[Help] How to run in main thread menu

User Tag List

Results 1 to 6 of 6
  1. #1
    fofgogjoj's Avatar Member
    Reputation
    4
    Join Date
    Nov 2019
    Posts
    26
    Thanks G/R
    8/3
    Trade Feedback
    4 (100%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    [Help] How to run in main thread

    hi all! first of all i want to thank all the people from this section of the forum! 2 weeks ago i tried to work with memory for the first time and now I have achieved a lot, thanks to the messages that have already been. i was able to read the memory of the game, partially learned how to work with a dump, my bot has R\D in its arsenal! i'm happy as a child, but i'm having problems writing to memory. Before creating this post, i read the following posts:
    1) __fastcall with C# using a C++ wrapper?
    2) Reversing CastSpell
    3) https://drewkestell.us/Article/6/Chapter/5
    i took most of the code for writing memory from these sources. as for me i was able to inject DLL. my program starts in the process of WoW. i go for my character. then, i try in the main thread to call the method for getting GUID of my character. at this point the game client freezes and execution stops. as I understood, in order to write to memory, I need to perform the following steps:
    1) Inject DLL
    Code:
            static void Main()
            {
                var currentFolder = Path.GetDirectoryName(Assembly.GetExecutingAssembly().Location);
    
                var startupInfo = new STARTUPINFO();
    
                CreateProcess(
                    "C:\\Games\\World of Warcraft\\_classic_\\WowClassic.exe",
                    null,
                    IntPtr.Zero,
                    IntPtr.Zero,
                    false,
                    ProcessCreationFlag.CREATE_DEFAULT_ERROR_MODE,
                    IntPtr.Zero,
                    null,
                    ref startupInfo,
                    out PROCESS_INFORMATION processInfo);
    
                Thread.Sleep(1000);
    
                var processHandle = Process.GetProcessById((int)processInfo.dwProcessId).Handle;
    
                var loaderPath = Path.Combine(currentFolder, "Loader.dll");
    
                var loaderPathPtr = VirtualAllocEx(
                    processHandle,
                    (IntPtr)0,
                    loaderPath.Length,
                    MemoryAllocationType.MEM_COMMIT,
                    MemoryProtectionType.PAGE_EXECUTE_READWRITE);
    
                Thread.Sleep(500);
    
                int error = Marshal.GetLastWin32Error();
                if (error > 0)
                    throw new InvalidOperationException($"Failed to allocate memory for Loader.dll, error code: {error}");
    
                var bytes = Encoding.Unicode.GetBytes(loaderPath);
                var bytesWritten = 0; // throw away
                WriteProcessMemory(processHandle, loaderPathPtr, bytes, bytes.Length, ref bytesWritten);
    
                Thread.Sleep(1000);
    
                error = Marshal.GetLastWin32Error();
                if (error > 0 || bytesWritten == 0)
                    throw new InvalidOperationException($"Failed to write Loader.dll into the WoW.exe process, error code: {error}");
    
                var loaderDllPointer = GetProcAddress(GetModuleHandle("kernel32.dll"), "LoadLibraryW");
    
                Thread.Sleep(1000);
    
                error = Marshal.GetLastWin32Error();
                if (error > 0)
                    throw new InvalidOperationException($"Failed to get memory address to Loader.dll in the WoW.exe process, error code: {error}");
    
                CreateRemoteThread(processHandle, (IntPtr)null, (IntPtr)0, loaderDllPointer, loaderPathPtr, 0, (IntPtr)null);
    
                Thread.Sleep(1000);
    
                error = Marshal.GetLastWin32Error();
                if (error > 0)
                    throw new InvalidOperationException($"Failed to create remote thread to start execution of Loader.dll in the WoW.exe process, error code: {error}");
    
                VirtualFreeEx(processHandle, loaderPathPtr, 0, MemoryFreeType.MEM_RELEASE);
            }
    2) In main thread Get delegate for function pointer and execute it.
    Code of ThreadSynchronizer:
    Code:
    static public class ThreadSynchronizer
        {
            [DllImport("user32.dll")]
            static extern IntPtr SetWindowLong(IntPtr hWnd, int nIndex, IntPtr dwNewLong);
    
            [DllImport("user32.dll")]
            static extern int CallWindowProc(IntPtr lpPrevWndFunc, IntPtr hWnd, int Msg, int wParam, int lParam);
    
