CastSpell Madness

[Sillyboy72]

So... can anybody tell me about the function at 004D0B40?

It seems it is what eventually calls CastSpellById. It is called via both
/cast Foo (which is "allowed") and
/cast CastSpellByName("foo") (which is "not allowed")

Looks like it only takes 1 param, but I will be darned if I can figure out what it is.

The routine I am asking about is the one references in the string table:
.data:00FC9F18 dd offset aCastspellbynam ; "CastSpellByName"
.data:00FC9F1C dd offset subCastSpellByName

I was hoping to walk back out from CastSpellById, and figure out how to call the equiv of /cast Fishing (and maybe /cast Lifebloom someday).

[codyscafe7]

Was wondering the same thing, anyone know?

[hypnodok]

Looks like the lua function CastSpellByName no?
Just call GetSpellIdByName and then CastSpellById, its much simpler than calling a lua function (use wowx for address/pattern reference).

[arigity]

you'd probably be better off re-creating the function then forging a lua commands arguments.

[Sillyboy72]

Rock on brothers. I am now casting spellz like mad :-P

I am inject a single asm block that call getspellidfrom name and castspellfromid, and it works all ubery. Heck, I am typing this as a I fish in the background. so hotness.

So, next problem...

How do I apply a bobber?

[Sillyboy72]

Ack! I take that back... it randomly crashes, like many others who random inject stuff w/o hooking EndScene or similiar.

I noticed it crashed in some critical section related stuff... around 0x004261D0...

Anybody know if there is a critical section i can safely enter at the start of my codez?

[hypnodok]

A possible solution to this might be injecting a native DLL that applies a hook to EndScene and calls your managed code from within EndScene (or completely relaying your code to a native DLL).

[Sillyboy72]

Ya, I need to move that way eventually.

So, for my uber-fisherman, I am looking for two pieces of info:
1) how do add a bauble to my line?
2) how do I stop from going afk!? I just found myself sitting, and still casting.... eeck!

[Nesox]

Ya, I need to move that way eventually.

So, for my uber-fisherman, I am looking for two pieces of info:
1) how do add a bauble to my line?
2) how do I stop from going afk!? I just found myself sitting, and still casting.... eeck!

call InputEvent evry 2~5 minutes to reset the timestamp, that will prevent you from being logged out after 30 minutes, as for afk if you send a ie.

Code:

SendChatMessage("", "AFK");

that would remove the AFK flag, i think you can read if your flagged as afk from the unit_field _flags but the best think would be to patch the function that flags you as afk, bobby explained it to me but havent been able to get it fully working yet, anywayz it shoudnt be too hard

[kynox]

Ack! I take that back... it randomly crashes, like many others who random inject stuff w/o hooking EndScene or similiar.

I noticed it crashed in some critical section related stuff... around 0x004261D0...

Anybody know if there is a critical section i can safely enter at the start of my codez?

Can you please give me the full crashlog?

[Robske]

call InputEvent evry 2~5 minutes to reset the timestamp, that will prevent you from being logged out after 30 minutes, as for afk if you send a ie.

Code:

SendChatMessage("", "AFK");

that would remove the AFK flag, i think you can read if your flagged as afk from the unit_field _flags but the best think would be to patch the function that flags you as afk, bobby explained it to me but havent been able to get it fully working yet, anywayz it shoudnt be too hard

http://www.mmowned.com/forums/wow-me...iding-afk.html

As cypher pointed out, it's sufficient to write an updated timestamp to that particular address. I noticed that I did not reply to that thread (or the forums ate it) so here's some copypasta to make up for it:

codecave = Memory.AllocateMemory();

Memory.Asm.Clear();
Memory.Asm.AddLine("call 0x007CA620");
Memory.Asm.AddLine("retn");

uint _TimeStamp = Memory.Asm.InjectAndExecute(codecave);
Memory.WriteUInt(0x01015220, _TimeStamp);

[Nesox]

http://www.mmowned.com/forums/wow-me...iding-afk.html

As cypher pointed out, it's sufficient to write an updated timestamp to that particular address. I noticed that I did not reply to that thread (or the forums ate it) so here's some copypasta to make up for it:

Oh cheers, must have missed that :yuck: thx for the pasta, evrybody loves copypasta especially Shamun. But i prefer mine with ketchup and a little nutmeg!

EDIT: i think you can call, UseInventoryItem, you would need to figure out the right bagid and slot id and then apply it to the pole.
Im not sure if there's any function that would do that and i dont think calling interact on the pole would work, let me know if you find out how to do it

[Sillyboy72]

Can you please give me the full crashlog?

It was crashing in fairly random places. And I think the critsec was a red herring / hopeless hope. I was using windbg this time... here is the (mostly useless) info I had pasted into notepad:

-- the crashing thread
0:000> k
*** ERROR: Module load completed but symbols could not be loaded for C:\Users\Public\Games\World of Warcraft\WoW.exe
ChildEBP RetAddr
WARNING: Frame IP not in any known module. Following frames may be wrong.
0019fd2c 00438eb3 0xfc49994
0019fd3c 00439822 WoW+0x38eb3
0019fd5c 00439c88 WoW+0x39822
0019fd6c 00443f6c WoW+0x39c88
0019fe38 00427ae9 WoW+0x43f6c
0019fe68 00426429 WoW+0x27ae9
0019fed4 00426501 WoW+0x26429
0019feec 00406ae8 WoW+0x26501
0019ff88 77544911 WoW+0x6ae8

-- the fact that some thread was holding a lock...
0:000> !locks

CritSec WoW+c10828 at 01010828
WaiterWoken No
LockCount 0
RecursionCount 1
OwningThread 1684
EntryCount 0
ContentionCount 0
*** Locked

-- the thread holding the lock
0:025> k
ChildEBP RetAddr
10f2f084 0040d06b kernel32!GetModuleHandleA+0x5
WARNING: Stack unwind information not available. Following frames may be wrong.
10f2f0cc 0040c44d WoW+0xd06b
10f2f0ec 007b0578 WoW+0xc44d
10f2f100 007b05a1 WoW+0x3b0578
10f2f120 007b080b WoW+0x3b05a1
10f2f148 007b086e WoW+0x3b080b
10f2f15c 007b860d WoW+0x3b086e
10f2f18c 007aec5b WoW+0x3b860d
10f2f1d8 007aed04 WoW+0x3aec5b
10f2f1ec 007b0485 WoW+0x3aed04
10f2f258 007b059b WoW+0x3b0485
10f2f274 007b080b WoW+0x3b059b
10f2f29c 007b086e WoW+0x3b080b
10f2f2b0 007b860d WoW+0x3b086e
10f2f2e0 007aec5b WoW+0x3b860d
10f2f32c 007b0595 WoW+0x3aec5b
10f2f344 007b080b WoW+0x3b0595
10f2f36c 007b59fd WoW+0x3b080b
10f2f388 007b5eb9 WoW+0x3b59fd
10f2f39c 007b95fa WoW+0x3b5eb9

But sorry, I don't have anything more than that... and really, the next 5 times it crashes... !locks did not show anything. I also put a breakpoint in castspellid, and tried a !locks... and never held any.

So, ya... all the love happens on the "main thread", so they do no locking there.

Suspending the main thread helped alot (though, I still hit random weird issues... like addons throwing up errors). I gotta get off my butt and get hooked into the main thread, but I am a n00b still