 |
 |
|
|||||||
 |
 |
| Code Snippets and Tutorials The place for open source releases, great information, and tutorials written by other members. |
 |
|
|
LinkBack | Thread Tools |
|
|
08-08-2008, 07:10 AM
|
#1 (permalink) |
|
rol 3905h, 8
Senior Member
Administrator   Saint 
Join Date: Jul 2004
Location: Canada
Posts: 5,414
 |
[WarCraft III] Zero Maphack v7.x.x Source (v1.21b)
Here is the well organized source code to the last version of Zero. You're probably wondering why I'm posting this, and the answer is because these methods are a bit archaic and are being redeveloped. There's no need to keep the old ones a secret. Feel free to comment.
Zero.asm Code:
;====================================================;
; Zero Maphack Project by Perma ;
;====================================================;
; This project was started on January 1st, 2007 as a ;
; public undetected maphack for Warcraft III. It has ;
; since evolved into a premium maphack with several ;
; security implementations. ;
; ;
; INDEX ;
; ------- ;
; ;
; Zero.asm - Main source file. ;
; Hooks.inc - Hooked game functions. ;
; Security.inc - Debugging and security-related. ;
; Functions.inc - Numerous functions used by the ;
; project. Consider it an API of ;
; sorts, I suppose. ;
; Variables.inc - Address and hook definitions and ;
; various toggles and variables. ;
; ;
;====================================================;
.486
.Model Flat, StdCall
;//Make our DLL's code not case sensitive.
OPTION CASEMAP :NONE
;//Import system includes.
include \masm32\include\windows.inc
include \masm32\include\masm32.inc
include \masm32\include\user32.inc
include \masm32\include\kernel32.inc
include \masm32\include\debug.inc
include \masm32\include\comctl32.inc
include \masm32\include\comdlg32.inc
include \masm32\include\advapi32.inc
include \masm32\include\gdi32.inc
include \masm32\include\wsock32.inc
;//Import system libraries.
includelib \masm32\lib\masm32.lib
includelib \masm32\lib\user32.lib
includelib \masm32\lib\kernel32.lib
includelib \masm32\lib\debug.lib
includelib \masm32\lib\comctl32.lib
includelib \masm32\lib\comdlg32.lib
includelib \masm32\lib\advapi32.lib
includelib \masm32\lib\gdi32.lib
includelib \masm32\lib\wsock32.lib
;//Local imports for Zero.dll.
include Variables.inc
include Functions.inc
include Security.inc
include Hooks.inc
.data?
thread_InjectID dd ?
hThread dd ?
.code
DllEntryPoint proc hInstDLL:DWORD, reason:DWORD, unused:DWORD
;//This code is executed when our DLL is loaded.
mov eax,reason
.if eax == DLL_PROCESS_ATTACH
;//Save our DLL's current module handle.
mov eax, hInstDLL
mov hModule, eax
;//Call the function to hide our module.
invoke DLL_HideModule
;//Create our injection thread if the launcher is present.
invoke FindWindow, 0, CTEXT("Zero Launcher")
.if eax != 0
invoke CreateThread, NULL, 0, addr thread_InjectWarcraft, 0, 0, addr thread_InjectID
mov hThread, eax
.endif
.endif
ret
DllEntryPoint endp
End DllEntryPoint
Last edited by Perma : 08-11-2008 at 06:26 AM. |
|
|
|
|
|
Advertisement
|
Sponsored links
|
|
|
|
08-08-2008, 07:11 AM
|
#2 (permalink) |
|
rol 3905h, 8
Senior Member
Administrator Saint
Join Date: Jul 2004
Location: Canada
Posts: 5,414
|
Functions.inc
Code:
;====================================================;
; Global Function Module (Functions.inc) ;
;====================================================;
; This file houses a number of global functions that ;
; the project uses frequently. These are internal to ;
; the module as well as native functions of the ;
; target game. ;
;====================================================;
.code
DLL_PatchMemory proc MemOffset:DWORD, DataPtr:DWORD, dataLen:DWORD
;//Memory patching function.
