DoString Trouble

**kynox** · 06-15-2009

Originally Posted by Cypher

I think Kynox forgot to take his brain medicine today.

His post was ambiguous (and retarded). Either way, like i told you, both comments are valid.

**tanis2000** · 06-15-2009

I've found a nice hole (actually it's full of holes thx to alignment stuff) and I've put my nice far jmp/call into that place (aka FF 15 xx xx xx xx).

I've checked with IDA and I see that everything is fine and the opcodes get written there.

I call my newly registered LUA function but BOOM! Access violation. When the call to my function gets fired, it looks like the code in my DLL is somewhat protected from reading.

**kynox** · 06-15-2009

No.. a FF 15 is a call. You want to put a jump. Your code is returning back and hitting the alignment code.

**tanis2000** · 06-15-2009

Originally Posted by kynox

No.. a FF 15 is a call. You want to put a jump. Your code is returning back and hitting the alignment code.

True. But even EA is not working. But it's damn weird.. it's like my jmp seg

ff is actually trying to access 0xFFFFFFFF .. but looking at the disassembled stuff in IDA it actually points to a seemigly valid piece of code.. unless that piece of code is being written by IDA itself to place breakpoints.. which I'm not sure about. I'l have a look at this later today..

**tanis2000** · 06-16-2009

I've done some progress on this.. but still ..

I've gone with the 5 bytes near jump technique.. thus EA xx xx xx xx where xx is the difference between MyRealCode - Codehole - 5.

In face I can see the jmp to my delegate and from there it calls some stuff that I guess are part of the CLR and then I loose track of what's going on.

Anyway, when calling my function with /script within wow I get the following error:

Code:

==============================================================================
World of WarCraft (build 9947)

Exe:      C:\Games\World of Warcraft\Wow.exe
Time:     Jun 16, 2009  3:26:50.391 PM
------------------------------------------------------------------------------

This application has encountered a critical error:

ERROR #132 (0x85100084) Fatal Exception
Program:	C:\Games\World of Warcraft\Wow.exe
Exception:	0xC0000005 (ACCESS_VIOLATION) at 001B:000001D0

The instruction at "0x000001D0" referenced memory at "0x000001D0".
The memory could not be "read".


WoWBuild: 9947
Total lua memory: 9630KB
Add Ons: 
Settings: 
SET locale "enGB"
SET hwDetect "0"
SET gxResolution "1440x900"
SET gxRefresh "60"
SET gxMultisampleQuality "0.000000"
SET gxFixLag "0"
SET fullAlpha "1"
SET SmallCull "0.040000"
SET DistCull "500.000000"
SET trilinear "1"
SET frillDensity "32"
SET farclip "177"
SET pixelShaders "1"
SET particleDensity "0.10000000149012"
SET unitDrawDist "300.000000"
SET movie "0"
SET realmList "eu.logon.worldofwarcraft.com"
SET gxMultisample "6"
SET anisotropic "16"
SET M2UsePixelShaders "1"
SET Gamma "1.000000"
SET readTOS "1"
SET readEULA "1"
SET SoundVolume "1"
SET MasterVolume "1"
SET realmName "Terokkar"
SET gameTip "61"
SET AmbienceVolume "0.60000002384186"
SET uiScale "0.81000000238419"
SET mouseSpeed "1"
SET UnitNamePlayer "0"
SET readScanning "-1"
SET readContest "-1"
SET gxVSync "0"
SET MusicVolume "0.40000000596046"
SET EnableMusic "0"
SET EmoteSounds "0"
SET SoundListenerAtCharacter "0"
SET EnableErrorSpeech "0"
SET CombatLogRangeCreature "150"
SET CombatDeathLogRange "150"
SET showToolsUI "1"
SET patchlist "eu.version.worldofwarcraft.com"
SET DesktopGamma "1"
SET coresDetected "2"
SET readTerminationWithoutNotice "1"
SET Sound_VoiceChatInputDriverName "System Default"
SET Sound_VoiceChatOutputDriverName "Realtek HD Audio output"
SET Sound_OutputDriverName "Realtek HD Audio output"
SET videoOptionsVersion "2"
SET ChatMusicVolume "0.29999998211861"
SET ChatSoundVolume "0.39999997615814"
SET ChatAmbienceVolume "0.29999998211861"
SET groundEffectDist "70"
SET OutboundChatVolume "1"
SET InboundChatVolume "1"
SET VoiceActivationSensitivity "0.39999997615814"
SET Sound_VoiceChatOutputDriverIndex "1"
SET Sound_OutputDriverIndex "1"
SET showPartyDebuffs "0"
SET Sound_MasterVolume "1"
SET Sound_SFXVolume "1"
SET Sound_MusicVolume "0.40000000596046"
SET Sound_AmbienceVolume "0.60000002384186"
SET gxWindow "1"
SET installType "Retail"
SET portal "eu"
SET baseMip "1"
SET textureFilteringMode "0"
SET spellEffectLevel "0"
SET environmentDetail "0.5"
SET weatherDensity "0"
SET ffxGlow "0"
SET ffxDeath "0"
SET accounttype "RT"
SET projectedTextures "1"
SET checkAddonVersion "0"
------------------------------------------------------------------------------

----------------------------------------
    x86 Registers
----------------------------------------

EAX=00000001  EBX=0019FA40  ECX=00000000  EDX=10C08BC0  ESI=09A166A8
EDI=10C08BC0  EBP=00925F2A  ESP=0019F9C0  EIP=000001D0  FLG=00210206
CS =001B      DS =0023      ES =0023      SS =0023      FS =003B      GS =0000


----------------------------------------
    Stack Trace (Manual)
----------------------------------------

Address  Frame    Logical addr  Module

Showing 33/33 threads...

--- Thread ID: 5276 [Current Thread] ---
000001D0 00925F2A 0000:00000000 C:\Games\World of Warcraft\Wow.exe

--- Thread ID: 2880 ---
77F68631 029CFFB4 0001:00027631 C:\WINDOWS\system32\ADVAPI32.dll
7C80B729 029CFFEC 0001:0000A729 C:\WINDOWS\system32\kernel32.dll

--- Thread ID: 2672 ---
7C802455 02A3FF4C 0001:00001455 C:\WINDOWS\system32\kernel32.dll
004245E4 02A3FF74 0001:000235E4 C:\Games\World of Warcraft\Wow.exe
008D967F 02A3FFAC 0001:004D867F C:\Games\World of Warcraft\Wow.exe
008D9724 02A3FFEC 0001:004D8724 C:\Games\World of Warcraft\Wow.exe

--- Thread ID: 1952 ---
7C802455 03EAFB6C 0001:00001455 C:\WINDOWS\system32\kernel32.dll
0046E92D 03EAFB78 0001:0006D92D C:\Games\World of Warcraft\Wow.exe
007DAAD5 03EAFF98 0001:003D9AD5 C:\Games\World of Warcraft\Wow.exe
0053BBE7 03EAFFB4 0001:0013ABE7 C:\Games\World of Warcraft\Wow.exe
7C80B729 03EAFFEC 0001:0000A729 C:\WINDOWS\system32\kernel32.dll

--- Thread ID: 4396 ---
7C802542 0497FF70 0001:00001542 C:\WINDOWS\system32\kernel32.dll
00540210 0497FF80 0001:0013F210 C:\Games\World of Warcraft\Wow.exe
00477D72 0497FF98 0001:00076D72 C:\Games\World of Warcraft\Wow.exe
0053BBE7 0497FFB4 0001:0013ABE7 C:\Games\World of Warcraft\Wow.exe
7C80B729 0497FFEC 0001:0000A729 C:\WINDOWS\system32\kernel32.dll

--- Thread ID: 3056 ---
7C80A115 07B8FF88 0001:00009115 C:\WINDOWS\system32\kernel32.dll
72C9312A 07B8FFB4 0001:0000212A C:\WINDOWS\system32\wdmaud.drv
7C80B729 07B8FFEC 0001:0000A729 C:\WINDOWS\system32\kernel32.dll

--- Thread ID: 2256 ---
7C80A115 07CFFE40 0001:00009115 C:\WINDOWS\system32\kernel32.dll
73E814A2 07CFFE58 0001:000004A2 C:\WINDOWS\system32\dsound.dll
73E82862 07CFFF78 0001:00001862 C:\WINDOWS\system32\dsound.dll
73E898DF 07CFFF98 0001:000088DF C:\WINDOWS\system32\dsound.dll
73E82896 07CFFFB4 0001:00001896 C:\WINDOWS\system32\dsound.dll
7C80B729 07CFFFEC 0001:0000A729 C:\WINDOWS\system32\kernel32.dll

--- Thread ID: 2852 ---
7C80A115 07E6FE48 0001:00009115 C:\WINDOWS\system32\kernel32.dll
73E814A2 07E6FE60 0001:000004A2 C:\WINDOWS\system32\dsound.dll
73E82862 07E6FF80 0001:00001862 C:\WINDOWS\system32\dsound.dll
73E8292B 07E6FFB4 0001:0000192B C:\WINDOWS\system32\dsound.dll
7C80B729 07E6FFEC 0001:0000A729 C:\WINDOWS\system32\kernel32.dll

--- Thread ID: 4480 ---
7C802455 07FDFF94 0001:00001455 C:\WINDOWS\system32\kernel32.dll
008552DD 07FDFFA0 0001:004542DD C:\Games\World of Warcraft\Wow.exe
00855B0C 07FDFFB4 0001:00454B0C C:\Games\World of Warcraft\Wow.exe
7C80B729 07FDFFEC 0001:0000A729 C:\WINDOWS\system32\kernel32.dll

