Simple Windows and OSX unlocker method

[qyte]

Windows:
I found a neat little yet simple method to "unlock" wows lua, code follows

Code:

using Process.NET; // you will need to refer to https://github.com/lolp1/Process.NET
using Process.NET.Patterns; // for anything below that seems unfamiliar
...
var process = System.Diagnostics.Process.GetProcessesByName("Wow").FirstOrDefault();
var processSharp = new ProcessSharp(process, Process.NET.Memory.MemoryType.Remote);
var Lua_Tainted = GetAddressFromPattern("4C 8B 0D ?? ?? ?? ?? 45 33 C0 48 8B CE", 3, 4);
Thread th = new Thread(delegate (){
	while (true)
	{
		processSharp.Memory.Write(Lua_Tainted, IntPtr.Zero);
	}
});
th.IsBackground = true;
th.Start();

Methods

Code:

private static IntPtr GetAddressFromPattern(string pattern, int offset, int size)
{
	var scanResult = PatternScanner.Find(new DwordPattern(pattern));
	return IntPtr.Add(scanResult.ReadAddress, ProcessSharp.Memory.Read<int>(scanResult.ReadAddress + offset)) + offset + size;
}

Lua to call protected functions:

Code:

local function CastSpell_ByName(spell, target)
  local target = target or "target"
  secured = false
  while not secured do
    RunScript([[
      for index = 1, 500 do
        if not issecure() then
          return
        end
      end
      CastSpellByName("]] .. spell .. [[", "]] .. target .. [[")
      secured = true
    ]])    
  end
end

OSX:
Similar logic to the above - different patterns and offsets.

[WiNiFiX]

(back to pixels I guess).

[WiNiFiX]

If we lucky blizzards anti-bot person is as skilled as their spelling person :P

[NessK]

Please can you post a new method for me to use, now that this one is public. (back to pixels I guess).

Cant agree with you more. What a shame. And I love "I found"...

[aeo]

almost certain you did not find this.

[eSko]

OSX:
Similar logic to the above - different patterns and offsets.

really useful. thanks bro.