|  |
WoW Memory Editing WoW Memory Editing for learning purposes only.
This section is more advanced than others on MMOwned Read the section specific rules, infractions will be given out if u break them!That is including the expectations! - If you don't meet them then don't post |
 | 
07-30-2009
|  | Knight-Lieutenant | | | Join Date: Apr 2009 Location: Germany
Posts: 349
Reputation: 13 Level up: 5%, 666 Points needed |   | | | Corrupt file version bypass
Hi. 
I am loading my .dll into WoW right after I start it to hook some functions to grab information.
My problem is just that I can't log in because of the corrupt file check.
Any hint how I can bypass this?
Thank you. |
Donate to remove ads, get your "DONATOR title, and get access to the MMOwned community's elite Shoutbawx.
07-30-2009
|  | MMOwned WebDev Legendary User | | | Join Date: Jan 2008
Posts: 2,267
Nominated 8 Times in 4 Posts Reputation: 1095 Points: 28,488, Level: 24 | Level up: 76%, 412 Points needed |  | | Quote:
Originally Posted by flo8464  Hi.
I am loading my .dll into WoW right after I start it to hook some functions to grab information.
My problem is just that I can't log in because of the corrupt file check.
Any hint how I can bypass this?
Thank you. | Hook the CRC function. Remove all your hooks/detours before the CRC func is called -> Call original -> drop your hooks/detours back in. Not that hard. |
07-31-2009
|  | Knight-Lieutenant | | | Join Date: Jan 2008 Location: South Pole
Posts: 347
Reputation: 47 Level up: 21%, 553 Points needed | | | | You can find the CRC function easily by placing an on read hwbp somewhere in the code section, if you didn't already find it somewhere around here in a dump or something.
__________________ I hacked 127.0.0.1 |
07-31-2009
| | Knight-Lieutenant | | | Join Date: Apr 2009 Location: Germany
Posts: 349
Reputation: 13 Level up: 5%, 666 Points needed | | | | Thats what I did.
I also tried to free the DLL before the checksum-function (I am hooking the function at 0x00948ED0) got executed.
Does Detours restore the original state after I call DetourDetach() ? Maybe that could be the reason that Detours ****s it up, I think I stop using it and do it myself...
Btw, the checksum-function computes which data? Only .text or more ?
Gotta start reversing it a bit later... |
07-31-2009
|  | Kynox's sister's pimp Legendary User | | | Join Date: Apr 2006 Location: ntdll.dll
Posts: 4,577
Nominated 64 Times in 5 Posts  TOTM/W Award(s): 1 Reputation: 1120 Points: 64,180, Level: 37 | Level up: 47%, 2,020 Points needed | | | Quote:
Originally Posted by flo8464 Thats what I did.
I also tried to free the DLL before the checksum-function (I am hooking the function at 0x00948ED0) got executed.
Does Detours restore the original state after I call DetourDetach() ? Maybe that could be the reason that Detours ****s it up, I think I stop using it and do it myself...
Btw, the checksum-function computes which data? Only .text or more ?
Gotta start reversing it a bit later... |
Rifk.
(Filler) |
07-31-2009
| | Knight-Lieutenant | | | Join Date: Apr 2009 Location: Germany
Posts: 349
Reputation: 13 Level up: 5%, 666 Points needed | | | Quote:
Originally Posted by Cypher
Rifk.
(Filler)
| You like that word ? :> |
07-31-2009
| | Knight-Lieutenant | | | Join Date: Jan 2008 Location: South Pole
Posts: 347
Reputation: 47 Level up: 21%, 553 Points needed | | | Quote:
Originally Posted by flo8464 Thats what I did.
I also tried to free the DLL before the checksum-function (I am hooking the function at 0x00948ED0) got executed.
Does Detours restore the original state after I call DetourDetach() ? Maybe that could be the reason that Detours ****s it up, I think I stop using it and do it myself...
Btw, the checksum-function computes which data? Only .text or more ?
Gotta start reversing it a bit later... | DetourDetach() should restore the original function, maybe you've forgotten to unhook some functions?
