# Forum > World of Warcraft > World of Warcraft Bots and Programs > WoW Bots Questions & Requests >  Anything working on MacOs? (no bootcamp or parallel)

## EatenClown

Is there anything working on Mac? I just don't want to use a parallel or to set Bootcamp..

There was something in the past, but has been closed or removed.

Any help?

----------


## EatenClown

this doesn't want to be a repost of other precedent topics.. just didn't found a clear answer yet.

----------


## Eryx

ProbablyEngine is LUA based and runs within wow itself, so it works on OSx. The tricky part is unlocking protected LUA on OSx but it's very doable.

----------


## EatenClown

ty so much.. i'll do some tries and reply  :Smile:

----------


## jklmnop

There was a thread that was just deleted over the last week or so... Kind of really pisses me off since there were two scripts within the thread. One that would do a generic LUA unlock that worked perfectly. And a second script that would help you identify the current offsets needed to configure the LUA script based on the version/build of the game client... Why did the admins of the group delete the thread... I do not have the script to get the offset and now my LUA unlocker does not work. What's the deal? Anyone have the offset information... and if they do not want to post it publicly could you PM it to me... or give me some instructions of what you do to get the new offset info?

Here is the old thread that was removed. http://www.ownedcore.com/forums/worl...-cata-mop.html

----------


## fredrik1984

I have the previous unlocking script but not the new offsets, if someone can help us find out how to get the offsets, it's easy to change the old script.

Here is the old unlock that doesn't work anymore. Just need new offsets


```
echo -e "process attach -p `ps ax|grep MacOS/[W]orld|awk '{print $1}'`\nmemory write 0x100A1936A 0xeb\nprocess detach\nquit" > /tmp/luaunlock && lldb -s /tmp/luaunlock
```

----------


## jklmnop

This is what I had for the old version as well... 

# For build 6.0.3 64-bit client
LUAOFFSET=0x100a1936a
VALID=0x77
PATCHED=0xeb
LUAOFFSET32=80a232

----------


## Tiger23078001

I have the old script but need the new offsets. I don't have the script to find the offsets

----------


## charles420

#!/bin/bash

# Find the patch address for WoW. This is the address of the first ja instruction in the
# CanPerformFunction procedure which is called by many other Lua functions.

LANG=C

wowapp=$1
wowbin="${wowapp}/Contents/MacOS/$(echo "$wowapp" | sed -n -E "/.*\/([^\/]*).app/s//\1/p")"

if [ ! -f "$wowbin" ]; then
Echo "# Error: \"$wowbin\" does not exist."
exit 1
fi

echo "# Getting segmments and sections from \"${wowbin}\"..."
otool -l "${wowbin}" > /tmp/wowheader.otool
is64=0
grep -q LC_SEGMENT_64 /tmp/wowheader.otool && is64=1

if [ $is64 -eq 1 ]; then
name=wow64
else
name=wow32
fi
cat /tmp/wowheader.otool > ${name}header.otool

echo "# Disassembling..."
otool -tvqj "${wowbin}" > ${name}.otool

sectionlist=$(
sed -n -E '
/^Section$/,/^ reserved2/{
/^ sectname/ {s/^[ ]*[a-z0-9]+ (.+)$/\1/;h;}
/^ segname/,/^ offset/ {s/^[ ]*[a-z0-9]+ (.+)$/\1/;H;}
/^ align/{g;y/\n/,/;p;}
}' ${name}header.otool
)

segmentlist=$(
sed -n -E '
/^ cmd LC_SEGMENT/,/^ flags/{
/^ segname/ {s/^[ ]*[a-z0-9]+ (.+)$/\1/;h;}
/^ vmaddr/,/^ filesize/ {s/^[ ]*[a-z0-9]+ (.+)$/\1/;H;}
/^ maxprot/{g;y/\n/,/;p;}
}' ${name}header.otool
)

