Skip to content
View in the app

A better way to browse. Learn more.
WRobot

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

nax

WRobot user

  • Joined

  • Last visited

View Profile Find content

Everything posted by nax

  1. [Security] CastSpellByName

    nax commented on nax's bug report in Bug Tracker
    part of my lua dump of a server i forgot the name of, https://pastebin.com/p7HmxDfV

  2. [Security] CastSpellByName

    nax commented on nax's bug report in Bug Tracker
    its not letting me update the main post, here is the code in you're syntext : GetSpellIdByName : public static int GetSpellIdByName(string spellName, out int rank) { rank = 0; try { uint GetSpellIdByNameAddr = 0x00540200; // Allocate space for spell name string var nameBytes = System.Text.Encoding.UTF8.GetBytes(spellName + "\0"); uint nameSpace = wManager.Wow.Memory.WowMemory.AllocData.Get(nameBytes.Length); if (nameSpace <= 0) return 0; // Allocate space for rank (int = 4 bytes) uint rankSpace = wManager.Wow.Memory.WowMemory.AllocData.Get(4); // Allocate space to store the return value (spell ID from eax) uint spellIdSpace = wManager.Wow.Memory.WowMemory.AllocData.Get(4); if (nameSpace <= 0 || rankSpace <= 0 || spellIdSpace <= 0) return 0; // Write spell name to memory wManager.Wow.Memory.WowMemory.Memory.WriteBytes(nameSpace, nameBytes); wManager.Wow.Memory.WowMemory.Memory.WriteInt32(rankSpace, 0); wManager.Wow.Memory.WowMemory.Memory.WriteInt32(spellIdSpace, 0); var asm = new[] { wManager.Wow.Memory.WowMemory.CallWrapperCodeRebaseEsp(GetSpellIdByNameAddr, 8, nameSpace, rankSpace), // Store the spell ID (eax) to spellIdSpace "mov ecx, " + spellIdSpace, "mov [ecx], eax", wManager.Wow.Memory.WowMemory.RetnToHookCode }; wManager.Wow.Memory.WowMemory.InjectAndExecute(asm); // Read back the spell ID and rank int spellId = wManager.Wow.Memory.WowMemory.Memory.ReadInt32(spellIdSpace); rank = wManager.Wow.Memory.WowMemory.Memory.ReadInt32(rankSpace); // Free allocated memory wManager.Wow.Memory.WowMemory.AllocData.Free(nameSpace); wManager.Wow.Memory.WowMemory.AllocData.Free(rankSpace); wManager.Wow.Memory.WowMemory.AllocData.Free(spellIdSpace); return spellId; } catch (System.Exception ex) { Logging.WriteError("Error getting spell ID by name: " + ex.Message); return 0; } } CastSpell : public static void CastSpell(int spellid, ulong guid = 0) { try { uint CastSpell = 0x080DA40; uint guidLow = (uint)(guid & 0xFFFFFFFF); uint guidHigh = (uint)(guid >> 32); var asm = new[] { wManager.Wow.Memory.WowMemory.CallWrapperCodeRebaseEsp(CastSpell, 0x14, spellid , 0, guidLow, guidHigh, 0), wManager.Wow.Memory.WowMemory.RetnToHookCode }; wManager.Wow.Memory.WowMemory.InjectAndExecute(asm); } catch (System.Exception ex) { Logging.WriteError("Error casting spell: " + ex.Message); } }

  3. [Security] CastSpellByName

    nax posted a bug report in Bug Tracker
    Hello @Droidz, I would like to propose an improvement to WRobot's spell casting functionality that enhances both evasion capabilities and reliability on servers that implement Lua-based detection mechanisms. Problem Statement Several private servers employ Lua hooks on the CastSpellByName function to detect and flag bot activity. The current implementation's reliance on this Lua function creates a detectable pattern that can be exploited for bot identification. Solution Overview I have developed two native methods that bypass the Lua layer entirely, thereby reducing the bot's detectable footprint: Method 1: Direct Spell ID Resolution The GetSpellIdByName method directly invokes the game's internal GetSpellIdByName function (0x00540200), retrieving both the spell ID and rank without requiring Lua interaction: public static int GetSpellIdByName(string spellName, out int rank) { rank = 0; try { uint GetSpellIdByNameAddr = 0x00540200; // Allocate space for spell name string var nameBytes = System.Text.Encoding.UTF8.GetBytes(spellName + "\0"); uint nameSpace = wManager.Wow.Memory.WowMemory.AllocData.Get(nameBytes.Length); if (nameSpace <= 0) return 0; // Allocate space for rank (int = 4 bytes) uint rankSpace = wManager.Wow.Memory.WowMemory.AllocData.Get(4); // Allocate space to store the return value (spell ID from eax) uint spellIdSpace = wManager.Wow.Memory.WowMemory.AllocData.Get(4); if (nameSpace <= 0 || rankSpace <= 0 || spellIdSpace <= 0) return 0; // Write spell name to memory wManager.Wow.Memory.WowMemory.Memory.WriteBytes(nameSpace, nameBytes); wManager.Wow.Memory.WowMemory.Memory.WriteInt32(rankSpace, 0); wManager.Wow.Memory.WowMemory.Memory.WriteInt32(spellIdSpace, 0); var asm = new[] { "push " + rankSpace, // Push pointer to rank (2nd arg) "push " + nameSpace, // Push pointer to name (1st arg) "call " + GetSpellIdByNameAddr, "add esp, 8", // Store the spell ID (eax) to spellIdSpace "mov ecx, " + spellIdSpace, "mov [ecx], eax", "retn" }; wManager.Wow.Memory.WowMemory.InjectAndExecute(asm); // Read back the spell ID and rank int spellId = wManager.Wow.Memory.WowMemory.Memory.ReadInt32(spellIdSpace); rank = wManager.Wow.Memory.WowMemory.Memory.ReadInt32(rankSpace); // Free allocated memory wManager.Wow.Memory.WowMemory.AllocData.Free(nameSpace); wManager.Wow.Memory.WowMemory.AllocData.Free(rankSpace); wManager.Wow.Memory.WowMemory.AllocData.Free(spellIdSpace); return spellId; } catch (System.Exception ex) { Logging.WriteError("Error getting spell ID by name: " + ex.Message); return 0; } } Method 2: Direct Spell Casting with GUID Support The CastSpell method invokes the native spell casting function (0x080DA40) directly, accepting a GUID parameter to eliminate the need for target selection: public static void CastSpell(int spellid, ulong guid = 0) { try { uint CastSpell = 0x080DA40; uint guidLow = (uint)(guid & 0xFFFFFFFF); uint guidHigh = (uint)(guid >> 32); var asm = new[] { "push 0", "push " + guidHigh, "push " + guidLow, "push 0", "push " + spellid, "call " + CastSpell, "add esp, 0x14", "retn" }; wManager.Wow.Memory.WowMemory.InjectAndExecute(asm); } catch (System.Exception ex) { Logging.WriteError("Error casting spell: " + ex.Message); } } Performance Optimization While repeated calls to GetSpellIdByName could introduce minor latency, this can be mitigated through result caching with cache invalidation upon skill acquisition or update events. Benefits Eliminates dependency on the Lua CastSpellByName function, significantly reducing detection risk on Lua-hook protected servers Supports targeted spell casting without requiring target changes

  4. need help with wowdb

    nax replied to Pudge's topic in General assistance
    check the file path to make sure its correct and check permissions on the file to be able to be read.

  5. Client Instant Crash on Quest Accept – Turtle WoW Only

    nax replied to cballo's topic in WRobot for Wow Vanilla - Help and support
    post logs.

  6. [Wotlk] Looking for WoW API

    nax replied to iMod's topic in WRobot for Wow Wrath of the Lich King - Help and support
    This script builds a WotLK 3.3.5a global.lua definition file for VS Code. It generates documented WoW API globals (with parameters and return types where available) so you get better autocompletion, signature help, and fewer “unknown global” warnings while developing addons. Script.py

  7. Computer on?

    nax replied to condo's topic in General discussion
    Yes.

  8. Matenia's HumanMasterPlugin, all Fightclasses and experimental projects for later expansions, including a Quester

    nax replied to Matenia's topic in Developers assistance
    No, fightclasses can use dlls.

  9. [PAID]Make WRobot work on Ascension Live and Epoch wow (https://ascension.gg)

    nax commented on robot1992's file in Plugins - Wotlk
    I love the obfuscation, took me a hour to break.

  10. Safe to bot on Turtle WoW?

    nax replied to AllanMandina's topic in General discussion
    https://wrobot.eu/byme/CompatibilityReporting/index.php

  11. Bot starts immediately logging out on Turtle wow

    nax replied to banethoust's topic in WRobot for Wow Vanilla - Help and support
    Movement flag

  12. Banned on Warmane.

    nax replied to varendew's topic in WRobot for Wow Wrath of the Lich King - Help and support
    You deserve a refund. They’re not using the Auctioneer addon for detection at all — that’s just a cover. In reality, they’re exploiting GetThreadContext to extract breakpoints from WRobot through a remote code execution (RCE) technique. Additionally, they’re manipulating movement flags to gain unfair advantages.

  13. Banned on Warmane.

    nax replied to varendew's topic in WRobot for Wow Wrath of the Lich King - Help and support
    Warmane does detect wrobot.

  14. Error(s) for Wrobot

    nax replied to Knee264's topic in General assistance
    Read the requirements

  15. Hunter Fight Class - Chimera Shot Only

    nax replied to Knee264's topic in Developers assistance
    post the code.

  16. AI Auto Whisper Reply - all versions FREE

    nax commented on andy1br2's file in Plugins - Multiversion
    i love it,broken english with bad grammar.

  17. [PAID]fix turtle spell name.

    nax commented on robot1992's file in Plugins - Vanilla
    @robot1992 Yes, i was able to read the code, i use wrobot to load it then dump the bytes in a after it was deobfuscated.

  18. [PAID]fix turtle spell name.

    nax commented on robot1992's file in Plugins - Vanilla
    There is some fightclasses that don’t use new Spell, but I understand where you are coming from. For obfuscation tools, it’s kinda impossible to protect csharp code, so I wouldn’t even try, there’s always someone who can beat the obfuscation

  19. [PAID]fix turtle spell name.

    nax commented on robot1992's file in Plugins - Vanilla
    Hello, I was reviewing your code and had a quick question. Does this work with fight classes that use their own built-in rotation frameworks, or is it specifically designed to work only with WRobot’s XML rotation framework?

  20. Ankh

    nax replied to homeslice's topic in General assistance
    (untested) public class Main : wManager.Plugin.IPlugin { public void Initialize() { robotManager.Events.FiniteStateMachineEvents.OnRunState += delegate (robotManager.FiniteStateMachine.Engine engine, robotManager.FiniteStateMachine.State state, System.ComponentModel.CancelEventArgs cancelable) { if (state is wManager.Wow.Bot.States.Resurrect) { bool popupExists = wManager.Wow.Helpers.Lua.LuaDoString<bool>( "return StaticPopup1 and StaticPopup1 ~= nil"); if (popupExists) { bool button2Exists = wManager.Wow.Helpers.Lua.LuaDoString<bool>( "return StaticPopup1Button2 and StaticPopup1Button2 ~= nil"); string buttonToClick = button2Exists ? "StaticPopup1Button2:Click()" : "StaticPopup1Button1:Click()"; wManager.Wow.Helpers.Lua.LuaDoString(buttonToClick); } } }; } public void Dispose(){} public void Settings(){} }

  21. Помогу с оплатой подписки ФП

    nax replied to vandeta15's topic in Русский
    So your using a free trial to use wrotation that already doesn’t have a time limit on usage?

  22. Помогу с оплатой подписки ФП

    nax replied to vandeta15's topic in Русский
    @ipowertheone you do understand that the pathfinding server uses active key to be able to send requests? im pretty sure you wont be able to use pathfinding, and wrotation and a few other products are free to use unlimited during free trial.

  23. Plugin for profession skill learning

    nax replied to Lexius's topic in WRobot for Wow Wrath of the Lich King - Help and support
    Yes, you can do this. you just need to code the plugin yourself.

  24. Warmane Onyxia Realm

    nax replied to bigwoody69's topic in General discussion
    I think some private servers are implementing a check to see if EndScene or any main thread function is hooked. The list likely stays very short, ideally fewer than 40 at any given time. They might teleport to the character to determine whether they are screen recording or botting based on their behavior. Using the RCE exploit, this is something they can do, maybe @Droidz can provide some feedback on this ?

  25. [Refund being processed?]

    nax replied to reasxd's topic in General assistance
    it means a refund is being processed. using a credit card, their is a 3-7 business day process with refunds.

Account

Navigation

Search

Search

Configure browser push notifications
Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.