This is a 'base' for Soldier Front 1 which hooks Endscene.
Feel free to copy and paste this and add bits, hopefully you can learn from it.
CVMTHookManager
rgone.h
rgone.cpp
Credits:
Shad0w_
cC
Einstein
Feel free to copy and paste this and add bits, hopefully you can learn from it.
CVMTHookManager
Code:
class CVMTHookManager
{
public:
CVMTHookManager( void )
{
memset( this, 0, sizeof( CVMTHookManager ) );
}
CVMTHookManager( PDWORD* ppdwClassBase )
{
bInitialize( ppdwClassBase );
}
bool UnhookVMT( PDWORD* ppdwClassBase )
{
*ppdwClassBase = m_pdwOldVMT;
return true;
}
bool bInitialize( PDWORD* ppdwClassBase )
{
m_pdwOldVMT = *ppdwClassBase;
m_dwVMTSize = dwGetVMTCount( *ppdwClassBase );
m_pdwNewVMT = new DWORD[ m_dwVMTSize + 2 ];
memcpy( m_pdwNewVMT, m_pdwOldVMT, sizeof( DWORD ) * m_dwVMTSize );
*ppdwClassBase = m_pdwNewVMT;
return true;
}
bool bInitialize( PDWORD** pppdwClassBase )
{
return bInitialize( *pppdwClassBase );
}
DWORD dwHookMethod( DWORD dwNewFunc, int iIndex )
{
if ( m_pdwNewVMT && m_pdwOldVMT && iIndex >= 0 && iIndex <= m_dwVMTSize )
{
m_pdwNewVMT[ iIndex ] = dwNewFunc;
return m_pdwOldVMT[ iIndex ];
}
return NULL;
}
VOID dwUnHookMethod( int iIndex )
{
m_pdwNewVMT[ iIndex ] = m_pdwOldVMT[ iIndex ];
}
private:
DWORD dwGetVMTCount( PDWORD pdwVMT )
{
DWORD dwIndex;
for ( dwIndex = 0; pdwVMT[ dwIndex ]; dwIndex++ )
{
if ( IsBadCodePtr( ( FARPROC ) pdwVMT[ dwIndex ] ) )
{
break;
}
}
return dwIndex;
}
PDWORD m_pdwNewVMT, m_pdwOldVMT;
DWORD m_dwVMTSize;
};
rgone.h
Code:
struct SFClass
{
PDWORD PointerToClass;
SFClass( PDWORD Address )
{
PointerToClass = Address;
}
BOOL IsClassAlive( )
{
BOOL Result;
if(*PointerToClass != NULL)
{
Result = true;
}
else
{
Result = false;
}
return Result;
}
};
struct GAME_SFDevice
{
CHAR _UNKNOWN[0x08];
LPDIRECT3DDEVICE9 pDevice;
};
struct SFDevice
{
SFClass* GAMECLASS;
CVMTHookManager* HookVMTManager;
SFDevice( DWORD GameClass_Location )
{
GAMECLASS = new SFClass( (PDWORD)GameClass_Location );
}
~SFDevice( )
{
delete GAMECLASS;
}
LPDIRECT3DDEVICE9 Device( )
{
return ((GAME_SFDevice*)(*GAMECLASS->PointerToClass))->pDevice;
}
BOOL InitHook( )
{
if(!GAMECLASS->IsClassAlive( ))
return FALSE;
PDWORD* ppdwDevice = (PDWORD*)Device( );
if(ppdwDevice == NULL)
return FALSE;
HookVMTManager = new CVMTHookManager( ppdwDevice );
return TRUE;
}
};
extern SFDevice* pSFDevice;
typedef LONG (WINAPI* tEndscene)(LPDIRECT3DDEVICE9);
extern tEndscene oEndscene;
LONG WINAPI hEndscene(LPDIRECT3DDEVICE9 pDevice);
Code:
#include <windows.h>
#include <d3d9.h>
#include <d3dx9.h>
#include "rgone.h"
SFDevice* pSFDevice;
DWORD WINAPI MyEntry( LPVOID );
BOOL APIENTRY DllMain( HMODULE hModule, DWORD ul_reason_for_call, LPVOID lpReserved )
{
if(ul_reason_for_call == DLL_PROCESS_ATTACH)
{
CreateThread(0, 0, RGONE, 0, 0, 0);
}
return TRUE;
}
tEndscene oEndscene;
LONG WINAPI hEndscene(LPDIRECT3DDEVICE9 pDevice)
{
return oEndscene(pDevice);
}
DWORD WINAPI RGONE( LPVOID )
{
Sleep( 1000 );
pSFDevice = new SFDevice( 0xEB5958 );
if( !pSFDevice->InitHook( ) )
{
Beep(400, 400);
return NULL;
}
oEndscene = (tEndscene) pSFDevice->HookVMTManager->dwHookMethod( (DWORD)hEndscene, 42 );
return NULL;
}
Shad0w_
cC
Einstein