--- Thread ID: 3372 ---
7C802455 0814FF94 0001:00001455 C:\WINDOWS\system32\kernel32.dll
008552DD 0814FFA0 0001:004542DD C:\Games\World of Warcraft\Wow.exe
00855B0C 0814FFB4 0001:00454B0C C:\Games\World of Warcraft\Wow.exe
7C80B729 0814FFEC 0001:0000A729 C:\WINDOWS\system32\kernel32.dll

--- Thread ID: 5292 ---
7C802455 082BFF94 0001:00001455 C:\WINDOWS\system32\kernel32.dll
008552DD 082BFFA0 0001:004542DD C:\Games\World of Warcraft\Wow.exe
00855B0C 082BFFB4 0001:00454B0C C:\Games\World of Warcraft\Wow.exe
7C80B729 082BFFEC 0001:0000A729 C:\WINDOWS\system32\kernel32.dll

--- Thread ID: 4856 ---
7C802455 0842FF94 0001:00001455 C:\WINDOWS\system32\kernel32.dll
008552DD 0842FFA0 0001:004542DD C:\Games\World of Warcraft\Wow.exe
00855B0C 0842FFB4 0001:00454B0C C:\Games\World of Warcraft\Wow.exe
7C80B729 0842FFEC 0001:0000A729 C:\WINDOWS\system32\kernel32.dll

--- Thread ID: 5872 ---
7C802542 0859FF74 0001:00001542 C:\WINDOWS\system32\kernel32.dll
00540210 0859FF84 0001:0013F210 C:\Games\World of Warcraft\Wow.exe
007ADA89 0859FFB4 0001:003ACA89 C:\Games\World of Warcraft\Wow.exe
7C80B729 0859FFEC 0001:0000A729 C:\WINDOWS\system32\kernel32.dll

--- Thread ID: 2108 ---
7C802542 0870FF64 0001:00001542 C:\WINDOWS\system32\kernel32.dll
00540210 0870FF74 0001:0013F210 C:\Games\World of Warcraft\Wow.exe
00462125 0870FF8C 0001:00061125 C:\Games\World of Warcraft\Wow.exe
00462291 0870FF98 0001:00061291 C:\Games\World of Warcraft\Wow.exe
0053BBE7 0870FFB4 0001:0013ABE7 C:\Games\World of Warcraft\Wow.exe
7C80B729 0870FFEC 0001:0000A729 C:\WINDOWS\system32\kernel32.dll

--- Thread ID: 2656 ---
7C80A115 0887FD34 0001:00009115 C:\WINDOWS\system32\kernel32.dll
0046293B 0887FF8C 0001:0006193B C:\Games\World of Warcraft\Wow.exe
004620CE 0887FF98 0001:000610CE C:\Games\World of Warcraft\Wow.exe
0053BBE7 0887FFB4 0001:0013ABE7 C:\Games\World of Warcraft\Wow.exe
7C80B729 0887FFEC 0001:0000A729 C:\WINDOWS\system32\kernel32.dll

--- Thread ID: 5908 ---
7E3995F9 0BE0FF14 0001:000085F9 C:\WINDOWS\system32\USER32.dll
7E3996A8 0BE0FF30 0001:000086A8 C:\WINDOWS\system32\USER32.dll
004415D9 0BE0FF60 0001:000405D9 C:\Games\World of Warcraft\Wow.exe
004425DA 0BE0FF74 0001:000415DA C:\Games\World of Warcraft\Wow.exe
008D967F 0BE0FFAC 0001:004D867F C:\Games\World of Warcraft\Wow.exe
008D9724 0BE0FFEC 0001:004D8724 C:\Games\World of Warcraft\Wow.exe

--- Thread ID: 5684 ---
719D5FA7 0C12FC04 0001:00004FA7 C:\WINDOWS\system32\mswsock.dll
71A3314F 0C12FC54 0001:0000214F C:\WINDOWS\system32\WS2_32.dll
3F9DE99F 0C12FFAC 0001:0000D99F C:\WINDOWS\system32\WININET.dll
3F9FDEDB 0C12FFB4 0001:0002CEDB C:\WINDOWS\system32\WININET.dll
7C80B729 0C12FFEC 0001:0000A729 C:\WINDOWS\system32\kernel32.dll

--- Thread ID: 1016 ---
7C80B729 0C29FFEC 0001:0000A729 C:\WINDOWS\system32\kernel32.dll

--- Thread ID: 4428 ---
7C80B729 0C40FFEC 0001:0000A729 C:\WINDOWS\system32\kernel32.dll

--- Thread ID: 1916 ---
7C802542 0C57FF74 0001:00001542 C:\WINDOWS\system32\kernel32.dll
00895FF5 0C57FF90 0001:00494FF5 C:\Games\World of Warcraft\Wow.exe
0085547A 0C57FFA0 0001:0045447A C:\Games\World of Warcraft\Wow.exe
00855AD0 0C57FFB4 0001:00454AD0 C:\Games\World of Warcraft\Wow.exe
7C80B729 0C57FFEC 0001:0000A729 C:\WINDOWS\system32\kernel32.dll

--- Thread ID: 3600 ---
7E3995F9 0C6EFF14 0001:000085F9 C:\WINDOWS\system32\USER32.dll
7E3996A8 0C6EFF30 0001:000086A8 C:\WINDOWS\system32\USER32.dll
004415D9 0C6EFF60 0001:000405D9 C:\Games\World of Warcraft\Wow.exe
004425DA 0C6EFF74 0001:000415DA C:\Games\World of Warcraft\Wow.exe
008D967F 0C6EFFAC 0001:004D867F C:\Games\World of Warcraft\Wow.exe
008D9724 0C6EFFEC 0001:004D8724 C:\Games\World of Warcraft\Wow.exe

--- Thread ID: 5984 ---
7C802542 0C85FF74 0001:00001542 C:\WINDOWS\system32\kernel32.dll
00895FF5 0C85FF90 0001:00494FF5 C:\Games\World of Warcraft\Wow.exe
0085547A 0C85FFA0 0001:0045447A C:\Games\World of Warcraft\Wow.exe
00855AD0 0C85FFB4 0001:00454AD0 C:\Games\World of Warcraft\Wow.exe
7C80B729 0C85FFEC 0001:0000A729 C:\WINDOWS\system32\kernel32.dll

--- Thread ID: 3704 ---
7C80B729 0CE3FFEC 0001:0000A729 C:\WINDOWS\system32\kernel32.dll

--- Thread ID: 4912 ---
7E3995F9 0C9CFF14 0001:000085F9 C:\WINDOWS\system32\USER32.dll
7E3996A8 0C9CFF30 0001:000086A8 C:\WINDOWS\system32\USER32.dll
004415D9 0C9CFF60 0001:000405D9 C:\Games\World of Warcraft\Wow.exe
004425DA 0C9CFF74 0001:000415DA C:\Games\World of Warcraft\Wow.exe
008D967F 0C9CFFAC 0001:004D867F C:\Games\World of Warcraft\Wow.exe
008D9724 0C9CFFEC 0001:004D8724 C:\Games\World of Warcraft\Wow.exe

--- Thread ID: 1180 ---
7C802542 0F43FF78 0001:00001542 C:\WINDOWS\system32\kernel32.dll
00540210 0F43FF88 0001:0013F210 C:\Games\World of Warcraft\Wow.exe
008F15C6 0F43FF98 0001:004F05C6 C:\Games\World of Warcraft\Wow.exe
0053BBE7 0F43FFB4 0001:0013ABE7 C:\Games\World of Warcraft\Wow.exe
7C80B729 0F43FFEC 0001:0000A729 C:\WINDOWS\system32\kernel32.dll

--- Thread ID: 5924 ---
7E3995F9 0F5AFF14 0001:000085F9 C:\WINDOWS\system32\USER32.dll
7E3996A8 0F5AFF30 0001:000086A8 C:\WINDOWS\system32\USER32.dll
004415D9 0F5AFF60 0001:000405D9 C:\Games\World of Warcraft\Wow.exe
004425DA 0F5AFF74 0001:000415DA C:\Games\World of Warcraft\Wow.exe
008D967F 0F5AFFAC 0001:004D867F C:\Games\World of Warcraft\Wow.exe
008D9724 0F5AFFEC 0001:004D8724 C:\Games\World of Warcraft\Wow.exe

--- Thread ID: 2264 ---
**** Unable to retrieve thread context, error: 6

--- Thread ID: 4944 ---
7C80A115 1621FEF4 0001:00009115 C:\WINDOWS\system32\kernel32.dll
79F025C1 1621FF54 0001:000915C1 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
79F0251E 1621FF84 0001:0009151E c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
79F02445 1621FFB4 0001:00091445 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
7C80B729 1621FFEC 0001:0000A729 C:\WINDOWS\system32\kernel32.dll