ExtractSection () { # $1:segment name $2:section name $3:filename $4:type
thesection=$(echo "$sectionlist" | sed -n -E "/^$2,$1,(.*)/{s//\1/p;q;}")
theaddr=$(expr "$thesection" : '\([0-9a-fx]*\)')
thesize=$(expr "$thesection" : '[0-9a-fx]*,\([0-9a-fx]*\)')
offset=$(expr "$thesection" : '[0-9a-fx]*,[0-9a-fx]*,\([0-9]*\)')

if [ "$4" == "1" ]; then # convert nulls to newlines (useful for cstring section)
dd if="${wowbin}" bs=1 skip=$offset count=$thesize 2> /dev/null | tr '\0' '\n' > "$3"
elif [ "$4" == "2" ]; then # output as list of hexadecimal integers
if [ $is64 -eq 1 ]; then
dd if="${wowbin}" bs=1 skip=$offset count=$thesize 2> /dev/null | xxd -g 8 -c 8 -p | sed -E "/(..)(..)(..)(..)(..)(..)(..)(..)/s//\8\7\6\5\4\3\2\1/" > "$3"
else
dd if="${wowbin}" bs=1 skip=$offset count=$thesize 2> /dev/null | xxd -g 4 -c 4 -p | sed -E "/(..)(..)(..)(..)/s//\4\3\2\1/" > "$3"
fi
else # output as raw binary
dd if="${wowbin}" of="$3" bs=1 skip=$offset count=$thesize 2> /dev/null
fi
echo $theaddr
}

echo "# Extracting section __TEXT __cstring..."
addrTEXTcstring=$(ExtractSection '__TEXT' '__cstring' ${name}cstring.txt 1)

echo "# Extracting section __DATA __const..."
addrDATAconst=$(ExtractSection '__DATA' '__const' ${name}dataconst.txt 2)

GetLuaFunction () { # $1:luaFunc
addrLuaString=$(printf "%0$((($is64+1)* :Cool: )x" $(( $(expr "$(grep -m 1 -o -a -b -E -e "^${1}$" ${name}cstring.txt)" : '\([0-9]*\):') + $addrTEXTcstring )) )
echo $(sed -n -E "/^$addrLuaString$/{n;p;q;}" ${name}dataconst.txt)
}

echo "# Finding LUA Function StopMacro..."
addrStopMacro=$(GetLuaFunction "StopMacro")

echo "# Finding CanPerformFunction..."
addrCanPerformFunction=$(sed -n -E "/^$addrStopMacro"$'\t/,/\tcalll\t/{/.*\tcall.\t0x([0-9a-f]+)/'"{s//0000000000000000\1/;s/.*(.{$((($is64+1)* :Cool: )})/\1/p;q;};}" ${name}.otool)
echo $addrCanPerformFunction

echo "# Finding patch address..."
patchinstruction=$(sed -n -E "/^$addrCanPerformFunction"$'\t/,/\tja\t/{/\tja\t.*/{p;q;};}' ${name}.otool)
echo $patchinstruction

echo "# Done"

----------


## Tiger23078001

Do you have instructions on how to use that script?

----------


## fredrik1984

> snip


Trying to run that command, I get the following error:

; exit;
# Error: "/Contents/MacOS/" does not exist.
logout

Any idea what to do? I get the feeling that it doesn't recognize that the WoW client is running, nor does it work without it running.

----------


## dogzilla81

I haven't had a chance to try it yet, but the new offsets appear to be

LUAOFFSET=0x100a19b13
VALID=0x77
PATCHED=0xeb

----------


## fredrik1984

Run this command through the terminal after you have opened the game and you have a working lua unlock

Tested on EU servers about 10 minutes ago.


```
echo -e "process attach -p `ps ax|grep MacOS/[W]orld|awk '{print $1}'`\nmemory write 0x100A19A93 0xeb\nprocess detach\nquit" > /tmp/luaunlock && lldb -s /tmp/luaunlock
```

----------


## Tiger23078001

> Run this command through the terminal after you have opened the game and you have a working lua unlock
> 
> Tested on EU servers about 10 minutes ago.
> 
> 
> ```
> echo -e "process attach -p `ps ax|grep MacOS/[W]orld|awk '{print $1}'`\nmemory write 0x100A19A93 0xeb\nprocess detach\nquit" > /tmp/luaunlock && lldb -s /tmp/luaunlock
> ```


Do you have a way to find new offsets for this once a new patch is released? Also, is it similar to the other script that used to be here?

