Open Source Warcraft III Patch v1.23 Maphack!!

[Ozzapoo]

#####################################
### SimpleWc3Hack 2.0 by sd333221 ###
#####################################

Type:
Maphack

Date:
20.03.2009

Detection Status:
DON'T USE THIS ON LADDER OR DOTACLIENT.
YOU WILL GET A BAN! ! !

about:
Simple offset hack to share the offsets
with you.

HowTo:
Just run it, it will patch your wc3

Features:
Reveal the minimap + map completely
Reveal units
Reveal pings
Reveal invisible units
Clickable units
Reveal illusions
Show Items
DotA AH Bypass
View Skills
View Cooldowns
Colored invisible units (red)
View Enemy Icons
Modify Tradeamount / Enable Trade

Warning:
I don't take any guarantee that this doesn't
get you banned, you use it on your own risk!
This will get you banned in a few days as it
is a simple offset based hack.

Note:
If you don't trust the file, compile it yourself
(source included)

Changelog:
V 1.0
+First release
V 1.1
+Show items
+AH Bypass
V 1.2
+View Skills
+View Cooldowns
+Colored invisible units
(as performed first by ShadowFrench)
V 1.3
+View Enemy Icons
+Modify Tradeamount / Enable Trade
V 2.0
+Added support for Warcraft v1.23


####################################
### EOF ###
####################################

Spoiler:

Code: Select all

//SimpleWc3Hack for Warcraft 3 Patch 1.23...
#include <windows.h>
#include <Tlhelp32.h>
#include <iostream>
using namespace std;

DWORD GetPIDForProcess (char* process);
void EnableDebugPriv();
DWORD GetDLLBase(char* DllName, DWORD tPid);

#define PATCH(i,w,l) WriteProcessMemory(hProc,reinterpret_cast<LPVOID>(gameBase+i),w,l,&dSize)
#define NPATCH(i,w,l) WriteProcessMemory(hProc,reinterpret_cast<LPVOID>(i),w,l,&dSize)

int main()
{
    cout << "SimpleWc3Hack v2.0 by sd333221 loaded (for WC3 v1.23)!" << endl << endl;

    cout << "Searching Wc3..." << endl;
    if(GetPIDForProcess("WAR3.EXE") == 0)
    {
        cout << "Warcraft 3 was not found..." << endl;
        system("Pause");
        exit(0);
    }
    else
    {
        cout << "Getting debug privileges..." << endl;
        EnableDebugPriv();
        cout << "Opening Warcraft 3 Process..." << endl;
        HANDLE hProc = OpenProcess(PROCESS_ALL_ACCESS, false, GetPIDForProcess("WAR3.EXE"));
        if(hProc)
        {
            cout << "Process opened... Patching" << endl;
            DWORD gameBase = GetDLLBase("Game.dll",GetPIDForProcess("WAR3.EXE"));
            DWORD dSize = 0;

            PATCH(0x3A1E9B,"\x90\x90",2); //Patch 6F3A1E9B to nop nop :-)
            if(dSize == 0)
            {
                cout << "Failed to patch showunitsingame" << endl;
            }

            PATCH(0x361DFC,"\x00",1);
            if(dSize == 0)
            {
                cout << "Failed to patch showunitsmap" << endl;
            }

            PATCH(0x285B8C,"\x90\x90",2);  
            if(dSize == 0)
            {
                cout << "Failed to patch clickableunits" << endl;
            }

            PATCH(0x285BA2,"\xEB\x29",2);  
            if(dSize == 0)
            {
                cout << "Failed to patch clickableunits (2nd patch)" << endl;
            }

            PATCH(0x28345C,"\x40\xc3",2);
            if(dSize == 0)
            {
                cout << "Failed to patch revealillu" << endl;
            }

            PATCH(0x73DEC9,"\xB2\x00\x90\x90\x90\x90",6);
            if(dSize == 0)
            {
                cout << "Failed to patch removefogingame" << endl;
            }

            PATCH(0x431556,"\x3B\xC0\x0F\x85\xC0\x00\x00\x00\x8D\x8B\xF0\x00\x00\x00\xE8\x07\x3D\x03\x00\x3B\xC0\x0F\x85\xAD\x00\x00\x00",27);
            if(dSize == 0)
            {
                cout << "Failed to patch pingsignal" << endl;
            }

