Code:
#include "stdafx.h"
#include <windows.h>
#include <tchar.h>
#include <assert.h>
DWORD g_binBufSize = 0;
char *g_binBuf = NULL;
bool ReadBinaryBuffer(char *filepath);
DWORD FindOffset( char *thename );
int _tmain(int argc, _TCHAR* argv[])
{
if(true == ReadBinaryBuffer("Wow.exe"))
{
DWORD offset = 0;
offset = FindOffset( "RenderWorld");
if(offset != -1)
{
//add base of file in memory
offset += 0x00400000;
printf("got offset 0x%08x for RenderWorld\n",offset );
}
else
{
printf("could not find RenderWorld\n");
}
offset = FindOffset( "NetCLient::ProcessMessage" );
if(offset != -1)
{
//add base of fine in memory
offset += 0x00400000;
printf(
"got offset 0x%08x for NetClient::ProccessMessage\n",offset );
}
else
{
printf("could not find ProcessMessage\n");
}
offset + FindOffset( "CGGameUI::ClearTarget" );
if(offset != -1)
{
// add base of file in memory
offset += 0x00400000;
printf("got offset 0x%08x for CGGameUI::ClearTarget\n", offset );
}
else
{
printf("could not find ClearTarget\n");
}
offset = FindOffset( "Spell_C::CastSpellByID" );
if(offset != -1)
{
//add base of file in memory
offset += 0x00400000;
printf("got offset 0x%08X for Spell_C::CastSpellByID\n", offset);
}
else
{
printf("could not find Spell_C::CastSpellByID\n");
}
if(g_binBuf) delete[] g_binBuf, g_binBuf = NULL;
}
return 0;
}
bool ReadBinaryBuffer(char *filepath)
{
HANDLE hFile;
hFile = CreateFile(
filepath,
GENERIC_READ,
FILE_SHARE_READ | FILE_SHARE_WRITE,
NULL,
OPEN_EXISTING,
FILE_ATTRIBUTE_NORMAL,
NULL);
if(!hFile || hFile == INVALID_HANDLE_VALUE)
return false;
g_binBufSize = GetFileSize(hFile, NULL);
g_binBuf = new char[g_binBufSize];
DWORD nBytes;
ReadFile(
hFile,
g_binBuf,
g_binBufSize,
(LPDWORD)&nBytes,
NULL);
CloseHandle(hFile);
if(nBytes != g_binBufSize)
return false;
return true;
}
bool _f_memcmp(const char *in, const char *pat, int len)
{
for(int i = 0;i<len; i++)
{
if(*pat == '*')
{
//skip wildcards
}
else if( *pat != *in )
{
//the two don't match
return false;
}
pat++;
in++;
}
return true;
}
//return -1 if scan fails to find needle, treats * as wildcard
DWORD ScanForBytes( const char *haystack, DWORD haystack_size, const char *needle, DWORD needle_size )
{
const char *curr = haystack;
assert(haystack_size >= needle_size);
while(curr <= (haystack + haystack_size))
{
if(*curr == *needle)
{
if(true == _f_memcmp(curr, needle, needle_size))
{
//haystack is the benning of the buffer,
//and curr is where string occurs
DWORD offset = curr - haystack;
return( offset );
}
}
curr++;
}
return -1;
}
DWORD FindOffset( char *theName )
{
if(!strcmp(theName, "RenderWorld"))
{
//find RenderWorld
char s[] = { 0x55, 0x8B, 0xEC, 0x81, 0xEC, 0x80, 0x00, 0x00, 0x00, 0x56, 0x8B, 0xF1, 0x8D, 0x4D, 0xC0, 0xC7, 0x45, 0xC0, 0x00, 0x00, 0x80, 0x3F };
int offset = ScanForBytes( g_binBuf, g_binBufSize,s,sizeof(s) );
if(offset != -1) return offset;
}
if(!strcmp(theName, "NetClient::ProcessMessage"))
{
char s[] = { 0x55, 0x8B, 0xEC, 0x8B, '*', '*', '*', '*', 0x53, 0x8B, 0x5D, 0x0C, 0x56, 0x57, 0x8D, 0x45, 0x0E, 0x8B, 0xF1 };
int offset = ScanForBytes( g_binBuf, g_binBufSize, s, sizeof(s) );
if(offset != -1) return offset;
}
if(!strcmp(theName, "CGGameUI::ClearTarget"))
{
char s[] = { 0x55, 0x8B, 0xEC, 0x83, 0xEC, 0x1C, 0x53, 0x56, 0x57, 0x89, 0x4D, 0xFC, 0xE8, '*', '*', '*', '*', 0x8B, 0x0D, '*', '*', '*', '*', 0x8B, 0xF8 };
int offset = ScanForBytes( g_binBuf, g_binBufSize, s, sizeof(s) );
if(offset != -1) return offset;
}
if(!strcmp(theName, "Spell_C::CastSpellByID"))
{
char s[] = { 0x53, 0x8B, 0xDC, 0x83, 0xEC, 0x08, 0x83, 0xE4, 0xF8, 0x83, 0xC4, 0x04, 0x55, 0x8B, 0x6B, 0x04, 0x89, 0x6C, 0x24, 0x04, 0x8B, 0xEC, 0x83, 0xEC, 0x20, 0x56, 0x8B, 0xF1, 0x85, 0xF6, 0x57, 0x89, 0x55, 0xF4, 0x89, 0x75, 0xE8, 0x0F, 0x8C, 0x97, 0x04, 0x00, 0x00, 0x3B, '*', '*', '*', '*', 0x00, 0x0F, 0x8F, 0x8B, 0x04, 0x00, 0x00, 0xA1, '*', '*', '*', '*', 0x8B, 0x3C, 0xB0, 0x85,};
int offset = ScanForBytes( g_binBuf, g_binBufSize, s, sizeof(s) );
if(offset != -1) return offset;
}
return -1;
}