----------


## dogzilla81

> Run this command through the terminal after you have opened the game and you have a working lua unlock
> 
> Tested on EU servers about 10 minutes ago.
> 
> 
> ```
> echo -e "process attach -p `ps ax|grep MacOS/[W]orld|awk '{print $1}'`\nmemory write 0x100A19A93 0xeb\nprocess detach\nquit" > /tmp/luaunlock && lldb -s /tmp/luaunlock
> ```


This works on US servers.. thanks. The one I previously posted does not work it seems. weird.

----------


## Tiger23078001

> Run this command through the terminal after you have opened the game and you have a working lua unlock
> 
> Tested on EU servers about 10 minutes ago.
> 
> 
> ```
> echo -e "process attach -p `ps ax|grep MacOS/[W]orld|awk '{print $1}'`\nmemory write 0x100A19A93 0xeb\nprocess detach\nquit" > /tmp/luaunlock && lldb -s /tmp/luaunlock
> ```


Do you have a way to find new offsets for this once a new patch is released? Also, is it similar to the other script that used to be here?

----------


## Greymalkin

Finding the new offsets each patch is quite easy with the JoeVT offset detection script (posted by Charles420 earlier and again at the bottom here for quick reference) that was on TheFrese's original OSX LUA unlock thread which was deleted recently. (P.S. I loved JoeVT's explanations and write ups!)

You will need the OSX developer tools installed so that the WoW app can be decompiled.Create a GetWowPatchAddress.sh script/text file (or you can name it whatever else) with the code listed at the bottom of this post. You may have to give the file execute permissions with chmod -xStart up Terminal and drag the script then the World of Warcraft.app into the window. (Dragging and dropping will prevent typos with all the escaped spaces.)Hit Enter and let Terminal process the two. It usually takes about 30-45 seconds and will drop about six WoW64* files in the User directory. These can be deleted later or just left since they will get overwritten each time you go through this process.When the script finishes, there will be a line like "0000000100a19a9a 7777 ja 0x100a19b13". The first section is the memory address that has the jump that needs to be changed. Trim off the leading zeros with the 0x notation. The resulting 0x100a19a9a is the new LUAOFFSET value to update in TheFrese's unlock script.Leave the 0x77 and 0xeb values alone since those reference the types of jumps.As of WoD, the LUAOFFSET32 value is depreciated as a whole since WoW no longer ships with both 32bit and 64bit apps. If I remember correctly, there is a command line switch to force the WoW 64bit app into 32bit mode, but no one should really need to do that unless using another utility that has not updated to 64bit. 

