Cant access any wow function from injected dll

[Kwapuzzi]

Hi,

My problem is, that i cant call any function from wow out of my dll.
Here is my code of my c++ dll. I call this dll from a c# dll, which is injected in wow thought endscene.

What am i doing wrong?

PHP Code:

#define ChatFrame_AddMessage 0x005989F0 
typedef DWORD(__cdecl *pFunc_t)(char *szText, DWORD dwUnk, DWORD dwUnk2) ;


void AddChatMessage(char* text)
{   
     pFunc_t pFunc = (pFunc_t)((DWORD)GetModuleHandle(NULL) + ChatFrame_AddMessage) ;   
     pFunc(text, 0, 0) ;  
}

extern "C" __declspec(dllexport) void __stdcall addChatMessage(char *text)
{   
       AddChatMessage(text);
} 


if the call is no cdecl, where do i get the class-pointer from?

Can anyone give me a working example of any wow function called from an injected library?

Thanks

dermoeter

[daCoder]

Hi dermoeter,

you have to use __thiscall instead of __cdecl and the "this" parameter will be the first parameter.
This example is written in C++;

Code:

// Definition
void (__thiscall* pFunc)(unsigned int This) = nullptr;

// Initialization
pFunc= reinterpret_cast<decltype(pFunc)>(youraddress);

-daCoder

[Kwapuzzi]

thanks a lot and rep, cause the function itself runs.

Now i have the Problem, that i cant pass a correct parameter.

PHP Code:

// Lua_DoString Adress
#define Lua_DoStringAddress 0x75350

// Definition
void (__thiscall* pFunc)(char* This) = nullptr;

void LuaDoString(char* pcText)
{
       pFunc = reinterpret_cast<decltype(pFunc)>((DWORD)GetModuleHandle(NULL) + Lua_DoStringAddress);
       char *c = (char*)malloc(strlen(pcText));
       memcpy(c, pcText, strlen(pcText));   
       pFunc(c) ;
  } 


This was my last try, after normal passing of char* was not working.
The function lua_doString works fine, but the paramaters are broken, so nothing usefull gets executed.

Whats wrong with my parameter?

Thanks a lot for your help

[daCoder]

DoString is no __thiscall, change it to __cdecl and it should run fine.

[Empted]

PHP Code:

       char *c = (char*)malloc(strlen(pcText));
       memcpy(c, pcText, strlen(pcText)); 


Very suspicious code. Do not allocate memory using strlen (bad manner cause of encoding problems). Also if you do, then allocate (strlen+1) since it doesn't count null byte. Then same error when memcpy (copying only part of string), be careful.

[Kwapuzzi]

This is what i get, wenn i call the folowing code:



I dont get it.

[Empted]

No need in / symbol. Just call some script functions, like CastSpellByID or CastSpellByName. Full list can be found at http://www.wowwiki.com/API
P.S. what you write to ingame chat via "/" is like you do in command line. That string is then parsed to internal lua function calls.
P.P.S. did you fix the function the way I posted?

[Kwapuzzi]

ok thanks a lot. Thats it.

Now i ran into an error, that CastSpellByName is restricted. What can i do to run this function?
Or is it better to leave this function to the blizzard?

[DarkLinux]

Code:

DWORD FrameScript__Execute = (DWORD)GetModuleHandle(NULL)+0x43C230;
bool DoString(char *command)
{
	__asm
	{
            mov eax, command;
            push 0;
            push eax;
                
            push eax;
            mov eax, FrameScript__Execute; // Lua_DoString  FrameScript__Execute = 0x43C230,
                
            call eax;
            add esp, 0xC;
	};

	return true;
}

push 0 not 1, sounds like you are pushing 1...

This code is old... I think this is the new address..

FrameScript_Execute = 0x477080


Also to test it just call something like

char *DoStringArg="JumpOrAscendStart();";

This should be a protected command...


Also, you will need to call it from the main thread... Found an old example I coded for Terror...

http://fbe.am/atu

You will need to update it, the code it crap but it should get you started