LinkBack URL
About LinkBacks
approved
Hi guys,
First some propaganda:
If you are interested in a Custom Kick tool that works on 1.22, please check
Visual Custom Kick (Advanced Visual Custom Kick ™ Main) it also allows you to completely cut the game startdelay and it has many other things like an autorefresh....
Now the serious part:
The first hack which shows runes?####################################
### SimpleWc3Hack1.2 by sd333221 ###
####################################
Type:
Maphack
Date:
15.10.2008
Detection Status:
Ladder / GameGuard / DotA-Client proof
at 15.10.2008
This is detectable, however Warden seems
inactive since 1.22!
about:
Simple offset hack to share the offsets
with you.
HowTo:
Just run it, it will patch your wc3
Features:
Reveal the minimap + map completely
Reveal units
Reveal pings
Reveal invisible units
Clickable units
Reveal illusions
Show Items
DotA AH Bypass
View Skills
View Cooldowns
Colored invisible units (red)
Warning:
I don't take any guarantee that this doesn't
get you banned, you use it on your own risk!
This will get you banned in a few days as it
is a simple offset based hack.
Note:
If you don't trust the file, compile it yourself
(source included)
Changelog:
V 1.0
+First release
V 1.1
+Show items
+AH Bypass
V 1.2
+View Skills
+View Cooldowns
+Colored invisible units
(as performed first by ShadowFrench)
####################################
### EOF ###
####################################
Support in this thread at bwhacks.com only!
Note for people who want to copy this to their own page:
This is an exclusive bwhacks.com release
You may freely copy this BUT you have to give credits and to give
reference to this thread at bwhacks.com!
Small screeny of what you can expect:
Here a screenshot of me, using it on battlenet:
Actually I decided to make a simple offsethack now, therefore it is of course opensource:
I updated the screenshot and the attachmentCode://SimpleWc3Hack for Warcraft 3 Patch 1.22... #include <windows.h> #include <Tlhelp32.h> #include <iostream> using namespace std; DWORD GetPIDForProcess (char* process); void EnableDebugPriv(); DWORD GetDLLBase(char* DllName, DWORD tPid); #define PATCH(i,w,l) WriteProcessMemory(hProc,reinterpret_cast<LPVOID>(gameBase+i),w,l,&dSize) #define NPATCH(i,w,l) WriteProcessMemory(hProc,reinterpret_cast<LPVOID>(i),w,l,&dSize) void main() { cout << "SimpleWc3Hack v1.2 by sd333221 loaded!" << endl << endl; cout << "Searching Wc3..." << endl; if(GetPIDForProcess("WAR3.EXE") == 0) { cout << "Warcraft 3 was not found..." << endl; system("Pause"); exit(0); } else { cout << "Getting debug privileges..." << endl; EnableDebugPriv(); cout << "Opening Warcraft 3 Process..." << endl; HANDLE hProc = OpenProcess(PROCESS_ALL_ACCESS, false, GetPIDForProcess("WAR3.EXE")); if(hProc) { cout << "Process opened... Patching" << endl; DWORD gameBase = GetDLLBase("Game.dll",GetPIDForProcess("WAR3.EXE")); DWORD dSize = 0; PATCH(0x3A04AB,"\x90\x90",2); //Patch 6F3A04AB to nop nop :-) if(dSize == 0) { cout << "Failed to patch showunitsingame" << endl; } PATCH(0x36087c,"\x00",1); if(dSize == 0) { cout << "Failed to patch showunitsmap" << endl; } PATCH(0x28464C,"\x90\x90",2); if(dSize == 0) { cout << "Failed to patch clickableunits" << endl; } PATCH(0x284662,"\xEB\x29",2); if(dSize == 0) { cout << "Failed to patch clickableunits (2nd