As always, this is only "safe" as long as the memory address above is not scanned by Warden which could happen at any point in the future. 



```
#!/bin/bash

# Find the patch address for WoW. This is the address of the first ja instruction in the
# CanPerformFunction procedure which is called by many other Lua functions.

LANG=C

wowapp=$1
wowbin="$(find -f "${wowapp}/Contents/MacOS" \( -type f -not -name ".*" \) | sed -n -e "1 p;q")"

if [ ! -f "$wowbin" ]; then
	Echo "# Error: \"$wowbin\" does not exist."
	exit 1
fi

# Check for universal binary
lipo -detailed_info "${wowbin}" > /tmp/wowdetailedinfo.lipo
fileoffset=$(sed -n -E "/architecture i386/,/align/ { /i386/,/offset/ { /[ ]*offset[ ]+(.*)/{s//\1/p;q;}; }; }" /tmp/wowdetailedinfo.lipo)
if [ -z $fileoffset ]; then
	fileoffset=0
fi

echo "# Getting segmments and sections from \"${wowbin}\"..."
otool -l "${wowbin}" > /tmp/wowheader.otool
is64=0
grep -q LC_SEGMENT_64 /tmp/wowheader.otool && is64=1

if [ $is64 -eq 1 ]; then
	name=wow64
else
	name=wow32
fi
cat /tmp/wowheader.otool > ${name}header.otool
cat /tmp/wowdetailedinfo.lipo > ${name}detailedinfo.lipo

echo "# Disassembling..."
otool -tvqj "${wowbin}" > ${name}.otool

sectionlist=$(
	sed -n -E '
		/^Section$/,/^ reserved2/{
			/^  sectname/ {s/^[ ]*[a-z0-9]+ (.+)$/\1/;h;}
			/^   segname/,/^    offset/ {s/^[ ]*[a-z0-9]+ (.+)$/\1/;H;}
			/^     align/{g;y/\n/,/;p;}
		}' ${name}header.otool
)

segmentlist=$(
	sed -n -E '
		/^      cmd LC_SEGMENT/,/^    flags/{
			/^  segname/ {s/^[ ]*[a-z0-9]+ (.+)$/\1/;h;}
			/^   vmaddr/,/^ filesize/ {s/^[ ]*[a-z0-9]+ (.+)$/\1/;H;}
			/^  maxprot/{g;y/\n/,/;p;}
		}' ${name}header.otool
)

ExtractSection () { # $1:segment name $2:section name $3:filename $4:type
	thesection=$(echo "$sectionlist" | sed -n -E "/^$2,$1,(.*)/{s//\1/p;q;}")
	theaddr=$(expr "$thesection" : '\([0-9a-fx]*\)')
	thesize=$(expr "$thesection" : '[0-9a-fx]*,\([0-9a-fx]*\)')
	offset=$(expr "$thesection" : '[0-9a-fx]*,[0-9a-fx]*,\([0-9]*\)')
	offset=$(($offset + $fileoffset))
	
	if [ "$4" == "1" ]; then # convert nulls to newlines (useful for cstring section)
		dd if="${wowbin}" bs=1 skip=$offset count=$thesize 2> /dev/null | tr '\0' '\n' > "$3"
	elif [ "$4" == "2" ]; then # output as list of hexadecimal integers
		if [ $is64 -eq 1 ]; then
			dd if="${wowbin}" bs=1 skip=$offset count=$thesize 2> /dev/null | xxd -g 8 -c 8 -p | sed -E "/(..)(..)(..)(..)(..)(..)(..)(..)/s//\8\7\6\5\4\3\2\1/" > "$3"
		else
			dd if="${wowbin}" bs=1 skip=$offset count=$thesize 2> /dev/null | xxd -g 4 -c 4 -p | sed -E "/(..)(..)(..)(..)/s//\4\3\2\1/" > "$3"
		fi
	else # output as raw binary
		dd if="${wowbin}" of="$3" bs=1 skip=$offset count=$thesize 2> /dev/null
	fi
	echo $theaddr
}

echo "# Extracting section __TEXT __cstring..."
addrTEXTcstring=$(ExtractSection '__TEXT' '__cstring' ${name}cstring.txt 1)

echo "# Extracting section __DATA __const..."
addrDATAconst=$(ExtractSection '__DATA' '__const' ${name}dataconst.txt 2)

echo "# Extracting section __DATA __data..."
addrDATAdata=$(ExtractSection '__DATA' '__data' ${name}datadata.txt 2)

GetLuaFunction () { # $1:luaFunc $2:sectionfile.txt
	addrLuaString=$(printf "%0$((($is64+1)*8))x" $(( $(expr "$(grep -m 1 -o -a -b -E -e "^${1}$" ${name}cstring.txt)" : '\([0-9]*\):') + $addrTEXTcstring )) )
	echo $(sed -n -E "/^$addrLuaString$/{n;p;q;}" $2)
}

echo "# Finding LUA Function SpellStopTargeting..."
addrSpellStopTargeting=$(GetLuaFunction "SpellStopTargeting" ${name}dataconst.txt)
if [ -z $addrSpellStopTargeting ]; then
	addrSpellStopTargeting=$(GetLuaFunction "SpellStopTargeting" ${name}datadata.txt)
fi

echo "# Finding CanPerformFunction..."
addrCanPerformFunction=$(sed -n -E "/^$addrSpellStopTargeting"$'\t/,/\tcalll\t/{/.*\tcall.\t0x([0-9a-f]+)/'"{s//0000000000000000\1/;s/.*(.{$((($is64+1)*8))})/\1/p;q;};}" ${name}.otool)
echo $addrCanPerformFunction

echo "# Finding patch address..."
patchinstruction=$(sed -n -E "/^$addrCanPerformFunction"$'\t/,/\tret/{/\tja\t/{/\tja\t.*/{p;q;};};}' ${name}.otool)
echo $patchinstruction

echo "# Done"
```

