Results 1 to 4 of 4
  1. #1
    luizimloko's Avatar
    Join Date
    Feb 2011
    Gender
    male
    Location
    fs:[0]
    Posts
    1,799
    Reputation
    136
    Thanks
    9,832
    My Mood
    Yeehaw

    Start3D Engine Hook

    Hello, i make this hook at long time ago, but i dont use anymore, appreciate:



    Code:
    Combat Arms Brazil:
    
    005382A0   . 833D F83E7700 >CMP DWORD PTR DS:[773EF8],0
    005382A7   . 75 36          JNZ SHORT Engine-u.005382DF
    005382A9   . 6A 49          PUSH 49
    005382AB   . E8 C09BF6FF    CALL Engine-u.004A1E70
    005382B0   . 83C4 04        ADD ESP,4
    005382B3   . 833D 60BC7600 >CMP DWORD PTR DS:[76BC60],1
    005382BA   . 7C 1D          JL SHORT Engine-u.005382D9
    005382BC   . A1 4C207400    MOV EAX,DWORD PTR DS:[74204C]
    005382C1   . 68 98E76E00    PUSH Engine-u.006EE798
    005382C6   . 68 00E86E00    PUSH Engine-u.006EE800                   ;  ASCII "LT_NOTINITIALIZED"
    005382CB   . 68 18BE6F00    PUSH Engine-u.006FBE18                   ;  ASCII "Start3D"
    005382D0   . 50             PUSH EAX
    005382D1   . E8 BAA7F6FF    CALL Engine-u.004A2A90
    005382D6   . 83C4 10        ADD ESP,10
    005382D9   > B8 49000000    MOV EAX,49
    005382DE   . C3             RETN
    005382DF   > A1 003F7700    MOV EAX,DWORD PTR DS:[773F00]            => Hook start
    005382E4   . 40             INC EAX
    005382E5   . A3 003F7700    MOV DWORD PTR DS:[773F00],EAX
    005382EA   . 83F8 01        CMP EAX,1
    005382ED   . 75 06          JNZ SHORT Engine-u.005382F5              => Hook return
    005382EF   . FF15 503F7700  CALL DWORD PTR DS:[773F50]
    005382F5   > 33C0           XOR EAX,EAX
    005382F7   . C3             RETN
    Code:
    DWORD DeviceGame = 0x877E58; // CA[BR]
    
    DWORD Start3D = 0x5382DF; // CA[BR]
    DWORD retStart3D = (Start3D + 0xE);
    
    LPD3DXFONT D3DDirectxFont;
    BOOL D3DFontBoolean;
    
    VOID StartFont(LPDIRECT3DDEVICE9 pDevice)
    {
    	if(D3DDirectxFont)
    	{
    		D3DDirectxFont->Release();
    		D3DDirectxFont = NULL;
    		D3DFontBoolean = FALSE;
    	}
    
    	if(!D3DFontBoolean)
    	{
    		D3DXCreateFont(pDevice, 12, 0, 350, 1, 0, 1, 0, 4, 0 | (0<<4), "Arial", &D3DDirectxFont);
    		D3DFontBoolean = TRUE;
    	}
    }
    
    VOID DrawText(INT x, INT y, DWORD Color, CHAR *Text)
    {
    	RECT Rect;
    	SetRect(&Rect, x, y, x, y);
    	D3DDirectxFont->DrawText(NULL, Text, -1, &Rect, DT_LEFT | DT_NOCLIP, Color);
    }
    
    __declspec(naked)HRESULT WINAPI Start3DMidfunction(VOID)
    {
    	static LPDIRECT3DDEVICE9 pDevice;
    
    	__asm
    	{
    		MOV EAX, DWORD PTR DS:[0x773F00]
    		INC EAX
    		MOV DWORD PTR DS:[0x773F00], EAX
    		CMP EAX, 1
    		PUSHAD
    	}
    
    	if(!pDevice)
    		pDevice = **(LPDIRECT3DDEVICE9 **)DeviceGame;
    	else
    	{
    		StartFont(pDevice);
    
    		pDevice->SetRenderState(D3DRS_ZENABLE, D3DZB_FALSE);
    