LOCAL OldProt:DWORD
invoke VirtualProtect, MemOffset, dataLen, PAGE_EXECUTE_READWRITE, addr OldProt
invoke RtlMoveMemory, MemOffset, DataPtr, dataLen
invoke VirtualProtect, MemOffset, dataLen, OldProt, addr OldProt
ret
DLL_PatchMemory endp
DLL_SetHook proc uses ecx ebx from:DWORD, to:DWORD, jmptype:BYTE
;//Memory hooking function. Patches a call/jump to a target function.
mov ecx, from
mov ebx, to
add ecx, 05h
sub ebx, ecx
lea ecx, lgJmp
.if jmptype == 1
;//Type is an unconditional jump.
mov byte ptr [ecx], 0E9h
.elseif jmptype == 2
;//Type is a call.
mov byte ptr [ecx], 0E8h
.endif
mov dword ptr [ecx+1], ebx
invoke DLL_PatchMemory, from, addr lgJmp, 5
ret
DLL_SetHook endp
DLL_MoveString proc uses ecx ebx edx destaddress:DWORD,srcaddress:DWORD
;//String moving function.
mov ebx, destaddress
mov ecx, srcaddress
.while byte ptr [ecx] != 00h
mov dl, byte ptr [ecx]
mov byte ptr [ebx], dl
inc ecx
inc ebx
.endw
mov byte ptr [ebx], 00h
ret
DLL_MoveString endp
Warcraft_TextOut proc textloc:DWORD
;//In-game text printing function.
push eax
push edx
push ecx
push 0FFFFFFFFh
;//Get the pointer to Warcraft's global class.
mov eax, WC3FXN_GlobalClass
mov eax, dword ptr ds:[eax]
;//Get the pointer to the output class.
mov eax, dword ptr ds:[eax+3E0h]
mov edx, dword ptr ds:[eax]
push 0
push 41200000h
lea ecx, dword ptr ss:[esp+08h]
push ecx
;//Push the text address.
mov ecx, textloc
push ecx
mov ecx, eax
call dword ptr [WC3FXN_TextOut]
pop ecx
pop edx
pop eax
ret
Warcraft_TextOut endp
Warcraft_CheckGameState proc
;//Current game state checking function.
;//Get the pointer to Warcraft's global class.
mov eax, WC3FXN_GlobalClass
mov eax, dword ptr ds:[eax]
;//Check to see if we're in a game and return true/false.
.if dword ptr [eax+1ACh] == 00000000h
mov eax, 0
.else
mov eax, 1
.endif
ret
Warcraft_CheckGameState endp
|
|
|
|
|
|
|
|
|
08-08-2008, 07:11 AM
|
#3 (permalink) |
|
rol 3905h, 8
Senior Member
Administrator Saint
Join Date: Jul 2004
Location: Canada
Posts: 5,414
|
Security.inc
Code:
.code
DLL_HideModule proc
;//PEB module hiding function.
pushad
;//Get the address of the PEB.
assume fs:nothing
mov eax, fs:[30h]
;//Save ProcessModuleInfo.
mov eax, [eax+0Ch]
mov PPEB_LDR_DATA, eax
@InLoadOrderModuleList:
mov esi, [eax+0Ch]
mov edx, [eax+10h]
@LoopInLoadOrderModuleList:
lodsd
mov esi, eax
mov ecx, [eax+18h]
cmp ecx, hModule
jne @f
mov ebx, [eax]
mov ecx, [eax+4]
mov [ecx], ebx
mov [ebx+4], ecx
jmp @InMemoryOrderModuleList
@@:
cmp edx, esi
jne @LoopInLoadOrderModuleList
@InMemoryOrderModuleList:
mov eax, PPEB_LDR_DATA
mov esi, [eax+14h]
mov edx, [eax+18h]
@LoopInMemoryOrderModuleList:
lodsd
mov esi, eax
mov ecx, [eax+10h]
cmp ecx, hModule
jne @f
mov ebx, [eax]
mov ecx, [eax+4]
mov [ecx], ebx
mov [ebx+4], ecx
jmp @InInitializationOrderModuleList
@@:
cmp edx, esi
jne @LoopInMemoryOrderModuleList
@InInitializationOrderModuleList:
mov eax, PPEB_LDR_DATA
mov esi, [eax+1Ch]
mov edx, [eax+20h]
@LoopInInitializationOrderModuleList:
lodsd
mov esi, eax
mov ecx, [eax+08h]
cmp ecx, hModule
jne @f
mov ebx, [eax]
mov ecx, [eax+4]
mov [ecx], ebx
mov [ebx+4], ecx
jmp @Finished
@@:
cmp edx, esi
jne @LoopInInitializationOrderModuleList
@Finished:
popad
ret
DLL_HideModule endp
|
|
|
|
|
|
|
|
|
08-08-2008, 07:13 AM
|
#4 (permalink) |
|
rol 3905h, 8
Senior Member
Administrator Saint
Join Date: Jul 2004
Location: Canada
Posts: 5,414
|
Hooks.inc
Code:
;====================================================;
; Warcraft Source Module (Hooks.inc) ;
;====================================================;
; This is where all of our memory hooks jump to, in ;
; appropriately crafted custom functions. This allows;
; us a lot of flexibility in manipulating various ;
; parts of the function while maintaining a low ;
; impact overall on Warcraft's address space. ;
;====================================================;
.code
;===================================;
; Main Map Hooks ;
;===================================;
mainmap_Draw proc
;//Remove main map fog of war.