--- Thread ID: 5852 ---
7C80A115 1842FD8C 0001:00009115 C:\WINDOWS\system32\kernel32.dll
79F92C5B 1842FDAC 0001:00121C5B c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
79F970B8 1842FDC0 0001:001260B8 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
79E984CF 1842FDD4 0001:000274CF c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
79E9846B 1842FE68 0001:0002746B c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
79E98391 1842FEA4 0001:00027391 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
79EEF74C 1842FECC 0001:0007E74C c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
79EEF75D 1842FEDC 0001:0007E75D c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
79F3C6BC 1842FF14 0001:000CB6BC c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
79F920A5 1842FFB4 0001:001210A5 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
7C80B729 1842FFEC 0001:0000A729 C:\WINDOWS\system32\kernel32.dll

--- Thread ID: 5408 ---
79E8C639 1859FD64 0001:0001B639 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
79E8C56F 1859FDB4 0001:0001B56F c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
79E8C58E 1859FDC8 0001:0001B58E c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
79EE3FB5 1859FE94 0001:00072FB5 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
79F920A5 1859FFB4 0001:001210A5 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
7C80B729 1859FFEC 0001:0000A729 C:\WINDOWS\system32\kernel32.dll

--- Thread ID: 4460 ---
7A13C20D 1875FFB4 0001:002CB20D c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
7C80B729 1875FFEC 0001:0000A729 C:\WINDOWS\system32\kernel32.dll

--- Thread ID: 4016 ---
79F3E57C 188CFE14 0001:000CD57C c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
79F920A5 188CFFB4 0001:001210A5 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
7C80B729 188CFFEC 0001:0000A729 C:\WINDOWS\system32\kernel32.dll

--- Thread ID: 2688 ---
79E8D090 18A3FE98 0001:0001C090 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
79E8D0AA 18A3FED4 0001:0001C0AA c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
79E7C815 18A3FEE4 0001:0000B815 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
79FCBB4B 18A3FFB4 0001:0015AB4B c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
7C80B729 18A3FFEC 0001:0000A729 C:\WINDOWS\system32\kernel32.dll

----------------------------------------
    Stack Trace (Using DBGHELP.DLL)
----------------------------------------

Showing 33/33 threads...

--- Thread ID: 5276 [Current Thread] ---
000001D0 <unknown module> <unknown symbol>+0 (0x00000000,0x00000090,0x09A166A8,0x00000020)
10C08BC0 <unknown module> <unknown symbol>+0 (0x00000000,0x00000000,0x00000000,0x00000000)

--- Thread ID: 2880 ---
77F68631 ADVAPI32.dll WmiFreeBuffer+590 (0x00000000,0x7C9242AF,0x00000000,0x00000000)
7C80B729 kernel32.dll GetModuleFileNameA+442 (0x77F6848A,0x00000000,0x00000000,0x000000C8)

--- Thread ID: 2672 ---
7C802455 kernel32.dll Sleep+15 (0x00000064,0x4EB42C5D,0x02A2E968,0x02A2E908)
004245E4 Wow.exe      <unknown symbol>+0 (0x02A2E908,0x2D05127C,0x4EB42C5D,0x02A2E968)
008D967F Wow.exe      <unknown symbol>+0 (0x68428C36,0x7C80B729,0x02A2E968,0x4EB42C5D)
008D9724 Wow.exe      <unknown symbol>+0 (0x008D96A5,0x02A2E968,0x00000000,0x00000001)

--- Thread ID: 1952 ---
7C802455 kernel32.dll Sleep+15 (0x00000001,0x03EAFF98,0x007DAAD5,0x00000001)
0046E92D Wow.exe      <unknown symbol>+0 (0x00000001,0x007DA900,0x03000BD8,0x000007A0)
007DAAD5 Wow.exe      <unknown symbol>+0 (0x03000BD8,0x00000000,0x00000000,0x03000BF8)
0053BBE7 Wow.exe      <unknown symbol>+0 (0x00002180,0x00000000,0x00000000,0x03000BF8)
7C80B729 kernel32.dll GetModuleFileNameA+442 (0x0053BB90,0x03000BF8,0x00000000,0x053D0000)

--- Thread ID: 4396 ---
7C802542 kernel32.dll WaitForSingleObject+18 (0x000020DC,0xFFFFFFFF,0x0497FF98,0x00477D72)
00540210 Wow.exe      <unknown symbol>+0 (0xFFFFFFFF,0x01072010,0x0000112C,0x00477D10)
00477D72 Wow.exe      <unknown symbol>+0 (0x01072010,0x00000020,0x00000000,0x0463EF50)
0053BBE7 Wow.exe      <unknown symbol>+0 (0x00002188,0x00000020,0x00000000,0x0463EF50)
7C80B729 kernel32.dll GetModuleFileNameA+442 (0x0053BB90,0x0463EF50,0x00000000,0x060F0000)

--- Thread ID: 3056 ---
7C80A115 kernel32.dll WaitForMultipleObjects+24 (0x00000002,0x07B8FFA4,0x00000000,0xFFFFFFFF)
72C9312A wdmaud.drv   midMessage+840 (0x00000000,0x7C925C5D,0x0258F3EC,0x00000000)
7C80B729 kernel32.dll GetModuleFileNameA+442 (0x72C930E8,0x00000000,0x00000000,0x00000000)

--- Thread ID: 2256 ---
7C80A115 kernel32.dll WaitForMultipleObjects+24 (0x00000040,0x07CFFE78,0x00000000,0xFFFFFFFF)
73E814A2 dsound.dll   <unknown symbol>+0 (0x00000040,0xFFFFFFFF,0x00000000,0x07CFFE78)
73E82862 dsound.dll   <unknown symbol>+0 (0xFFFFFFFF,0x0000003F,0x031B5270,0x07CFFF94)
73E898DF dsound.dll   DirectSoundCreate+20900 (0x001C0608,0x031B3754,0x73E8B2E9,0x7C92005D)
73E82896 dsound.dll   <unknown symbol>+0 (0x031B3754,0x001C0608,0x7C92005D,0x031B3754)
7C80B729 kernel32.dll GetModuleFileNameA+442 (0x73E8B2A1,0x031B3754,0x00000000,0x00000000)

--- Thread ID: 2852 ---
7C80A115 kernel32.dll WaitForMultipleObjects+24 (0x00000001,0x07E6FE80,0x00000000,0x000001F4)
73E814A2 dsound.dll   <unknown symbol>+0 (0x00000001,0x000001F4,0x00000000,0x07E6FE80)
73E82862 dsound.dll   <unknown symbol>+0 (0x000001F4,0x00000000,0x00000000,0x00000000)
73E8292B dsound.dll   <unknown symbol>+0 (0x031B1EFC,0x001C0000,0x00237190,0x031B1EFC)
7C80B729 kernel32.dll GetModuleFileNameA+442 (0x73E8B2A1,0x031B1EFC,0x00000000,0x00000000)

--- Thread ID: 4480 ---
7C802455 kernel32.dll Sleep+15 (0x0000000A,0x07FDFFB4,0x00855B0C,0x0000000A)
008552DD Wow.exe      <unknown symbol>+0 (0x0000000A,0x7C921028,0x00001180,0x07FDFFEC)
00855B0C Wow.exe      <unknown symbol>+0 (0x0513E288,0x0019F52C,0x7C921028,0x0513E288)
7C80B729 kernel32.dll GetModuleFileNameA+442 (0x00855A90,0x0513E288,0x00000000,0x00000000)

--- Thread ID: 3372 ---
7C802455 kernel32.dll Sleep+15 (0x0000000A,0x0814FFB4,0x00855B0C,0x0000000A)
008552DD Wow.exe      <unknown symbol>+0 (0x0000000A,0x00000000,0x00000D2C,0x0814FFEC)
00855B0C Wow.exe      <unknown symbol>+0 (0x06B27610,0x001C0178,0x00000000,0x06B27610)
7C80B729 kernel32.dll GetModuleFileNameA+442 (0x00855A90,0x06B27610,0x00000000,0x00000000)

--- Thread ID: 5292 ---
7C802455 kernel32.dll Sleep+15 (0x0000000A,0x082BFFB4,0x00855B0C,0x0000000A)
008552DD Wow.exe      <unknown symbol>+0 (0x0000000A,0x7C920222,0x000014AC,0x082BFFEC)
00855B0C Wow.exe      <unknown symbol>+0 (0x06B5D9B0,0x0019F52C,0x7C920222,0x06B5D9B0)
7C80B729 kernel32.dll GetModuleFileNameA+442 (0x00855A90,0x06B5D9B0,0x00000000,0x00000000)

--- Thread ID: 4856 ---
7C802455 kernel32.dll Sleep+15 (0x0000000A,0x0842FFB4,0x00855B0C,0x0000000A)
008552DD Wow.exe      <unknown symbol>+0 (0x0000000A,0x00000000,0x000012F8,0x0842FFEC)
00855B0C Wow.exe      <unknown symbol>+0 (0x06B1EF90,0x001C0178,0x00000000,0x06B1EF90)
7C80B729 kernel32.dll GetModuleFileNameA+442 (0x00855A90,0x06B1EF90,0x00000000,0x00000000)

--- Thread ID: 5872 ---
7C802542 kernel32.dll WaitForSingleObject+18 (0x000020EC,0xFFFFFFFF,0x0859FFB4,0x007ADA89)
00540210 Wow.exe      <unknown symbol>+0 (0xFFFFFFFF,0x000016F0,0x007AD8B0,0x00000000)
007ADA89 Wow.exe      <unknown symbol>+0 (0x00002368,0x00000FF7,0x1075B048,0x0783FCA0)
7C80B729 kernel32.dll GetModuleFileNameA+442 (0x0053BB90,0x0783FCA0,0x00000000,0x00000000)