----------


## bashor

> Finding the new offsets each patch is quite easy with the JoeVT offset detection script (posted by Charles420 earlier and again at the bottom here for quick reference) that was on TheFrese's original OSX LUA unlock thread which was deleted recently. (P.S. I loved JoeVT's explanations and write ups!)
> 
> You will need the OSX developer tools installed so that the WoW app can be decompiled.Create a GetWowPatchAddress.sh script/text file (or you can name it whatever else) with the code listed at the bottom of this post. You may have to give the file execute permissions with chmod -xStart up Terminal and drag the script then the World of Warcraft.app into the window. (Dragging and dropping will prevent typos with all the escaped spaces.)Hit Enter and let Terminal process the two. It usually takes about 30-45 seconds and will drop about six WoW64* files in the User directory. These can be deleted later or just left since they will get overwritten each time you go through this process.When the script finishes, there will be a line like "0000000100a19a9a 7777 ja 0x100a19b13". The first section is the memory address that has the jump that needs to be changed. Trim off the leading zeros with the 0x notation. The resulting 0x100a19a9a is the new LUAOFFSET value to update in TheFrese's unlock script.Leave the 0x77 and 0xeb values alone since those reference the types of jumps.As of WoD, the LUAOFFSET32 value is depreciated as a whole since WoW no longer ships with both 32bit and 64bit apps. If I remember correctly, there is a command line switch to force the WoW 64bit app into 32bit mode, but no one should really need to do that unless using another utility that has not updated to 64bit. 
> 
> As always, this is only "safe" as long as the memory address above is not scanned by Warden which could happen at any point in the future. 
> 
> 
> 
> ```
> ...


When I try this script with chmod -x and xcode installed, it just doesn't do anything. There is no message. 
I tried to change "wowapp=$1" into the path of the app and executed the script manually this message appears:
> Echo "# Error: \"$wowbin\" does not exist."
> exit 1
> fi
# Error: "" does not exist.
logout

I cannot see any contents in the wow app, too. In the launcher app are these folders of the script like "contents/macOs".
What do I wrong?

----------


## expunge

https://mega.co.nz/#!oAgi2bSR!jKHdof...FyAZTM-UypwGKs

That's the Unlocker and the script to find the offsets.

----------


## iMurloc

This all sounds really good. Haven't been paying a lot of attention when it comes to Probably Engine, but how's the ban rate?

----------


## zbykt

This Unlocker cannot work anymore,how to update?

----------


## dogzilla81

New Offsets with the method Fredrick1984 posted before. Works.



```
echo -e "process attach -p `ps ax|grep MacOS/[W]orld|awk '{print $1}'`\nmemory write 0x100a1931a 0xeb\nprocess detach\nquit" > /tmp/luaunlock && lldb -s /tmp/luaunlock
```

----------


## sbn666

Wow crashes after a few seconds if I try to unlock. Does anyone know what to do?

----------


## fredrik1984

I'm trying to get the offset detection script working but even though I have given it execute, read and write permissions, it tells me "permission denied" when I try running it.
I am following this part exactly: "Start up Terminal and drag the script then the World of Warcraft.app into the window. (Dragging and dropping will prevent typos with all the escaped spaces.)" but when I press enter, I get the error message I mentioned above.

Do I need to grant it some other kind of permission? 
I've used chmod -rwx so far

Edit:

I found out why it didn't work, seems I've been stupid and misunderstanding how chmod works. 
the command that allowed me to use this script is simple: chmod +x
+x adds permissions while -x removes the permission. 
So, to get it to work, write this in the terminal window: chmod +x GetWowPatchAddress.sh

----------


## dogzilla81

For patch 6.1.19678

echo -e "process attach -p `ps ax|grep MacOS/[W]orld|awk '{print $1}'`\nmemory write 0x100a8062a 0xeb\nprocess detach\nquit" > /tmp/luaunlock && lldb -s /tmp/luaunlock

Tested & works.