.data
mainmap_Draw1 dd 6F40AA86h
.code
or ebx, 0000F000h
and ebx, esi
test bx, bx
je continue
mov ecx, dword ptr [ecx]
jmp dword ptr [mainmap_Draw1]
continue:
mov eax, dword ptr [eax+2Ch]
movzx edx, word ptr [eax+2*edx]
xor eax, eax
mov ax, si
and edx, 0FFFh
not edx
test eax, edx
je explored
mov ecx, dword ptr ds:[ecx+4]
jmp finish
explored:
mov ecx, dword ptr ds:[ecx+8]
finish:
mov cl, byte ptr ds:[ecx+6F833DB4h]
.if stateMap == 02h
xor ecx, ecx
.endif
jmp dword ptr [fxnMainmapRetn]
mainmap_Draw endp
mainmap_Players proc
;//View player vision limitations on main map.
mov esi, dword ptr [ebp-08h]
mov eax, dword ptr [esi+0000099Ch]
xor ecx, ecx
cmp eax, ecx
je continue
.if stateMap == 01h
mov dx, 0FFFh
.else
mov dx, word ptr ds:[eax+3Ch]
.endif
mov word ptr ss:[ebp-1Ch], dx
jmp finish
continue:
mov dword ptr ss:[ebp-1Ch], ecx
finish:
mov edx, dword ptr ds:[esi+9D0h]
xor eax, eax
jmp dword ptr [fxnMainmapPlayersRetn]
mainmap_Players endp
mainmap_Units proc
;//Reveal enemy and neutral units on main map.
mov dword ptr ss:[ebp-28h], eax
mov dword ptr ss:[ebp-24h], eax
mov dword ptr ss:[ebp-1Ch], eax
mov eax, dword ptr ds:[edx+14h]
mov edx, dword ptr ds:[edx+10h]
.if stateMap != 00h
xor eax, eax
xor edx, edx
.endif
lea edx, dword ptr ds:[edx+eax*2]
and ecx, edi
jmp dword ptr [fxnUnitsRetn]
mainmap_Units endp
mainmap_Invisible proc
;//Reveal invisible units on main map.
.data
mainmap_Invisible1 dd 6F2A3D30h
.code
mov edx, dword ptr ds:[edi+198h]
mov ecx, dword ptr ds:[edi+178h]
xor eax, eax
mov ax, word ptr ds:[edi+edx*2+218h]
.if stateMap != 00h
mov eax, 00000001h
.else
push 0
push eax
push esi
call dword ptr [mainmap_Invisible1]
.endif
and ebx, eax
jmp dword ptr [fxnInvisibleRetn]
mainmap_Invisible endp
mainmap_Footprints proc
;//Reveal unit footprints on main map.
mov dword ptr ss:[ebp-30h], edi
mov dword ptr ss:[ebp-18h], edi
mov edi, dword ptr ds:[eax+10h]
mov dword ptr ss:[ebp-1Ch], ecx
mov ecx, dword ptr ds:[eax+14h]
.if stateMap != 00h
xor edi, edi
xor ecx, ecx
.endif
lea ecx, dword ptr ds:[edi+ecx*2]
mov edi, dword ptr ds:[eax+30h]
jmp dword ptr [fxnFootprintsRetn]
mainmap_Footprints endp
mainmap_Specular proc
;//Reveal specular effects on main map.
mov dword ptr ss:[ebp-44h], ebx
mov dword ptr ss:[ebp-2Ch], ebx
mov ebx, dword ptr ss:[esi+10h]
mov dword ptr ss:[ebp-30h], edx
mov edx, dword ptr ds:[esi+14h]
.if stateMap != 00h
xor ebx, ebx
xor edx, edx
.endif
lea edx, dword ptr ds:[ebx+edx*2]
mov ebx, dword ptr ds:[esi+30h]
jmp dword ptr [fxnSpecularRetn]
mainmap_Specular endp
mainmap_Corpses proc
;//Reveal corpses on main map.
