[Sample Code] EndScene Hook with ASM and blackmagic

**Ozius** · 11-20-2010

Yes, Hook statut: true
The problem arises at performance LuaDoString->MyHook.InjectAndExecute(asm).
There is a cycling in line: while (Memory.ReadInt(addresseInjection) > 0) { Thread.Sleep(5); } // Wait to launch code

LuaDoString

Code:

public static void LuaDoString(string command)
        {
            // Allocate memory
            uint DoStringArg_Codecave = MyHook.Memory.AllocateMemory(Encoding.UTF8.GetBytes(command).Length + 1);
            // offset:
            uint FrameScript__Execute = 0x39D7F0;


            // Write value:
            MyHook.Memory.WriteBytes(DoStringArg_Codecave, Encoding.UTF8.GetBytes(command));

            // Write the asm stuff for Lua_DoString
            String[] asm = new String[] 
            {
                "mov eax, " + DoStringArg_Codecave,
                "push 0",
                "push eax",
                
                "push eax",
                "mov eax, " + (uint)FrameScript__Execute, // Lua_DoString
                
                "call eax",
                "add esp, 0xC",
                "retn",    
            };

            // Inject
            MyHook.InjectAndExecute(asm);
            // Free memory allocated 
            MyHook.Memory.FreeMemory(DoStringArg_Codecave);
        }

Tried to make so: uint FrameScript__Execute = 0x39D7F0 + BaseAdress;
Hasn't helped. ..
Thanks for the help.

**CrimeTime** · 11-20-2010

Code:

public static void LuaDoString(string command)
        {
            // Allocate memory
            uint DoStringArg_Codecave = MyHook.Memory.AllocateMemory(Encoding.UTF8.GetBytes(command).Length + 1);
            // offset:
            uint FrameScript__Execute = 0x39D7F0;


            // Write value:
            MyHook.Memory.WriteBytes(DoStringArg_Codecave, Encoding.UTF8.GetBytes(command));

            // Write the asm stuff for Lua_DoString
            String[] asm = new String[] 
            {
                "mov eax, " + DoStringArg_Codecave,
                "push 0",
                "push eax",
                
                "push eax",
                "mov eax, " + ((uint)BaseAdress+(uint)FrameScript__Execute), // Lua_DoString
                
                "call eax",
                "add esp, 0xC",
                "retn",    
            };

            // Inject
            MyHook.InjectAndExecute(asm);
            // Free memory allocated 
            MyHook.Memory.FreeMemory(DoStringArg_Codecave);
        }

should work now fine

**Ozius** · 11-20-2010

Doesn't work, already all has tried...
Program.cs: http://dl.dropbox.com/u/7381029/Program.cs

**CrimeTime** · 11-20-2010

dont use
uint ENDSCENE_IDX = 0xA8;
use:
uint ENDSCENE_IDX = 0xAC;
( You have to change it two times!)

**fukmeimbroken** · 11-20-2010

Originally Posted by CrimeTime

dont use
uint ENDSCENE_IDX = 0xA8;
use:
uint ENDSCENE_IDX = 0xAC;
( You have to change it two times!)

Still the same.

**CrimeTime** · 11-20-2010

no if i had use the 0xA8 it doesnt worked for me, then i've tried it with 0xAC and it work for me

**fukmeimbroken** · 11-20-2010

Originally Posted by CrimeTime

no if i had use the 0xA8 it doesnt worked for me, then i've tried it with 0xAC and it work for me

Yes the Hook seems to work with both but Lua Do String doesn't works with both. Must be a mistake somewhere.

**Millow** · 11-20-2010

The address of endscene in the VMT is 42, 42*4 = 168 = 0xA8. I will have to try when I get home, but if it works with 0xAC and 0xA8, then there's something wrong for sure with the hook. CrimeTime, do you mean your hook works or that you saw your character dance on the screen ? Because I can't see how that's possible if you use 0xAC.

Anyhow, I might be wrong.

