[WoW] [3.0.9] [Info] LUA Callbacks

[slcavos]

Here's mine...

Aha! That's got it! Such a silly mistake to miss. I was adding the wrong offset when updating s_curMgr.

Yours:

Code:

bm.Asm.AddLine("add eax, 0x10");

Mine:

Code:

wow.Asm.AddLine("add eax, 8");

Thank you so much, I was sure I was losing my mind. Of course, now that I have gone and made a fool of myself I remember seeing early in 3.1 that the offset had changed.

Regardless +Rep

[Nesox]

Not to resurrect a dead thread, but this is the closest, most recent match to what I am doing. I am currently trying to get simple DoString support in C# using BlackMagic, and have hit a brick wall.

When I invoke the function, it doesn't crash the client, it doesn't throw an exception, but nothing happens. No response whatsoever. Same story with CastSpellById, incidentally. I have double checked the function offsets in IDA to verify the parameters and everything looks ok there. I have all the required DLLs in the executable folder. I have read every LUA thread I could find, and aside from constantly being reminded that I should be using C++ for this, I can't find anything that I might be doing wrong.

Here's what I am using:

Code:

        public static void Lua_DoString(string command)
        {
           // command is something like "DoEmote(\"dance\")"

            wow.Asm.AddLine("fs mov eax, [0x2C]");
            wow.Asm.AddLine("mov eax, [eax]");
            wow.Asm.AddLine("add eax, 0x10");
            wow.Asm.AddLine("mov dword [eax], {0}", s_curMgr);

            wow.Asm.AddLine("mov eax, 0");
            wow.Asm.AddLine("push eax");
            wow.Asm.AddLine("mov eax, {0}", stringcave);
            wow.Asm.AddLine("push eax");
            wow.Asm.AddLine("push eax");
            wow.Asm.AddLine("call {0}", 0x0049AE30);
            wow.Asm.AddLine("add esp, 0xC");
            wow.Asm.AddLine("retn");

            wow.Asm.InjectAndExecute(codecave);
            wow.FreeMemory(codecave);
            wow.FreeMemory(stringcave);
            wow.ResumeThread();
        }

This seems like it should be quite simple and I can't help the nagging feeling that I am missing something obvious. I don't really care about getting return values at this point, just basic commands. If anyone could give my function a looksie, I would really appreciate it.

The tls offset changed to 0x10
and for the last argument, instead of pushing 0 you can try to move it to eax first and then push eax. I think it should work now

[slcavos]

Thanks, Nesox. I knew it was something simple, it just never clicked (even though I read several times that the offset had changed).

By the way, did you ever get that callback registration ported? Just curious if you found that is was feasible / worthwhile to try that in C#.

[Nesox]

Thanks, Nesox. I knew it was something simple, it just never clicked (even though I read several times that the offset had changed).

By the way, did you ever get that callback registration ported? Just curious if you found that is was feasible / worthwhile to try that in C#.

No. Registering a lua function with c# seems like a pain in the ass.
Im writing a lua manager for calling functions and popping values managing the stack by myself

[slcavos]

No. Registering a lua function with c# seems like a pain in the ass.
Im writing a lua manager for calling functions and popping values managing the stack by myself

Oomph. Good luck!

[miceiken]

Ah good to know, not that I was trying to get the value off the stack for 3 hours. Gonna look into it, although my brain refuses to convert C++ to sense.

Until then, my 'loldetour' of the print() function has to be enough. :/

I'd simply LOVE this released

[SKU]

http://www.mmowned.com/forums/wow-me..._dostring.html

outdated and uglier than French. Robske wrote an awesome wrapper, might wanna ask him for a cleaner solution. ( That's what you get for dodging, rob! :P )

[miceiken]

http://www.mmowned.com/forums/wow-me..._dostring.html

outdated and uglier than French. Robske wrote an awesome wrapper, might wanna ask him for a cleaner solution. ( That's what you get for dodging, rob! :P )

Thanks, I'll have a look

[Robske]

http://www.mmowned.com/forums/wow-me..._dostring.html

outdated and uglier than French. Robske wrote an awesome wrapper, might wanna ask him for a cleaner solution. ( That's what you get for dodging, rob! :P )

You... you...

well...

Your mom's french

Windows Live service down dumdedum >.>

[miceiken]

Robske wrote an awesome wrapper, might wanna ask him for a cleaner solution. ( That's what you get for dodging, rob! :P )

Couldn't find his, by listing the threads he made, does anyboy have link for it?

[Robske]

Couldn't find his, by listing the threads he made, does anyboy have link for it?

C:\Documents and Settings\Administrator\My Documents\Visual Studio 2008\Projects\Cynder\Cynder\WoWLua.cs

[Apoc]

C:\Documents and Settings\Administrator\My Documents\Visual Studio 2008\Projects\Cynder\Cynder\WoWLua.cs

I lol'd irl.

[slcavos]

Bumping again... sorry. I am now trying to use some of the callbacks directly.

An IDA search in 3.1.1 has given me (can someone verify?):
UnitCanAttack: 0069F970
UnitReaction: 0069F4C0

Based on some of the posts scattered around, I am trying to call them using BlackMagic with:

Code:

wow.Asm.AddLine("mov ecx, {0}", LocalPlayer.BaseAddress);
wow.Asm.AddLine("push {0}", LocalPlayer.Target.BaseAddress);
wow.Asm.AddLine("call {0}", 0x0069F970);
wow.Asm.AddLine("retn");
result = wow.Asm.InjectAndExecute(codecave);

Pretty straightforward, I thought. When calling either funtion I get the same access violation:

The instruction at "0x00915FE5" referenced memory at "0x0000000C".
The memory could not be "read".

The instruction is always the same but the memory it's trying to access varies from 8 to C. The instruction at that address is "mov eax, [eax+8]". So, apparently I am screwing eax some how.

Any thoughts? Is this something I should even be trying to do?

[jjaa]

Bumping again... sorry. I am now trying to use some of the callbacks directly.

An IDA search in 3.1.1 has given me (can someone verify?):
UnitCanAttack: 0069F970
UnitReaction: 0069F4C0

Based on some of the posts scattered around, I am trying to call them using BlackMagic with:

Code:

wow.Asm.AddLine("mov ecx, {0}", LocalPlayer.BaseAddress);
wow.Asm.AddLine("push {0}", LocalPlayer.Target.BaseAddress);
wow.Asm.AddLine("call {0}", 0x0069F970);
wow.Asm.AddLine("retn");
result = wow.Asm.InjectAndExecute(codecave);

Pretty straightforward, I thought. When calling either funtion I get the same access violation:



The instruction is always the same but the memory it's trying to access varies from 8 to C. The instruction at that address is "mov eax, [eax+8]". So, apparently I am screwing eax some how.

Any thoughts? Is this something I should even be trying to do?

You’re trying call an Lua function and your pushing the wrong arguments....

Some simple googling of lua functions shall inform you how arguments for lua functions are passed.

Simply put lua functions take the lua stack as an argument and use the lua stack to get the passed arguments and return values

This has been covered many times before please just search the forums, and read the rules.

[slcavos]

You’re trying call an Lua function and your pushing the wrong arguments....

Some simple googling of lua functions shall inform you how arguments for lua functions are passed.

Simply put lua functions take the lua stack as an argument and use the lua stack to get the passed arguments and return values

This has been covered many times before please just search the forums, and read the rules.

Yeah, I know.

I am not trying to invoke any lua, but rather call the C callback, so that I can skip the stack altogether. For example: this and this