--- Thread ID: 2108 ---
7C802542 kernel32.dll WaitForSingleObject+18 (0x00002360,0x000003E8,0x0870FF8C,0x00462125)
00540210 Wow.exe      <unknown symbol>+0 (0x000003E8,0x0000083C,0x00462280,0x078F8678)
00462125 Wow.exe      <unknown symbol>+0 (0x00000000,0x0870FFB4,0x0053BBE7,0x078F8678)
00462291 Wow.exe      <unknown symbol>+0 (0x078F8678,0x00000000,0x00000000,0x0783FCA0)
0053BBE7 Wow.exe      <unknown symbol>+0 (0x00002400,0x00000000,0x00000000,0x0783FCA0)
7C80B729 kernel32.dll GetModuleFileNameA+442 (0x0053BB90,0x0783FCA0,0x00000000,0x00000000)

--- Thread ID: 2656 ---
7C80A115 kernel32.dll WaitForMultipleObjects+24 (0x00000002,0x0887FE58,0x00000000,0x000001F4)
0046293B Wow.exe      <unknown symbol>+0 (0x004620C0,0x0887FFB4,0x0053BBE7,0x078F8668)
004620CE Wow.exe      <unknown symbol>+0 (0x078F8668,0x00000000,0x00000000,0x078F8F60)
0053BBE7 Wow.exe      <unknown symbol>+0 (0x00002404,0x00000000,0x00000000,0x078F8F60)
7C80B729 kernel32.dll GetModuleFileNameA+442 (0x0053BB90,0x078F8F60,0x00000000,0x00000000)

--- Thread ID: 5908 ---
7E3995F9 USER32.dll   GetLastInputInfo+261 (0x00000002,0x0BE0FF58,0xFFFFFFFF,0x00000000)
7E3996A8 USER32.dll   MsgWaitForMultipleObjects+31 (0x00000002,0x0BE0FF58,0x00000000,0xFFFFFFFF)
004415D9 Wow.exe      <unknown symbol>+0 (0x0106A1D0,0x00000000,0x097802E0,0x0BE0FFAC)
004425DA Wow.exe      <unknown symbol>+0 (0x09648218,0x2446127C,0x00000000,0x097802E0)
008D967F Wow.exe      <unknown symbol>+0 (0x00000000,0x7C80B729,0x097802E0,0x00000000)
008D9724 Wow.exe      <unknown symbol>+0 (0x008D96A5,0x097802E0,0x00000000,0x0F5B0000)

--- Thread ID: 5684 ---
719D5FA7 mswsock.dll  <unknown symbol>+0 (0x00000001,0x0C12FE84,0x0C12FC7C,0x0C12FD80)
71A3314F WS2_32.dll   select+167 (0x00000001,0x0C12FE84,0x0C12FC7C,0x0C12FD80)
3F9DE99F WININET.dll  Ordinal346+1700 (0x0C12FFEC,0x7C80B729,0x00258C68,0x0019F25C)
3F9FDEDB WININET.dll  InternetSetStatusCallback+483 (0x00258C68,0x0019F25C,0x00000040,0x00258C68)
7C80B729 kernel32.dll GetModuleFileNameA+442 (0x3F9FDECE,0x00258C68,0x00000000,0x00000000)

--- Thread ID: 1016 ---
7C80B729 kernel32.dll GetModuleFileNameA+442 (0x7C937EDB,0x00000000,0x00000000,0x00000000)

--- Thread ID: 4428 ---
7C80B729 kernel32.dll GetModuleFileNameA+442 (0x7C920250,0x00000000,0x00000000,0x00000000)

--- Thread ID: 1916 ---
7C802542 kernel32.dll WaitForSingleObject+18 (0x000024B8,0xFFFFFFFF,0x00000000,0x03035E9C)
00895FF5 Wow.exe      <unknown symbol>+0 (0x098ADF08,0xFFFFFFFF,0x0C57FFB4,0x00855AD0)
0085547A Wow.exe      <unknown symbol>+0 (0x098ADF08,0x4E554F53,0x0000077C,0x0C57FFEC)
00855AD0 Wow.exe      <unknown symbol>+0 (0x03035E9C,0x00000000,0x4E554F53,0x03035E9C)
7C80B729 kernel32.dll GetModuleFileNameA+442 (0x00855A90,0x03035E9C,0x00000000,0x00000000)

--- Thread ID: 3600 ---
7E3995F9 USER32.dll   GetLastInputInfo+261 (0x00000002,0x0C6EFF58,0xFFFFFFFF,0x00000000)
7E3996A8 USER32.dll   MsgWaitForMultipleObjects+31 (0x00000002,0x0C6EFF58,0x00000000,0xFFFFFFFF)
004415D9 Wow.exe      <unknown symbol>+0 (0x0106A218,0x00000000,0x09AAB158,0x0C6EFFAC)
004425DA Wow.exe      <unknown symbol>+0 (0x09DB68C0,0x23C8127C,0x00000000,0x09AAB158)
008D967F Wow.exe      <unknown symbol>+0 (0x00000000,0x7C80B729,0x09AAB158,0x00000000)
008D9724 Wow.exe      <unknown symbol>+0 (0x008D96A5,0x09AAB158,0x00000000,0x00000000)

--- Thread ID: 5984 ---
7C802542 kernel32.dll WaitForSingleObject+18 (0x00002518,0xFFFFFFFF,0x7C9218C0,0x03036114)
00895FF5 Wow.exe      <unknown symbol>+0 (0x051D9FF0,0xFFFFFFFF,0x0C85FFB4,0x00855AD0)
0085547A Wow.exe      <unknown symbol>+0 (0x051D9FF0,0x02A20000,0x00001760,0x0C85FFEC)
00855AD0 Wow.exe      <unknown symbol>+0 (0x03036114,0x7C9218C0,0x02A20000,0x03036114)
7C80B729 kernel32.dll GetModuleFileNameA+442 (0x00855A90,0x03036114,0x00000000,0x00000000)

--- Thread ID: 3704 ---
7C80B729 kernel32.dll GetModuleFileNameA+442 (0x719DD2C6,0x0CBFCA40,0x00000000,0x00000008)

--- Thread ID: 4912 ---
7E3995F9 USER32.dll   GetLastInputInfo+261 (0x00000002,0x0C9CFF58,0xFFFFFFFF,0x00000000)
7E3996A8 USER32.dll   MsgWaitForMultipleObjects+31 (0x00000002,0x0C9CFF58,0x00000000,0xFFFFFFFF)
004415D9 Wow.exe      <unknown symbol>+0 (0x0106A278,0x001C0338,0x099EF2C8,0x0C9CFFAC)
004425DA Wow.exe      <unknown symbol>+0 (0x098EDB08,0x233A127C,0x001C0338,0x099EF2C8)
008D967F Wow.exe      <unknown symbol>+0 (0x00000000,0x7C80B729,0x099EF2C8,0x001C0338)
008D9724 Wow.exe      <unknown symbol>+0 (0x008D96A5,0x099EF2C8,0x00000000,0x00000008)

--- Thread ID: 1180 ---
7C802542 kernel32.dll WaitForSingleObject+18 (0x000025DC,0x00000064,0x0F43FF98,0x008F15C6)
00540210 Wow.exe      <unknown symbol>+0 (0x00000064,0x008F15B0,0x0F43FFB4,0x0053BBE7)
008F15C6 Wow.exe      <unknown symbol>+0 (0x0A14E708,0x00000000,0x00000028,0x09E1FC08)
0053BBE7 Wow.exe      <unknown symbol>+0 (0x000025D8,0x00000000,0x00000028,0x09E1FC08)
7C80B729 kernel32.dll GetModuleFileNameA+442 (0x0053BB90,0x09E1FC08,0x00000000,0x00000000)

--- Thread ID: 5924 ---
7E3995F9 USER32.dll   GetLastInputInfo+261 (0x00000002,0x0F5AFF58,0xFFFFFFFF,0x00000000)
7E3996A8 USER32.dll   MsgWaitForMultipleObjects+31 (0x00000002,0x0F5AFF58,0x00000000,0xFFFFFFFF)
004415D9 Wow.exe      <unknown symbol>+0 (0x0106A2D8,0x008DAB1A,0x0A14FCB0,0x0F5AFFAC)
004425DA Wow.exe      <unknown symbol>+0 (0x099B3ED8,0x20FC127C,0x008DAB1A,0x0A14FCB0)
008D967F Wow.exe      <unknown symbol>+0 (0x0870E10C,0x7C80B729,0x0A14FCB0,0x008DAB1A)
008D9724 Wow.exe      <unknown symbol>+0 (0x008D96A5,0x0A14FCB0,0x00000000,0x101D0000)

--- Thread ID: 2264 ---
**** Unable to gain access to the thread, error: 

--- Thread ID: 4944 ---
7C80A115 kernel32.dll WaitForMultipleObjects+24 (0x00000003,0x1621FF1C,0x00000000,0xFFFFFFFF)
79F025C1 mscorwks.dll ClrCreateManagedInstance+58035 (0x379923F5,0x00000000,0x79F013DC,0x00000000)
79F0251E mscorwks.dll ClrCreateManagedInstance+57872 (0x379923C5,0x79F90DC1,0x79F013DC,0x00000000)
79F02445 mscorwks.dll ClrCreateManagedInstance+57655 (0x00000000,0x79F90DC1,0x79F013DC,0x00000000)
7C80B729 kernel32.dll GetModuleFileNameA+442 (0x79F023FF,0x00000000,0x00000000,0x16221024)

