LUA restriction patch menu

User Tag List

Results 1 to 10 of 10
  1. #1
    schlumpf's Avatar Retired Noggit Developer

    Reputation
    755
    Join Date
    Nov 2006
    Posts
    2,759
    Thanks G/R
    0/3
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    LUA restriction patch

    Just one short question: Is
    <Pattern desc="Lua_FuncPatch" pattern="\x55\x8B\xEC\x83\xEC\x44\xA1\xFF\xFF\xFF\xFF\x33\xC5\x89\x45\xFC\xA1\xF F\xFF\xFF\xFF\x85\xC0\x8B\x0D" mask="xxxxxxx????xxxxxx????xxxx"/>
    related to the restriction on lua-functions and if yes: How?

    LUA restriction patch
  2. #2
    arigity's Avatar Banned
    Reputation
    49
    Join Date
    Dec 2007
    Posts
    548
    Thanks G/R
    0/0
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    i'm too lazy to check the pattern but i believe that will bring you to 4A35E2h (at least for 3.0.3) which is called by all lua functions. it does a few checks if you can actually call the function. a few quick checks show that before any function is called a static address is set to 0 (for system?) or some empty string address (for not system?)

    you can entirely remove the restriction by patching the syscheck address (12Ea330) at 77DF11 and 77DF86

  3. #3
    schlumpf's Avatar Retired Noggit Developer

    Reputation
    755
    Join Date
    Nov 2006
    Posts
    2,759
    Thanks G/R
    0/3
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    <Pattern desc="Lua_Patch" pattern="\x55\x8B\xEC\x83\x3D\xFF\xFF\xFF\xFF\x00\x8B\x4D" mask="xxxxx????xxx">
    <Add value="12"/>
    </Pattern>

    [22:17:43]: Lua_Patch:4A35E2 - Perfect. Thanks.

  4. #4
    kynox's Avatar Account not activated by Email
    Reputation
    830
    Join Date
    Dec 2006
    Posts
    888
    Thanks G/R
    0/0
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I wouldn't patch that address if i were you (patch further down). In my last Warden log, it was actively scanning that address.

  5. #5
    schlumpf's Avatar Retired Noggit Developer

    Reputation
    755
    Join Date
    Nov 2006
    Posts
    2,759
    Thanks G/R
    0/3
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Mhm. I'm not banned yet. However: Which instruction do you patch?

  6. #6
    kynox's Avatar Account not activated by Email
    Reputation
    830
    Join Date
    Dec 2006
    Posts
    888
    Thanks G/R
    0/0
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Originally Posted by schlumpf View Post
    Mhm. I'm not banned yet. However: Which instruction do you patch?
    I don't

  7. #7
    Xarg0's Avatar Member
    Reputation
    61
    Join Date
    Jan 2008
    Posts
    389
    Thanks G/R
    0/0
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    He's probably in WoW's mainthread, I'd guess he's using an endscene detour
    I hacked 127.0.0.1

  8. #8
    arigity's Avatar Banned
    Reputation
    49
    Join Date
    Dec 2007
    Posts
    548
    Thanks G/R
    0/0
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Originally Posted by arigity View Post
    i'm too lazy to check the pattern but i believe that will bring you to 4A35E2h (at least for 3.0.3) which is called by all lua functions. it does a few checks if you can actually call the function. a few quick checks show that before any function is called a static address is set to 0 (for system?) or some empty string address (for not system?)

    you can entirely remove the restriction by patching the syscheck address (12Ea330) at 77DF11 and 77DF86
    that was a really crappy explanation sorry, i was in a rush.

    you can patch the jump at 4A35E2h to unconditional for the enabling of lua functions or patch 77DF11h and 77DF86H to move 0 into the static address at those locations.

  9. #9
    Cypher's Avatar Kynox's Sister's Pimp
    Reputation
    1356
    Join Date
    Apr 2006
    Posts
    5,368
    Thanks G/R
    0/4
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    You don't want to patch the jump, thats just asking to be banned. If you're going to modify the function you're better off hooking somewhere less 'logical', recreating what you overwrite, then modifying flow from there. Warden only scans very small parts of the function, but the jumps are definitely on that list (or at least one is, I checked in 2.4.3).

    EDIT: Also, you don't actually need to patch anything. As long as you synchronize your threads correctly you can bypass the restriction without constant mods.

  10. #10
    Nesox's Avatar ★ Elder ★
    Reputation
    1280
    Join Date
    Mar 2007
    Posts
    1,238
    Thanks G/R
    0/3
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    or you just change the return value of the protection check so it allways allows the code to be executed

Similar Threads

  1. High experience custom server dev(sql, database, c++, lua, mpq patches and dbc mods)
    By Selvyre in forum World of Warcraft Emulator Servers
    Replies: 5
    Last Post: 08-24-2013, 04:07 AM
  2. [Hack] Disabling Lua Restriction
    By fvicaria in forum WoW Memory Editing
    Replies: 0
    Last Post: 12-29-2011, 12:25 PM
  3. edited .lua to patch? how?
    By Lancex in forum WoW ME Questions and Requests
    Replies: 4
    Last Post: 10-18-2010, 01:31 AM
  4. LUA Portal and Patch 2.4.3
    By edcbabe in forum World of Warcraft Emulator Servers
    Replies: 4
    Last Post: 07-29-2008, 09:33 PM
  5. Replies: 22
    Last Post: 05-29-2008, 03:52 PM
All times are GMT -5. The time now is 10:52 AM. Powered by vBulletin® Version 4.2.3
Copyright © 2024 vBulletin Solutions, Inc. All rights reserved. User Alert System provided by Advanced User Tagging (Pro) - vBulletin Mods & Addons Copyright © 2024 DragonByte Technologies Ltd.
Digital Point modules: Sphinx-based search