Need help with wc3 functions offsets

This is a discussion on Need help with wc3 functions offsets within the Warcraft 3 Hacks, bots and tools board part of the Warcraft 3 forum category; no Code: Show: ShowWindow(clsGame::Handle[i], SW_SHOW); Hide: ShowWindow(clsGame::Handle[i], SW_HIDE);...

Page 6 of 7 FirstFirst ... 4567 LastLast
Results 51 to 60 of 61
  1. #51
    Qazzy is offline Advanced Hacker


    Array
    Join Date
    Aug 2007
    Posts
    316
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Rep Power
    18
    Reputation
    1431
    no

    Code:
    Show:
    ShowWindow(clsGame::Handle[i], SW_SHOW);
    
    Hide:
    ShowWindow(clsGame::Handle[i], SW_HIDE);



  2. The Following User Says Thank You to Qazzy For This Useful Post:


  3. #52
    wc3noobpl's Avatar
    wc3noobpl is offline Hacker Array
    Join Date
    Dec 2011
    Posts
    154
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Rep Power
    0
    Reputation
    189
    Quote Originally Posted by Qazzy View Post
    no

    Code:
    Show:
    ShowWindow(clsGame::Handle[i], SW_SHOW);
    
    Hide:
    ShowWindow(clsGame::Handle[i], SW_HIDE);
    y, but i hope when i press "minimize all windows" windows key, window will not minimize with this also.
    wont it ?
    i'll test later anyway, thx for advice.

  4. #53
    Funs's Avatar
    Funs is offline Mentor
    Array
    Join Date
    Jan 2009
    Posts
    138
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Rep Power
    9
    Reputation
    185
    Quote Originally Posted by Dennis View Post
    No.
    On any OS higher than XP Game.dll's base isn't always 6F000000.
    That's the reason why you get the dll base -> else you could just call every pointer with 6F******.
    When you have the game.dll base address, you calculate the RVA with GameBase+Offset.

    If you find a Offset when GameBase is NOT 6F000000, you have to substract the GameBase from it.

    Example:

    You find the offset 2AF15F0 via CheatEngine or ArtMoney which is GameBase+0xAD15F0 when
    the GameBase is 020200000.
    Fire up Calculator, press Alt+3 to set calculator to programmer view, select "Hex" from the Radio items on the left.
    type in the address you found, 2AF15F0, and subtract 2020000 (GameBase) from it.
    Now you'll have 0xAD15F0 which is the offset without the gamebase.

    Now you can cast it in your program by calling DWORD dwOffset = GameBase+0xAD15F0.

    To find the gamebase in OllyDbg click on the blue "E" button in the menubar or press Alt+E.
    Yeah, Game.dll base isnīt always the same on Vista and higher, because MS implemented ASLR (Address Space Layout Randomization) as a security feature in new OSes. But thats a little bit OT

    If you donīt want to use native API functions, you can also get the Game.dll base by reading a value from the war3.exe module, I did so in many projects...

    And yes, when you enter Bnet and loaded FHack, the initially loaded Game.dll gets cloaked and a new unmodified is loaded. Thatīs also why the bases are changing...

    I find it really funny and I am little bit curious what you are trying to do and for what you use FHack?!
    -------------------------------------------------------> ( )
    me shoving an elephant up your sisterīs backdoor

  5. #54
    oMBra is offline Addict
    Array
    Join Date
    Nov 2008
    Posts
    53
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Rep Power
    9
    Reputation
    10
    Quote Originally Posted by Funs View Post
    And yes, when you enter Bnet and loaded FHack, the initially loaded Game.dll gets cloaked and a new unmodified is loaded. Thatīs also why the bases are changing...
    Does this mean that this method totally defeat warden?

  6. #55
    ZeD's Avatar
    ZeD
    ZeD is offline RoR 0x266E


    Array
    Join Date
    Feb 2007
    Location
    Germany
    Posts
    1,440
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)
    Rep Power
    14
    Reputation
    698
    Quote Originally Posted by oMBra View Post
    Does this mean that this method totally defeat warden?
    As long as zMap is FHack should be too. They're using a similar "anti-detection method".

  7. #56
    oMBra is offline Addict
    Array
    Join Date
    Nov 2008
    Posts
    53
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Rep Power
    9
    Reputation
    10
    I was wondering, when FHack cloackes game.dll and loads a new "untouched" one, which one does the game use?

  8. #57
    ZeD's Avatar
    ZeD
    ZeD is offline RoR 0x266E


    Array
    Join Date
    Feb 2007
    Location
    Germany
    Posts
    1,440
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)
    Rep Power
    14
    Reputation
    698
    Quote Originally Posted by oMBra View Post
    I was wondering, when FHack cloackes game.dll and loads a new "untouched" one, which one does the game use?
    the clean game.dll is loaded up just for warden to read from.
    You still use the cloaked dll. Else, the maphack wouldn't work, would it?

  9. #58
    oMBra is offline Addict
    Array
    Join Date
    Nov 2008
    Posts
    53
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Rep Power
    9
    Reputation
    10
    Yes, of course but how does the game know to use the cloacked dll and to use the untouched one for warden responses?

  10. #59
    wc3noobpl's Avatar
    wc3noobpl is offline Hacker Array
    Join Date
    Dec 2011
    Posts
    154
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Rep Power
    0
    Reputation
    189
    Quote Originally Posted by oMBra View Post
    Yes, of course but how does the game know to use the cloacked dll and to use the untouched one for warden responses?
    i suppose wc3.exe loads game.dll from start and keep legal address, and warden try to get game.dll with itself every time it makes checks.

    FHack also first keeps original game.dll address and only after call CloackDLL.

  11. #60
    ZeD's Avatar
    ZeD
    ZeD is offline RoR 0x266E


    Array
    Join Date
    Feb 2007
    Location
    Germany
    Posts
    1,440
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)
    Rep Power
    14
    Reputation
    698
    This thread is kinda getting off-topic.
    wc3noobpl, what do u still search help for? if non, I'd close this thread as of now.

Page 6 of 7 FirstFirst ... 4567 LastLast

Similar Threads

  1. 1.4.2 offsets (help please)
    By james666 in forum Starcraft 2 Coding
    Replies: 7
    Last Post: 01-21-2012, 03:13 AM
  2. [1.26] List of all JASS functions (SEACH)
    By Skino in forum Warcraft 3 Hacks, bots and tools
    Replies: 4
    Last Post: 06-29-2011, 03:01 PM
  3. Replies: 0
    Last Post: 03-28-2010, 10:29 PM
  4. Functions of the forums.
    By Kevin in forum Entertainment
    Replies: 15
    Last Post: 07-30-2007, 07:04 PM
  5. About offsets
    By Range in forum Warcraft 3 forum
    Replies: 0
    Last Post: 05-27-2007, 03:05 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •