3.3.5a offset patterns menu

Shout-Out

User Tag List

Page 1 of 2 12 LastLast
Results 1 to 15 of 20
  1. #1
    nerdtopia's Avatar Banned
    Reputation
    4
    Join Date
    Apr 2012
    Posts
    37
    Thanks G/R
    0/1
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    3.3.5a offset patterns

    New problem.

    [11:37:30 AM] ReadUInt failed. - From: BlackMagic.
    I have done research on this error and it seems that it's caused by not adding the base address. I'm pretty darn sure I am adding the base address.

    Code:
    static void Main(string[] args)
            {
                int pid = SProcess.GetProcessFromWindowTitle("World of Warcraft");
                BlackMagic wow = new BlackMagic();
                Console.WriteLine(wow.OpenProcessAndThread(pid));
    
                uint WowBaseAddress = (uint)wow.MainModule.BaseAddress;
                uint CurrentManager = wow.ReadUInt(wow.ReadUInt(WowBaseAddress + 0x00C79CE0) + 0x2ED0);
            }
    Last edited by nerdtopia; 10-28-2012 at 01:21 PM.

    3.3.5a offset patterns
  2. #2
    DarkLinux's Avatar Former Staff
    CoreCoins Purchaser Authenticator enabled
    Reputation
    1627
    Join Date
    May 2010
    Posts
    1,846
    Thanks G/R
    193/539
    Trade Feedback
    16 (100%)
    Mentioned
    7 Post(s)
    Tagged
    0 Thread(s)
    I dont think you understand at all...

    http://www.ownedcore.com/forums/worl...5-offsets.html

    +

    http://www.ownedcore.com/forums/worl...ase-ptr-2.html

    +

    IDA

    +

    http://www.ownedcore.com/forums/worl...-patterns.html

    = Profit?



    And a example...
    http://www.ownedcore.com/forums/worl...earch-ida.html

    Srry no handouts, must do it all your self... You will have more luck in the emu part of the forums I think...
    Last edited by DarkLinux; 10-27-2012 at 11:55 PM.

  3. #3
    nerdtopia's Avatar Banned
    Reputation
    4
    Join Date
    Apr 2012
    Posts
    37
    Thanks G/R
    0/1
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I've already tried taking two old WoW binaries and comparing them for patterns.

    As it turns out, BlackMagic isn't working properly because the call to ReadProcessMemory is failing. I originally thought that it was failing because I gave bad offsets but I've figured out this is not the case. I'm a Java guru, I don't know to much about C# so any assistance will be greatly appreciated.

    Invocation:
    Code:
    if (!Imports.ReadProcessMemory(hProcess, dwAddress, lpBuffer, nSize, out lpBytesRead))
    	throw new Exception("ReadProcessMemory failed");
    Declaration:
    Code:
    [DllImport("kernel32", EntryPoint = "ReadProcessMemory")]
    public static extern bool ReadProcessMemory(
    	IntPtr hProcess,
    	uint dwAddress,
    	IntPtr lpBuffer,
    	int nSize,
    	out int lpBytesRead);
    Stack trace:
    Code:
    Unhandled Exception: System.Exception: ReadProcessMemory failed
       at Magic.SMemory.ReadBytes(IntPtr hProcess, UInt32 dwAddress, Int32 nSize) in c:\Users\Admin\Desktop\BlackMagic\Source\BlackMagic\Static Classes\SMemory.cs:line 78
       at Magic.SMemory.ReadUInt(IntPtr hProcess, UInt32 dwAddress, Boolean bReverse) in c:\Users\Admin\Desktop\BlackMagic\Source\BlackMagic\Static Classes\SMemory.cs:line 226
       at Magic.BlackMagic.ReadUInt(UInt32 dwAddress, Boolean bReverse) in c:\Users\Admin\Desktop\BlackMagic\Source\BlackMagic\BMMemory.cs:line 309
       at Magic.BlackMagic.ReadUInt(UInt32 dwAddress) in c:\Users\Admin\Desktop\BlackMagic\Source\BlackMagic\BMMemory.cs:line 293
    Exact same problem as this person ((Tutorial) Starting WoW-Memory Reading/Writing). Except mine hasn't randomly gone away yet.
    Last edited by nerdtopia; 10-28-2012 at 12:29 PM.

  4. #4
    Frosttall's Avatar Active Member
    Reputation
    64
    Join Date
    Feb 2011
    Posts
    261
    Thanks G/R
    16/3
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    It makes no sense to create patterns for 3.3.5a since the client will never chang

    Patterns are used to find things again if the binary changes, but 3.3.5a stays always the same and you only have to reverse the functions - nothing else!

    I'll leave you alone with http://www.ownedcore.com/forums/worl...ple-stuff.html ([Tutorial] How to find simple stuff)

  5. #5
    Empted's Avatar Contributor
    Reputation
    83
    Join Date
    Aug 2011
    Posts
    117
    Thanks G/R
    0/5
    Trade Feedback
    2 (100%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    @nerdtopia, wow, seems like your problems are not in the function but in parameters that you pass to it. You can't just read any memory address you like, set breakpoint and see what's wrong. Also DarkLinux gave you already just anything you need. Those threads contain even code snippets that work for sure.

  6. #6
    nerdtopia's Avatar Banned
    Reputation
    4
    Join Date
    Apr 2012
    Posts
    37
    Thanks G/R
    0/1
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I've set breakpoints. That's how I determined that ReadProcessMemory isn't working for whatever reason. I've read up on "ReadUInt failed" but it appears it's because the base address wasn't factored in. Here is the code:

    Code:
    static void Main(string[] args)
            {
                int pid = SProcess.GetProcessFromWindowTitle("World of Warcraft");
                BlackMagic wow = new BlackMagic();
                Console.WriteLine(wow.OpenProcessAndThread(pid)); //prints True
    
                uint WowBaseAddress = (uint)wow.MainModule.BaseAddress; //Could this be wrong? It's the way BlackRain gets the base address...
                uint CurrentManager = wow.ReadUInt(wow.ReadUInt(WowBaseAddress + 0x00C79CE0) + 0x2ED0); //Offsets found here: http://www.ownedcore.com/forums/world-of-warcraft/world-of-warcraft-bots-programs/wow-memory-editing/300463-wow-3-3-5-12340-info-dump-thread.html#post1917706
            }
    I got the offsets here: http://www.ownedcore.com/forums/worl...ml#post1917706 ([WoW][3.3.5.12340] Info Dump Thread)

    Code:
    public enum ObjectManager
    {
                    CurMgrPointer = 0x00C79CE0,                 // 3.3.5a 12340
                    CurMgrOffset = 0x2ED0,                      // 3.3.5a 12340
                    NextObject = 0x3C,                          // 3.3.5a 12340
                    FirstObject = 0xAC,                         // 3.3.5a 12340
                    LocalGUID = 0xC0                            // 3.3.5a 12340
    }

  7. #7
    TOM_RUS's Avatar Legendary
    Reputation
    914
    Join Date
    May 2008
    Posts
    699
    Thanks G/R
    0/52
    Trade Feedback
    0 (0%)
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)
    Check last win32 error code (+SetLastError), it will tell you why ReadProcessMemory fails.
    Last edited by TOM_RUS; 10-28-2012 at 01:47 PM.

  8. #8
    nerdtopia's Avatar Banned
    Reputation
    4
    Join Date
    Apr 2012
    Posts
    37
    Thanks G/R
    0/1
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Originally Posted by TOM_RUS View Post
    Check last win32 error code (+SetLastError), it will tell you why ReadProcessMemory fails.

  9. #9
    Empted's Avatar Contributor
    Reputation
    83
    Join Date
    Aug 2011
    Posts
    117
    Thanks G/R
    0/5
    Trade Feedback
    2 (100%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    As almighty Google says you have to run you app (or visual studio) as admin!
    P.S. never understood why they say "UNIX is cool for it's safety", while crying "disable UAC, it sucks".
    Last edited by Empted; 10-28-2012 at 03:32 PM.

  10. #10
    Bananenbrot's Avatar Contributor
    Reputation
    153
    Join Date
    Nov 2009
    Posts
    384
    Thanks G/R
    1/3
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Originally Posted by nerdtopia View Post
    FYI: Using Win32Exception Class (System.ComponentModel) would be the way to go.

  11. #11
    DarkLinux's Avatar Former Staff
    CoreCoins Purchaser Authenticator enabled
    Reputation
    1627
    Join Date
    May 2010
    Posts
    1,846
    Thanks G/R
    193/539
    Trade Feedback
    16 (100%)
    Mentioned
    7 Post(s)
    Tagged
    0 Thread(s)
    Just use C++ like a real man or woman... XD But really... code something your self even if its in C#... Try not to use libs at the start, it helps to know what is going on in the background.. thats why I like C++

  12. #12
    nerdtopia's Avatar Banned
    Reputation
    4
    Join Date
    Apr 2012
    Posts
    37
    Thanks G/R
    0/1
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Originally Posted by Empted View Post
    As almighty Google says you have to run you app (or visual studio) as admin!
    P.S. never understood why they say "UNIX is cool for it's safety", while crying "disable UAC, it sucks".
    I ran Visual Studio AND WoW as admin. -_-

    Originally Posted by DarkLinux View Post
    Just use C++ like a real man or woman... XD But really... code something your self even if its in C#... Try not to use libs at the start, it helps to know what is going on in the background.. thats why I like C++
    I know how memory works. I'm an experienced Java programmer. I know the CS, I just don't know C# syntax and API. I plan to use JNI and use Java for the logic of the bot anyways. :P

  13. #13
    Bananenbrot's Avatar Contributor
    Reputation
    153
    Join Date
    Nov 2009
    Posts
    384
    Thanks G/R
    1/3
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Since C# is mostly a superset of Java nowadays, I would stick to C# if platform independency isn't an issue (in which case you could even use Mono). And come on, if you are an experienced developer then why are you scared off by C#s syntax? Regarding your errors it's mostly a matter of doing interop with win32 correctly, which has nothing to do with C# as a language. Don't expect JNI to be any better than PInvoke by some magic jvm-coffee-bean trick.
    Also, you are using the offsets the wrong way. If you ever find offsets in the info dump, they are most probably relative to 0x400000, which means you have to subtract that value when adding it to the baseaddress (simple math). Now of course that may seem like a pitfall for noobs, but then again this is an error in every third thread. Look into ASLR if you haven't already.
    Last edited by Bananenbrot; 10-29-2012 at 03:13 AM.

