Hello i need to know what is de best way to detect when a funciton gets called inside the game client is there a better way than using detour, hope for answers thanks
detect in game function calls
07/19/2011 03:00
stunthacker#1
07/22/2011 12:58
buFFy!#2
Breakpoints and VEH Hooks are good alternatives. But i don't recommend to use it on often called functions, cuz it can cause a huge performance lack. Rather make your detour undetected.
Edit: You can also check the stack if you just want to know whether it was called :rolleyes:
Edit: You can also check the stack if you just want to know whether it was called :rolleyes:
07/24/2011 12:27
mgX#3
Yarr, cuz monitoring every threadstack wont hurt performance? :DQuote:
Breakpoints and VEH Hooks are good alternatives. But i don't recommend to use it on often called functions, cuz it can cause a huge performance lack. Rather make your detour undetected.
Edit: You can also check the stack if you just want to know whether it was called :rolleyes:
Detour the crap out of it is your best bet tbh :)
07/25/2011 17:11
MrSm!th#4
you can used modified detours for example (warning: assembler!):
clc
jnc
or
stc
jc
instead of simple jmp
same effect, but it doesnt include the byte E9 (which is the only byte checked by most anti cheats)
or you could try to hook at an offset. dont hook exactly at the function address, but try function address + 5 or +7 or something like that (you just have to make sure that you dont overwrite a part of an instruction; use this between other instructions only, otherwise it will cause invalid opcodes and crashes ;O)
clc
jnc
or
stc
jc
instead of simple jmp
same effect, but it doesnt include the byte E9 (which is the only byte checked by most anti cheats)
or you could try to hook at an offset. dont hook exactly at the function address, but try function address + 5 or +7 or something like that (you just have to make sure that you dont overwrite a part of an instruction; use this between other instructions only, otherwise it will cause invalid opcodes and crashes ;O)