You last visited: Today at 21:58
Advertisement
D3D Hook Internal
Discussion on D3D Hook Internal within the Coding Snippets forum part of the Coding Releases category.
06/28/2015, 22:42
#1
elite*gold: 30
Join Date: May 2013
Posts: 1,546
Received Thanks: 2,599
D3D Hook Internal
Code:
BOOL bCompare ( const BYTE* pData, const BYTE* bMask, const char* szMask )
{
for ( ;*szMask; ++szMask, ++pData, ++bMask )
{
if ( *szMask == 'x' && *pData != *bMask )
return 0;
}
return (*szMask) == NULL;
}
DWORD FindPattern ( DWORD dwStartAddress,DWORD dwSize, BYTE *bMask, char * szMask, int codeOffset, BOOL extract )
{
for ( DWORD i = 0; i < dwSize; i++ )
{
if ( this->bCompare((BYTE*)(dwStartAddress + i),bMask,szMask) )
{
if ( extract )
{
return *(DWORD*)(dwStartAddress+i+codeOffset);
} else {
return (DWORD)(dwStartAddress+i+codeOffset);
}
}
}
return NULL;
}
void __cdecl nReset ( void )
{
_asm pushad
_asm popad
}
void __cdecl nEndScene ( void )
{
_asm pushad
_asm popad
}
void __cdecl nDrawIndexedPrimitive ( void )
{
_asm pushad
_asm popad
}
static DWORD hHooking = NULL;
static DWORD hEndScene = NULL;
static DWORD hReset = NULL;
static DWORD hDrawIndexPrimtive = NULL;
typedef void ( WINAPI * EnterCriticalSection_t ) ( LPCRITICAL_SECTION lpCriticalSection );
EnterCriticalSection_t pEnterCriticalSection;
void WINAPI nEnterCriticalSection ( LPCRITICAL_SECTION lpCriticalSection )
{
_asm
{
MOV EAX, [EBP+0x4]
MOV hHooking, EAX
}
// EndScene
if ( hHooking == hEndScene )
{
__asm call [nEndScene]
}
//Reset
if ( hHooking == hReset )
{
__asm call [nReset]
}
// DIP
if ( hHooking == hDrawIndexPrimtive )
{
__asm call [nDrawIndexedPrimitive];
}
return pEnterCriticalSection(lpCriticalSection);
}
DWORD WINAPI Start ( LPVOID lpArg )
{
DWORD hD3D,hCriticalSection;
do
{
hD3D = (DWORD)GetModuleHandle("d3d9.dll");
Sleep(100);
} while(!hD3D);
MEMORY_BASIC_INFORMATION D3D9Info;
VirtualQuery((void*)(hD3D+0x1000),&D3D9Info,sizeof(D3D9Info));
hCriticalSection = tool->FindPattern((DWORD)D3D9Info.BaseAddress,D3D9Info.RegionSize,(PBYTE)"\x74\x07\x00\xFF\x15\x00\x00\x00\x00\x8D\x00\x00","xx?xx????x??",5,true);
if ( !hCriticalSection )
{
MessageBox(NULL,"Error Code (0)","Error",MB_ICONERROR);
exit(1);
}
if ( !hReset )
hReset = tool->FindPattern((DWORD)D3D9Info.BaseAddress,D3D9Info.RegionSize,(PBYTE)"\xFF\x15\x00\x00\x00\x00\x3B\x43\x20\x74\x1B\x8B\x46\x18\x85\xC0\x74\x07\x56","xx????xxxxxxxxxxxxx",0,false);// Win XP
if ( !hReset )
hReset = tool->FindPattern((DWORD)D3D9Info.BaseAddress,D3D9Info.RegionSize,(PBYTE)"\x57\xFF\x15\x00\x00\x00\x00\x8B\x45\x0C\x33\xF6\x39\x70\x20","xxx????xxxxxxxx",7,false);// Vista - Win7
if ( !hReset )