----------


## JuJuBoSc

Check that : http://www.ownedcore.com/forums/worl...her-hacks.html ([Mac] WoWSX Hack - Lua Unlocker / Morpher / Hacks)

Working on a bot aswell  :Wink:

----------


## sbn666

When I try running the script I get this:

# Disassembling...
# Extracting section __TEXT __cstring...
*tr: Illegal byte sequence*
# Extracting section __DATA __const...
# Extracting section __DATA __data...
# Finding LUA Function SpellStopTargeting...
# Finding CanPerformFunction...

# Finding patch address...

# Done


Doesn't find me a patch address. Any suggestions?

----------


## sbn666

Found a fix by googling some. A minor fix to the script fixed it. If anyone else finds encounters this just use this code instead:



```
#!/bin/bash

# Find the patch address for WoW. This is the address of the first ja instruction in the
# CanPerformFunction procedure which is called by many other Lua functions.

LANG=C

wowapp=$1
wowbin="$(find -f "${wowapp}/Contents/MacOS" \( -type f -not -name ".*" \) | sed -n -e "1 p;q")"

if [ ! -f "$wowbin" ]; then
	Echo "# Error: \"$wowbin\" does not exist."
	exit 1
fi

# Check for universal binary
lipo -detailed_info "${wowbin}" > /tmp/wowdetailedinfo.lipo
fileoffset=$(sed -n -E "/architecture i386/,/align/ { /i386/,/offset/ { /[ ]*offset[ ]+(.*)/{s//\1/p;q;}; }; }" /tmp/wowdetailedinfo.lipo)
if [ -z $fileoffset ]; then
	fileoffset=0
fi

echo "# Getting segmments and sections from \"${wowbin}\"..."
otool -l "${wowbin}" > /tmp/wowheader.otool
is64=0
grep -q LC_SEGMENT_64 /tmp/wowheader.otool && is64=1

if [ $is64 -eq 1 ]; then
	name=wow64
else
	name=wow32
fi
cat /tmp/wowheader.otool > ${name}header.otool
cat /tmp/wowdetailedinfo.lipo > ${name}detailedinfo.lipo

echo "# Disassembling..."
otool -tvqj "${wowbin}" > ${name}.otool

sectionlist=$(
	sed -n -E '
		/^Section$/,/^ reserved2/{
			/^  sectname/ {s/^[ ]*[a-z0-9]+ (.+)$/\1/;h;}
			/^   segname/,/^    offset/ {s/^[ ]*[a-z0-9]+ (.+)$/\1/;H;}
			/^     align/{g;y/\n/,/;p;}
		}' ${name}header.otool
)

segmentlist=$(
	sed -n -E '
		/^      cmd LC_SEGMENT/,/^    flags/{
			/^  segname/ {s/^[ ]*[a-z0-9]+ (.+)$/\1/;h;}
			/^   vmaddr/,/^ filesize/ {s/^[ ]*[a-z0-9]+ (.+)$/\1/;H;}
			/^  maxprot/{g;y/\n/,/;p;}
		}' ${name}header.otool
)

ExtractSection () { # $1:segment name $2:section name $3:filename $4:type
	thesection=$(echo "$sectionlist" | sed -n -E "/^$2,$1,(.*)/{s//\1/p;q;}")
	theaddr=$(expr "$thesection" : '\([0-9a-fx]*\)')
	thesize=$(expr "$thesection" : '[0-9a-fx]*,\([0-9a-fx]*\)')
	offset=$(expr "$thesection" : '[0-9a-fx]*,[0-9a-fx]*,\([0-9]*\)')
	offset=$(($offset + $fileoffset))
	
	if [ "$4" == "1" ]; then # convert nulls to newlines (useful for cstring section)
		dd if="${wowbin}" bs=1 skip=$offset count=$thesize 2> /dev/null | LC_CTYPE=C tr '\0' '\n' > "$3"
	elif [ "$4" == "2" ]; then # output as list of hexadecimal integers
		if [ $is64 -eq 1 ]; then
			dd if="${wowbin}" bs=1 skip=$offset count=$thesize 2> /dev/null | xxd -g 8 -c 8 -p | sed -E "/(..)(..)(..)(..)(..)(..)(..)(..)/s//\8\7\6\5\4\3\2\1/" > "$3"
		else
			dd if="${wowbin}" bs=1 skip=$offset count=$thesize 2> /dev/null | xxd -g 4 -c 4 -p | sed -E "/(..)(..)(..)(..)/s//\4\3\2\1/" > "$3"
		fi
	else # output as raw binary
		dd if="${wowbin}" of="$3" bs=1 skip=$offset count=$thesize 2> /dev/null
	fi
	echo $theaddr
}

echo "# Extracting section __TEXT __cstring..."
addrTEXTcstring=$(ExtractSection '__TEXT' '__cstring' ${name}cstring.txt 1)

echo "# Extracting section __DATA __const..."
addrDATAconst=$(ExtractSection '__DATA' '__const' ${name}dataconst.txt 2)

echo "# Extracting section __DATA __data..."
addrDATAdata=$(ExtractSection '__DATA' '__data' ${name}datadata.txt 2)

GetLuaFunction () { # $1:luaFunc $2:sectionfile.txt
	addrLuaString=$(printf "%0$((($is64+1)*8))x" $(( $(expr "$(grep -m 1 -o -a -b -E -e "^${1}$" ${name}cstring.txt)" : '\([0-9]*\):') + $addrTEXTcstring )) )
	echo $(sed -n -E "/^$addrLuaString$/{n;p;q;}" $2)
}

echo "# Finding LUA Function SpellStopTargeting..."
addrSpellStopTargeting=$(GetLuaFunction "SpellStopTargeting" ${name}dataconst.txt)
if [ -z $addrSpellStopTargeting ]; then
	addrSpellStopTargeting=$(GetLuaFunction "SpellStopTargeting" ${name}datadata.txt)
fi

echo "# Finding CanPerformFunction..."
addrCanPerformFunction=$(sed -n -E "/^$addrSpellStopTargeting"$'\t/,/\tcalll\t/{/.*\tcall.\t0x([0-9a-f]+)/'"{s//0000000000000000\1/;s/.*(.{$((($is64+1)*8))})/\1/p;q;};}" ${name}.otool)
echo $addrCanPerformFunction

echo "# Finding patch address..."
patchinstruction=$(sed -n -E "/^$addrCanPerformFunction"$'\t/,/\tret/{/\tja\t/{/\tja\t.*/{p;q;};};}' ${name}.otool)
echo $patchinstruction

echo "# Done"
```