            PATCH(0x362211,"\x3B\xC0\x0F\x85\x30\x04\x00\x00",8);
            if(dSize == 0)
            {
                cout << "Failed to patch showinvisiblemap" << endl;
            }

            PATCH(0x356E7E,"\x90\x90\x90",3);
            if(dSize == 0)
            {
                cout << "Failed to patch showinvisiblemap" << endl;
            }

            PATCH(0x3C5C22,"\xEB",1);
            PATCH(0x3C135C,"\xB8\xFF\x00\x00\x00\xEB",6);
            if(dSize == 0)
            {
                cout << "Failed to bypass DotA -ah command" << endl;
            }

            PATCH(0x3F92CA,"\x90\x90",2);
            PATCH(0x3A1DDB,"\xEB",1);
            if(dSize == 0)
            {
                cout << "Failed to enable viewable items" << endl;
            }

            NPATCH(0x4559EC,"\x60\x0B\xC0\x75\x2F\x8A\x8E\xD0\x02\x00\x00\x80\xF9\x01\x74\x51\xC6\x86\xD0\x02\x00\x00\x01\xC6\x86\xD1\x02\x00\x00\x01\xC6\x86\xD2\x02\x00\x00\xFF\x8B\xCE\xB8\xFF\x01\x01\xFF\xFF\x15\x60\x5A\x45\x00\xEB\x2D\x8A\x8E\xD0\x02\x00\x00\x80\xF9\xFF\x74\x22\xC6\x86\xD0\x02\x00\x00\xFF\xC6\x86\xD1\x02\x00\x00\xFF\xC6\x86\xD2\x02\x00\x00\xFF\x8B\xCE\xB8\xFF\xFF\xFF\xFF\xFF\x15\x60\x5A\x45\x00\x61\xB8\x01\x00\x00\x00\x23\xD8\x89\x44\x24\xE4\xFF\x35\x65\x5A\x45\x00\xC3",116);
            DWORD addr[3];
            addr[0] = gameBase + 0x29E270; //References to the Game.dll
            addr[1] = gameBase + 0x39A3BF; //
            addr[2] = 0x4559EC;            //Detour
            NPATCH(0x455A60,&addr[0],sizeof(DWORD));
            NPATCH(0x455A65,&addr[1],sizeof(DWORD));
            NPATCH(0x455A6A,&addr[2],sizeof(DWORD));
            PATCH(0x39A3B9,"\xFF\x25\x6A\x5A\x45\x00",6); //Plant detour
            if(dSize == 0)
            {
                cout << "Failed to enable colored invisibles" << endl;
            }


            PATCH(0x2030DC,"\x90\x90\x90\x90\x90\x90",6);
            PATCH(0x34FC68,"\x90\x90",2);
            if(dSize == 0)
            {
                cout << "Failed to enable view skills" << endl;
            }

            PATCH(0x28EBCE,"\xEB",1);
            PATCH(0x34FCA6,"\x90\x90\x90\x90",4);
            if(dSize == 0)
            {
                cout << "Failed to enable view cooldowns" << endl;
            }

            PATCH(0x285BA2,"\xEB",1);
            if(dSize == 0)
            {
                cout << "Failed to enable click invisible units" << endl;
            }

            //Tradeamount
            //Currently disabled but works in 1.23!
            /*PATCH(0x34E762,"\xB8\x00\x00\x00\x00\x90",6);
            DWORD highTradeAmount = 200;
            PATCH(0x34E763,&highTradeAmount,sizeof(DWORD));
            PATCH(0x34E76A,"\xB8\x00\x00\x00\x00\x90",6);
            DWORD lowTradeAmount = 100;
            PATCH(0x34E76B,&lowTradeAmount,sizeof(DWORD));
            if(dSize == 0)
            {
                cout << "Failed to patch tradeamount" << endl;
            }*/

            cout << "Show hero icons: " << endl;
            cout << "Press F1 to view all hero icons, F2 for enemy icons, F3 for ally icons, any key for nothing!" << endl;
            system("Pause");
            if(GetAsyncKeyState(VK_F1))
            {
                PATCH(0x371581, "\x5B\x26",2);
                PATCH(0x371587, "\x90\x90\x90\x90\x90\x90",6);

                if(dSize == 0)
                {
                    cout << "Failed to patch view all icons" << endl;
                }
            }
            else if(GetAsyncKeyState(VK_F2))
            {
                PATCH(0x371581, "\x5B\x26",2);
                PATCH(0x371587, "\x0F\x85\x8F\x02\x00\x00",6);

                if(dSize == 0)
                {
                    cout << "Failed to patch view enemy icons" << endl;
                }

