Good day. that's a problem:
Exception: 0xC0000005 (ACCESS_VIOLATION)
referenced memory at "0x0000000C"
I think a true test? the problem is in GetLocalizedText and when we are not logged in and not in the game, then the function returns ClntObjMgrGetActivePlayerObj us 0
You can decide whether it is something like: "cmp eax, 0" and do so, would feature more non-complying?
I apologize for my terrible English, and my question is stupid.
Code:
public static string GetLocalizedText2(string command)
{
int nSize = Encoding.UTF8.GetBytes(command).Length + 0x100;
uint codeCave = process.AllocateMemory(nSize);
process.WriteBytes(codeCave, Encoding.UTF8.GetBytes(command));
//process.WriteUnicodeString(codeCave, command);
String[] asm = new String[]
{
"call " + (moduleBase +Offset.ClntObjMgrGetActivePlayerObjAddress),
"mov ecx, eax",
"push -1",
"mov edx, " + codeCave + "",
"push edx",
"call " + (moduleBase + Offset.Lua_GetLocalizedTextAddress),
"retn",
};
string sResult = Encoding.ASCII.GetString(aHook.InjectAndExecute(asm));
process.FreeMemory(codeCave);
return sResult;
}
Code:
private void HookApplication()
{
if (!process.IsProcessOpen)
throw new Exception("Process is not open");
uint baseAddress = (uint)process.MainModule.BaseAddress;
uint pDevice = process.ReadUInt(baseAddress + Direct3DUnhole.Direct3D9__Device);
uint pEnd = process.ReadUInt(pDevice + Direct3DUnhole.Direct3D9__Device__OffsetA);
uint pScene = process.ReadUInt(pEnd);
uint pEndScene = process.ReadUInt(pScene + Direct3DUnhole.Direct3D9__Device__OffsetB);
if (process.ReadUInt(pEndScene) == 0xE9 && (codeCave == 0 || injectionAddress == 0))
{
DisposeOfHook();
}
if (process.ReadUInt(pEndScene) != 0xE9)
{
try
{
mainThreadHooked = false;
codeCave = process.AllocateMemory(2048);
injectionAddress = process.AllocateMemory(0x4);
process.WriteInt(injectionAddress, 0);
returnAddress = process.AllocateMemory(0x4);
process.WriteInt(returnAddress, 0);
process.Asm.Clear();
process.Asm.AddLine("mov edi, edi");
process.Asm.AddLine("push ebp");
process.Asm.AddLine("mov ebp, esp");
process.Asm.AddLine("pushfd");
process.Asm.AddLine("pushad");
//Test for waiting code?
process.Asm.AddLine("mov eax, [" + injectionAddress + "]");
process.Asm.AddLine("test eax, ebx");
process.Asm.AddLine("je @out");
//Execute waiting code
process.Asm.AddLine("mov eax, [" + injectionAddress + "]");
process.Asm.AddLine("call eax");
//Copy pointer to return value
process.Asm.AddLine("mov [" + returnAddress + "], eax");
process.Asm.AddLine("mov edx, " + injectionAddress);
process.Asm.AddLine("mov ecx, 0");
process.Asm.AddLine("mov [edx], ecx");
//Close Function
process.Asm.AddLine("@out:");
//Inject Code
uint sizeAsm = (uint)(process.Asm.Assemble().Length);
process.Asm.Inject(codeCave);
int sizeJumpBack = 5;
// create jump back stub
process.Asm.Clear();
process.Asm.AddLine("jmp " + (pEndScene + sizeJumpBack));
process.Asm.Inject(codeCave + sizeAsm);// + (uint)sizeJumpBack);
// create hook jump
process.Asm.Clear(); // $jmpto
process.Asm.AddLine("jmp " + (codeCave));
process.Asm.Inject(pEndScene);
}
catch
{
mainThreadHooked = false; return;
}
mainThreadHooked = true;
}
}