[C++] regarding out-of-process bots

[eulalies]

Hi all, first time posting in here.

1st things 1st, thanks for all the information shared and for all the efforts moderators take in answer and share their knowledge. It is highly appreciated.


I've been here reading for quiet a bit now, and i started to make my firsts moves.

I'll be using c++/qt since i've always liked it's environment. Thought even i might use Cypher's Hadesmem once i got how wow internally works.

I'll be trying to do it out-of-process due to it seems not so complicated and dangerous vs. in-process.

I already got to read some information about player's hp, name etc (the easy stuff)... not even got to complete the objManager nor enything else, still i wanted to ask some things out.

1. in my thread, i'll be checking constantly wow's data in order to keep bot's info updated. Thing is, would you recommend opening and closing handle every time i have to read something or better to open handle at the beggining and keep using it without closing everytime i need to read something?¿ (bit noobish but i don't know whats safetier)

2. I read something about this but still i'll ask away just to be sure: does wow detect if input comes from input devices or from sendMessage/sendInput?


Thanks for the advice.

[!@^^@!]

1. If you by safe mean from Warden, it doesn't check for memory reads AFAIK
2. no clue, im injecting :3

[Zombie911]

Hello!
A good choice to use Qt for a bot. In my project I used Qt.

1. Everything depends on implementation. In my case I have a singleton class WOW, where have all the methods to obtain information about the window or process. I keep the handle continuously, class every second or multiple checks the validity of addresses and offsets, if detected any error, then the bot stops simulation and waiting for the handle will be correct.

2. Yes you can send messages through the window sendMessage / sendInput. But when I used these methods at once, or a minute, the game throw in the login screen. Perhaps warden checks the message and someone is sending them. Since I was experimenting with his personal account, I did not wayt for the ban and successfully used the methods like "keyboard_event" and "mouse_event", they work as a global input.

Good luck.

[eulalies]

I have a singleton class WOW, where have all the methods to obtain information about the window or process

hmmm i may follow your idea. Still, object managing is something that must be updated constantly (amidoinitright?) then, your objectManager is handled inside your singleton or ur singleton just stands for a basic read data interface?

[Zombie911]

Of course, if the bot is not in the process, must obtain the data themselves. For example, I pass every second of the manager object of the game and keep a lot with the keys as GUID objects and their base addresses.

Now I have such a variable as a list of objects for the last second.

Code:

	class WOW
	{ 
		...
		QMap<__int64> unitMap;
		...
		unsigned int getByGUID( __int64 guid );
		QMap<__int64> getByType( unsigned int type );
		... 
	}

Then you can easily create a method that will search for objects by GUID or create other lists of objects, depending on the type as (object, unit, player) or it can be done in time of the first pass.

[eulalies]

omfg it is almost what i was already doin... i suppose everyone uses similar procedures to get oop data.

Also i'd like to ask

I've been coding and compiling in a 32bit processor (i've been away for a time), i used "uint" type to store adresses. Today I got back to my real battle station, which works under 64 bit. I've seen you use __int64... I guess that has to do something with it maybah? (is there i should know before compiling with QT IDE under 64bit?)

Thanks for your help Zombie, id like to give you some rep but i dont even know if i have any to give, later ill check. Thanks again.

[Zombie911]

Do not be afraid __int64 is a type of variable that contains 64-bit, and that's all it is not necessary to use 64-bit compiler or run in 64-bit environment. It's like a double integer.

Type "int" = 4 bytes (4 bytes * 8-bit) = 32-bit (__int32)
Type "__int64" = 8-byte (8-byte * 8-bit) = 64-bit
Type "long long" is the same, "__int64".
See __int8, __int16, __int32, __int6 (MSDN) and Data Type Ranges (MSDN)
If your GCC compiler, and he can not understand "__int64" you can declare it like this:

Code:

typedef long long __int64;
// or
typedef long long WOWGUID;

I use __in64 for storing GUID objects.

[amadmonk]

1. in my thread, i'll be checking constantly wow's data in order to keep bot's info updated. Thing is, would you recommend opening and closing handle every time i have to read something or better to open handle at the beggining and keep using it without closing everytime i need to read something?¿ (bit noobish but i don't know whats safetier)

2. I read something about this but still i'll ask away just to be sure: does wow detect if input comes from input devices or from sendMessage/sendInput?

WRT safety, don't worry so much. Just write your own code and don't do any "hacks" and you're 99% safe (in process or out). As soon as you start using other people's libs, you become a target. Right now, out of process, you're safe since Warden respects process boundaries. Who knows if that will last.

WRT #2, I know for a fact that WoW doesn't specifically care about injected input, since there are a lot of Blizzard-approved hardware devices and programs (The Logitech Gxx keyboards, for instance) that rely upon SendInput to function. If you're being disconnected when sending input (via SendInput or PostMessage, then you're doing it wrong. There are a fair number of successful botters who rely primarily upon injected input.

[kingdeking]

hey,

1) just a small question how do i simulate a key press. I want to send key presses to wow.


2) Is there a method to loop through all raid members? like:

struct raid
{
player_info player1
player_info player2
player_info player3
player_info player4
}

player_info contains information about health, mana whatever.

[Robske]

2) Is there a method to loop through all raid members? like:

struct raid
{
player_info player1
player_info player2
player_info player3
player_info player4
}

player_info contains information about health, mana whatever.

When facing questions like these the first thing that comes to my mind is: "How do addons do these things?" In other words, is there a lua API available which has already implemented this functionality?

A quick search on World of Warcraft API - WoWWiki - Your guide to the World of Warcraft returns 2 interesting functions:

GetNumRaidMembers() - Returns the number of raid members.
GetRaidRosterInfo(index) - Returns information about the members of your raid.

A simple loop yields us enough information to pinpoint the relevant units:

name, rank, subgroup, level, class, fileName, zone, online, isDead, role, isML = GetRaidRosterInfo(raidIndex);

Using the name you can find the corresponding CG_Player_C object and there's your Health/Mana. Now, seeing that the lua function obviously queries the same object for this info (name, level, class...), it safe to assume that the aforemented object is retrieved somewhere in that lua function using a c++ function who might look like this

CG_Player_C* GetRaidMemberById(int Id)

And there you have it.

TLDR:

Search lua func.
Reverse-engineer lua func.