--- Thread ID: 5852 ---
7C80A115 kernel32.dll WaitForMultipleObjects+24 (0x00000002,0x7A3B8D28,0x00000000,0xFFFFFFFF)
79F92C5B mscorwks.dll CreateApplicationContext+51179 (0x0F8B5048,0x1842FEB0,0x0F8B5B88,0x1842FDD4)
79F970B8 mscorwks.dll CreateApplicationContext+68680 (0x1842FEB0,0x00000000,0x00000000,0x1842FE68)
79E984CF mscorwks.dll CoUninitializeEE+19979 (0x1842FEB0,0x1842FE5C,0x79F7762B,0x39FA2219)
79E9846B mscorwks.dll CoUninitializeEE+19879 (0x1842FEB0,0x39FA22D5,0x00000000,0x00000001)
79E98391 mscorwks.dll CoUninitializeEE+19661 (0x1842FEB0,0x00000000,0x0F7DB008,0x00000000)
79EEF74C mscorwks.dll GetPrivateContextsPerfCounters+61901 (0x79F9706D,0x00000008,0x1842FF14,0x79F3C6BC)
79EEF75D mscorwks.dll GetPrivateContextsPerfCounters+61918 (0x79F9706D,0x39FA2365,0x00000000,0x79F3C613)
79F3C6BC mscorwks.dll CorExitProcess+3206 (0x00000000,0x878AEB40,0x804FB078,0x878AECAC)
79F920A5 mscorwks.dll CreateApplicationContext+48181 (0x0F8B5B88,0x00730074,0x00610020,0x0F8B5B88)
7C80B729 kernel32.dll GetModuleFileNameA+442 (0x79F9205F,0x0F8B5B88,0x00000000,0x00000000)

--- Thread ID: 5408 ---
79E8C639 mscorwks.dll LogHelp_TerminateOnAssert+97 (0x00002684,0xFFFFFFFF,0x00000000,0x39E121C5)
79E8C56F mscorwks.dll DllUnregisterServerInternal+66851 (0xFFFFFFFF,0x00000000,0x00000000,0x1859FE94)
79E8C58E mscorwks.dll DllUnregisterServerInternal+66882 (0xFFFFFFFF,0x00000000,0x00000000,0x1859FE88)
79EE3FB5 mscorwks.dll GetPrivateContextsPerfCounters+14902 (0x0D0CDA08,0x00000000,0x00000000,0x00000000)
79F920A5 mscorwks.dll CreateApplicationContext+48181 (0x0CA2CCE8,0x00000004,0x79E7F1E8,0x0CA2CCE8)
7C80B729 kernel32.dll GetModuleFileNameA+442 (0x79F9205F,0x0CA2CCE8,0x00000000,0x00000000)

--- Thread ID: 4460 ---
7A13C20D mscorwks.dll TranslateSecurityAttributes+169170 (0x00000001,0x00000000,0x00000410,0x0D1A05D8)
7C80B729 kernel32.dll GetModuleFileNameA+442 (0x7A13C12C,0x0D1A05D8,0x00000000,0x00000000)

--- Thread ID: 4016 ---
79F3E57C mscorwks.dll CorExitProcess+11078 (0x00000000,0x00000000,0x00000000,0x00000000)
79F920A5 mscorwks.dll CreateApplicationContext+48181 (0x0D1B7740,0x00000000,0x00000020,0x0D1B7740)
7C80B729 kernel32.dll GetModuleFileNameA+442 (0x79F9205F,0x0D1B7740,0x00000000,0x00000000)

--- Thread ID: 2688 ---
79E8D090 mscorwks.dll LogHelp_TerminateOnAssert+2744 (0x000001F4,0x00000000,0x391B22A5,0x00000000)
79E8D0AA mscorwks.dll LogHelp_TerminateOnAssert+2770 (0x000001F4,0x00000000,0x18A3FFB4,0x79FCBB4B)
79E7C815 mscorwks.dll DllUnregisterServerInternal+1993 (0x000001F4,0xF0623844,0x0000002B,0xEF6C42B4)
79FCBB4B mscorwks.dll StrongNameErrorInfo+161327 (0x00000000,0x7C9201DB,0x00000000,0x00000000)
7C80B729 kernel32.dll GetModuleFileNameA+442 (0x79FCBAB6,0x00000000,0x00000000,0x00905A4D)


----------------------------------------
    Loaded Modules
----------------------------------------

0x003B0000 - 0x003B9000  C:\WINDOWS\system32\Normaliz.dll
0x00400000 - 0x01758000  C:\Games\World of Warcraft\Wow.exe
0x05FE0000 - 0x05FF5000  C:\WINDOWS\system32\PGPlsp.dll
0x06A00000 - 0x06A1B000  C:\lavori\cvs\babbot\BabBot\BabBot\bin\Debug\EasyHook32.dll
0x0FF80000 - 0x0FF90000  C:\WINDOWS\assembly\GAC_MSIL\EasyHook\2.5.0.0__4b580fca19d0b0c5\EasyHook.dll
0x10000000 - 0x10069000  C:\Games\World of Warcraft\DivxDecoder.dll
0x16060000 - 0x16068000  C:\WINDOWS\assembly\GAC_MSIL\Dante\1.0.0.0__bcbc47c15ac8c435\Dante.dll
0x16080000 - 0x160A5000  C:\Programmi\Bonjour\mdnsNSP.dll
0x18A40000 - 0x18B55000  C:\Games\World of Warcraft\dbghelp.dll
0x3F9D0000 - 0x3FAB6000  C:\WINDOWS\system32\WININET.dll
0x40070000 - 0x40258000  C:\WINDOWS\system32\iertutil.dll
0x45010000 - 0x45141000  C:\WINDOWS\system32\urlmon.dll
0x4FD60000 - 0x4FF06000  C:\WINDOWS\system32\d3d9.dll
0x5B4B0000 - 0x5B4B7000  C:\WINDOWS\system32\umdmxfrm.dll
0x5BC70000 - 0x5BCC5000  C:\WINDOWS\system32\NETAPI32.dll
0x5C8A0000 - 0x5C8C1000  C:\WINDOWS\system32\GLU32.dll
0x5D190000 - 0x5D197000  C:\WINDOWS\system32\serwvdrv.dll
0x5D4D0000 - 0x5D56A000  C:\WINDOWS\system32\comctl32.dll
0x5F140000 - 0x5F20C000  C:\WINDOWS\system32\OPENGL32.dll
0x66750000 - 0x667A8000  C:\WINDOWS\system32\hnetcfg.dll
0x67770000 - 0x67831000  C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\2abd876a3c8a6b088fa6d8d39d901e3c\System.Runtime.Remoting.ni.dll
0x68000000 - 0x68036000  C:\WINDOWS\system32\rsaenh.dll
0x6D330000 - 0x6D36A000  C:\WINDOWS\system32\DINPUT8.dll
0x6DEB0000 - 0x6DEB6000  C:\WINDOWS\system32\d3d8thk.dll
0x719D0000 - 0x71A10000  C:\WINDOWS\system32\mswsock.dll
0x71A10000 - 0x71A18000  C:\WINDOWS\System32\wshtcpip.dll
0x71A20000 - 0x71A28000  C:\WINDOWS\system32\WS2HELP.dll
0x71A30000 - 0x71A47000  C:\WINDOWS\system32\WS2_32.dll
0x71B80000 - 0x71B93000  C:\WINDOWS\system32\SAMLIB.dll
0x72C80000 - 0x72C88000  C:\WINDOWS\system32\msacm32.drv
0x72C90000 - 0x72C99000  C:\WINDOWS\system32\wdmaud.drv
0x736D0000 - 0x7371B000  C:\WINDOWS\system32\DDRAW.dll
0x73B30000 - 0x73B36000  C:\WINDOWS\system32\DCIMAN32.dll
0x73E50000 - 0x73E54000  C:\WINDOWS\system32\KsUser.dll
0x73E80000 - 0x73EDC000  C:\WINDOWS\system32\dsound.dll
0x752E0000 - 0x7530E000  C:\WINDOWS\system32\msctfime.ime
0x76340000 - 0x7635D000  C:\WINDOWS\system32\IMM32.dll
0x76980000 - 0x76A35000  C:\WINDOWS\system32\USERENV.dll
0x76B00000 - 0x76B2E000  C:\WINDOWS\system32\WINMM.dll
0x76BB0000 - 0x76BBB000  C:\WINDOWS\system32\PSAPI.DLL
0x76BF0000 - 0x76C1E000  C:\WINDOWS\system32\WINTRUST.dll
0x76C50000 - 0x76C78000  C:\WINDOWS\system32\IMAGEHLP.dll
0x76D20000 - 0x76D39000  C:\WINDOWS\system32\Iphlpapi.dll
0x76E40000 - 0x76E4E000  C:\WINDOWS\system32\rtutils.dll
0x76E50000 - 0x76E62000  C:\WINDOWS\system32\rasman.dll
0x76E70000 - 0x76E9F000  C:\WINDOWS\system32\TAPI32.dll
0x76EA0000 - 0x76EDC000  C:\WINDOWS\system32\RASAPI32.dll
0x76EE0000 - 0x76F07000  C:\WINDOWS\system32\DNSAPI.dll
0x76F20000 - 0x76F4D000  C:\WINDOWS\system32\WLDAP32.dll
0x76F70000 - 0x76F78000  C:\WINDOWS\System32\winrnr.dll
0x76F80000 - 0x76F86000  C:\WINDOWS\system32\rasadhlp.dll
0x770F0000 - 0x7717B000  C:\WINDOWS\system32\OLEAUT32.dll
0x773A0000 - 0x774A3000  C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
0x774B0000 - 0x775ED000  C:\WINDOWS\system32\ole32.dll
0x77660000 - 0x77681000  C:\WINDOWS\system32\NTMARTA.DLL
0x77A50000 - 0x77AE6000  C:\WINDOWS\system32\CRYPT32.dll
0x77AF0000 - 0x77B02000  C:\WINDOWS\system32\MSASN1.dll
0x77BA0000 - 0x77BA7000  C:\WINDOWS\system32\midimap.dll
0x77BB0000 - 0x77BC5000  C:\WINDOWS\system32\MSACM32.dll
0x77BD0000 - 0x77BD8000  C:\WINDOWS\system32\VERSION.dll
0x77BE0000 - 0x77C38000  C:\WINDOWS\system32\msvcrt.dll
0x77DA0000 - 0x77E32000  C:\WINDOWS\system32\RPCRT4.dll
0x77E40000 - 0x77E89000  C:\WINDOWS\system32\GDI32.dll
0x77E90000 - 0x77F06000  C:\WINDOWS\system32\SHLWAPI.dll
0x77F10000 - 0x77F21000  C:\WINDOWS\system32\Secur32.dll
0x77F40000 - 0x77FEB000  C:\WINDOWS\system32\ADVAPI32.dll
0x78130000 - 0x781CB000  C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\MSVCR80.dll
0x79000000 - 0x79046000  C:\WINDOWS\system32\mscoree.dll
0x79060000 - 0x790BB000  c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
0x790C0000 - 0x79BB7000  C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\6d667f19d687361886990f3ca0f49816\mscorlib.ni.dll
0x79E70000 - 0x7A400000  c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
0x7A440000 - 0x7ABC5000  C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\80978a322d7dd39f0a71be1251ae395a\System.ni.dll
0x7C800000 - 0x7C901000  C:\WINDOWS\system32\kernel32.dll
0x7C910000 - 0x7C9C8000  C:\WINDOWS\system32\ntdll.dll
0x7C9D0000 - 0x7D1EE000  C:\WINDOWS\system32\SHELL32.dll
0x7E390000 - 0x7E421000  C:\WINDOWS\system32\USER32.dll