patch)" << endl; } PATCH(0x281F1C,"\x40\xc3",2); if(dSize == 0) { cout << "Failed to patch revealillu" << endl; } PATCH(0x73B949,"\xB2\x00\x90\x90\x90\x90",6); if(dSize == 0) { cout << "Failed to patch removefogingame" << endl; } PATCH(0x42F836,"\x3B\xC0\x0F\x85\xC0\x00\x00\x00\x8D\x8B\xF0\x00\x00\x00\xE8\x97\x3C\x03\x00\x3B\xC0\x0F\x85\xAD\x00\x00\x00",27); if(dSize == 0) { cout << "Failed to patch pingsignal" << endl; } PATCH(0x360C91,"\x3B\xC0\x0F\x85\x30\x04\x00\x00",8); if(dSize == 0) { cout << "Failed to patch showinvisiblemap" << endl; } PATCH(0x3558FE,"\x90\x90\x90",3); if(dSize == 0) { cout << "Failed to patch showinvisiblemap" << endl; } PATCH(0x3C3F02,"\xEB",1); PATCH(0x3BF63C,"\xB8\xFF\x00\x00\x00\xEB",6); if(dSize == 0) { cout << "Failed to bypass DotA -ah command" << endl; } PATCH(0x3F75AA,"\x90\x90",2); PATCH(0x3A03EB,"\xEB",1); if(dSize == 0) { cout << "Failed to enable viewable items" << endl; } NPATCH(0x4559EC,"\x60\x0B\xC0\x75\x2F\x8A\x8E\xD0\x02\x00\x00\x80\xF9\x01\x74\x51\xC6\x86\xD0\x02\x00\x00\x01\xC6\x86\xD1\x02\x00\x00\x01\xC6\x86\xD2\x02\x00\x00\xFF\x8B\xCE\xB8\xFF\x01\x01\xFF\xFF\x15\x60\x5A\x45\x00\xEB\x2D\x8A\x8E\xD0\x02\x00\x00\x80\xF9\xFF\x74\x22\xC6\x86\xD0\x02\x00\x00\xFF\xC6\x86\xD1\x02\x00\x00\xFF\xC6\x86\xD2\x02\x00\x00\xFF\x8B\xCE\xB8\xFF\xFF\xFF\xFF\xFF\x15\x60\x5A\x45\x00\x61\xB8\x01\x00\x00\x00\x23\xD8\x89\x44\x24\xE4\xFF\x35\x65\x5A\x45\x00\xC3",116); DWORD addr[3]; addr[0] = gameBase + 0x29CD30; //References to the Game.dll addr[1] = gameBase + 0x398E0F; // addr[2] = 0x4559EC; //Detour NPATCH(0x455A60,&addr[0],sizeof(DWORD)); NPATCH(0x455A65,&addr[1],sizeof(DWORD)); NPATCH(0x455A6A,&addr[2],sizeof(DWORD)); PATCH(0x398E09,"\xFF\x25\x6A\x5A\x45\x00",6); //Plant detour if(dSize == 0) { cout << "Failed to enable colored invisibles" << endl; } PATCH(0x201B9C,"\x90\x90\x90\x90\x90\x90",6); PATCH(0x34E6E8,"\x90\x90",2); if(dSize == 0) { cout << "Failed to enable view skills" << endl; } PATCH(0x28d68e,"\xEB",1); PATCH(0x34E726,"\x90\x90\x90\x90",4); if(dSize == 0) { cout << "Failed to enable view cooldowns" << endl; } PATCH(0x284662,"\xEB",1); if(dSize == 0) { cout << "Failed to enable click invisible units" << endl; } cout << "Done, goodbye!" << endl; system("Pause"); exit(1); } else { cout << "Warcraft 3 could not be opened..." << endl; system("Pause"); exit(0); } } } //Queries the ProcessId of a certain process DWORD GetPIDForProcess (char* process) { BOOL working=0; PROCESSENTRY32 lppe= {0}; DWORD targetPid=0; HANDLE hSnapshot=CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS ,0); if (hSnapshot) { lppe.dwSize=sizeof(lppe); working=Process32First(hSnapshot,&lppe); while (working) { if(_stricmp(lppe.szExeFile,process)==0) { targetPid=lppe.th32ProcessID; break; } working=Process32Next(hSnapshot,&lppe); } } CloseHandle( hSnapshot ); return targetPid; } //Enables to open other processes void EnableDebugPriv() { HANDLE hToken; LUID sedebugnameValue; TOKEN_PRIVILEGES tkp; if ( ! OpenProcessToken( GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, &hToken ) ) return; if ( ! LookupPrivilegeValue( NULL, SE_DEBUG_NAME, &sedebugnameValue ) ){ CloseHandle( hToken ); return; } tkp.PrivilegeCount = 1; tkp.Privileges[0].Luid = sedebugnameValue; tkp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED; if ( ! AdjustTokenPrivileges( hToken, FALSE, &tkp, sizeof tkp, NULL, NULL ) ) CloseHandle( hToken ); } //Gets the base of our dll DWORD GetDLLBase(char* DllName, DWORD tPid) { HANDLE snapMod; MODULEENTRY32 me32; if (tPid == 0) return 0; snapMod = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE, tPid); me32.dwSize = sizeof(MODULEENTRY32); if (Module32First(snapMod, &me32)){ do{ if (strcmp(DllName,me32.szModule) == 0){ CloseHandle(snapMod); return (DWORD) me32.modBaseAddr; } }while(Module32Next(snapMod,&me32)); } CloseHandle(snapMod); return 0; }