    		DrawText(50, 50, 0xFFFF0000, "Start3D Engine Hooking");
    		DrawText(50, 70, 0xFF0000FF, "Credits: luizimloko => Start3D, Shad0w_ => Midfunction example");
    
    		pDevice->SetRenderState(D3DRS_ZENABLE, D3DZB_TRUE);
    	}
    
    	__asm
    	{
    		POPAD
    		JMP DWORD PTR DS:[retStart3D];
    	}
    }
    
    DWORD WINAPI dwEngineHooking(PVOID)
    {
    	while(1)
    	{
    		if(memcmp((PVOID)Start3D, (PVOID)(PBYTE)"\xA1", 1) == 0)
    		{
    			Sleep(100);
    			DetourCreate((PBYTE)Start3D, (PBYTE)Start3DMidfunction, 14);
    		}
    		Sleep(50);
    	}
    	return EXIT_SUCCESS;
    }
    
    BOOL WINAPI DllMain(HMODULE hModule, DWORD dwReason, LPVOID lpReserved)
    {
    	if(dwReason == DLL_PROCESS_ATTACH)
    	{
                    DisableThreadLibraryCalls(hModule);
    		CreateThread(NULL, NULL, &dwEngineHooking, NULL, NULL, NULL);
    	}
    
    	return TRUE;
    }
    Code:
    Binary Scan: A1 ?? ?? ?? ?? 40 A3 ?? ?? ?? ?? 83 F8 01 75 06 FF 15 ?? ?? ?? ?? 33 C0 C3 CC CC CC CC CC CC CC CC
    Last edited by luizimloko; 06-15-2013 at 11:13 PM.
    Contributor Since: 02-18-2012

    WarFace Brazil:


    Crossfire Brazil ( X-Trap ):


    WarRock Brazil ( HackShield ):



  2. The Following 3 Users Say Thank You to luizimloko For This Useful Post:

    Donor (06-26-2013),dreek1 (06-16-2013),Oxxxymiron (06-21-2013)

  3. #2
    Ch40zz-C0d3r's Avatar
    Join Date
    Apr 2011
    Gender
    male
    Posts
    839
    Reputation
    44
    Thanks
    400
    My Mood
    Twisted
    Noo
    I hoped nobdy would release this <_<

    Progress with my game - "Disbanded"
    • Fixed FPS lag on spawning entities due to the ent_preload buffer!
    • Edit the AI code to get some better pathfinding
    • Fixed the view bug within the sniper scope view. The mirror entity is invisible now!
    • Added a new silencer for ALL weapons. Also fixed the rotation bugs
    • Added a ton of new weapons and the choice to choose a silencer for every weapon
    • Created a simple AntiCheat, noobs will cry like hell xD
    • The name will be Disbanded, the alpha starts on the 18th august 2014



    Some new physics fun (Serversided, works on every client)



    My new AI
    http://www.youtube.com/watch?v=EMSB1GbBVl8

    And for sure my 8 months old gameplay with 2 friends
    http://www.youtube.com/watch?v=Na2kUdu4d_k

  4. #3
    disav0w_'s Avatar
    Join Date
    Oct 2012
    Gender
    male
    Posts
    13
    Reputation
    10
    Thanks
    60
    Totally useless hook it by there, would be same do a codecave on calls to present/beginscene/endscene. Only thing that hooking start/end3d could be cool it's because they have a virtual entry hookable from LTClient, but bad news, seems that hackshield scan LTClient vtable.

  5. The Following 4 Users Say Thank You to disav0w_ For This Useful Post:

    Donor (06-26-2013),[MPGH]Genesis (06-17-2013),matypatty (06-17-2013),poolwizard (07-25-2013)

  6. #4
    J's Avatar
    Join Date
    Jun 2010
    Gender
    male
    Location
    East Coast
    Posts
    2,159
    Reputation
    379
    Thanks
    5,761
    My Mood
    In Love
    Very nice.

Similar Threads

  1. [Source Code] Start3D Engine Hook
    By luizimloko in forum Combat Arms BR Hack Coding/Source Code
    Replies: 22
    Last Post: 07-13-2013, 06:10 PM
  2. Download MW3 Engine Hook
    By Geometrical in forum Spammers Corner
    Replies: 4
    Last Post: 12-25-2012, 08:26 AM
  3. [Release] ☆☆☆☆☆ [ Midfuntion Engine Hook - 09/27/2012 ] ☆☆☆☆☆
    By Gangnam Boy in forum CrossFire Hack Coding / Programming / Source Code
    Replies: 13
    Last Post: 09-27-2012, 11:44 AM
  4. [RELEASE] Crysis engine hook
    By Hell_Demon in forum C++/C Programming
    Replies: 14
    Last Post: 01-20-2010, 09:59 AM
  5. [Release] WiirtuallCA Cheat Engine Hook V 1.2 [64BIT Vista/7Only]
    By Wiirtuallca in forum Combat Arms Europe Hacks
    Replies: 11
    Last Post: 12-16-2009, 06:40 PM