Hi Folkz.
Based to my prev hook for d3d 8/9 released 10 years ago.
Thread : [Only registered and activated users can see links. Click Here To Register...]
this was just tested on Fortnite, but for sure will work for any process that load DXGI
sorry for low effort codenz, nowdays very lazy :coolmaninthetoilet:
You know what, my lazy ass, you need to do pattern for various os. for the offset. this was just tested into windows 10 22H2 , and no idea if offset changes in others winver
Jobs:
Intercept memset from DXGI and wait for exactly returnaddress, of the follow function exactly in this case D3D Present. + Swap Chain from stack memset stack :sadwavey:
[Only registered and activated users can see links. Click Here To Register...]
[Only registered and activated users can see links. Click Here To Register...]
just a few precautions need to be taken when swap memset, make sure you point it into a legit module if you are internal
:p
Based to my prev hook for d3d 8/9 released 10 years ago.
Thread : [Only registered and activated users can see links. Click Here To Register...]
this was just tested on Fortnite, but for sure will work for any process that load DXGI
sorry for low effort codenz, nowdays very lazy :coolmaninthetoilet:
You know what, my lazy ass, you need to do pattern for various os. for the offset. this was just tested into windows 10 22H2 , and no idea if offset changes in others winver
Jobs:
Intercept memset from DXGI and wait for exactly returnaddress, of the follow function exactly in this case D3D Present. + Swap Chain from stack memset stack :sadwavey:
[Only registered and activated users can see links. Click Here To Register...]
[Only registered and activated users can see links. Click Here To Register...]
Code:
ID3D11Device * Device = nullptr;
ID3D11DeviceContext* pContext = NULL;
IDXGISwapChain * pSwapChain;
static uintptr_t hReturnAddress = NULL;
#define IatHook(A,O,N) \
if ( *(DWORD64*)(A) && *(DWORD64*)(A) != (DWORD64)(&N) ) { \
*(DWORD64*)(&O) = *(DWORD64*)(A); \
*(DWORD64*)(A) = (DWORD64)(&N); \
}
void* (__cdecl* omemset) (void* str, int c, size_t n);
void* __cdecl nmemset ( void* str, int c, size_t n )
{
if ( _ReturnAddress() == (void*)hReturnAddress )
{
pSwapChain = (IDXGISwapChain*)*(DWORD64*)str;
if (pSwapChain)
{
if (!Device)
{
pSwapChain->GetDevice(__uuidof(Device), (void**)&Device);
Device->GetImmediateContext(&pContext);
add_log("", "pDevice %p pContext %p", Device, pContext);
}
}
}
return omemset(str, c, n);
}
void InitializeHook()
{
uintptr_t hModule = GetModuleHandleW(L"dxgi.dll");
add_log("", "dxgi.dll %p", hModule);
hReturnAddress = (hModule+0x1678);
add_log("", "hReturnAddress.dll %p", hReturnAddress);
DWORD dwMemsetFlag;
VirtualProtect((void*)(hModule+0x9EEC0),8,PAGE_READWRITE,&dwMemsetFlag); //VirtualProtect Needed due to page protection
IatHook((hModule+0x9EEC0), omemset, nmemset);
VirtualProtect((void*)(hModule+0x9EEC0),8,dwMemsetFlag,&dwMemsetFlag);
}
just a few precautions need to be taken when swap memset, make sure you point it into a legit module if you are internal
:p