And I'm pretty sure it does only compute .text, but I'm afraid I can't check if I'm right since I don't have WoW installed anymore.
The CRCHook should look like this: Code: MyCRCHook(){ /*dunno the arguments*/
if(!UnHookFunctions()){/*Error Handling here*/}
oCRCFunction();
if(!HookFunctions()) {/*Error Handling here*/}
}
UnHookFunctions() Should call DetourDetach() on all your wow function Hooks and return true if it succedes.
HookFunctions() should reinstall your Hooks and return true on success.
EDIT: omg don't free the DLL, that's just not what you want <_<
__________________ I hacked 127.0.0.1
Last edited by Xarg0; 07-31-2009 at 11:38 AM.
|
07-31-2009
| | Kynox's sister's pimp Legendary User | | | Join Date: Apr 2006 Location: ntdll.dll
Posts: 4,577
Nominated 64 Times in 5 Posts TOTM/W Award(s): 1 Reputation: 1120 Points: 64,180, Level: 37 | Level up: 47%, 2,020 Points needed | | | Quote:
Originally Posted by Xarg0 DetourDetach() should restore the original function, maybe you've forgotten to unhook some functions?
And I'm pretty sure it does only compute .text, but I'm afraid I can't check if I'm right since I don't have WoW installed anymore.
The CRCHook should look like this: Code: MyCRCHook(){ /*dunno the arguments*/
if(!UnHookFunctions()){/*Error Handling here*/}
oCRCFunction();
if(!HookFunctions()) {/*Error Handling here*/}
}
UnHookFunctions() Should call DetourDetach() on all your wow function Hooks and return true if it succedes.
HookFunctions() should reinstall your Hooks and return true on success.
EDIT: omg don't free the DLL, that's just not what you want <_< |
It hashes more than .text fyi.
Also, yeah, lol @ "freeing the dll", that's a major part of what I was "rifking" at.  |
07-31-2009
| | Knight-Lieutenant | | | Join Date: Apr 2009 Location: Germany
Posts: 349
Reputation: 13 Level up: 5%, 666 Points needed | | | Code: EDIT: omg don't free the DLL, that's just not what you want <_<
No, I just wanted to try if it changes something what it doesn't.
Well, just a idea, tell me if its stupid:
1. Compute crc of original .text Edit: Ok, of everything which to functions normaly hashes
2. Hook the crc function
3. If WoW calls it, return the value computed in Step 1 instead.
Or maybe I look at WowME .. could help. ;>
Thanks
Last edited by flo8464; 07-31-2009 at 12:13 PM.
|
07-31-2009
| | Kynox's sister's pimp Legendary User | | | Join Date: Apr 2006 Location: ntdll.dll
Posts: 4,577
Nominated 64 Times in 5 Posts TOTM/W Award(s): 1 Reputation: 1120 Points: 64,180, Level: 37 | Level up: 47%, 2,020 Points needed | | | Quote:
Originally Posted by flo8464 Code: EDIT: omg don't free the DLL, that's just not what you want <_<
No, I just wanted to try if it changes something what it doesn't.
Well, just a idea, tell me if its stupid:
1. Compute crc of original .text Edit: Ok, of everything which to functions normaly hashes
2. Hook the crc function
3. If WoW calls it, return the value computed in Step 1 instead.
Or maybe I look at WowME .. could help. ;>
Thanks | Your ****ing question has already been answered.
Hook the function.
In the hook:
Remove all your modifications.
Call the original function.
Reapply all your hooks.
Return result of original function.
Problem ****ing solved, stop posting useless shit. >_>
|
07-31-2009
| | Knight-Lieutenant | | | Join Date: Jan 2008 Location: South Pole
Posts: 347
Reputation: 47 Level up: 21%, 553 Points needed | | | | inb4cloze
(filler)
__________________ I hacked 127.0.0.1 | |
Posting Rules
| You may not post new threads You may not post replies You may not post attachments You may not edit your posts
HTML code is Off
| | |
All times are GMT -4. The time now is 08:44 PM.
|
