Soldier Front Base Hook

~~Steam Trader~~ · 09/01/2013, 20:31

This is a 'base' for Soldier Front 1 which hooks Endscene.

Feel free to copy and paste this and add bits, hopefully you can learn from it.

CVMTHookManager

Code:

class CVMTHookManager
{
public:
	CVMTHookManager( void )
	{
		memset( this, 0, sizeof( CVMTHookManager ) );
	}

	CVMTHookManager( PDWORD* ppdwClassBase )
	{
		bInitialize( ppdwClassBase );
	}

	bool UnhookVMT( PDWORD* ppdwClassBase )
	{
		*ppdwClassBase = m_pdwOldVMT;
		return true;
	}

	bool bInitialize( PDWORD* ppdwClassBase )
	{
		m_pdwOldVMT = *ppdwClassBase;
		m_dwVMTSize = dwGetVMTCount( *ppdwClassBase );
		m_pdwNewVMT = new DWORD[ m_dwVMTSize + 2 ];
		memcpy( m_pdwNewVMT, m_pdwOldVMT, sizeof( DWORD ) * m_dwVMTSize );
		*ppdwClassBase = m_pdwNewVMT;
		return true;
	}

	bool bInitialize( PDWORD** pppdwClassBase )
	{
		return bInitialize( *pppdwClassBase );
	}

	DWORD dwHookMethod( DWORD dwNewFunc, int iIndex )
	{
		if ( m_pdwNewVMT && m_pdwOldVMT && iIndex >= 0 && iIndex <= m_dwVMTSize )
		{
			m_pdwNewVMT[ iIndex ] = dwNewFunc;
			return m_pdwOldVMT[ iIndex ];
		}

		return NULL;
	}

	VOID dwUnHookMethod( int iIndex )
	{
		m_pdwNewVMT[ iIndex ] = m_pdwOldVMT[ iIndex ];
	}

private:
	DWORD dwGetVMTCount( PDWORD pdwVMT )
	{
		DWORD dwIndex;
		for ( dwIndex = 0; pdwVMT[ dwIndex ]; dwIndex++ )
		{
			if ( IsBadCodePtr( ( FARPROC ) pdwVMT[ dwIndex ] ) )
			{
				break;
			}
		}
		return dwIndex;
	}
	PDWORD	m_pdwNewVMT, m_pdwOldVMT;
	DWORD	m_dwVMTSize;
};

rgone.h

Code:

struct SFClass
{
	PDWORD PointerToClass; 

	SFClass( PDWORD Address )
	{
		PointerToClass = Address; 
	}

	BOOL IsClassAlive( )
	{
		BOOL Result;

		if(*PointerToClass != NULL)
		{
			Result = true;
		}
		else
		{
			Result = false;
		}

		return Result;
	}
};

struct GAME_SFDevice
{
	CHAR _UNKNOWN[0x08];
	LPDIRECT3DDEVICE9 pDevice;
};

struct SFDevice
{
	SFClass* GAMECLASS;
	CVMTHookManager* HookVMTManager;

	SFDevice( DWORD GameClass_Location )
	{
		GAMECLASS = new SFClass( (PDWORD)GameClass_Location );

	}

	~SFDevice( )
	{
		delete GAMECLASS;
	}

	LPDIRECT3DDEVICE9 Device( )
	{
		return ((GAME_SFDevice*)(*GAMECLASS->PointerToClass))->pDevice;
	}

	BOOL InitHook( )
	{
		if(!GAMECLASS->IsClassAlive( ))
			return FALSE;

		PDWORD* ppdwDevice = (PDWORD*)Device( );

		if(ppdwDevice == NULL)
			return FALSE;

		HookVMTManager = new CVMTHookManager( ppdwDevice );

		

		return TRUE;
	}

};

extern SFDevice* pSFDevice;

typedef LONG (WINAPI* tEndscene)(LPDIRECT3DDEVICE9);
extern tEndscene oEndscene;
LONG WINAPI hEndscene(LPDIRECT3DDEVICE9 pDevice);

rgone.cpp

Code:

#include <windows.h>
#include <d3d9.h>
#include <d3dx9.h>
#include "rgone.h"

SFDevice* pSFDevice;
DWORD WINAPI MyEntry( LPVOID );
BOOL APIENTRY DllMain( HMODULE hModule, DWORD ul_reason_for_call, LPVOID lpReserved )
{
	if(ul_reason_for_call == DLL_PROCESS_ATTACH)
	{
		CreateThread(0, 0, RGONE, 0, 0, 0);
	}

	return TRUE;
}

tEndscene oEndscene;

LONG WINAPI hEndscene(LPDIRECT3DDEVICE9 pDevice)
{

	return oEndscene(pDevice);
}

DWORD WINAPI RGONE( LPVOID )
{
	Sleep( 1000 );

	pSFDevice = new SFDevice( 0xEB5958 );

	if( !pSFDevice->InitHook( ) )
	{
		Beep(400, 400);
		return NULL;
	}

	oEndscene = (tEndscene) pSFDevice->HookVMTManager->dwHookMethod( (DWORD)hEndscene, 42 );

	return NULL;
}

Credits:
Shad0w_
cC
Einstein