ExtraWork

[TheMinistered]

This is for all the visual basic users out there!

modMain

Code Select Expand


Public Enum GameType
   Diablo2 = 1
   Warcraft3 = 2
   Starcraft = 3
   WorlfOfWarcraft = 4
End Enum

Public Type ExtraWork
   GameType As Integer
   Length As Integer
   OutBuffer(1023) As Byte
End Type

Public Declare Function GetSystemDefaultLangID Lib "kernel32" () As Integer
Public Declare Sub RtlMoveMemory Lib "kernel32" (Destination As Any, Source As Any, ByVal Length As Long)
   
Public Declare Function LoadLibrary Lib "kernel32" Alias "LoadLibraryA" (ByVal strFilePath As String) As Long
Public Declare Function FreeLibrary Lib "kernel32" (ByVal hLib As Long) As Long
Public Declare Function GetProcAddress Lib "kernel32" (ByVal hModule As Long, ByVal lpProcName As String) As Long

Private ExtraWorkMarshaller As New clsExtraWorkMarshaller

Public Sub Main()
   Dim lngExtraWork As Long, lngExtraWorkAddress As Long, boolReturn As Boolean
   Dim ew As ExtraWork
   
   lngExtraWork = LoadLibrary("IX86ExtraWork.dll")
   If (lngExtraWork) Then
       lngExtraWorkAddress = GetProcAddress(lngExtraWork, "ExtraWork")
       If (lngExtraWorkAddress) Then
           ew.GameType = Starcraft
           ew.Length = 4
       
           If (ew.GameType = Diablo2) Then
               RtlMoveMemory ByVal VarPtr(ew.OutBuffer(0)), 0, 4
           Else
               RtlMoveMemory ByVal VarPtr(ew.OutBuffer(0)), CLng(GetSystemDefaultLangID), 4
           End If
           
           boolReturn = ExtraWorkMarshaller.CallExtraWork(lngExtraWorkAddress, VarPtr(ew))
       
           Debug.Print StrConv(ew.OutBuffer, vbUnicode)
       End If
       
       FreeLibrary lngExtraWork
   Else
       MsgBox "Failed to load IX86ExtraWork.dll!"
   End If

End Sub


clsExtraWorkMarshaller

Code Select Expand


Option Explicit

' From David Fritts
' ASM corrected by David Fritts
' Class recast by Ulli

Private Declare Function GlobalAlloc Lib "kernel32" (ByVal wFlags As Long, ByVal dwBytes As Long) As Long
Private Declare Function GlobalFree Lib "kernel32" (ByVal hMem As Long) As Long
Private Declare Function GlobalLock Lib "kernel32" (ByVal hMem As Long) As Long
Private Declare Function GlobalUnlock Lib "kernel32" (ByVal hMem As Long) As Long

Private Type tPD
   hMem                As Long
   PtrToOldCode        As Long
End Type
Private ProcDetails()   As tPD

Private VTIndex         As Long
Private Code            As Byte
Private CodeSize        As Long
Private PtrToNewCode    As Long
Private PtrToMyself     As Long
Private i               As Long

Private Sub Class_Initialize()
   VTIndex = -1    'initialize index into Virtual Table
   CallExtraWork 0, 0  'this sets up m/c code and modifies the VT
End Sub

Public Function CallExtraWork(ByVal lngFuncAddress As Long, ByVal lngEwAddress As Long) As Boolean

 'this is in fact only called once during class initialize
 'subsequent calls are diverted (via the VT) to the m/c code

   DivertTo "8B442408 8B4C240C FFD0 8B542410 8902 31C0 C21000"

End Function

Private Sub DivertTo(ByVal HexCode As String)

   VTIndex = VTIndex + 1 'inc index into VT
   ReDim Preserve ProcDetails(0 To VTIndex) 'adjust array size
   
   HexCode = Replace$(HexCode, " ", "") 'remove spaces from hex code
   CodeSize = Len(HexCode) / 2 'length of the resulting binary code (2 hex chars per byte of code)

   With ProcDetails(VTIndex)
       .hMem = GlobalAlloc(0, CodeSize) 'get memory for m/c code and save handle
       PtrToNewCode = GlobalLock(.hMem) 'get far pointer to allocated memory

       For i = 0 To CodeSize - 1
           Code = Val("&H" & Mid$(HexCode, i + i + 1, 2)) 'convert hex to binary m/c code
           RtlMoveMemory ByVal PtrToNewCode + i, Code, 1 'store it in allocated memory
       Next i

       .PtrToOldCode = VirtualTableEntry 'save old VT entry; VTIndex determines which entry
       VirtualTableEntry = PtrToNewCode 'overwrite VT entry; VTIndex determines which entry
       GlobalUnlock .hMem 'unlock memory
   End With 'PROCDETAILS(VTINDEX)

End Sub

Private Property Let VirtualTableEntry(ByVal FarPointer As Long)

   RtlMoveMemory PtrToMyself, ByVal ObjPtr(Me), 4 'get pointer to object (Me)
   RtlMoveMemory ByVal PtrToMyself + &H1C + VTIndex * 4, FarPointer, 4 'put VT entry

