Need help reaching EndScene for 3.3.5a menu
Follow us:

Shout-Out

User Tag List

Results 1 to 1 of 1
  1. 08-19-2013 #1
    yeahlol's Avatar
    yeahlol
    yeahlol is offline
    Member
    Reputation
    -6
    Join Date
    Nov 2010
    Posts
    25
    Thanks G/R
    0/0
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Need help reaching EndScene for 3.3.5a

    I've read the threads up and down, making the adjustments for the code I find (corrections from other users) but I cant seem to get it to work. When I run the code It crashes when the program runs the last statement:
    Code:
    process.Asm.Inject(pEndScene);
    I don't know if it matters, but this is running with a private server I've set up for my self to be able to learn without fearing a patch or anything.

    The code Im trying to get to work is fetched from at http://www.ownedcore.com/forums/worl...ml#post2045573 ([Sample Code] EndScene Hook with ASM and blackmagic)

    Code:
        public struct Direct3D
    {
        // From http://www.ownedcore.com/forums/world-of-warcraft/world-of-warcraft-bots-programs/wow-memory-editing/300463-wow-3-3-5-12340-info-dump-thread.html#post1917706
        public static uint Direct3D9__Device = 0xC5DF88;
        public static uint Direct3D9__Device__OffsetA = 0x397C;
        public static uint Direct3D9__Device__OffsetB = 0xA8;
    }

    public class HookManager
    {
        private BlackMagic process;

        private bool mainThreadHooked;
        private bool ExecutingCode;

        private uint codeCave;
        private uint injectionAddress;
        private uint returnAddress;

        public HookManager(BlackMagic process)
        {
            this.process = process;

            this.mainThreadHooked = false;
            this.ExecutingCode = false;

            this.codeCave = 0;
            this.injectionAddress = 0;
            this.returnAddress = 0;
        }

        private void HookApplication()
        {
            if (!process.IsProcessOpen)
                throw new Exception("Process is not open");

            uint pDevice = process.ReadUInt(Direct3D.Direct3D9__Device);
            uint pEnd = process.ReadUInt(pDevice + Direct3D.Direct3D9__Device__OffsetA);
            uint pScene = process.ReadUInt(pEnd);
            uint pEndScene = process.ReadUInt(pScene + Direct3D.Direct3D9__Device__OffsetB);
            
            if (process.ReadUInt(pEndScene) == 0xE9 && (codeCave == 0 || injectionAddress == 0))
            {
                DisposeOfHook();
            }
            if (process.ReadUInt(pEndScene) != 0xE9)
            {
                try
                {
                    mainThreadHooked = false;

                    codeCave = process.AllocateMemory(2048);
                    injectionAddress = process.AllocateMemory(0x4);

                    process.WriteInt(injectionAddress, 0);

                    returnAddress = process.AllocateMemory(0x4);
                    process.WriteInt(returnAddress, 0);

                    process.Asm.Clear();

                    process.Asm.AddLine("mov edi, edi");
                    process.Asm.AddLine("push ebp");
                    process.Asm.AddLine("mov ebp, esp");

                    process.Asm.AddLine("pushfd");
                    process.Asm.AddLine("pushad");

                    //Test for waiting code?
                    process.Asm.AddLine("mov eax, [" + injectionAddress + "]");
                    process.Asm.AddLine("test eax, eax");//test eax, ebx"); // corrected as in http://www.ownedcore.com/forums/world-of-warcraft/world-of-warcraft-bots-programs/wow-memory-editing/305473-sample-code-endscene-hook-asm-blackmagic-6.html#post2053805
                    process.Asm.AddLine("je @out");

                    //Execute waiting code
                    process.Asm.AddLine("mov eax, [" + injectionAddress + "]");
                    process.Asm.AddLine("call eax");

                    //Copy pointer to return value
                    process.Asm.AddLine("mov [" + returnAddress + "], eax");

                    process.Asm.AddLine("mov edx, " + injectionAddress);
                    process.Asm.AddLine("mov ecx, 0");
                    process.Asm.AddLine("mov [edx], ecx");

