mangos zero Warden MODULE_CHECK not working (may be user error?)

[Bloog]

Hi everyone!

I'm playing around with my local Mangos Zero installation, and I'm trying to test that Warden's MODULE_CHECK is working. I'm at looking at the documentation here which shows me that type 217 is used for MODULE_CHECK. Next, I looked at a record seeded into the warden table for an example. Like this one:

(1557,768,5875,217,'','RPE.DLL',0,0,'','rEdoX Packet Editor - injected dll')

So, using that as an example, I added this record into the warden table:

Then I wrote a dummy Loader.dll and injected it into the WoW.exe process, and connected to my server. Using ProcessExplorer, you can clearly see the module is loaded into the process:

But when I connect to the server, my client still passes the Warden module scan:

Is it possible I'm doing something wrong? The record I added to check for Loader.dll looks exactly the same as the example seeded into the database. I'd appreciate any help identifying the problem. Thanks so much

[Olion]

I remember that check type working in TC 3.3.5 well with the same warden module and the same core code. Unsure if it was tested fully here.

Perhaps you need to use uppercase letters for the module name in the DB. Also, is your client of 5875 build, just in case?

[Bloog]

@Olion - thanks so much for the reply. You were right, the module name needed to be uppercase (LOADER.DLL instead of Loader.dll). Once I changed that, the warden check fails.

I think what threw me off was that the data seeded into the warden table has 2 records with uppercase names, and 2 with lowercase names. If the lowercase names don't work, it may be worth removing them from the seeded data:

(955,166,5875,217,'','tamia.dll',0,0,'','Tamia hack'),
(978,189,5875,217,'','speedhack-i386.dll',0,0,'','CheatEngine'),

Also might be worth updating the documentation to note this - I couldn't see it anywhere.

Thanks again, really appreciate it!