mov dword ptr ss:[ebp-40h], edx
mov dword ptr ss:[ebp-28h], edx
mov edx, dword ptr ds:[esi+10h]
mov dword ptr ss:[ebp-38h], eax
mov dword ptr ss:[ebp-34h], eax
mov dword ptr ss:[ebp-2Ch], eax
mov eax, dword ptr ds:[esi+14h]
.if stateMap != 00h
xor eax, eax
xor edx, edx
.endif
lea eax, dword ptr ds:[edx+eax*2]
mov edx, dword ptr ds:[esi+30h]
jmp dword ptr [fxnCorpsesRetn]
mainmap_Corpses endp
mainmap_StaticSprites proc
;//Reveal trees and static sprites on main map.
mov dword ptr ss:[ebp-28h], ebx
mov dword ptr ss:[ebp-24h], ebx
mov dword ptr ss:[ebp-1Ch], ebx
mov ebx, dword ptr ds:[ecx+14h]
mov ecx, dword ptr ds:[ecx+10h]
.if stateMap != 00h
xor ebx, ebx
xor ecx, ecx
.endif
lea ecx, dword ptr ds:[ecx+ebx*2]
and eax, edi
jmp dword ptr [fxnStaticSpritesRetn]
mainmap_StaticSprites endp
mainmap_Sound proc
;//Play out of range sounds on main map.
mov dword ptr ss:[ebp-38h], ecx
mov dword ptr ss:[ebp-34h], ecx
mov dword ptr ss:[ebp-30h], ecx
mov dword ptr ss:[ebp-2Ch], ecx
mov dword ptr ss:[ebp-28h], ecx
mov dword ptr ss:[ebp-20h], ecx
mov dword ptr ss:[ebp-14h], ecx
mov ecx, dword ptr ds:[esi+14h]
.if stateMap != 00h
xor ecx, ecx
xor edx, edx
.endif
lea ecx, dword ptr ds:[edx+ecx*2]
mov edx, dword ptr ds:[esi+30h]
add eax, edi
jmp dword ptr [fxnSoundRetn]
mainmap_Sound endp
mainmap_Blight proc
;//Reveal undead blight animation on main map.
sub eax, edx
xor edx, edx
shl edx, cl
mov ecx, dword ptr [esi+34h]
sar eax, 1
mov dword ptr [ebp-18h], esi
add edx, edi
mov edi, dword ptr [esi+30h]
lea edx, dword ptr [edx+edx+02h]
add ecx, edx
add edi, edx
mov edx, dword ptr ds:[esi+24h]
and edx, 1
mov dword ptr ss:[ebp-0Ch], ecx
mov dword ptr ss:[ebp-10h], edi
xor edx, edx
jmp dword ptr [fxnBlightRetn]
mainmap_Blight endp
mainmap_Illusions proc
;//Reveal Blademaster illusions on main map.
mov edx, 00000001h
shl edx, cl
pop edi
pop esi
and edx, eax
neg edx
sbb edx, edx
neg edx
mov eax, edx
inc eax
ret
mainmap_Illusions endp
mainmap_ShowRally proc
;//Show enemy building rally points on main map.
.data
mainmap_ShowRally1 dd 6F2A2E60h
mainmap_ShowRally2 dd 6F463051h
.code
push eax
mov ecx, esi
call dword ptr [mainmap_ShowRally1]
.if stateMap != 0
@skip:
jmp dword ptr [fxnShowRallyRetn]
.else
test eax, eax
jne @skip
jmp dword ptr [mainmap_ShowRally2]
.endif
mainmap_ShowRally endp
mainmap_PaidStructure proc
;//Reveal structure placement of unbuilt buildings.
.data
mainmap_PaidStructure1 dd 6F563D5Ch
mainmap_PaidStructure2 dd 6F1C2C60h
.code
call dword ptr [mainmap_PaidStructure2]
test eax, eax
je @skip
jmp dword ptr [fxnPaidStructureRetn]
@skip:
.if stateMap != 00h
jmp dword ptr [fxnPaidStructureRetn]
.else
jmp dword ptr [mainmap_PaidStructure1]
.endif
mainmap_PaidStructure endp
mainmap_Placement proc
;//Same as above.
