Forum: World of Warcraft

Hi, Probably you've already figured out that the new Battle.net.dll coming with 3.3.5 patch comes with the new anti-reversing protection. It's code is obfuscated and it has many anti-debugging protections. I'm 80% sure they are using this:...

(This is my post from mmownd under the name Daemeat) Seeing as there is a severe lack of information about Warden I decided to make this thread to share information I gathered and will continue to do so when I am able. I hope that everybody will be able to grab bits and pieces of what I have...

I am having a little problem with SetFacing. I got it working with no errors or crashes but sometimes even thought the char is facing the target it says that I am not and I cant attack until I face the target. I been looking at WoW's code to see how SetFacing is used but it seems that I have the...

Hello all, I'm coding in AutoIT, and i have been successfully reading memory. However, in order to get further I must inject using a remote thread method into my process to execute a certain function from within the process. Here is how i'm doing it: My overarching code to inject inside...

OK so I for my first successful attempt at reversing I managed to get SelectTarget() working. I am was so excited about this little achievement I thought I would post it so others can use it and since I did a search and couldn't find anything here is the code to use SelectTarget. What is...

Hey all, So i am trying to call GetObjectName in the VTable using ASM calls in my CGObject_C class. DWORD dwVTable = *(DWORD *)m_dwObjAddr; DWORD *dwTable = (DWORD *)dwVTable; DWORD dwNameAddr = dwTable; DWORD dwName = 0;

Heya guys. I was wondering if there is a possibility for us Linux users to have bots for WoW? I've tried to mess around with XLib myself, but I'm finding it though to learn. (C++ itself) For those of you who don't know what Wine is, here's the quick info: It makes you able to play Windows...

How is this possible? WoW Hashes the function during the login process, detecting any detours i have made on the function. The function that CHECKS for detours on CRCScan is also checked for consistancy, so its not possible to disable the Hash scan on CRCScan. Any ideas? Leo (C++) EDIT:...

I haven't been able to find any posts on GD or on mmowned relating to finding OTHER player's names in memory. I would think it would simply be a pointer off the unit fields, but I haven't been able to find a pointer to a string/name anywhere. I don't need exact offsets (as I'm going to try this...

Hello! I was just wondering if it is OK to post a link to a website for a new WoW pve/pvp bot? Yes I read the rules, but it was not clear to me if it is OK, it really is related stuff tho ;p

Hi, I was just wondering, i see a lot of people trying to work around warden, and so on, has anybody done/got any research/info on the actual network packets SMSG_WARDEN_DATA and CMSG_WARDEN_DATA, i.e. how they work, i know they're encrypted, but i don't know how, or what is inside them. I've...

Are there any 3.2 Blood Specs out there on EJ or anywhere else? I just spec'd on the fly on patch day. Just curious since we all got our talents reset, and I probably missed something. Behind a firewall here and was just looking to see if anyone knew off hand. Thanks!

Before reading the wall of text if this question can be answered it would negate the stuff below :) : I am trying to enumerate the objects around my character in order to target and attack. Does anyone know of lua functions that would do this aside from targetnearestenemy/etc? I am having...

I found some Sparetime to get back in WoW. ATM im interested in finding the Buffs and Debuffs of an unit , also cds and durations. i use to Read such Descriptions like : mov eax,MyLocalPlayer.MyLocalPlayerOffset invoke ReadProcessMemory, hProcess, eax,addr MyLocalPlayer.unknown1, 64d, 0...

I am posting this because I'd love to see changes to this source code, and hopefully see it get finished. I've tried to finish it myself, but as I've got no experience at all with Java, except for this source I've made, I can't figure out how to finish it. The main problem is system usage. As soon...

Up till 3.0.9 I used the following code to find a Unit's name given its memorry address: private string GetUnitName(uint unit) { uint aaa = ProcessManager.WowProcess.ReadUInt((unit + 0x970)); return...

hey there, im planning to do a small bot, what would be the best to retrieve playercoords?(safe) reading them directly from memory or using the ingame lua frame to obtain these?? would warden have any succes detection simulated keyclicks, or would that just be impossible? tnx in advance

Is the system to hook Warden the same whether your application initiates wow.exe or if you just inject into an already running process? I ask because I am having trouble converting the Warden hooking class and code from WOWX to my own project that injects after the process is started. I have...

Hi again, i have a little question about obtaining the Location of an object. first a lil pic(hope its not to big): Ok my code looks like: mov eax,tempObjectOffset add eax,798h ;Xcoord invoke ReadProcessMemory, HandleProcess, eax,addr temp_dword, sizeof dword, 0

I've a simple hunter gatherer bot that works in foreground mode. Its a passive bot using blackmagic.dll written in C# Big thanks to shynd for releasing that. I want to be able to run several instances at once. WoW blocks winapi options when it is not the foreground application. Mouse actions...

Previously object descriptors were located at . This appears to no longer be the case. Does anyone know where they are, or how I might find them? I tried the same method I used to find the unit descriptors, which is as follows: virtual void Function47(); public: virtual const char *...

This video was taken at Defcon 15. It is Greg Hoglund and his presentation "Virtual World, Real Hacking". He starts by explaining the industry of WoW Gold Farming but transitions into a long discussion of different methods in which to hack WoW (Does not go into great detail). I am linking this...

dont know if i have done it right atm : so thats what i have done: sig scan vor TLSindex db 0EBh,002h,033h,0C0h,08Bh -->007C03C5 007C03C5 /EB 02 JMP SHORT Wow.007C03C9 ; here TLSindex-sig scanned 007C03C7 |33C0 XOR EAX,EAX 007C03C9 \8B0D...