hReset = tool->FindPattern((DWORD)D3D9Info.BaseAddress,D3D9Info.RegionSize,(PBYTE)"\x33\xC9\x39\x4F\x20\x75\x79\x8D\x44\x24\x38\x89\x44\x24\x1C\x32\xC0\x8B\xDE","xxxxxxxxxxxxxxxxxxx",0,false);// Win 8.0
if ( !hReset )
hReset = tool->FindPattern((DWORD)D3D9Info.BaseAddress,D3D9Info.RegionSize,(PBYTE)"\x8B\xCE\xE8\x00\x00\x00\x00\x8B\x4E\x0C\x48\xF7\xD8","xxx????xxxxxx",0,false);// Win 8.1
if ( !hReset )
{
MessageBox(NULL,"Error Code (1)","Error",MB_ICONERROR);
exit(1);
}
if ( !hEndScene )
hEndScene = tool->FindPattern((DWORD)D3D9Info.BaseAddress,D3D9Info.RegionSize,(PBYTE)"\x57\xFF\x15\x00\x00\x00\x00\xF6\x46\x00\x00\x89\x5D\xFC\x75\x0E\x8B\x86\x00\x00\x00\x00\xA8\x01\xC6\x45\x00\x00\x75\x24","xxx????xx??xxxxxxx????xxxx??xx",7,false); // Win XP
if ( !hEndScene )
hEndScene = tool->FindPattern((DWORD)D3D9Info.BaseAddress,D3D9Info.RegionSize,(PBYTE)"\x57\xFF\x15\x00\x00\x00\x00\xE9\x00\x00\x00\x00\x39\x5F\x18\x74\x07\x57\xFF\x15\x00\x00\x00\x00\xB8\x00\x00\x00\x00\x8B\x4D\xF4\x64\x89\x0D\x00\x00\x00\x00\x59\x5F\x5E\x5B\x8B\xE5\x5D\xC2\x04\x00\x68\xAD\x06\x00\x00","xxx????x????xxxxxxxx????x????xxxxxx????xxxxxxxxxxxxx??",7,false); // Vista Win7
if ( !hEndScene )
hEndScene = tool->FindPattern((DWORD)D3D9Info.BaseAddress,D3D9Info.RegionSize,(PBYTE)"\x33\xC0\xE8\x00\x00\x00\x00\xC2\x04\x00\x8B\xDF\xEB\x8E\x53\xFF\x15\x00\x00\x00\x00\xEB\x90","xxx????xxxxxxxxxx????xx",21,false);// Win8 8.0 + 8.1
if ( !hEndScene )
{
MessageBox(NULL,"Error Code (2)","Error",MB_ICONERROR);
exit(1);
}
if ( !hDrawIndexPrimtive )
hDrawIndexPrimtive = tool->FindPattern((DWORD)D3D9Info.BaseAddress,D3D9Info.RegionSize,(PBYTE)"\x53\xFF\x15\x00\x00\x00\x00\xF6\x46\x00\x00\x89\x7D\xFC\x74\x24\x39\x7B\x18\x74\x07\x53\xFF\x15\x00\x00\x00\x00\xB8\x00\x00\x00\x00\x8B\x4D\xF4\x64\x89\x0D\x00\x00\x00\x00\x5F\x5E\x5B\x8B\xE5\x5D\xC2\x1C\x00","xxx????xx??xxxxxxxxxxxxx????x????xxxxxx????xxxxxxxxx",7,false);// Win XP
if ( !hDrawIndexPrimtive )
hDrawIndexPrimtive = tool->FindPattern((DWORD)D3D9Info.BaseAddress,D3D9Info.RegionSize,(PBYTE)"\x56\xFF\x15\x00\x00\x00\x00\xE9\x00\x00\x00\x00\x39\x5E\x18\x74\x07\x56\xFF\x15\x00\x00\x00\x00\xB8\x00\x00\x00\x00\x8B\x4D\xF4\x64\x89\x0D\x00\x00\x00\x00\x59\x5F\x5E\x5B\x8B\xE5\x5D\xC2\x1C\x00\x39\x9E\x00\x00\x00\x00","xxx????x????xxxxxxxx????x????xxxxxx????xxxxxxxxxxxx????",7,false);// Vista - Win7
if ( !hDrawIndexPrimtive )
hDrawIndexPrimtive = tool->FindPattern((DWORD)D3D9Info.BaseAddress,D3D9Info.RegionSize,(PBYTE)"\xE9\x00\x00\x00\x00\x00\xFF\x00\x00\x00\x00\x00\xE9\x00\x00\x00\x00\xC7\x45\x00\x00\x00\x00\x00\x8D\x4D\x00\xE8\x00\x00\x00\x00\xB8\x00\x00\x00\x00\xE9\x00\x00\x00\x00\x83\xBA\x00\x00\x00\x00\x00\x74\x00","x?????x?????x????xx?????xx?x????x????x????xx?????x?",12,false); // Win8 8.0 + 8.1