.data
mainmap_Placement1 dd 6F15C60Ah
mainmap_Placement2 dd 6F1C2C60h
.code
mov ecx, edi
call dword ptr [mainmap_Placement2]
test eax, eax
je @skip
jmp dword ptr [fxnPlacementRetn]
@skip:
.if stateMap != 00h
jmp dword ptr [fxnPlacementRetn]
.else
jmp dword ptr [mainmap_Placement1]
.endif
mainmap_Placement endp
;===================================;
; Minimap Hooks ;
;===================================;
minimap_Draw proc
;//Remove fog of war on minimap.
mov ebx, dword ptr ds:[6F873334h]
mov esi, dword ptr ds:[ebx+34h]
mov eax, dword ptr ds:[esi+14h]
.if stateMap == 02h
xor ecx, ecx
xor eax, eax
.else
mov ecx, dword ptr ds:[esi+10]
.endif
test eax, eax
jmp dword ptr [fxnMinimapRetn]
minimap_Draw endp
minimap_Players proc
;//Show player vision limitations on minimap.
.data
minimap_Players1 dd 6F2A4080h
.code
mov edx, dword ptr [edi+00000228h]
mov ebx, dword ptr [edi+00000224h]
sub esi, ecx
mov ecx, dword ptr [ebp-30h]
sub ebx, edx
movzx edx, word ptr ds:[ecx+28h]
push edx
call dword ptr [minimap_Players1]
mov eax, dword ptr ss:[ebp-20h]
.if stateMap == 01h
mov cx, 0FFFh
.else
mov cx, word ptr ds:[eax+3Ch]
.endif
mov eax, dword ptr ds:[edi+218h]
mov word ptr ss:[ebp-28h], cx
jmp dword ptr [fxnMinimapPlayersRetn]
minimap_Players endp
minimap_Locations proc
;//Show shops and gold mines on minimap.
.data
minimap_Locations1 dd 6F148769h
minimap_Locations2 dd 6F293B00h
.code
call dword ptr [minimap_Locations2]
test eax, eax
jz continue
mov ecx, dword ptr [ebp-14h]
mov edx, dword ptr [ecx+24h]
and edx, 00000001h
cmp dl, 01h
jne continue
jmp dword ptr [minimap_Locations1]
continue:
lea ecx, dword ptr [edi+000000F0h]
call dword ptr [WC3FXN_Ownership]
test eax, eax
jne @End
xor ecx, ecx
@End:
jmp dword ptr [fxnLocationsRetn]
minimap_Locations endp
minimap_Ping proc
;//Show opponent pings on minimap.
.data
minimap_Ping1 dd 6F088E10h
minimap_Ping2 dd 6F325ECAh
minimap_Ping3 dd 6F325E4Bh
minimap_Ping4 dd 6F2A2C70h
.code
push eax
push ecx
mov ecx, esi
call dword ptr [minimap_Ping4]
test eax, eax
je @continue
jmp dword ptr [minimap_Ping3]
@continue:
lea ecx, dword ptr ds:[edi+0F0h]
call dword ptr [minimap_Ping1]
cmp eax, eax
jz continue
jmp dword ptr [minimap_Ping2]
continue:
xor edx, edx
mov ecx, 1
jmp dword ptr [fxnMinimapPingRetn]
minimap_Ping endp
;===================================;
; Selection Hooks ;
;===================================;
select_EnemySelect proc
;//Allow selection of enemy units.
.data
select_EnemySelect1 dd 6F088E10h
.code
mov edx, dword ptr [ebp-08h]
lea ecx, dword ptr [edx+000000F0h]
call dword ptr [select_EnemySelect1]
push 0
mov eax, dword ptr ss:[ebp+0Ch]
push eax
push edi
mov edi, dword ptr ss:[ebp-04h]
push edi
mov ecx, esi
call dword ptr [WC3FXN_Select]
jmp dword ptr [fxnSelectRetn]
select_EnemySelect endp
select_ShowResources proc
;//Show resources of enemies in the unit HUD.
.data
select_ShowResources1 dd 6F3186F0h
select_ShowResources2 dd 6F088E10h
select_ShowResources3 dd 6F1B8770h
.code
mov ecx, dword ptr [esi+00000124h]
mov dword ptr [ebp-08h], eax
call dword ptr [select_ShowResources3]
mov edi, eax
mov ecx, edi
call dword ptr [select_ShowResources1]
mov ecx, dword ptr [ebp-08h]
movzx edx, byte ptr [ecx+30h]
lea ecx, dword ptr [eax+00000088h]
mov dword ptr [ebp-10h], edx
call dword ptr [select_ShowResources2]
mov ecx, dword ptr [ebp-10h]
mov edx, 00000001h
shl edx, cl
jmp dword ptr [fxnShowResourcesRetn]
select_ShowResources endp
select_ShowHealth proc
;//Permanently display health bars.