  14. #14
    Empted's Avatar Contributor
    Reputation
    83
    Join Date
    Aug 2011
    Posts
    117
    Thanks G/R
    0/5
    Trade Feedback
    2 (100%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Originally Posted by nerdtopia View Post
    I know how memory works. I'm an experienced Java programmer. I know the CS, I just don't know C# syntax and API. I plan to use JNI and use Java for the logic of the bot anyways. :P
    No offense, but an experienced programmer should know all the thing you've been told here.

  15. #15
    nerdtopia's Avatar Banned
    Reputation
    4
    Join Date
    Apr 2012
    Posts
    37
    Thanks G/R
    0/1
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Originally Posted by Bananenbrot View Post
    And come on, if you are an experienced developer then why are you scared off by C#s syntax?
    I'm not scared off by C# syntax. It's actually very similar to Java. Yes, it has it's differences which I will learn. I don't know the API though, that's the biggest problem. For example: you mentioned I did not know about that. Does that mean I don't know how to program? That's like saying you don't know how to program because you don't know that the class you obtained an instance of a java.lang.reflect.Method object can be used as the first parameter of this method after calling newInstance. java.lang.reflect.Methodl#invoke(java.lang.Object, java.lang.Object...)

    For example:
    Code:
    final Class<?> c = classLoader.loadClass(min.owner);
    final Object o = c.newInstance();
    System.out.println("\t" + c.getDeclaredMethod(min.name, String.class).invoke(o, ldc.cst));
    Originally Posted by Bananenbrot View Post
    Also, you are using the offsets the wrong way. If you ever find offsets in the info dump, they are most probably relative to 0x400000, which means you have to subtract that value when adding it to the baseaddress (simple math). Now of course that may seem like a pitfall for noobs, but then again this is an error in every third thread. Look into ASLR if you haven't already.
    So I should either disable ASLR and rebase the pointers found in the info dump threads to 0x0 or subtract 0x400000 from the pointers (CurMgrPointer)? How is a newcomer even supposed to know the tradition behind the info dump threads? I didn't know that they were all rebased to 0x400000.

    Originally Posted by Empted View Post
    No offense, but an experienced programmer should know all the thing you've been told here.
    Are you saying that you're not an experienced programmer because you didn't know what I said above to Bananenbrot?? Let's thoroughly examine what I've been told here.

    Originally Posted by Frosttall View Post
    It makes no sense to create patterns for 3.3.5a since the client will never chang

    Patterns are used to find things again if the binary changes, but 3.3.5a stays always the same and you only have to reverse the functions - nothing else!
    I definitely did not know this because the client I'm using is a download provided by Molten-WoW.com. It stated
    Pre-installed and includes all patches.
    so I figured that they would be using a slightly modified version. Was that really so wrong of me?

    Originally Posted by TOM_RUS View Post
    Check last win32 error code (+SetLastError), it will tell you why ReadProcessMemory fails.
    So what you're saying, Empted, is that every experienced programmer knows this? Does that mean that you, assuming you're an experienced programmer, know how to catch and print the stack trace of both checked AND unchecked exceptions in Java? Interesting...

    Originally Posted by Bananenbrot View Post
    FYI: Using Win32Exception Class (System.ComponentModel) would be the way to go.
    Same thing applies.

    I hope this cleared up some confusion we were having.

Page 1 of 2 12 LastLast

Similar Threads

  1. WoW Offsets & WPE
    By RyanoAthens in forum World of Warcraft General
    Replies: 2
    Last Post: 03-11-2014, 10:15 PM
  2. Offset Patterns?
    By wowsc4p3 in forum WoW Memory Editing
    Replies: 14
    Last Post: 02-13-2011, 09:22 AM
  3. Issue pulling the offset from a pattern
    By Tanaris4 in forum WoW Memory Editing
    Replies: 7
    Last Post: 09-22-2009, 03:52 PM
  4. How do you find memory offsets in the game?
    By koalaz2004 in forum World of Warcraft General
    Replies: 0
    Last Post: 08-18-2006, 09:40 PM
  5. Couple Patterns
    By funkdmonkey in forum World of Warcraft Guides
    Replies: 2
    Last Post: 05-25-2006, 12:46 PM
All times are GMT -5. The time now is 04:56 AM. Powered by vBulletin® Version 4.2.3
Copyright © 2025 vBulletin Solutions, Inc. All rights reserved. User Alert System provided by Advanced User Tagging (Pro) - vBulletin Mods & Addons Copyright © 2025 DragonByte Technologies Ltd.
Google Authenticator verification provided by Two-Factor Authentication (Free) - vBulletin Mods & Addons Copyright © 2025 DragonByte Technologies Ltd.
Digital Point modules: Sphinx-based search