if ( !hDrawIndexPrimtive )
{
MessageBox(NULL,"Error Code (3)","Error",MB_ICONERROR);
exit(1);
}
if ( hReset && hEndScene && hDrawIndexPrimtive )
{
DWORD dwBack;
VirtualProtect((void*)(hCriticalSection),4,PAGE_EXECUTE_READWRITE,&dwBack);
pEnterCriticalSection = (EnterCriticalSection_t) *(DWORD*)(hCriticalSection);
*(DWORD*)(hCriticalSection) = (DWORD)nEnterCriticalSection;
VirtualProtect((void*)(hCriticalSection),4,dwBack,&dwBack);
return EXIT_SUCCESS;
}
return EXIT_FAILURE;
}
BOOL WINAPI DllMain ( HMODULE hDll, DWORD dwReason, LPVOID lpReserved )
{
if( dwReason == DLL_PROCESS_ATTACH )
{
CreateThread(NULL,NULL,Start,NULL,NULL,NULL);
}
return TRUE;
}
If we would like to stay stealth we must just choose stealth thing like this.
Dear guys i'm posting this hook cuz it will be really usefull for people, its works to any GAME, undetected to any ANTICHEATS. THERE IS NO ANTICHEATS Which is checking for it.
What does i'm doing,
Intercept EnterCriticalSection from d3d9 and wait for exactly returnaddress
of the follow function exactly in this case D3DReset, D3DPresent, D3DDrawIndexPrimitive.
Its current works to any OS From Windows XP To windowS 8.1.
its the current hook which i'm using to any game since october 2012.
06/28/2015, 22:53
#2
elite*gold: 724
Join Date: Mar 2011
Posts: 10,478
Received Thanks: 3,318
C/C++ -> Coding Snippets
#moved…
06/28/2015, 23:08
#3
elite*gold: 30
Join Date: May 2013
Posts: 1,546
Received Thanks: 2,599
Quote:
Originally Posted by
snow
#moved…
thank you
D3D Hook Internal Undetected
05/16/2015 - WarRock - 29 Replies
If we would like to stay stealth we must just choose stealth thing like this.
Dear guys i'm posting this hook cuz it will be really usefull for people, its works to any GAME, undetected to any ANTICHEATS. THERE IS NO ANTICHEATS Which is checking for it.
What does i'm doing,
Intercept EnterCriticalSection from d3d9 and wait for exactly returnaddress
of the follow function exactly in this case D3DReset, D3DPresent, D3DDrawIndexPrimitive.
Its current works to any OS From Windows XP To...
WarLord Public Hook (Client Hook) 01.03 Rleased Official Epvp Release by pastalov.
03/03/2012 - WarRock Hacks, Bots, Cheats & Exploits - 4 Replies
hi.
Endlich hat WarLord seinen Public Hack mal geupdated :handsdown:
Hier habt ihr Ihn:
http://img715.imageshack.us/img715/7504/frecky.pn g
Der Download befindet sich im anhang!
Virus Check:
https://www.virustotal.com/file/3792beba0863829ec 3e2b53f3b0c17d20bfc09c7d76f5f24967a79f1a82a4ddb/an alysis/1330708386/
All times are GMT +2. The time now is 21:58 .
C/C++ -> Coding Snippets