.data
select_ShowHealth1 dd 6F081330h
.code
mov edx, 6F17D770h
mov ecx, eax
call dword ptr [select_ShowHealth1]
mov ecx, 00000002h
call dword ptr [WC3FXN_War3D2]
mov edi, eax
cmp edi, ebx
jne @Show1
mov ecx, 00000112h
call dword ptr [WC3FXN_War3D2]
.if stateHealth == 01h
mov eax, 00000001h
.else
test eax, eax
je @NoShow1
@Show1:
mov eax, 00000001h
.endif
@NoShow1:
cmp edi, ebx
mov dword ptr [esi+00000180h], eax
jne @Show2
mov ecx, 00000113h
call dword ptr [WC3FXN_War3D2]
.if stateHealth == 01h
mov eax, 00000001h
.else
test eax, eax
je @End
@Show2:
mov eax, 00000001h
.endif
@End:
jmp dword ptr [fxnShowHealthRetn]
select_ShowHealth endp
select_ShowCooldowns proc
;//Reveal enemy cooldowns.
pop esi
mov eax, 1
ret
select_ShowCooldowns endp
select_ShowSkills1 proc
;//Show hero skills.
call dword ptr [WC3FXN_DrawIcon]
jmp dword ptr [fxnShowSkills1Retn]
select_ShowSkills1 endp
select_ShowSkills2 proc
call dword ptr [WC3FXN_DrawIcon]
jmp dword ptr [fxnShowSkills2Retn]
select_ShowSkills2 endp
select_HeroPortraits proc
;//Displays allied hero portraits in the top left.
.data
select_HeroPortraits1 dd 6F137EB4h
select_HeroPortraits2 dd 6F137BE1h
select_HeroPortraits3 dd 6F2A2C70h
select_HeroPortraits4 dd 6F2A2E60h
.code
mov eax, dword ptr [ebp-1Ch]
mov ecx, dword ptr [ebp+08h]
mov edx, dword ptr [ecx]
push eax
call dword ptr [edx+000000ECh]
mov ecx, dword ptr [ebp-20h]
push eax
.if stateMap == 02h
call dword ptr [select_HeroPortraits3]
test eax, eax
jne @skip
jmp dword ptr [select_HeroPortraits1]
@skip:
jmp dword ptr [select_HeroPortraits2]
.else
call dword ptr [select_HeroPortraits4]
test eax, eax
jne @end
jmp dword ptr [select_HeroPortraits1]
@end:
jmp dword ptr [fxnHeroPortraitsRetn]
.endif
select_HeroPortraits endp
|
|
|
|
|
|
|
|
|
08-08-2008, 07:13 AM
|
#5 (permalink) |
|
rol 3905h, 8
Senior Member
Administrator Saint
Join Date: Jul 2004
Location: Canada
Posts: 5,414
|
Hooks.inc (Hotkey Thread)
Code:
;===================================;
; Hotkey Hook ;
;===================================;
thread_InjectWarcraft proc
;//Set hooks to Warcraft.
invoke DLL_SetHook, fxnMainmapHook, addr mainmap_Draw, 1
invoke DLL_SetHook, fxnMinimapHook, addr minimap_Draw, 1
invoke DLL_SetHook, fxnMainmapPlayersHook, addr mainmap_Players, 1
invoke DLL_SetHook, fxnLocationsHook, addr minimap_Locations, 1
invoke DLL_SetHook, fxnMinimapPingHook, addr minimap_Ping, 1
invoke DLL_SetHook, fxnMinimapPlayersHook, addr minimap_Players, 1
invoke DLL_SetHook, fxnUnitsHook, addr mainmap_Units, 1
invoke DLL_SetHook, fxnFootprintsHook, addr mainmap_Footprints, 1
invoke DLL_SetHook, fxnSpecularHook, addr mainmap_Specular, 1
invoke DLL_SetHook, fxnCorpsesHook, addr mainmap_Corpses, 1
invoke DLL_SetHook, fxnStaticSpritesHook, addr mainmap_StaticSprites, 1
invoke DLL_SetHook, fxnSoundHook, addr mainmap_Sound, 1
invoke DLL_SetHook, fxnIllusionsHook, addr mainmap_Illusions, 1
invoke DLL_SetHook, fxnInvisibleHook, addr mainmap_Invisible, 1
invoke DLL_SetHook, fxnSelectHook, addr select_EnemySelect, 1
invoke DLL_SetHook, fxnShowResourcesHook, addr select_ShowResources, 1
invoke DLL_SetHook, fxnShowHealthHook, addr select_ShowHealth, 1
invoke DLL_SetHook, fxnShowCooldownsHook, addr select_ShowCooldowns, 1
invoke DLL_SetHook, fxnShowSkills1Hook, addr select_ShowSkills1, 1
invoke DLL_SetHook, fxnShowSkills2Hook, addr select_ShowSkills2, 1
invoke DLL_SetHook, fxnShowRallyHook, addr mainmap_ShowRally, 1
invoke DLL_SetHook, fxnHeroPortraitsHook, addr select_HeroPortraits, 1
invoke DLL_SetHook, fxnPaidStructureHook, addr mainmap_PaidStructure, 1
invoke DLL_SetHook, fxnPlacementHook, addr mainmap_Placement, 1
Hotkey:
;//Make sure we're in a game.