            [DllImport("user32.dll")]
            static extern int GetWindowThreadProcessId(IntPtr handle, out int processId);
    
            [DllImport("user32.dll")]
            static extern bool IsWindowVisible(IntPtr hWnd);
    
            [DllImport("user32.dll")]
            static extern int GetWindowTextLength(IntPtr hWnd);
    
            [DllImport("user32.dll")]
            static extern int GetWindowText(IntPtr hWnd, StringBuilder lpString, int nMaxCount);
    
            [DllImport("user32.dll")]
            static extern bool EnumWindows(EnumWindowsProc lpEnumFunc, IntPtr lParam);
    
            [DllImport("user32.dll")]
            static extern int SendMessage(
                int hWnd,
                uint Msg,
                int wParam,
                int lParam
            );
    
            [DllImport("kernel32.dll")]
            static extern uint GetCurrentThreadId();
    
            delegate bool EnumWindowsProc(IntPtr hWnd, IntPtr lParam);
    
            delegate int WindowProc(IntPtr hWnd, int Msg, int wParam, int lParam);
    
            static readonly Queue<Action> actionQueue = new Queue<Action>();
            static readonly Queue<Delegate> delegateQueue = new Queue<Delegate>();
            static readonly Queue<object> returnValueQueue = new Queue<object>();
    
            const int GWL_WNDPROC = -4;
            const int WM_USER = 0x0400;
            static IntPtr oldCallback;
            static WindowProc newCallback;
            static int windowHandle;
    
            static ThreadSynchronizer()
            {
                EnumWindows(FindWindowProc, IntPtr.Zero);
                newCallback = WndProc;
                oldCallback = SetWindowLong((IntPtr)windowHandle, GWL_WNDPROC, Marshal.GetFunctionPointerForDelegate(newCallback));
            }
    
            static public void RunOnMainThread(Action action)
            {
                if (GetCurrentThreadId() == System.Diagnostics.Process.GetCurrentProcess().Threads[0].Id)
                {
                    action();
                    return;
                }
                actionQueue.Enqueue(action);
                SendUserMessage();
            }
    
            static public T RunOnMainThread<T>(Func<T> function)
            {
                if (GetCurrentThreadId() == System.Diagnostics.Process.GetCurrentProcess().Threads[0].Id)
                    return function();
    
                delegateQueue.Enqueue(function);
                SendUserMessage();
                return (T)returnValueQueue.Dequeue();
            }
    
            static int WndProc(IntPtr hWnd, int msg, int wParam, int lParam)
            {
                try
                {
                    if (msg != WM_USER) return CallWindowProc(oldCallback, hWnd, msg, wParam, lParam);
    
                    while (actionQueue.Count > 0)
                        actionQueue.Dequeue()?.Invoke();
                    while (delegateQueue.Count > 0)
                    {
                        var invokeTarget = delegateQueue.Dequeue();
                        returnValueQueue.Enqueue(invokeTarget?.DynamicInvoke());
                    }
                    return 0;
                }
                catch (Exception e)
                {
                    Console.WriteLine(e.Message);
                }
    
                return CallWindowProc(oldCallback, hWnd, msg, wParam, lParam);
            }
    
            static bool FindWindowProc(IntPtr hWnd, IntPtr lParam)
            {
                GetWindowThreadProcessId(hWnd, out int procId);
                if (procId != System.Diagnostics.Process.GetCurrentProcess().Id) return true;
                if (!IsWindowVisible(hWnd)) return true;
                var l = GetWindowTextLength(hWnd);
                if (l == 0) return true;
                var builder = new StringBuilder(l + 1);
                GetWindowText(hWnd, builder, builder.Capacity);
                if (builder.ToString() == "World of Warcraft")
                    windowHandle = (int)hWnd;
                return true;
            }
    
            static void SendUserMessage() => SendMessage(windowHandle, WM_USER, 0, 0);
        }
    Code of delegete for function:
    Code:
            [UnmanagedFunctionPointer(CallingConvention.StdCall)]
            delegate UInt128 GetPlayerGuidDelegate();
    
            static readonly GetPlayerGuidDelegate GetPlayerGuidFunction =
                Marshal.GetDelegateForFunctionPointer<GetPlayerGuidDelegate>((IntPtr)0x2DAFCE0);
    
            static public UInt128 GetPlayerGuid()
            {
                 MessageBox.Show(GetPlayerGuidFunction().ToString());
                return GetPlayerGuidFunction();
            }
    how do i run on the main thread:
    Code:
    ThreadSynchronizer.RunOnMainThread(() => Functions.GetPlayerGuid());
    Last edited by fofgogjoj; 11-17-2021 at 01:17 PM.