            }
            else if(GetAsyncKeyState(VK_F3))
            {
                PATCH(0x371581, "\x5B\x26",2);
                PATCH(0x371587, "\x0F\x84\x8F\x02\x00\x00",6);

                if(dSize == 0)
                {
                    cout << "Failed to patch view ally icons" << endl;
                }
            }
            else
            {
                cout << "View hero icons not enabled!" << endl;
            }


            cout << "Done, goodbye!" << endl;
            system("Pause");
            exit(1);


        }
        else
        {
            cout << "Warcraft 3 could not be opened..." << endl;
            system("Pause");
            exit(0);
        }
    }
    return 0;
}

//Queries the ProcessId of a certain process
DWORD GetPIDForProcess (char* process)
{
    BOOL            working=0;
    PROCESSENTRY32 lppe= {0};
    DWORD            targetPid=0;

    HANDLE hSnapshot=CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS ,0);
    if (hSnapshot) 
    {
        lppe.dwSize=sizeof(lppe);
        working=Process32First(hSnapshot,&lppe);
        while (working)
        {
            if(_stricmp(lppe.szExeFile,process)==0)
            {
                targetPid=lppe.th32ProcessID;
                break;
            }
            working=Process32Next(hSnapshot,&lppe);
        }
    }

    CloseHandle( hSnapshot );
    return targetPid;
}

//Enables to open other processes
void EnableDebugPriv()
{
    HANDLE hToken;
    LUID sedebugnameValue;
    TOKEN_PRIVILEGES tkp;

    if ( ! OpenProcessToken( GetCurrentProcess(),
        TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, &hToken ) )
        return;
    if ( ! LookupPrivilegeValue( NULL, SE_DEBUG_NAME, &sedebugnameValue ) ){
        CloseHandle( hToken );
        return;
    }
    tkp.PrivilegeCount = 1;
    tkp.Privileges[0].Luid = sedebugnameValue;
    tkp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
    if ( ! AdjustTokenPrivileges( hToken, FALSE, &tkp, sizeof tkp, NULL, NULL ) )
        CloseHandle( hToken );
} 

//Gets the base of our dll
DWORD GetDLLBase(char* DllName, DWORD tPid)
{
    HANDLE snapMod;  
    MODULEENTRY32 me32;

    if (tPid == 0) return 0;
    snapMod = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE, tPid);  
    me32.dwSize = sizeof(MODULEENTRY32);  
    if (Module32First(snapMod, &me32)){ 
        do{
            if (strcmp(DllName,me32.szModule) == 0){ 
                CloseHandle(snapMod); 
                return (DWORD) me32.modBaseAddr; 
            }
        }while(Module32Next(snapMod,&me32));
    }

    CloseHandle(snapMod); 
    return 0;  
}

Thanks to sd333221 from d3scene! Have fun!

[vosszaa]

the proper one is already released by TyranO.

[Ozzapoo]

This has way more features than tyrano's so far...

[vosszaa]

This has way more features than tyrano's so far...

TyranO compile it all together into user friendly gui. He just mad a new thread not long ago.

[storyyeller]

But this one lets aspiring programmers learn

[lookbehind]

Thanks for posting the source, everyone should be like you

[SKillER]

ozza can you compile this without removing the fog from map and minimap?

[patrick-the-bomb]

ozza can you compile this without removing the fog from map and minimap?

I don't know much about this kind of stuff, but couldn't you just read through code and take out whatever you want to not be there? SOrry if that's like really dumb lol. I thought it might work. haha

[SKillER]

ozza can you compile this without removing the fog from map and minimap?

I don't know much about this kind of stuff, but couldn't you just read through code and take out whatever you want to not be there? SOrry if that's like really dumb lol. I thought it might work. haha

ty, but no need to tell how to code

if i am right this what you need to remove

Code: Select all

            PATCH(0x73DEC9,"\xB2\x00\x90\x90\x90\x90",6);
            if(dSize == 0)
            {
                cout << "Failed to patch removefogingame" << endl;
            }

the problem is i dont have visual studio and i dont want to dl gig's just to compile a src

[lolipop]

In Source Code We Trust!