invoke Warcraft_CheckGameState
test eax, eax
jz @End
invoke GetAsyncKeyState, VK_F5
.if eax != 0
;//Get the current time.
invoke GetTimeFormat, NULL, NULL, NULL, addr strClockFmt, addr strClockBuffer, 50
.if stateMap == 00h
;//Change mode to Lite.
mov stateMap, 01h
invoke wsprintf, addr strMessageBuffer, addr wc3StratMode, addr strClockBuffer
invoke Warcraft_TextOut, addr strMessageBuffer
.elseif stateMap == 01h
;//Change mode to Full.
mov stateMap, 02h
invoke wsprintf, addr strMessageBuffer, addr wc3FullMode, addr strClockBuffer
invoke Warcraft_TextOut, addr strMessageBuffer
.elseif stateMap == 02h
;//Change mode to Off.
mov stateMap, 00h
invoke wsprintf, addr strMessageBuffer, addr wc3OffMode, addr strClockBuffer
invoke Warcraft_TextOut, addr strMessageBuffer
.endif
.endif
invoke GetAsyncKeyState, VK_F4
.if eax != 0
.if stateHealth == 00h
;//Turn health bars on.
mov stateHealth, 01h
.else
;//Turn health bars off.
mov stateHealth, 00h
.endif
.endif
@End:
invoke Sleep, 750
jmp Hotkey
thread_InjectWarcraft endp
|
|
|
|
|
|
|
|
|
08-08-2008, 07:13 AM
|
#6 (permalink) |
|
rol 3905h, 8
Senior Member
Administrator Saint
Join Date: Jul 2004
Location: Canada
Posts: 5,414
|
Variables.inc
Code:
;====================================================;
; Global Variables Module (Variables.inc) ;
;====================================================;
; This file is home to all of the variables of the ;
; entire project. This includes toggles, text, and ;
; function addresses. ;
;====================================================;
.data?
hModule dd ?
lgJmp db 5 dup(?)
strClockBuffer db 50 dup(?)
strMessageBuffer db 128 dup(?)
.data
PPEB_LDR_DATA dd 0
vNop db 90h
;//Static text strings.
strClockFmt db "'['hh':'mm' 'tt']'", 0
wc3OffMode db "|cA0FFFFFF%s |cA000FF00Maphack has been set to |cA0FFFFFFoff mode|cA000FF00.",0
wc3StratMode db "|cA0FFFFFF%s |cA000FF00Maphack has been set to |cA0FFFFFFlite mode|cA000FF00.",0
wc3FullMode db "|cA0FFFFFF%s |cA000FF00Maphack has been set to |cA0FFFFFFfull mode|cA000FF00.",0
;//Primary maphack switch.
stateMap db 00h
stateHealth db 00h
;//Function addresses.
WC3FXN_DrawUnit dd 6F2A3D30h
WC3FXN_Select dd 6F2A3270h
WC3FXN_Ownership dd 6F088E10h
WC3FXN_DrawRing dd 6F116370h
WC3FXN_HideRing dd 6F1163D0h
WC3FXN_DrawRally dd 6F2A2E60h
WC3FXN_War3D2 dd 6F63B602h
WC3FXN_TextOut dd 6F663740h
WC3FXN_GlobalClass dd 6F84CC20h
WC3FXN_DrawIcon dd 6F1C3050h
WC3FXN_GameClass dd 6F873334h
PROFILE_LITE dd 15046EF0h
PROFILE_FULL dd 15046F0Eh
;//Hook addresses.