----------


## kildare

hello, how bad is the ban rate at macos version of wow?

----------


## nemesit

anyone got something working for legion?

----------


## sbn666

I am currently trying to unlock BfA Beta but it turns out that this script isn't working anymore. The part where it searches data const and data data returns no hit for the address found by the GetLuaFunction. Does anyone know what happened here?

----------


## NessK

> I am currently trying to unlock BfA Beta but it turns out that this script isn't working anymore. The part where it searches data const and data data returns no hit for the address found by the GetLuaFunction. Does anyone know what happened here?


No idea what happened but I sent you a PM with the info on how to unlock it.

----------


## Elbobo

Yeah it finally broke, have been using this method a long time now but with today’s patch it stopped hopefully it’s the same deal as last time and just needs a little change

----------


## rapind

Please PM if you find a fix. Been using the same script myself.

----------


## itson

> Please PM if you find a fix. Been using the same script myself.


i think currently there is no fix,

----------


## psycho1666

i think it hast something to do with sandboxing the warcraft app itself. as soon as you change some memorysettings wow crashes, tried to disassemble with hopper and find an offset for lua, when i found one an tried to change it with bitslicer wow just crashes, any other ideas on this one ?

----------


## frz

Is any working solution?? I wont play on windows  :Frown:  Maybe some pixel bots, like maxdps etc?

----------


## NessK

> Is any working solution?? I wont play on windows  Maybe some pixel bots, like maxdps etc?


Dark Roations has the unlocker. Discord

----------