----------------------------------------
    Memory Dump
----------------------------------------

Code: 16 bytes starting at (EIP = 000001D0)

000001D0: <can't read from this address>


Stack: 1024 bytes starting at (ESP = 0019F9C0)

* = addr  **                                                  *               
0019F9C0: C0 8B C0 10  00 00 00 00  90 00 00 00  A8 66 A1 09  .............f..
0019F9D0: 20 00 00 00  00 00 00 00  10 60 A9 06  A8 66 A1 09   ........`...f..
0019F9E0: E0 FA 19 00  A4 FA 19 00  04 58 0E 11  20 00 00 00  .........X.. ...
0019F9F0: 90 00 00 00  A8 66 A1 09  54 FA 19 00  93 1F 92 00  .....f..T.......
0019FA00: A8 66 A1 09  10 60 A9 06  A8 66 A1 09  05 00 00 00  .f...`...f......
0019FA10: 4B 1B 98 00  20 00 00 00  90 00 00 00  B0 8B C0 10  K... ...........
0019FA20: C0 01 00 00  C0 8B C0 10  4B 1B 98 00  6E 28 92 00  ........K...n(..
0019FA30: 00 00 00 00  28 D6 D6 10  A8 3F 15 0B  C0 8B C0 10  ....(....?......
0019FA40: 5C FA 19 00  47 2C 92 00  50 3F 15 0B  01 00 00 00  \...G,..P?......
0019FA50: A8 66 A1 09  08 D6 D6 10  20 00 00 00  70 FA 19 00  .f...... ...p...
0019FA60: 26 B9 91 00  A8 66 A1 09  B0 8B C0 10  00 00 00 00  &....f..........
0019FA70: CC FA 19 00  93 1F 92 00  A8 66 A1 09  18 FB 19 00  .........f......
0019FA80: A8 66 A1 09  4C FC 19 00  CC FA 19 00  20 00 00 00  .f..L....... ...
0019FA90: 90 00 00 00  A8 66 A1 09  70 FA 19 00  81 1F 92 00  .....f..p.......
0019FAA0: B0 FF 19 00  01 00 00 00  30 32 43 56  00 00 00 00  ........02CV....
0019FAB0: 04 58 0E 11  F4 FA 19 00  D4 B9 91 00  A8 66 A1 09  .X...........f..
0019FAC0: E0 FA 19 00  04 58 0E 11  00 00 00 00  F4 FA 19 00  .....X..........
0019FAD0: 09 2E 92 00  A8 66 A1 09  10 B9 91 00  18 FB 19 00  .....f..........
0019FAE0: 00 00 00 00  A8 66 A1 09  0D 00 00 00  20 00 00 00  .....f...... ...
0019FAF0: 01 00 00 00  20 FB 19 00  7F B9 91 00  A8 66 A1 01  .... ........f..
0019FB00: 10 B9 91 00  18 FB 19 00  C0 01 00 00  B0 01 00 00  ................
0019FB10: 04 58 0E 11  A8 66 A1 09  B0 8B C0 10  00 00 00 00  .X...f..........
0019FB20: 48 FB 19 00  72 AB 49 00  A8 66 A1 09  00 00 00 00  H...r.I..f......
0019FB30: 00 00 00 00  FE FF FF FF  10 CE 6D 00  A8 66 A1 09  ..........m..f..
0019FB40: 90 01 00 00  00 00 00 00  60 FB 19 00  4A CE 6D 00  ........`...J.m.
0019FB50: 04 58 0E 11  04 58 0E 11  4B 1B 98 00  A8 66 A1 09  .X...X..K....f..
0019FB60: 7C FB 19 00  7C 29 92 00  A8 66 A1 09  10 CE 6D 00  |...|)...f....m.
0019FB70: 00 00 00 00  80 8B C0 10  A8 66 A1 09  08 FC 19 00  .........f......
0019FB80: 2A 5F 92 00  90 01 00 00  80 8B C0 10  00 00 00 00  *_..............
0019FB90: 00 00 00 00  A8 66 A1 09  00 00 00 00  00 00 00 00  .....f..........
0019FBA0: 00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00  ................
0019FBB0: 00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00  ................
0019FBC0: 00 00 00 00  00 00 00 00  00 00 00 00  10 60 A9 06  .............`..
0019FBD0: 00 00 00 00  05 00 00 00  00 00 00 00  00 00 00 00  ................
0019FBE0: A4 12 04 00  00 00 00 00  00 00 00 00  00 00 00 00  ................
0019FBF0: 00 00 00 00  00 00 00 00  01 00 00 00  D8 00 75 0A  ..............u.
0019FC00: 70 B7 73 0A  70 8B C0 10  24 FC 19 00  47 2C 92 00  p.s.p...$...G,..
0019FC10: DC B6 73 0A  05 00 00 00  A8 66 A1 09  BA D8 91 7C  ..s......f.....|
0019FC20: 80 87 4D 01  38 FC 19 00  26 B9 91 00  A8 66 A1 09  ..M.8...&....f..
0019FC30: 20 8A C0 10  00 00 00 00  94 FC 19 00  93 1F 92 00   ...............
0019FC40: A8 66 A1 09  E0 FC 19 00  A8 66 A1 09  00 00 00 00  .f.......f......
0019FC50: 94 FC 19 00  00 00 00 00  00 00 00 00  A8 66 A1 09  .............f..
0019FC60: 38 FC 19 00  81 1F 92 00  B0 FF 19 00  01 00 00 00  8...............
0019FC70: 30 32 43 56  00 00 00 00  00 00 00 00  01 00 1C 00  02CV............
0019FC80: 9C FC 19 00  9C 85 92 00  10 60 A9 06  28 F9 5C 10  .........`..(.\.
0019FC90: 00 00 00 00  BC FC 19 00  09 2E 92 00  A8 66 A1 09  .............f..
0019FCA0: 10 B9 91 00  E0 FC 19 00  00 00 00 00  A8 66 A1 09  .............f..
0019FCB0: 00 00 00 00  00 00 00 00  00 00 00 00  E8 FC 19 00  ................
0019FCC0: 7F B9 91 00  A8 66 A1 01  10 B9 91 00  E0 FC 19 00  .....f..........
0019FCD0: 30 00 00 00  20 00 00 00  00 00 00 00  A8 66 A1 09  0... ........f..
0019FCE0: 20 8A C0 10  00 00 00 00  4C FD 19 00  FB B4 49 00   .......L.....I.
0019FCF0: A8 66 A1 09  01 00 00 00  00 00 00 00  FD FF FF FF  .f..............
0019FD00: 44 42 47 3A  43 68 61 74  46 72 61 6D  65 45 64 69  DBG:ChatFrameEdi
0019FD10: 74 42 6F 78  00 FD 19 00  00 97 7A 0A  CE B2 49 00  tBox......z...I.
0019FD20: B8 FD 19 00  00 5E 7D 0A  00 00 00 00  00 00 00 00  .....^}.........
0019FD30: 00 00 00 00  00 00 00 00  00 FD 19 00  00 00 00 00  ................
0019FD40: 01 00 00 00  01 00 00 00  00 00 00 00  68 FD 19 00  ............h...
0019FD50: 60 B6 49 00  B9 18 00 00  00 5E 7D 0A  00 00 00 00  `.I......^}.....
0019FD60: 00 00 00 00  00 00 00 00  90 FD 19 00  E2 DF 80 00  ................
0019FD70: 6C 61 7D 0A  00 00 00 00  00 00 00 00  00 5E 7D 0A  la}..........^}.
0019FD80: FE 53 41 00  6C FD 19 00  10 00 00 00  B8 FD 19 00  .SA.l...........
0019FD90: A0 FD 19 00  5A 05 81 00  B8 C5 FF 09  00 5E 7D 0A  ....Z........^}.
0019FDA0: DC FD 19 00  AE 4D 81 00  B8 FD 19 00  04 FF 19 00  .....M..........
0019FDB0: 10 1B BC 02  E0 C9 FF 09  80 1F 9C 00  00 00 00 00  ................


