How to Set Break Point and Do Debugging menu

User Tag List

Results 1 to 6 of 6
  1. #1
    SailorMars's Avatar Member
    Reputation
    7
    Join Date
    Oct 2015
    Posts
    49
    Thanks G/R
    0/6
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    How to Set Break Point and Do Debugging

    I am working on the 8.0 live retail version.

    I wrote my own memory scanner that implements some of the features of Cheat Engine (like scanning changed memory). Now I want to set break points and do some more advanced debugging. But I have no idea how to do it safely. Where should I start?

    Normally, to set break point, i would suspend a target thread, change the Debug Register by calling SetThreadContext(). But is it safe to do it in the retail client? Do they constantly monitor the debug registers?

    Also, if i need to debug the client, is it a must do dump the memory by ReadProcessMemory and analyze the dump file offline? Is it possible to interact with a live client safely? (it seems that at least a thread is constantly sending/receiving data to the server and setting breakpoints on that thread would get you disconnected)

    How to Set Break Point and Do Debugging
  2. #2
    WiNiFiX's Avatar Banned
    Reputation
    242
    Join Date
    Jun 2008
    Posts
    447
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Originally Posted by SailorMars View Post
    I am working on the 8.0 live retail version.

    I wrote my own memory scanner that implements some of the features of Cheat Engine (like scanning changed memory). Now I want to set break points and do some more advanced debugging. But I have no idea how to do it safely. Where should I start?

    Normally, to set break point, i would suspend a target thread, change the Debug Register by calling SetThreadContext(). But is it safe to do it in the retail client? Do they constantly monitor the debug registers?

    Also, if i need to debug the client, is it a must do dump the memory by ReadProcessMemory and analyze the dump file offline? Is it possible to interact with a live client safely? (it seems that at least a thread is constantly sending/receiving data to the server and setting breakpoints on that thread would get you disconnected)
    No expert - but a starting point to disable anti-debugging in wow is to look at the changes wow does to ntdll.dll


  3. #3
    pogob's Avatar Established Member
    Reputation
    56
    Join Date
    May 2011
    Posts
    23
    Thanks G/R
    28/2
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Originally Posted by SailorMars View Post
    I am working on the 8.0 live retail version.

    I wrote my own memory scanner that implements some of the features of Cheat Engine (like scanning changed memory). Now I want to set break points and do some more advanced debugging. But I have no idea how to do it safely. Where should I start?

    Normally, to set break point, i would suspend a target thread, change the Debug Register by calling SetThreadContext(). But is it safe to do it in the retail client? Do they constantly monitor the debug registers?

    Also, if i need to debug the client, is it a must do dump the memory by ReadProcessMemory and analyze the dump file offline? Is it possible to interact with a live client safely? (it seems that at least a thread is constantly sending/receiving data to the server and setting breakpoints on that thread would get you disconnected)
    There's a lot of stuff that you have to change if you want to enable debugging. What WiNiFiX mentioned are 2 hooks that wow does to intercept int3 breakpoints. But there's many (like 6) checks against just attaching a debugger and there's also another check against hwbps.

    If you want all the functionality of a debugger you have to bypass all the checks. If you just want to understand certain functions, however, there are alternative ways you could do it (hooking and getting the context thread for example).

  4. #4
    JamesHook's Avatar Member
    Reputation
    2
    Join Date
    May 2015
    Posts
    8
    Thanks G/R
    0/1
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Originally Posted by WiNiFiX View Post
    No expert - but a starting point to disable anti-debugging in wow is to look at the changes wow does to ntdll.dll

    Does anybody know the name of the tool?

  5. #5
    danwins's Avatar Contributor
    Reputation
    189
    Join Date
    Mar 2013
    Posts
    143
    Thanks G/R
    6/62
    Trade Feedback
    1 (100%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Originally Posted by JamesHook View Post
    Does anybody know the name of the tool?
    Looks like hookshark from memory.

  6. #6
    JamesHook's Avatar Member
    Reputation
    2
    Join Date
    May 2015
    Posts
    8
    Thanks G/R
    0/1
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Originally Posted by danwins View Post
    Looks like hookshark from memory.
    Thanks alot =)

Similar Threads

  1. How to edit bosses HP and change loot settings
    By murdock666 in forum World of Warcraft Guides
    Replies: 13
    Last Post: 09-08-2016, 07:49 AM
  2. How To Set Up And Install Ppather
    By Jchunx in forum World of Warcraft Bots and Programs
    Replies: 79
    Last Post: 11-01-2008, 11:01 PM
  3. Replies: 51
    Last Post: 08-09-2008, 09:36 PM
  4. [Guide] How to set up a private server and making it public
    By riley211 in forum WoW EMU Guides & Tutorials
    Replies: 11
    Last Post: 08-07-2008, 03:42 PM
  5. How to remove arena costs and other item/Point reqs
    By Tobeo in forum WoW EMU Guides & Tutorials
    Replies: 15
    Last Post: 05-18-2008, 03:53 PM
All times are GMT -5. The time now is 05:42 PM. Powered by vBulletin® Version 4.2.3
Copyright © 2024 vBulletin Solutions, Inc. All rights reserved. User Alert System provided by Advanced User Tagging (Pro) - vBulletin Mods & Addons Copyright © 2024 DragonByte Technologies Ltd.
Digital Point modules: Sphinx-based search