End Property

Private Property Get VirtualTableEntry() As Long

   RtlMoveMemory PtrToMyself, ByVal ObjPtr(Me), 4 'get pointer to object (Me)
   RtlMoveMemory VirtualTableEntry, ByVal PtrToMyself + &H1C + VTIndex * 4, 4 'get VT entry

End Property

Private Sub Class_Terminate()

   For VTIndex = VTIndex To 0 Step -1 'VTIndex still points to the last VT entry overwritten
       With ProcDetails(VTIndex)
           VirtualTableEntry = .PtrToOldCode 'restore VT entry; VTIndex determines which entry
           GlobalFree .hMem 'release memory used for m/c code
       End With 'PROCDETAILS(VTINDEX)
   Next VTIndex

End Sub


Note: I fixed the CallExtraWork so that it now returns a valid bool statement as to wether or not it succeeded.  Thus, anyone who is using the older implementation should update!

[dxoigmn]

Very nice TheMinistered.  This thread should probably be archived in the BotDev reference board.  Perhaps a section for "potential threads to archive" that are not yet a month old?

[UserLoser.]

Anyone mind explaining the importance of parsing this packet, and how you would go about it in Visual Basic 6.0?

Format of 0x4A:

(STRING) MPQ name

shouldn't be too hard to parse

[CoorsLight]

to my understanding, isn't ix86extrawork an 'mpq' file? if it's a dll file, where can i find this ix86extrawork.dll ?

[Eric]

where can i find this ix86extrawork.dll ?

Either inside of IX86ExtraWork.mpq or here.

[GoSuGaMING]

where can i find this ix86extrawork.dll ?

Either inside of IX86ExtraWork.mpq or here.

eh so how do u display the info :X its kinda pointless if it doesnt do anything :X

[Eibro]

where can i find this ix86extrawork.dll ?

Either inside of IX86ExtraWork.mpq or here.

eh so how do u display the info :X its kinda pointless if it doesnt do anything :X

Print the contents of OutBuffer after you call ExtraWork().

[GoSuGaMING]

where can i find this ix86extrawork.dll ?

Either inside of IX86ExtraWork.mpq or here.

eh so how do u display the info :X its kinda pointless if it doesnt do anything :X

Print the contents of OutBuffer after you call ExtraWork().

thanks

[Eric]

where can i find this ix86extrawork.dll ?

Either inside of IX86ExtraWork.mpq or here.

eh so how do u display the info :X its kinda pointless if it doesnt do anything :X

.... that's what this entire thread was about.

[GoSuGaMING]

where can i find this ix86extrawork.dll ?

Either inside of IX86ExtraWork.mpq or here.

eh so how do u display the info :X its kinda pointless if it doesnt do anything :X

.... that's what this entire thread was about.

but with the code that was summitted by TheMinistered or w/e it didnt display any of packet info.

[UserLoser.]

where can i find this ix86extrawork.dll ?

Either inside of IX86ExtraWork.mpq or here.

eh so how do u display the info :X its kinda pointless if it doesnt do anything :X

.... that's what this entire thread was about.

but with the code that was summitted by TheMinistered or w/e it didnt display any of packet info.

Maybe you should learn how it actually works.

[GoSuGaMING]

where can i find this ix86extrawork.dll ?

Either inside of IX86ExtraWork.mpq or here.

eh so how do u display the info :X its kinda pointless if it doesnt do anything :X

.... that's what this entire thread was about.

but with the code that was summitted by TheMinistered or w/e it didnt display any of packet info.

Maybe you should learn how it actually works.

maby because for some reason i didn't even recieve 0x4a

my friends arent getting it either and when i packetlogged the client i didnt get it... did bnet remove it?

[UserLoser.]

where can i find this ix86extrawork.dll ?

Either inside of IX86ExtraWork.mpq or here.

eh so how do u display the info :X its kinda pointless if it doesnt do anything :X

.... that's what this entire thread was about.

but with the code that was summitted by TheMinistered or w/e it didnt display any of packet info.

Maybe you should learn how it actually works.

maby because for some reason i didn't even recieve 0x4a

my friends arent getting it either and when i packetlogged the client i didnt get it... did bnet remove it?

If you're not recieving it and you're sure your data handler isn't screwing up, then yes; Battle.net "removed" it.   Every month or so, they send it for about 1-2 weeks.

[GoSuGaMING]

where can i find this ix86extrawork.dll ?

Either inside of IX86ExtraWork.mpq or here.

eh so how do u display the info :X its kinda pointless if it doesnt do anything :X

.... that's what this entire thread was about.

but with the code that was summitted by TheMinistered or w/e it didnt display any of packet info.

Maybe you should learn how it actually works.

maby because for some reason i didn't even recieve 0x4a

my friends arent getting it either and when i packetlogged the client i didnt get it... did bnet remove it?

If you're not recieving it and you're sure your data handler isn't screwing up, then yes; Battle.net "removed" it.   Every month or so, they send it for about 1-2 weeks.

whats the point

[Lenny]

It allows Battle.net to survey the system specs of people using their programs.  As you can see where its registry value is stored, its probably to "Optimize" their software.....