Enjoy
sd333221
This was tested, and is proven to work
For Developers:
Feel free to use my offsets if you give credits!
Last edited by sd333221 : 01-03-2009 at 10:14 AM
Senior Member
approved
Uppercase is not shouting, this is a myth perpetuated by housewives and sex offenders.
--
Set a trashcan on fire and keep a bum warm for a night. Set the bum on fire, and keep him warm for the rest of his life.
--
If debugging is the process of removing bugs, then programming must be the process of putting them in. - Edsger Dijkstra
Thank you, I removed the links since the attachments seem to work
Wow that was quick. Nice job.
Also, only old attachments are broken all new ones work fine.
That was fast. LLGW
"Recognize that your neighbor feels as you do, and keep in mind your own dislikes."
UnseeingAiur @ USEast
My Humble Web Domain
Supply the demand, llgw.
Originally Posted by DSG
i think you're thinking of supply and demand, which applies to pricing of products :P
also is there a way that I can get it so that the hotkey doesn't overlap with vck :o?
No, I'm pretty sure he's saying that he supplied the demand of a MH for the new version.
WE POP BITCHEZ WIT R GATZ CLUB:
LCS, 707, BB
Oh, okay. I just assumed that because he didn't use a whole sentence.
Looking at BenediKs new hack makes me very angry (v2.0)................
After making his crappy first version he just completely stole my maphack... he completely ripped the routine in asm and put it in his
maphack
He didn't even give credits or something, and his dll is even crappy mapped into the warcraft 3 process with no protection at all.
Go to hell BenediK
Edit:
Just saw that it is even worse
He just renamed the dll and uses a much worse loader than mine...CRC: f72df374 -1 0 0 0 W3SIMPLE.DLL
CRC: f72df374 -1 0 0 0 WARBLACKHAT.DLL
His hack was released 2.7.08, mine a day earlier.
Unbelievable xD
Last edited by sd333221 : 07-02-2008 at 10:23 AM
undetected in ladder?
ty for your work.
Good work!
Issuing attacks on units out of your field of view will get you dropped.
Besides, the method will not work in Battle.net games!
Ah ok, didn't know blizzard added that kind of protection.
I will make a better hack soon
Well, it would be pretty lame if you could issue targetorders on units out of your view with f.e. the Sniper hero in DotA =P
Wasn't this possible in 1.21b?
Afaik it was :-)
y it doesnt work on b.net , for me it only works on comp game
It *is* possible.
But if your unit tries to issue a attack on a unit outside of the normal field of view, it will drop you.
However, this doesn't happen *that* often due to the range restrictions of each unit.
( A case where it would definately happen is the Sniper hero in DotA due to his high range )
now i see what you want to say =)
btw: it works on custom games?
There are currently 1 users browsing this thread. (0 members and 1 guests)