    [Help] How to run in main thread
  2. #2
    ChrisIsMe's Avatar Contributor
    Reputation
    164
    Join Date
    Apr 2017
    Posts
    210
    Thanks G/R
    67/100
    Trade Feedback
    0 (0%)
    Mentioned
    3 Post(s)
    Tagged
    0 Thread(s)
    aaaaaaaaaaaaaaaaaaaa
    Last edited by ChrisIsMe; 11-01-2023 at 05:08 PM.

  3. Thanks fofgogjoj (1 members gave Thanks to ChrisIsMe for this useful post)
  4. #3
    fofgogjoj's Avatar Member
    Reputation
    4
    Join Date
    Nov 2019
    Posts
    26
    Thanks G/R
    8/3
    Trade Feedback
    4 (100%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    can i ask a question? have you read this article? am i correct that if i use this then i can avoid injection DLL and can write to memory? i ask this question because i cannot be sure that i have injected correctly and i do not know how it could be verified. from the outside it looks like starting a game and then starting my program. closing my program will close the game and vice versa.

  5. #4
    ChrisIsMe's Avatar Contributor
    Reputation
    164
    Join Date
    Apr 2017
    Posts
    210
    Thanks G/R
    67/100
    Trade Feedback
    0 (0%)
    Mentioned
    3 Post(s)
    Tagged
    0 Thread(s)
    aaaaaaaaaaaaaaaaaaaa
    Last edited by ChrisIsMe; 11-01-2023 at 05:08 PM.

  6. #5
    oiramario's Avatar Established Member
    Reputation
    85
    Join Date
    Mar 2021
    Posts
    133
    Thanks G/R
    36/51
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    you cannot use detour without remap and bypass crc, it will crash.
    inject dll and replace winproc(mainthread already), use sendmessage to tell ownwinproc exec blabla, debug by log or messagebox.

  7. Thanks fofgogjoj (1 members gave Thanks to oiramario for this useful post)
  8. #6
    fofgogjoj's Avatar Member
    Reputation
    4
    Join Date
    Nov 2019
    Posts
    26
    Thanks G/R
    8/3
    Trade Feedback
    4 (100%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    thanks to the guys who answered in this post. @ChrisIsMe and @oiramario, you are best!
    solving my problem turned out to be much easier. maybe since then i have already slightly changed the work in the main thread, but this was not my mistake. i was set address of the value when it was necessary to set address of the FUNCTION. maybe this will help those who face the same problem.

  9. Thanks ChrisIsMe (1 members gave Thanks to fofgogjoj for this useful post)

Similar Threads

  1. How to run in a MV?
    By 08449 in forum Diablo 3 General
    Replies: 4
    Last Post: 06-22-2012, 09:07 AM
  2. CoInitializeEx... safe to run on main thread?
    By bad6oy30 in forum WoW Memory Editing
    Replies: 7
    Last Post: 02-14-2011, 07:27 PM
  3. [Speedexploit] How to run in Epicmountspeed
    By 41p32 in forum World of Warcraft Bots and Programs
    Replies: 18
    Last Post: 04-04-2008, 04:10 AM
  4. [Speedexploit] How to run in Epicmountspeed
    By 41p32 in forum World of Warcraft Exploits
    Replies: 17
    Last Post: 04-03-2008, 02:51 PM
  5. [Need Help] How to downgrade in patches
    By Aleah12 in forum World of Warcraft Emulator Servers
    Replies: 5
    Last Post: 01-12-2008, 10:48 AM
All times are GMT -5. The time now is 06:38 AM. Powered by vBulletin® Version 4.2.3
Copyright © 2024 vBulletin Solutions, Inc. All rights reserved. User Alert System provided by Advanced User Tagging (Pro) - vBulletin Mods & Addons Copyright © 2024 DragonByte Technologies Ltd.
Digital Point modules: Sphinx-based search