------------------------------------------------------------------------------

======================================================================
Hardware/Driver Information:
Processor:              0x0
Page Size:              4096
Min App Address:        0x10000
Max App Address:        0x7ffeffff
Processor Mask:         0x3
Number of Processors:   2
Processor Type:         586
Allocation Granularity: 65536
Processor Level:        6
Processor Revision:     3592
Os Version:             5.1
Os Service Pack:        3.0

Percent memory used:    88
Total physical memory:  2146742272
Free Memory:            255905792
Page file:              4130148352
Total virtual memory:   2147352576

It looks like somewhere there's a NULL pointer being passed, but I have no clue where and why this is happening.
Am I missing on something terribly obvious?

Update:

This is the function where it locks:

Code:

.text:009227D0 ; ¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦ S U B R O U T I N E ¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦
.text:009227D0
.text:009227D0 ; Attributes: bp-based frame
.text:009227D0
.text:009227D0 sub_9227D0      proc near               ; CODE XREF: sub_922BC0+73p
.text:009227D0                                         ; sub_922C70+4Dp ...
.text:009227D0
.text:009227D0 arg_0           = dword ptr  8
.text:009227D0 arg_4           = dword ptr  0Ch
.text:009227D0 arg_8           = dword ptr  10h
.text:009227D0
.text:009227D0                 push    ebp
.text:009227D1                 mov     ebp, esp
.text:009227D3                 mov     eax, [ebp+arg_4]
.text:009227D6                 cmp     dword ptr [eax+8], 6
.text:009227DA                 push    ebx
.text:009227DB                 push    esi
.text:009227DC                 mov     esi, [ebp+arg_0]
.text:009227DF                 push    edi
.text:009227E0                 jz      short loc_9227E9
.text:009227E2                 mov     ebx, eax
.text:009227E4                 call    sub_922300
.text:009227E9
.text:009227E9 loc_9227E9:                             ; CODE XREF: sub_9227D0+10j
.text:009227E9                 mov     ecx, [esi+18h]
.text:009227EC                 mov     edx, [esi+1Ch]
.text:009227EF                 mov     ebx, eax
.text:009227F1                 sub     ebx, [esi+24h]
.text:009227F4                 mov     eax, [eax]
.text:009227F6                 mov     [ecx+0Ch], edx
.text:009227F9                 mov     ecx, [esi+20h]
.text:009227FC                 sub     ecx, [esi+0Ch]
.text:009227FF                 cmp     byte ptr [eax+0Ah], 0
.text:00922803                 mov     [ebp+arg_0], ebx
.text:00922806                 jnz     loc_9228FB
.text:0092280C                 mov     edx, [eax+18h]
.text:0092280F                 movzx   eax, byte ptr [edx+4Fh]
.text:00922813                 mov     edi, eax
.text:00922815                 shl     edi, 4
.text:00922818                 cmp     ecx, edi
.text:0092281A                 mov     [ebp+arg_4], edx
.text:0092281D                 jg      short loc_92283B
.text:0092281F                 mov     ecx, [esi+30h]
.text:00922822                 cmp     eax, ecx
.text:00922824                 jg      short loc_92282C
.text:00922826                 lea     edx, [ecx+ecx]
.text:00922829                 push    edx
.text:0092282A                 jmp     short loc_92282F
.text:0092282C ; ---------------------------------------------------------------------------
.text:0092282C
.text:0092282C loc_92282C:                             ; CODE XREF: sub_9227D0+54j
.text:0092282C                 add     ecx, eax
.text:0092282E                 push    ecx
.text:0092282F
.text:0092282F loc_92282F:                             ; CODE XREF: sub_9227D0+5Aj
.text:0092282F                 push    esi
.text:00922830                 call    sub_922050
.text:00922835                 mov     edx, [ebp+arg_4]
.text:00922838                 add     esp, 8
.text:0092283B
.text:0092283B loc_92283B:                             ; CODE XREF: sub_9227D0+4Dj
.text:0092283B                 mov     edi, [esi+24h]
.text:0092283E                 add     edi, ebx
.text:00922840                 cmp     byte ptr [edx+4Eh], 0
.text:00922844                 jnz     short loc_92285C
.text:00922846                 movzx   eax, byte ptr [edx+4Dh]
.text:0092284A                 shl     eax, 4
.text:0092284D                 lea     ebx, [edi+10h]
.text:00922850                 add     eax, ebx
.text:00922852                 cmp     [esi+0Ch], eax
.text:00922855                 jbe     short loc_922879
.text:00922857                 mov     [esi+0Ch], eax
.text:0092285A                 jmp     short loc_922879
.text:0092285C ; ---------------------------------------------------------------------------
.text:0092285C
.text:0092285C loc_92285C:                             ; CODE XREF: sub_9227D0+74j
.text:0092285C                 mov     ecx, [esi+0Ch]
.text:0092285F                 sub     ecx, edi
.text:00922861                 sar     ecx, 4
.text:00922864                 sub     ecx, 1
.text:00922867                 mov     eax, edx
.text:00922869                 call    sub_922240
.text:0092286E                 mov     edi, [esi+24h]
.text:00922871                 add     edi, [ebp+arg_0]
.text:00922874                 mov     edx, [ebp+arg_4]
.text:00922877                 mov     ebx, eax
.text:00922879
.text:00922879 loc_922879:                             ; CODE XREF: sub_9227D0+85j
.text:00922879                                         ; sub_9227D0+8Aj
.text:00922879                 mov     eax, [esi+18h]
.text:0092287C                 cmp     eax, [esi+28h]
.text:0092287F                 jnz     short loc_92288B
.text:00922881                 call    sub_922790
.text:00922886                 mov     edx, [ebp+arg_4]
.text:00922889                 jmp     short loc_922891
.text:0092288B ; ---------------------------------------------------------------------------
.text:0092288B
.text:0092288B loc_92288B:                             ; CODE XREF: sub_9227D0+AFj
.text:0092288B                 add     eax, 18h
.text:0092288E                 mov     [esi+18h], eax
.text:00922891
.text:00922891 loc_922891:                             ; CODE XREF: sub_9227D0+B9j
.text:00922891                 mov     [eax+4], edi
.text:00922894                 mov     [eax], ebx
.text:00922896                 mov     [esi+10h], ebx
.text:00922899                 movzx   ecx, byte ptr [edx+4Fh]
.text:0092289D                 shl     ecx, 4
.text:009228A0                 add     ecx, ebx
.text:009228A2                 mov     [eax+8], ecx
.text:009228A5                 mov     edx, [edx+10h]
.text:009228A8                 mov     ecx, [ebp+arg_8]
.text:009228AB                 mov     [esi+1Ch], edx
.text:009228AE                 xor     edx, edx
.text:009228B0                 mov     [eax+14h], edx
.text:009228B3                 mov     [eax+10h], ecx
.text:009228B6                 mov     ecx, [esi+0Ch]
.text:009228B9                 cmp     ecx, [eax+8]
.text:009228BC                 jnb     short loc_9228D4
.text:009228BE                 mov     edi, edi
.text:009228C0
.text:009228C0 loc_9228C0:                             ; CODE XREF: sub_9227D0+102j
.text:009228C0                 mov     edi, dword_135EC60
.text:009228C6                 mov     [ecx+0Ch], edi
.text:009228C9                 mov     [ecx+8], edx
.text:009228CC                 add     ecx, 10h
.text:009228CF                 cmp     ecx, [eax+8]
.text:009228D2                 jb      short loc_9228C0
.text:009228D4
.text:009228D4 loc_9228D4:                             ; CODE XREF: sub_9227D0+ECj
.text:009228D4                 test    byte ptr [esi+3Ah], 1
.text:009228D8                 mov     eax, [eax+8]
.text:009228DB                 mov     [esi+0Ch], eax
.text:009228DE                 jz      short loc_9228F4
.text:009228E0                 add     dword ptr [esi+1Ch], 4
.text:009228E4                 push    0FFFFFFFFh
.text:009228E6                 push    edx
.text:009228E7                 push    esi
.text:009228E8                 call    sub_922160
.text:009228ED                 add     esp, 0Ch
.text:009228F0                 add     dword ptr [esi+1Ch], 0FFFFFFFCh
.text:009228F4
.text:009228F4 loc_9228F4:                             ; CODE XREF: sub_9227D0+10Ej
.text:009228F4                 pop     edi
.text:009228F5                 pop     esi
.text:009228F6                 xor     eax, eax
.text:009228F8                 pop     ebx
.text:009228F9                 pop     ebp
.text:009228FA                 retn

It throws an exception at the retn at 0x009228FA.
Any idea what this function is for? Is it the dispatcher for the registered LUA functions?