                    //Close Function
                    process.Asm.AddLine("@out:");

                    //Inject Code
                    uint sizeAsm = (uint)(process.Asm.Assemble().Length);

                    process.Asm.Inject(codeCave);

                    int sizeJumpBack = 5;

                    // create jump back stub
                    process.Asm.Clear();
                    process.Asm.AddLine("jmp " + (pEndScene + sizeJumpBack));
                    process.Asm.Inject(codeCave + sizeAsm);// + (uint)sizeJumpBack);

                    // create hook jump
                    process.Asm.Clear(); // $jmpto
                    process.Asm.AddLine("jmp " + (codeCave));
                    process.Asm.Inject(pEndScene);
                }
                catch
                {
                    mainThreadHooked = false; return;
                }
                mainThreadHooked = true;
            }
        }
    The error I get, and I get it when it runs the last line (
    Code:
    process.Asm.Inject(pEndScene);
    ), is

    This application has encountered a critical error:
    ERROR #132 ... Fatal Exception
    The instruction at "" referenced memory at "". The Memory could not be "written".

    I should have the right memory addresses? And I'm running Visual Studio as Administrator.

    In my main program, Im just trying to Dance:

    Code:
                var wowProcess = Process.GetProcessesByName("Wow")[0];
            BlackMagic process = new BlackMagic(wowProcess.Id);
            FunctionManager funcMngr = new FunctionManager(process);
            funcMngr.LuaDoString("DoEmote(\"dance\");");
    FunctionManager looks like:

    Code:
            public class FunctionManager
        {
            private BlackMagic process;
            private HookManager aHook;

            public FunctionManager(BlackMagic process)
            {
                this.process = process;
                this.aHook = new HookManager(process);
            }

            public void LuaDoString(string command)
            {
                int nSize = command.Length + 0x100;
                uint codeCave = process.AllocateMemory(nSize);
                uint moduleBase = (uint)process.MainModule.BaseAddress;

                // address from http://www.ownedcore.com/forums/world-of-warcraft/world-of-warcraft-bots-programs/wow-memory-editing/300463-wow-3-3-5-12340-info-dump-thread.html#post1917693
                uint FrameScript__Execute = 0x819210;

                process.WriteASCIIString(codeCave, command);

                process.Asm.Clear();

                String[] asm = new String[] 
            {
                "mov eax, " + codeCave,
                "push 0",
                "push eax",
              
                "push eax",
                "mov eax, " + (FrameScript__Execute),
                
                "call eax",
                "add esp, 0xC",
                "retn",    
            };

                aHook.InjectAndExecute(asm);
                process.FreeMemory(codeCave);
            }
        }
    Reply With Quote Reply With Quote
    Need help reaching EndScene for 3.3.5a
« Previous Thread | Next Thread »

Similar Threads

  1. [URGENT] Need help (free gold for you)
    By PIN in forum World of Warcraft General
    Replies: 1
    Last Post: 05-10-2009, 08:37 AM
  2. need help finding vendor for latest.
    By nickeg in forum WoW EMU Questions & Requests
    Replies: 1
    Last Post: 08-24-2008, 03:42 PM
  3. Need Help [Hamachi] +rep for helping
    By Dudey in forum World of Warcraft Emulator Servers
    Replies: 11
    Last Post: 06-14-2008, 03:09 AM
All times are GMT -5. The time now is 06:42 AM. Powered by vBulletin® Version 4.2.3
Copyright © 2025 vBulletin Solutions, Inc. All rights reserved. User Alert System provided by Advanced User Tagging (Pro) - vBulletin Mods & Addons Copyright © 2025 DragonByte Technologies Ltd.
Google Authenticator verification provided by Two-Factor Authentication (Free) - vBulletin Mods & Addons Copyright © 2025 DragonByte Technologies Ltd.
Digital Point modules: Sphinx-based search