**CrimeTime** · 11-20-2010

tested before a Minute

Code:

LuaDoString("DoEmote(\"Dance\")");

works for me

**fukmeimbroken** · 11-20-2010

Originally Posted by CrimeTime

tested before a Minute

Code:

LuaDoString("DoEmote(\"Dance\")");

works for me

Woot the ****? And if you check his Code http://dl.dropbox.com/u/7381029/Program.cs the only difference is the 0xA8 / 0xAC?

**~~JuJuBoSc~~** · 11-20-2010

Originally Posted by Millow

The address of endscene in the VMT is 42, 42*4 = 168 = 0xA8. I will have to try when I get home, but if it works with 0xAC and 0xA8, then there's something wrong for sure with the hook. CrimeTime, do you mean your hook works or that you saw your character dance on the screen ? Because I can't see how that's possible if you use 0xAC.

Anyhow, I might be wrong.

Because 0xAC is Clear func and can be hooked the same way, and is called every frame too.

**Millow** · 11-20-2010

Originally Posted by JuJuBoSc

Because 0xAC is Clear func and can be hooked the same way, and is called every frame too.

All right, thx for the info.
But I've just tried his code and doesn't work for me, I will have to call this BS (the fact that he got this working) unless someone proves otherwise to me.

fukme ? Does it work for you ?

**CrimeTime** · 11-20-2010

have someone got the code to get a return of a DoString?

**fukmeimbroken** · 11-20-2010

No millow sry :/.

Originally Posted by CrimeTime

have someone got the code to get a return of a DoString?

Me and millow doesn't even get the DoString to work may you share your Code with us.

**CrimeTime** · 11-20-2010

i've post all to fix it all what Millow and you got to do is put it in your code.
If there are still errors post it here.

now to my Problem:
i try to get a Return of the LuaDostring with this

Code:

                    LuaDoString("test = CanSendAuctionQuery()");
                    test = GetLocalizedText("test");

here the GetLocalizedText Function:

Code:

 public static string GetLocalizedText(string Commandline)
        {
            // Command to send using LUA
            String Command = Commandline;
            var proc = Process.GetProcessesByName("Wow");
            IntPtr WoWBase = proc[0].MainModule.BaseAddress;
            // Allocate memory for command
            uint Lua_GetLocalizedText_Space = MyHook.Memory.AllocateMemory(Encoding.UTF8.GetBytes(Command).Length + 1);

            // offset:
            uint ClntObjMgrGetActivePlayerObj = 0x93AD0;
            uint FrameScript__GetLocalizedText = 0x1C4190;

            // Write command in the allocated memory
            MyHook.Memory.WriteBytes(Lua_GetLocalizedText_Space, Encoding.UTF8.GetBytes(Command));

            String[] asm = new String[] 
            {
            "call " + ((uint)WoWBase + ClntObjMgrGetActivePlayerObj),
            "mov ecx, eax",
            "push -1",
            
            "mov edx, " + Lua_GetLocalizedText_Space,
            "push edx",
            
            "call " + ((uint)WoWBase + FrameScript__GetLocalizedText),
            "retn",
            };

            // Inject the shit
            string sResult = Encoding.ASCII.GetString(MyHook.InjectAndExecute(asm));

            // Free memory allocated for command
            MyHook.Memory.FreeMemory(Lua_GetLocalizedText_Space);

            // Uninstall the hook
            return sResult;
        }

Wow Crashes me after string sResult = Encoding.ASCII.GetString(MyHook.InjectAndExecute(asm));

Shout-Out

User Tag List

Thread: [Sample Code] EndScene Hook with ASM and blackmagic

Thread Tools

Search Thread

Similar Threads

[C# DLL] aHook, use ASM through EndScene hook

Sample Code - Another way of getting the EndScene address

[C#] CLR hosting using C# and BlackMagic (ASM)

[C++] Endscene hook and dostring code inject and wow crashed....

[Test Theory] EndScene hook without Native Code (Kinda)

OwnedCore Forums

casino

CoreCoins

My OwnedCore

About Us

Casino