**Cypher** · 06-16-2009

EIP=000001D0 <-- You're corrupting something..

Could be the stack, could be an invalid instruction, could be any number of things really.

But you're causing WoW to jump into garbage memory.

**tanis2000** · 06-16-2009

I've been looking at some code around the net to check the call declaration of the various LUA functions and of course there's no two pieces of code that define them the same way.. so I'm puzzled as I have never learned which way is the cdecl, which the fastcall and which the stdcall. I'm reading on them right now and in the meanwhile I'm posting the code of the DLL that I'm injection so that you can have a look at it:

Code:

using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using EasyHook;
using System.Runtime.InteropServices;
using System.Threading;
using System.Security;

namespace Dante
{
    public class Main : EasyHook.IEntryPoint
    {
        DanteInterface Interface;
        Stack<String> Queue = new Stack<String>();

        public uint L;

        public delegate void DumpParamsDelegate(uint luaState);

        [UnmanagedFunctionPointer(CallingConvention.Cdecl)]
        public delegate void Lua_RegisterDelegate(string name, IntPtr function);
        Lua_RegisterDelegate Lua_Register;

        [UnmanagedFunctionPointer(CallingConvention.Cdecl)]
        public delegate uint Lua_GetTopDelegate(uint luaState);
        Lua_GetTopDelegate Lua_GetTop;

        [UnmanagedFunctionPointer(CallingConvention.Cdecl)]
        public delegate string Lua_ToStringDelegate(uint luaState, uint idx);
        Lua_ToStringDelegate Lua_ToString;

        [UnmanagedFunctionPointer(CallingConvention.Cdecl)]
        public delegate uint Lua_GetStateDelegate();
        Lua_GetStateDelegate Lua_GetState;

        // WoW Function Addresses
        public static class Functions
        {
            public const uint
                CastSpellById = 0x004C4DB0, // 3.1.3
                CastSpellByName = 0x004C4DF0, // 3.1.3 TODO: Test this function 
                GetSpellIdByName = 0x006FF4A0, // 3.1.3
                SelectUnit = 0x006EF810, // 3.1.3
                GetUnitRelation = 0x005AA670, // 3.1.3
                CInputControl = 0x0113F8E4, // 3.1.3
                CInputControl_SetFlags = 0x00691BB0, // 3.1.3
                Lua_DoString = 0x0049AAB0, // 3.1.3
                Lua_GetLocalizedText = 0x005A82F0, // 3.1.3
                Lua_Register = 0x004998E0, // 3.1.3
                Lua_GetTop = 0x0091A8B0, // 3.1.3
                Lua_ToString = 0x0091ADC0, // 3.1.3
                Lua_GetState = 0x00499700; // 3.1.3

        }

        public Main(
            RemoteHooking.IContext InContext,
            String InChannelName)
        {
            // connect to host...
            Interface = RemoteHooking.IpcConnectClient<DanteInterface>(InChannelName);

            Interface.Ping();
        }

        public void Run(
            RemoteHooking.IContext InContext,
            String InChannelName)
        {
            Interface.IsInstalled(RemoteHooking.GetCurrentProcessId());

            RemoteHooking.WakeUpProcess();

            // wait for host process termination...
            
            try
            {
                Lua_Register = (Lua_RegisterDelegate)Marshal.GetDelegateForFunctionPointer((IntPtr)Functions.Lua_Register, typeof(Lua_RegisterDelegate));
                Lua_GetTop = (Lua_GetTopDelegate)Marshal.GetDelegateForFunctionPointer((IntPtr)Functions.Lua_GetTop, typeof(Lua_GetTopDelegate));
                Lua_ToString = (Lua_ToStringDelegate)Marshal.GetDelegateForFunctionPointer((IntPtr)Functions.Lua_ToString, typeof(Lua_ToStringDelegate));
                Lua_GetState = (Lua_GetStateDelegate)Marshal.GetDelegateForFunctionPointer((IntPtr)Functions.Lua_GetState, typeof(Lua_GetStateDelegate));

                //L = Lua_GetState();
                Interface.SendMessage(RemoteHooking.GetCurrentProcessId(), string.Format("Lua_GetState() = {0:X}", L));

                DumpParamsDelegate x = DumpParams;

                IntPtr DumpParamsPtr = Marshal.GetFunctionPointerForDelegate(x);

                Interface.SetFunctionPtr(RemoteHooking.GetCurrentProcessId(), DumpParamsPtr);

                Lua_Register("DumpParams", (IntPtr)0x00401643); // This is the code hole we want to use
                Interface.SendMessage(RemoteHooking.GetCurrentProcessId(), "Registered DumpParams()");

                while (true)
                {
                    Thread.Sleep(500);
                    
                    // transmit queued messages if any..
                    if (Queue.Count > 0)
                    {
                        String[] Package = null;

                        lock (Queue)
                        {
                            Package = Queue.ToArray();

                            Queue.Clear();
                        }

                        Interface.SendMessage(RemoteHooking.GetCurrentProcessId(), Package[0]);
                    }
                    else
                        Interface.Ping();
                }
            }
            catch (Exception e)
            {
                Interface.SendMessage(RemoteHooking.GetCurrentProcessId(), e.ToString());
                // Ping() will raise an exception if host is unreachable
            }
        }


        #region LUA


        public void DumpParams(uint luaState)
        {
        		// This does nothing for now.. 
            int a = 0x12345678;
        }

        #endregion


    }
}

**rootguy** · 06-16-2009

The calling convention on all lua functions i have seen is cdecl wich means caller cleans the stack.
Your code is returning at 0xD20 (iirc) so make sure you push the right return address before making the jump.

EDIT:

I could be wrong ofcourse since i don't exactely know what you're trying to do

**Cypher** · 06-16-2009

__stdcall (C++)
__cdecl (C++)
__thiscall (C++)

**tanis2000** · 06-16-2009

This fixed it.. I completely forgot to define a calling convention for MY function ffs! :-P

Code:

        [UnmanagedFunctionPointer(CallingConvention.Cdecl)]
        public delegate void DumpParamsDelegate(uint luaState);

and of course Lua_Register has to be StdCall as I checked it in IDA.

And now I have my own personal LUA function working.. not that it does anything fancy yet but at least now I can route all my LUA stuff through my DLL and see if I can get rid of the infamous GetLocalizedText.

**amadmonk** · 06-16-2009

Sorry for the stupid question, but -- you're injecting the CLR into WoW? Holy crap, that's a lot of work just to register a callback.

(Edit: I guess you are injecting it, since you say it works. Still... damn.)

**kynox** · 06-16-2009

Originally Posted by amadmonk

Sorry for the stupid question, but -- you're injecting the CLR into WoW? Holy crap, that's a lot of work just to register a callback.

(Edit: I guess you are injecting it, since you say it works. Still... damn.)

It honestly isn't actually much work. The API is all there for you

**Cypher** · 06-16-2009

Originally Posted by amadmonk

Sorry for the stupid question, but -- you're injecting the CLR into WoW? Holy crap, that's a lot of work just to register a callback.

(Edit: I guess you are injecting it, since you say it works. Still... damn.)

Lots of copypasta is available, it's not really a big task:
How To Inject a Managed .NET Assembly (DLL) Into Another Process - Coding the Wheel

**amadmonk** · 06-16-2009

Mmm, it's been a few years since I tried it last. I thought that the runtime did all kinds of icky black magic like binding TLS slots for managed use and so on. I know you can host a runtime in native code fairly easily, but I had assumed that the kinda bootstrappy processes of injecting remote code would likely break -- badly.

Neat! Managed Extensions for Notepad, coming up...

**tanis2000** · 06-23-2009

Any of you guys tried passing your LUA input handler something different than a simple call to a function, like a block of script or a custom function definition? Is there any way to make that work?

I was thinking about something amongst the line of:

Code:

function UseContainerItemByName(search)
  for bag = 0,4 do
    for slot = 1,GetContainerNumSlots(bag) do
      local item = GetContainerItemLink(bag,slot)
      if item and item:find(search) then
        UseContainerItem(bag,slot)
      end
    end
  end
end

Of course passing something like that whole piece of code inside a function won't work.. but what if we call FrameScript_Execute with a block of code that is something like:

Code:

function UseContainerItemByName(search)
  for bag = 0,4 do
    for slot = 1,GetContainerNumSlots(bag) do
      local item = GetContainerItemLink(bag,slot)
      if item and item:find(search) then
        UseContainerItem(bag,slot)
      end
    end
  end
end
MyInputHandler(UseContainerItemByName("Refreshing Spring Water"))

Maybe that would work. I do not have access to my own stuff so I can't check it yet.. but would it work? Or would it corrupt the global LUA stuff as that function would end up being declared as global scope?

Shout-Out

User Tag List

Thread: DoString Trouble

Thread Tools

Search Thread

Similar Threads

Glider Trouble

Glider trouble

trouble finding .blp

Blizz is in some trouble. youll love this :)

OwnedCore Forums

casino

CoreCoins

My OwnedCore

About Us

Casino