //used for testing how long it takes to find the tls pointer
System.Diagnostics.Process.EnterDebugMode(); //gives our program debug permissions
//if open process was successful
if (reader.hProcess != IntPtr.Zero)
{
//search for the code pattern that we want (in this case, WoW TLS)
uint tlscode = dwFindPattern(reader.hProcess, 0x410000, 0x400000,
"EB 02 33 00 64 8B 15 2C 00 00 00 8B 0D 00 00 00 00 8B 0C 8A",
"xxx?xxxxxxxxx????xxx");
//read Kynox's g_clientConnection from memory
uint g_clientConnection = reader.ReadUInt32(reader.ReadUInt32((tlscode + 0x16)));
//first, the offset for the curMgr inside g_clientConnection is read,
//then s_curMgr is read from g_clientConnection + that offset (which may change version to version,
//I honestly don't know)
uint s_curMgr = reader.ReadUInt32((g_clientConnection + reader.ReadInt32(tlscode + 0x22)));
//output to console
Console.WriteLine("TLS code: 0x{0:X08}\ng_clientConnection: 0x{1:X08}\ns_curMgr: 0x{2:X08}", tlscode, g_clientConnection, s_curMgr);
}
//tell user how long it took to find and get what we wanted
TimeSpan timer = DateTime.Now.Subtract(now);
Console.WriteLine("\n\nTime taken: {0}ms\n\nPlease press [ENTER] to continue...", timer.Milliseconds);
Console.ReadLine();
}
#region dwFindPattern
//blatantly adapted/copied from dom1n1k :)
staticbool bDataCompare(byte[] data, int index, byte[] pattern, string mask)
{
if (pattern.Length != mask.Length) returnfalse;
for (int i = 0; i < pattern.Length; i++)
if (mask[i] == 'x' && (data[index + i] != pattern[i]))
returnfalse;
returntrue;
}
//blatantly adapted/copied from dom1n1k :)
staticuint dwFindPattern(IntPtr hProcess, uint start, int length, string _pattern, string mask, char delimiter)
{
string[] p = _pattern.Split(delimiter);
byte[] pattern = newbyte[p.Length];
for (int i = 0; i < p.Length; i++)
pattern[i] = Convert.ToByte(p[i], 16);
constint bytestoread = 1024;
int index = 0;
byte[] buf;
if (bytestoread > length)
{
buf = newbyte[length];
reader.ReadMemory(start, ref buf);
for (int i = 0; i < (buf.Length - pattern.Length); i++)
if (bDataCompare(buf, i, pattern, mask))
return (uint)(start + i);
}
else
{
while (index < length)
{
buf = newbyte[bytestoread + pattern.Length];
reader.ReadMemory(start + index, ref buf);
for (int i = 0; i < bytestoread; i++)
if (bDataCompare(buf, i, pattern, mask))
return (uint)(start + index + i);
index += bytestoread;
}
}
returnuint.MaxValue;
}
staticuint dwFindPattern(IntPtr hProcess, uint start, int length, string _pattern, string mask)
{
return dwFindPattern(hProcess, start, length, _pattern, mask, ' ');
}
#endregion
}
}