Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- using System;
- using System.Collections.Generic;
- using System.Text;
- using Magic;
- using Fasm;
- using System.Diagnostics;
- using System.Threading;
- namespace WowMemoryHook
- {
- public class Hook
- {
- public BlackMagic BlackMagic = new BlackMagic();
- private uint codeCavePtr;
- private uint detourPtr;
- private uint dwAddress;
- public byte[] overwrittenBytes;
- private Random random = new Random();
- private int CurrentProcess;
- private int BaseAddress;
- public BlackMagic Memory = new BlackMagic(); //public memory reading.
- public uint DetourAddress;
- public uint FrameScript_ExecuteBuffer;
- public uint FrameScript_GetLocalizedText;
- public uint FrameScript_RegisterFunction = 0x43B030;
- public uint ClntObjMgrGetActivePlayerObjAddress;
- public uint CGClickSpellAddr;
- public Hook(int processID)
- {
- this.BlackMagic.OpenProcessAndThread(processID);
- this.CurrentProcess = processID;
- this.BaseAddress = (int)this.BlackMagic.MainModule.BaseAddress;
- this.BlackMagic.SetDebugPrivileges = true;
- this.codeCavePtr = this.BlackMagic.AllocateMemory(4);
- this.BlackMagic.WriteUInt(this.codeCavePtr, 0);
- this.detourPtr = this.BlackMagic.AllocateMemory(0x256);
- }
- public bool IsApplied { get; private set; }
- //Public methods.
- public bool ApplyDetour()
- {
- try
- {
- this.BlackMagic.SuspendThread();
- this.Apply();
- this.BlackMagic.ResumeThread();
- return true;
- }
- catch
- {
- return false;
- }
- }
- public void RestoreDetour()
- {
- try
- {
- this.Restore();
- }
- catch
- {
- }
- }
- public string Lua_GetReturnValue(string Command)
- {
- return Lua_GetReturnValue(Command, String.Empty);
- }
- public string Lua_GetReturnValue(string Command, string Argument)
- {
- return Lua_GetReturnValue(Command, Argument, 0xff);
- }
- public string Lua_GetReturnValue(string Command, string Argument, int ReturnLength)
- {
- if (Argument.Length == 0)
- {
- Argument = "nil";
- }
- byte[] bytes = Encoding.UTF8.GetBytes(Command);
- byte[] buffer2 = Encoding.UTF8.GetBytes(Argument);
- uint num = this.BlackMagic.AllocateMemory(bytes.Length + 1);
- uint num2 = this.BlackMagic.AllocateMemory(buffer2.Length + 1);
- uint num3 = this.BlackMagic.AllocateMemory(4);
- this.BlackMagic.WriteBytes(num, bytes);
- this.BlackMagic.WriteBytes(num2, buffer2);
- string[] aSM = new string[] {
- "mov eax, " + num,
- "push 0",
- "push eax",
- "push eax",
- "mov eax, " + ((uint) ((BaseAddress) + FrameScript_ExecuteBuffer)),
- "call eax",
- "add esp, 0xC",
- "call " + ((uint) ((BaseAddress) + ClntObjMgrGetActivePlayerObjAddress)),
- "test eax, eax", "je @out", "mov ecx, eax", "push -1", "mov edx, " + num2,
- "push edx", "call " + ((uint) ((BaseAddress) + FrameScript_GetLocalizedText)),
- "mov [" + num3 + "], eax",
- "@out:", "retn"
- };
- this.InjectAndExecute(aSM, "Lua_GetReturnValue");
- uint dwAddress = this.BlackMagic.ReadUInt(num3);
- this.BlackMagic.FreeMemory(num);
- this.BlackMagic.FreeMemory(num2);
- this.BlackMagic.FreeMemory(num3);
- if (dwAddress != 0)
- {
- return ReadUTF8String(dwAddress, 0x7d0);
- }
- return string.Empty;
- }
- //End public methods
- private void Apply()
- {
- if (IsApplied)
- {
- Restore();
- }
- this.dwAddress = (uint)BaseAddress + DetourAddress;
- string[] aSM = new string[] { "pushfd", "pushad", "mov eax, [" + this.codeCavePtr + "]", "cmp eax, 0", "je @out", "call eax", "mov eax, " + this.codeCavePtr, "xor edx, edx", "mov [eax], edx", "@out:", "popad", "popfd", "jmp " + ((this.dwAddress + ((uint)this.overwrittenBytes.Length))).ToString() };
