- Yasaklandı
- #1
Selam aleykum arkdaşlar bir çok kişi hook arıyordur eğer hookunuz fixlendiye bunun kulnnabilirsin #MEMORYSCANNER DE AYNI HOOK VARDIR ! Hemen Hooku vereyim
memoryhackers.org Farkıyla
memoryhackers.org Farkıyla
Kod:
struct cStack
{
cStack* PreviousStack;
DWORD ReturnAddress;
LPVOID Arguments[ 127 ];
};
const char* GetOperatingSystem( void )
{
static const UINT uiLen = 1024;
char* szbuffer = new char[ uiLen ];
RegGetValue( HKEY_LOCAL_MACHINE, "SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion", "ProductName", RRF_RT_ANY, NULL, szbuffer, (ULONG*)&uiLen );
return szbuffer;
}
bool Compare( LPBYTE lpData, LPBYTE lpMask, LPSTR szMask )
{
if( lpData == nullptr || lpMask == nullptr || szMask == nullptr )
return FALSE;
for( ; *szMask; ++szMask, ++lpData, ++lpMask )
if( *szMask == 'x' && *lpData != *lpMask )
return FALSE;
return ( ( *szMask ) == 0 ) ? true : false;
}
DWORD FindPattern( DWORD dwStartAddress, DWORD dwSearchLen, LPBYTE lpMask, LPSTR szMask )
{
if( dwStartAddress == 0 || dwSearchLen == 0 || lpMask == nullptr || szMask == nullptr )
return 0;
for( UINT i = 0; i <= dwSearchLen; i++ )
if( Compare( ( LPBYTE )( dwStartAddress + i ), lpMask, szMask ) )
return ( dwStartAddress + i );
return 0;
}
D3DXMATRIX Proj, View, World;
bool WorldToScreen( LPDIRECT3DDEVICE9 DevicePtr, D3DXVECTOR3 In, UINT& X, UINT &Y )
{
D3DXVECTOR3 Out;
D3DVIEWPORT9 Viewport = { 0, 0, 0, 0, 0.0f, 0.0f };
DevicePtr->GetViewport( &Viewport );
D3DXVec3Project( &Out, &In, &Viewport, &Proj, &View, &World );
if( ( ( UINT )Out.x < Viewport.X || ( UINT )Out.x > ( Viewport.X + Viewport.Width ) ) || ( ( UINT )Out.y < Viewport.Y || ( UINT )Out.y > ( Viewport.Y + Viewport.Height ) ) )
return FALSE;
if( ( UINT )Out.z == 0 )
{
X = ( UINT )Out.x;
Y = ( UINT )Out.y;
return true;
}
return false;
}
DWORD SetRenderStatePtr = 0;
DWORD RenderRet = 0;
void __fastcall HkSetRenderState( LPVOID ClassPtr, LPVOID StackPtr, UINT RenderState, DWORD Value )
{
cStack* pStack;
__asm
{
MOV pStack, EBP
pushad
pushfd
}
LPDIRECT3DDEVICE9 pDevice = nullptr;
if( pStack != nullptr && pStack->PreviousStack != nullptr && pStack->PreviousStack->ReturnAddress == RenderRet && ( pDevice = (LPDIRECT3DDEVICE9)( pStack->PreviousStack->PreviousStack->Arguments[ 0 ] ) ) != nullptr )
{
//do stuff here
}
__asm
{
popfd
popad
}
return ( ( void( __thiscall* )( LPVOID, UINT, DWORD ) ) SetRenderStatePtr )( ClassPtr, RenderState, Value );
}
DWORD SetTransformPtr = 0;
DWORD TransformRet = 0;
void __stdcall HkSetTransform( LPDIRECT3DDEVICE9 pDevice, D3DTRANSFORMSTATETYPE State, D3DXMATRIX* Matrix )
{
cStack* pStack;
__asm
{
MOV pStack, EBP
pushad
pushfd
}
