Comments (14)
There are a few ways to obtain a handle. One way is to steal a handle from Task Manager (since Task Manager maintains a list of all handles to every process running). There are lots of ways to steal handles and there has been a lot of research into it because it's a way to bypass anti-cheats that hook OpenProcess. Look around on the UC forum in the anti-cheat bypass section and you will find a ton of bypasses. Here's something I just found in a few seconds.
from memoryjs.
Is your Node.js version 32 or 64 bit? And is Wow.exe 32 bit or 64 bit?
from memoryjs.
Is your Node.js version 32 or 64 bit? And is Wow.exe 32 bit or 64 bit?
32 bit, Wow.exe is also 32 bit.
Windows 10, if that matters.
from memoryjs.
How does Wow.exe
appear when you call memoryjs.getProcesses()
?
from memoryjs.
What happens when you log the error message inside the callback? It should tell you if it wasn't able to open the process #31.
from memoryjs.
unable to find process
from memoryjs.
Hmm, try verifying the PID of Wow.exe
through task manager, and try opening the process by just using the PID? If that doesn't work then it might be that Wow.exe
has some sort of anti-cheat that prevents OpenProcess from working?
from memoryjs.
I guess that must be the case, i'm stumped. Memoryjs returns the correct PID & if I use it as the way to openProcess I get the same error.
from memoryjs.
I would suggest creating an empty C++ project and trying to manually OpenProcess and see if you can get a handle that way:
DWORD dwProcessID = 1234;
HANDLE handle = OpenProcess(PROCESS_ALL_ACCESS, FALSE, dwProcessId);
if (handle == NULL) {
std::cout << "Failed to open handle." << std::endl;
} else {
std::cout << "Opened handle." << std::endl;
}
This will at least distinguish if it's a problem with the library or a problem with the Wow.exe
process specifically.
from memoryjs.
Yeah, failed to open handle.
from memoryjs.
There are a few ways to obtain a handle. One way is to steal a handle from Task Manager (since Task Manager maintains a list of all handles to every process running). There are lots of ways to steal handles and there has been a lot of research into it because it's a way to bypass anti-cheats that hook OpenProcess. Look around on the UC forum in the anti-cheat bypass section and you will find a ton of bypasses. Here's something I just found in a few seconds.
@wuvluv I would also that this is the problem. Something is stripping / otherwise messing yith your handle. Is it a modded client by any chance? I have seen odd implemetations of anti-temper solutions for modded games.
from memoryjs.
Here are some other resources:
hSonic
SilentJack
Handle hijacking with IPC
Handle hijacking via LSASS
hBastard
Finding handles via SVCHOST
Handle hijacking via forced inheritance
A lot of these projects are probably outdated but worth reading about to understand what handle hijacking is and how it works. Essentially the aim of most of these projects are to find handles that were opened by the system and pass them to you.
from memoryjs.
No problem, best of luck!
from memoryjs.
Hey, I know I'm a bit late. Wow's anti-cheat doesn't prevent you from opening handles to the process (at least the old one doesn't). Here's something you should try: https://docs.microsoft.com/en-us/windows-hardware/drivers/debugger/debug-privilege
I use it in some code that opens Wow with PROCESS_ALL_ACCESS to inject a dll. But I don't know what version of the client you're trying to use, and I've had problems with memoryjs too.
from memoryjs.
Related Issues (20)
- How to read shared memory channel? (Windows) HOT 5
- Reading an address that is a BigInt throwing errors? HOT 3
- The library can't read memory for me can someone help me figure it out? HOT 2
-
- Any way to get module exports? HOT 2
- Add "Windows only" to readme HOT 2
- Usage with electron HOT 2
- Just pushed a commit (3be70b051025327db5d5f54cd5a1f777dea75943) that I think should enable this now (not on NPM yet). I wasn't familiar with memory mapped files before working on this change, but from my little testing it seems like you should be able to replicate this C# logic with memoryjs now. Updated the README with an example ([documentation](https://github.com/Rob--/memoryjs#memory-mapped-files-1)). HOT 2
- Error reading BigInt pointer HOT 6
- Feature: Open process using th32ProcessID instead of process name(multiple processes same name) HOT 2
- functionTest.cpp does not work on x64 builds HOT 1
- Using Cheat Engine Pointer HOT 6
- Writing to an adres using pointers HOT 2
- Little Endian Support HOT 3
- add pointer or int64 parameters on callFunction?
- publish/release newest version to npm? :) HOT 2
- Linux/Unix support HOT 2
- setProtection is not available in latest version HOT 1
- Problems when using with electron. HOT 1
- Hi Rob, HOT 8
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from memoryjs.