fxnMainmapHook dd 6F40AA55h
fxnMinimapHook dd 6F147C6Fh
fxnLocationsHook dd 6F14872Bh
fxnUnitsHook dd 6F2A3BFAh
fxnFootprintsHook dd 6F07431Fh
fxnSpecularHook dd 6F17EA66h
fxnCorpsesHook dd 6F0735CFh
fxnStaticSpritesHook dd 6F2A3A9Ch
fxnSoundHook dd 6F2A31DFh
fxnBlightHook dd 6F30CF73h
fxnIllusionsHook dd 6F1B01A9h
fxnInvisibleHook dd 6F17D862h
fxnSelectHook dd 6F1C0755h
fxnShowResourcesHook dd 6F13EF2Bh
fxnShowHealthHook dd 6F17F4A9h
fxnShowCooldownsHook dd 6F1C2C77h
fxnShowSkills1Hook dd 6F12DC33h
fxnShowSkills2Hook dd 6F12DC73h
fxnMinimapPingHook dd 6F325E1Ch
fxnMinimapPlayersHook dd 6F147D10h
fxnMainmapPlayersHook dd 6F40A918h
fxnShowRallyHook dd 6F462F92h
fxnHeroPortraitsHook dd 6F137BF1h
fxnPaidStructureHook dd 6F563D12h
fxnPlacementHook dd 6F15C51Dh
;//Return addresses.
fxnMainmapRetn dd 6F40AA8Ch
fxnMinimapRetn dd 6F147C7Ah
fxnLocationsRetn dd 6F148769h
fxnUnitsRetn dd 6F2A3C0Eh
fxnFootprintsRetn dd 6F074334h
fxnSpecularRetn dd 6F17EA7Bh
fxnCorpsesRetn dd 6F0735EAh
fxnStaticSpritesRetn dd 6F2A3AB0h
fxnSoundRetn dd 6F2A31FFh
fxnBlightRetn dd 6F30D089h
fxnInvisibleRetn dd 6F17D883h
fxnSelectRetn dd 6F1C0789h
fxnShowResourcesRetn dd 6F13EF96h
fxnShowHealthRetn dd 6F17F4F5h
fxnShowSkills1Retn dd 6F12DC3Ch
fxnShowSkills2Retn dd 6F12DC7Ch
fxnMinimapPingRetn dd 6F325E52h
fxnMinimapPlayersRetn dd 6F147D3Eh
fxnMainmapPlayersRetn dd 6F40A93Ch
fxnShowRallyRetn dd 6F462FA2h
fxnHeroPortraitsRetn dd 6F137C11h
fxnPaidStructureRetn dd 6F563D1Bh
fxnPlacementRetn dd 6F15C52Ch
|
|
|
|
|
|
|
|
|
08-08-2008, 07:14 AM
|
#7 (permalink) |
|
rol 3905h, 8
Senior Member
Administrator Saint
Join Date: Jul 2004
Location: Canada
Posts: 5,414
|
Feel free to use this source code in your own work, and I encourage you to make your releases open source. Please keep in mind that while constructive criticism is welcome, this work is quite old.
|
|
|
|
|
|
|
|
|
08-08-2008, 08:43 PM
|
#8 (permalink) | ||||
   Advocate 
Join Date: Jul 2007
Posts: 290
 |
Quote:
Quote:
Why would anyone try to detect frozen that way when the patches can be detected in 3 lines of code? Quote:
You should really add a variable for that instead of that long sleep Todo: Move these Quote:
I hope I could help you with that. Good job on your hack
__________________
|
||||
|
|
|
|
|
|
|
08-09-2008, 04:10 AM
|
#9 (permalink) | |
|
rol 3905h, 8
Senior Member
Administrator Saint
Join Date: Jul 2004
Location: Canada
Posts: 5,414
|
Quote:
|
|
|
|
|
|
|
| Sponsored links | |
|
Advertisement
|
|
|
«
Previous Thread
|
Next Thread
»
| Currently Active Users Viewing This Thread: 1 (0 members and 1 guests) | |
| Thread Tools | |
|
|
Similar Threads
|
||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| [WarCraft III] Gattahack 2 DotA Maphack for 1.21b | gattacalimited | User Downloads | 50 | 09-15-2008 10:04 AM |
| [WarCraft III] Zero Maphack v7.0.7 | Perma | Old downloads | 1 | 12-29-2007 01:17 AM |
| Useful Windows Software | Dan | Hardware and Software | 12 | 12-28-2005 03:24 AM |
| All times are GMT. The time now is 02:09 AM. |