if( pStack != nullptr && pStack->ReturnAddress == TransformRet && pStack->PreviousStack != nullptr && pStack->PreviousStack->ReturnAddress == 0x00000000/*I'll help you update this*/ )
{
switch( State )
{
case D3DTS_PROJECTION:
Proj = *Matrix;
break;
case D3DTS_VIEW:
View = *Matrix;
break;
case D3DTS_WORLD:
World = *Matrix;
break;
default:
break;
}
}
__asm
{
popfd
popad
}
return ( ( void( __stdcall* )( LPDIRECT3DDEVICE9, D3DTRANSFORMSTATETYPE, D3DXMATRIX* ) ) SetTransformPtr )( pDevice, State, Matrix );
}
ULONG WINAPI MainThread( LPVOID )
{
DWORD D3DModule = 0;
while( D3DModule == 0 )
{
D3DModule = (DWORD)GetModuleHandle( "d3d9.dll" );
Sleep( 100 );
}
DWORD CD3DTable = FindPattern( D3DModule, 0xFFFFFFFF, (LPBYTE)"\xC7\x06\x00\x00\x00\x00\x89\x86\x00\x00\x00\x00\x89\x86", D3DBaseMask );
DWORD CD3DDDIDX10Table = FindPattern( D3DModule, 0xFFFFFFFF, (LPBYTE)"\xC7\x06\x00\x00\x00\x00\xC7\x46\x00\x0B", D3DDIDX10Mask );
DWORD* pCD3DDDIDX10Table = nullptr;
DWORD CD3DHalTable = FindPattern( D3DModule, 0xFFFFFFFF, (LPBYTE)"\x33\xC0\xC7\x06\x00\x00\x00\x00\x89\x86\x00\x00\x00\x00\x89\x86", D3DHALMask );
DWORD* pCD3DHalTable = nullptr;
UINT DDTableIndex = 57;
UINT HalTableIndex = 137;
if( CD3DTable )
{
DWORD* pTable = *(DWORD**)( CD3DTable + 2 );
if( pTable )
{
const char* OS = GetOperatingSystem( );
if( strstr( OS, "Windows XP" ) != 0 )
{
RenderRet = pTable[ 42 ] + 0xB9;
TransformRet = pTable[ 44 ] + 0xA9;
}
if( strstr( OS, "Windows Vista" ) != 0 || strstr( OS, "Windows 7" ) != 0 )
{
RenderRet = pTable[ 42 ] + 0x9E;
TransformRet = pTable[ 44 ] + 0x88;
DDTableIndex = 61;
HalTableIndex = 152;
}
}
}
if( CD3DDDIDX10Table )
pCD3DDDIDX10Table = *(DWORD**)( CD3DDDIDX10Table + 2 );
if( CD3DHalTable )
pCD3DHalTable = *(DWORD**)( CD3DHalTable + 4 );
DWORD ProtectionFlags;
while( true )
{
if( VirtualProtect( &pCD3DDDIDX10Table[ DDTableIndex ], 4, PAGE_EXECUTE_READWRITE, &ProtectionFlags ) != FALSE )
{
if( *(DWORD*)&pCD3DDDIDX10Table[ DDTableIndex ] != (DWORD)HkSetRenderState )
{
if( SetRenderStatePtr == 0 )
SetRenderStatePtr = *(DWORD*)&pCD3DDDIDX10Table[ DDTableIndex ];
*(DWORD*)&pCD3DDDIDX10Table[ DDTableIndex ] = (DWORD)HkSetRenderState;
}
VirtualProtect( &pCD3DDDIDX10Table[ DDTableIndex ], 4, ProtectionFlags, &ProtectionFlags );
}
if( VirtualProtect( &pCD3DHalTable[ HalTableIndex ], 4, PAGE_EXECUTE_READWRITE, &ProtectionFlags ) != FALSE )
{
if( *(DWORD*)&pCD3DHalTable[ HalTableIndex ] != (DWORD)HkSetTransform )
{
SetTransformPtr = *(DWORD*)&pCD3DHalTable[ HalTableIndex ];
*(DWORD*)&pCD3DHalTable[ HalTableIndex ] = (DWORD)HkSetTransform;
}
VirtualProtect( &pCD3DHalTable[ HalTableIndex ], 4, ProtectionFlags, &ProtectionFlags );
}
Sleep( 100 );
}
}
