Current state of wow botting?

[karnkore]

Hey everyone, I tried to post this on another forum but got no replies, this forum seems a lot more active so I thought to try here.

I have been out of the scene for years. I used to write my own simple bots using waypoints and later on navmeshes mainly as coding practise and fun.

With the whole classic thing coming out it would be a really fun project to get something going again.

I guess the biggest problem now is that everything is obfuscated, CE is detected, debuggers are detected. client is packed?

The one thing I can think of right now is unpacking the client for static analysis or using a memory dump?, writing kernel code or using that crss windows process to read, staying external and hook free.

Does anyone have any ideas how to work with the object manager if it's all obfuscated? I don't know if its as simple as finding the decrypt function and calling it or if they added some counter measures to people calling it.

I am also really out of date with hooks, I used to just do inline or mid function hooks but now it seems you need to use the crazy kernel hooks to even have a chance. How do you guys hook the lua stuff? is it a must these days in order to easily call functions?

I hope once classic comes out more coders will be working on stuff again. Once I get caught up to speed with the latest techniques I will be helping out with making ida offset finding scripts etc.

Thanks.

[Robske]

I find myself in the same position as you, done a lot of things in the past but as the game quality declined, so did my interest in both hacking and playing it.
The obfuscation/packing update was a hill that simply wasn't worth climbing for me. Then came classic, and now I'm interested once more.

I've been told the classic client uses the same technology as live, so I hope to allocate the time needed to crack that nut before it goes live.

My only experience now is what I've read and heard. From what I gather:
- Use the Overwatch tool to dump the assembly for static analysis
- For client modifications (detours, patches...) you need to remap the section

There have been hints that additional detection mechanisms have been added.

The barrier to entry is now undeniably higher than it ever was, I doubt much will be shared here in the future, sadly.