Tried searching but found nothing...
I'm running my C# hack trough CLR hosting and I want to be able to execute ASM like I did with blackmagic.
Do I still have to use BM if im inprocess or is there an easier way?
Tried searching but found nothing...
I'm running my C# hack trough CLR hosting and I want to be able to execute ASM like I did with blackmagic.
Do I still have to use BM if im inprocess or is there an easier way?
Why would you want to use asm injection when you are injected?
You can just GetDelegateForFunctionPointer Method .
No, you missunderstood me. I want to be able to use asm like in c++ in a C#y way
I was able to to this in strings and then inject with BM but i want to know if there is an easier method without external libaries if im in-processCode:_asm { mov eax, dword ptr ds:[esp+8] ... }
Last edited by teufel123; 12-13-2011 at 03:39 PM.
he answered exactly that
you are IN-Process,in wows adress space,where you can just create a new integer and pass that to a method you got via a pointer with GetDelegateForFunctionPointer
aw no... I want to be able to do something like this. I would be able to do this as a string with BM.
Code:__asm { MOV EDI,iWeaponID; MOV EAX,EDI; AND EAX,0xFF; ADD EAX,EAX; MOV ECX,0xA00D94[EAX+EAX]; MOV dwShaderName,ECX; }
lol managed ;p
use masm unpack the bytes somewhere, unset NX
Last edited by sitnspinlock; 12-13-2011 at 04:14 PM.
If you really need access that fine, you could probably use unsafe pointers from C#. It'll be slightly slower, but you can do the same thing as you would with raw assembly.
I assume you mean unset NX on the page (ie. give it PAGE_EXECUTE*), not actually disabling DEP?
I don't think using pointers in C# is any slower than using them from C or ASM? Is there really any overhead (That is, overhead of using them, not other overhead like GC)?
[16:15:41] Cypher: caus the CPU is a dick
[16:16:07] kynox: CPU is mad
[16:16:15] Cypher: CPU is all like
[16:16:16] Cypher: whatever, i do what i want
Often you stuff is already present in an function internal to WoW in which case you use GetDelegateForFunctionPointer.Code:... int arrayOffset = (iWeaponId & 0xFF) * 4; int shaderName = Memory.Read<int>(new IntPtr(0xa00d94) + arrayOffset); // should dwShaderName actually be pszShaderName? Else name it dwShaderId or sth... ...
That peace of code wasnt Wow related but I found a solution. I didn't know that fasm had a function ( fasm.Assemble() ) which would return the byte-codeof a sent asm string. I'll call the byte-code after it hase been allocated with a delegate.
Yes, but depending on the GC type all other threads are suspended while the GC thread does its work. But yeah, that's what I thought (and I actually checked the ASM generated by the JIT'ter when using IntPtr's once - there are no remnants of the actual usage of IntPtr!).
[16:15:41] Cypher: caus the CPU is a dick
[16:16:07] kynox: CPU is mad
[16:16:15] Cypher: CPU is all like
[16:16:16] Cypher: whatever, i do what i want
For me I remember that when you export an IntPtr via C++/CLI it'll show up in C# as a ValueType, rather than IntPtr, or some such thing.