![]() Internal static extern bool WriteProcessMemory( Here's what MemoryManager looks like now: This new method uses WriteProcessMemory from kernel32.dll which we used before, so that should look familiar. Drawing the flow of execution out on a piece of paper always helps me.įirst - now that we're writing to memory, we need to give MemoryManager a new WriteBytes method. If this is confusing, I encourage you to spend some time studying the code, dissecting it and taking each chunk one line at a time. Hook EndScene function to detour to EndSceneHook using the pointer to EndScene that we found in step 1.Write custom EndSceneHook method that will make sure frames don't render faster than ~16ms (~60fps).Hook ISceneEnd function to detour to ISceneEndHook.Write custom ISceneEndHook method that will find the memory address of the EndScene function and set a private variable to that address, then unhook itself.Find the memory location of the EndScene function:.So let's modify our list of steps above to be a bit more specific: So we actually need to hook the ISceneEnd function with our own method that first sets a private variable as a pointer to the EndScene function. The memory address of the EndScene function is at an offset from this pointer parameter. When ISceneEnd is called internally by the WoW client's rendering engine, a pointer is passed as a parameter. However the way we do this is a bit different than we've done it previously. So doing some familiar memory reading and pointer dereferencing, we can reliably find the address of EndScene at runtime. There's a ISceneEnd function in the WoW client that calls EndScene internally, and thankfully, ISceneEnd is at a static memory address. The EndScene function is not always in the same memory location, but we do have a reliable way of finding it. Write to the WoW process memory, replacing the address of EndScene with EndSceneHook.Find the memory location of the EndScene function in the WoW process (there are actually multiple steps involved here).Write our own EndSceneHook method that does some extra stuff, then calls the actual EndScene function.So back to the previous question - "what is hooking"? The WoW client calls EndScene internally, so whenever WoW tries to call EndScene we're going to trick it into calling some other function that we've written. We won't get into the nitty gritty of how DirectX renders a frame, but what's important is that DirectX has a function called EndScene that is called once per frame. If you recall the earlier chapter on game loops, you'll remember that there are typically 3 things that happen every frame: The WoW client's rendering engine uses DirectX. So what is hooking? The wikipedia article has some good information with examples, but the here's the gist. ![]() This solution also has performance implications, but modern computers should have no problem running the vanilla WoW client, so I'm not too concerned about this. There are definitely easier solutions to this problem, and this may seem heavy-handed, but when we start talking about Warden down the road, function detouring is a very important tool to have in our toolbox, so I thought it made sense to introduce it here. What we're going to do is artificially throttle the framerate of the WoW client by hooking the DirectX EndScene function. I'm working with a monitor that has a 144hz refresh rate, and I'd prefer not to lower my refresh rate. If your monitor is set to 60hz refresh rate, and you enable vSync, you won't run into any problems. If your framerate is higher than ~80 FPS, CTM doesn't work (see this thread at OwnedCore for more info). We're also going to implement more traditional movement (WASD style) down the road, but CTM is what we'll use 95% of the time, so let's do that first.ĬTM in the early versions of the WoW client has some strange issues related to framerate. Essentially CTM lets you move your character by right-clicking a spot on the ground. I didn't even know Click-To-Move existed until I started playing around with botting way later on. The most common technique for making bots move hooks into the Click-To-Move function that's built into the vanilla WoW client. The next thing we should do is give our bot the ability to move around.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |