Well, first of all, welcome to my blog, I have no idea how you got here, and especially why, but I am glad you are nevertheless.
Second of all, please don’t expect any exceptional insights into anything here, I merely keep this blog for myself to get some writing practice in and write about things I do. It’s of course great if it’s useful for someone, but don’t expect anything :)
Alright, now that I got that over with, here’s what I’m doing right now:
Yeah, a WoW bot, pretty mainstream, I know, but it has the property of combining several different fields into one, making it hard to get bored. First of all you have the difficulty of making the game do what you want, so you can actually know what’s going on in the world and make the player move, etc. To achive that you have to reverse engineer parts of the game client, find out where in memory the information you need is stored, how it looks, what functions you need to call in order to move the player, retrieve informations, and so on. Once you have enugh experience in reverse engineering this, for the most part, just requires lots of time and patience debugging code, taking notes, etc. Thankfully the reverse engineering community in World of Warcraft is rather big, so most of the work has been done already and can be collected from sites like MMOwned (which is arguably 90% full of mouthbreathing retards or spoiled high school kids) or Game Deception. Obviously going into more advanced areas like not getting banned through Warden/etc. is an entirely different topic.
For my project I decided to implement that part of the bot as a DLL that is injected into the WoW process. The advantage of this is that your own custom code is running in WoW’s address space, which means you can easily read or write anything in World of Warcraft’s memory, and most importantly, call functions inside the client. Some say that DLL injection is a rather intrusive method and easily detectable, but it is in fact a perfectly fine Windows feature used by many applications, making it impossible to ban solely for that – it completely depends on what you are doing inside the process.
Anyway, the path from nothing to bot is laid out in three parts for me. The first part is the DLL that gets injected into the process which registers several additional Lua functions to make that functionality available to interface addons. By building the bot itself as a WoW addon most of the required functionality is already there, for example events and requesting information about units, etc. These additional Lua functions I create are used to retrieve information about things that are not provided by the WoW Lua API, that includes surrounding objects, object positions, model names, animations, etc. In addition to these more passive functions, there is also the part that deals with things like clicking on the terrain for “click to move” functionality, or targetting units by their GUID. The DLL is injected into the game client by an external program that invokes LoadLibrary through a remote thread inside the client.
Part two is already a WoW addon and deals with API abstraction or convenience functions in Lua, for example a Lua iterator for iterating through all visible objects – something that’d take a lot more effort if done with the Lua C API. The Ace addon framework is a huge help for everything from here on, for example the core addon fires a few events when the hook gets loaded or unloaded.
The third part is the bot logic itself to which I will get in another post. Here’s an useless uninformative video, there’s just not that much to show right now since most of the work is hidden. Just some combat and running around going on here.