- aSM = RandomizeASM(aSM);
- this.BlackMagic.WriteBytes(this.detourPtr, this.overwrittenBytes);
- this.Inject(aSM, this.detourPtr + ((uint)this.overwrittenBytes.Length));
- string[] strArray2 = new string[] { "jmp " + this.detourPtr.ToString() };
- this.Inject(strArray2, this.dwAddress);
- this.IsApplied = true;
- }
- private void Restore()
- {
- if (this.IsApplied)
- {
- this.BlackMagic.WriteBytes(this.dwAddress, this.overwrittenBytes);
- this.IsApplied = false;
- }
- }
- private void Inject(string[] ASM, uint Address)
- {
- ManagedFasm fasm = new ManagedFasm(this.BlackMagic.ProcessHandle);
- try
- {
- fasm.SetMemorySize(0x4096);
- foreach (string str in ASM)
- {
- fasm.AddLine(str);
- }
- fasm.Inject(Address);
- }
- catch
- {
- }
- finally
- {
- fasm.Dispose();
- }
- }
- private bool InjectAndExecute(string[] ASM, string Details)
- {
- bool flag;
- Hook executor;
- Monitor.Enter(executor = this);
- try
- {
- ASM = RandomizeASM(ASM);
- uint address = this.BlackMagic.AllocateMemory(0x4096);
- this.Inject(ASM, address);
- this.BlackMagic.WriteUInt(this.codeCavePtr, address);
- int tickCount = Environment.TickCount;
- while (this.BlackMagic.ReadInt(this.codeCavePtr) != 0)
- {
- if ((tickCount + 0xbb8) < Environment.TickCount)
- {
- return false;
- }
- Thread.Sleep(10);
- }
- this.BlackMagic.FreeMemory(address);
- flag = true;
- }
- catch
- {
- flag = false;
- }
- finally
- {
- Monitor.Exit(executor);
- }
- return flag;
- }
- #region ASM Code
- private static string[] RandomAsmCode = new string[] {
- "mov eax, eax", "mov ecx, ecx", "mov ebp, ebp", "mov edx, edx", "mov ebx, ebx", "mov esp, esp", "mov esi, esi", "mov edi, edi", "nop", "push ebp|pop ebp", "push eax|pop eax", "push ecx|pop ecx", "push edx|pop edx", "push ebx|pop ebx", "push esp|pop esp", "push edi|pop edi",
- "xchg eax, eax", "xchg ebp, ebp", "xchg ecx, ecx", "xchg edx, edx", "xchg ebx, ebx", "xchg esp, esp", "xchg edi, edi", "xchg eax, ebp|xchg ebp, eax", "xchg ecx, ebp|xchg ebp, ecx", "xchg eax, edx|xchg edx, eax", "xchg eax, ebx|xchg ebx, eax", "xchg eax, edi|xchg edi, eax", "xchg edi, edx|xchg edx, edi", "xchg ecx, ebx|xchg ebx, ecx", "xchg ebp, edi|xchg edi, ebp"
- };
- internal static string[] RandomizeASM(string[] ASM)
- {
- Random random = new Random();
- List<string> list = new List<string>();
- foreach (string str in ASM)
- {
- for (int i = 0; i < random.Next(1, 5); i++)
- {
- string item = RandomAsmCode[random.Next(0, RandomAsmCode.Length - 1)];
- if (item.Contains("|"))
- {
- foreach (string str3 in item.Split(new char[] { '|' }))
- {
- if (str3.Length > 0)
- {
- list.Add(str3);
- }
- }
- }
- else
- {
- list.Add(item);
- }
- }
- list.Add(str);
- }
- return list.ToArray();
- }
- #endregion
- private string ReadUTF8String(uint dwAddress, int Size)
- {
- byte[] buffer = this.BlackMagic.ReadBytes(dwAddress, Size);
- if (buffer == null)
- {
- return string.Empty;
- }
- return StringFromBytes(buffer);
- }
- private string StringFromBytes(byte[] myBuffer)
- {
- System.Text.Encoding encoding = System.Text.Encoding.UTF8;
- string myString = encoding.GetString(myBuffer, 0, myBuffer.Length);
- if (myString.IndexOf("\0") != -1)
- {
- myString = myString.Remove(myString.IndexOf("\0"), myString.Length - myString.IndexOf("\0"));
- }
- return myString;
- }
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement