problem v2

**Wilds** · 05-21-2011

more code.

NFD.cpp

Code:

#include "NFD.h"






//DEFINES
#define ADR_RAPID1 0x374FAF0B
#define ADR_RAPID2 0x37503FEE
#define ADR_RAPID3 0x374FFEA7
#define ADR_RAPID4 0x37503FF5
#define ADR_RAPID5 0x37503E28

#define ADR_SuperBullets 0x374FDF96

#define ADR_NoRecoil1 0x374979E0
#define ADR_NoRecoil2 0x375AA949
#define ADR_NoRecoil3 0x374979F4
#define ADR_NoRecoil4 0x374979E8

#define ADR_NoReload 0x375032F4

#define ADR_LTClient 0x378F4D90
#define ADR_EngineLTC 0x485E40

#define ADR_RemoteKill1 0x374982AB
#define ADR_RemoteKill2 0x374982AC
#define ADR_RemoteKill3 0x374984FB
#define ADR_RemoteKill4 0x374984FC

#define ADR_GlassWalls 0x57297A

#define ADR_PlayerStats 0x37181557

#define ADR_NameTag1 0x37516F33
#define ADR_NameTag2 0x372E56AD

#define ADR_WeaponRange1 0x37503579
#define ADR_WeaponRange2 0x375038F9
//DEFINES

//BOOLs
bool Tracers, FPS, Fog, SuperJump, NXChams, GunSway, Pickup, Prediction, FullBright, NoSpread, SpawnDelay, NoSky, NoHands, Speed;
//BOOLs

//INTs

//INTs


//pragma
#pragma warning(disable: 4311)
#pragma warning(disable: 4312)
#pragma warning(disable: 4244)
//pragma




typedef HRESULT ( WINAPI* oPresent ) ( LPDIRECT3DDEVICE9 pDevice, CONST RECT *pSourceRect, CONST RECT *pDestRect, HWND hDestWindowOverride, CONST RGNDATA *pDirtyRegion);
oPresent pPresent;


bool IsGameReadyForHook()
{
	if( GetModuleHandleA( "d3d9.dll"     ) != NULL 
		&& GetModuleHandleA( "ClientFX.fxd" ) != NULL 
		&& GetModuleHandleA( "CShell.dll"   ) != NULL )
		return true;
	return false;
}



DWORD VTable(int index)
{
	DWORD* devicePtr = 0;
	
	DWORD hD3D9 = NULL;
	
	while(hD3D9 == NULL){
		Sleep(100);
		try
		{
		hD3D9 = (DWORD)GetModuleHandleA("d3d9.dll");}
		catch(...)
		{
			hD3D9 = NULL;
		}}

	DWORD addy = FindPattern(hD3D9, 0x1280000, (PBYTE)"\xC7\x06\x00\x00\x00\x00\x89\x86\x00\x00\x00\x00\x89\x86", "xx????xx????xx");
	Memoria (&devicePtr, (void*)(addy+2), 4);

	if(devicePtr == NULL){
		return 0;}

	return devicePtr[index];

}

/*/
void __cdecl PushToConsole( const char* szCommand )
{
DWORD *LTClient = ( DWORD* )( ADR_EngineLTC );
void* CONoff = ( void* )*( DWORD* )( *LTClient + 0x208 );
__asm
{
push szCommand;
call CONoff;
add esp, 4;
}
} 
/*/
void main() 
{
	while(true)
	{
	//my NOP's and PTC's here (they were commented out)
		
	}
	
}


HRESULT WINAPI gellPresent(LPDIRECT3DDEVICE9 pDevice, CONST RECT *pSourceRect, 
						   CONST RECT *pDestRect, HWND hDestWindowOverride, CONST RGNDATA *pDirtyRegion)
{
	_asm pushad;
	main();
	_asm popad;
	return pPresent(pDevice, pSourceRect, pDestRect, hDestWindowOverride, pDirtyRegion);
}

void *DetourCreate( BYTE *src, const BYTE *dst )
{
	int len = 5;

	BYTE *jmp = (BYTE*)malloc( len+5 );
	DWORD dwBack;
	VirtualProtect( src, len, PAGE_EXECUTE_READWRITE, &dwBack );
	memcpy( jmp, src, len );	
	jmp += len;
	jmp[0] = 0xE9;
	*(DWORD*)( jmp+1 ) = (DWORD)( src+len - jmp ) - 5;
	src[0] = 0xE9;
	*(DWORD*)( src+1 ) = (DWORD)( dst - src ) - 5;
	VirtualProtect( src, len, dwBack, &dwBack );

	return( jmp-len );
}

void Hook(void)
{
	DWORD dwPresent  = VTable(17);
	pPresent    = (oPresent)DetourCreate(( PBYTE)dwPresent, ( PBYTE )gellPresent);
}

DWORD WINAPI dwD3D9Thread(LPVOID)
{
	while( !IsGameReadyForHook() )
		Sleep(70);
	Hook();
	return 0;
}
BOOL WINAPI DllMain ( HMODULE hDll, DWORD dwReason, LPVOID lpReserved )
{
	DisableThreadLibraryCalls(hDll);
	if ( dwReason == DLL_PROCESS_ATTACH )
	{
		CreateThread(NULL, NULL, dwD3D9Thread, NULL, NULL, NULL);
	}
	return TRUE;
}

NFD.h

Code:

#pragma once

#include "Files.h"



void Memoria( void* pvAddress, void* pvBuffer, size_t len )
{
	if( *(BYTE*)pvAddress == *(BYTE*)pvBuffer )
		return;

	memcpy( ( void* )pvAddress, ( void* )pvBuffer, len );
}

bool bCompare(const BYTE* pData, const BYTE* bMask, const char* szMask)
{
	for(;*szMask;++szMask,++pData,++bMask)
		if(*szMask=='x' && *pData!=*bMask)  
			return 0;
	return (*szMask) == NULL;
}

DWORD FindPattern(DWORD dwAddress,DWORD dwLen,BYTE *bMask,char * szMask)
{
	for(DWORD i=0; i<dwLen; i++)
		if (bCompare((BYTE*)(dwAddress+i),bMask,szMask))  
			return (DWORD)(dwAddress+i);
	return 0;
}

Files.h

Code:

#include <windows.h>
#include <d3dx9.h>
#include <d3d9.h>
#include <iostream>

my PTC and my hacks were commented out while i tried it like this

any help?

**freedompeace** · 05-22-2011

Well now that you show us (a bit) more code...

Two possible places of error:

The code that you're not willing to show ("//my NOP's and PTC's here (they were commented out)") may be causing the crash (either my memory access violation or nexon's own checks, for example)
Your detour method has been detected

**Wilds** · 05-22-2011

Originally Posted by freedompeace

Well now that you show us (a bit) more code...

Two possible places of error:

The code that you're not willing to show ("//my NOP's and PTC's here (they were commented out)") may be causing the crash (either my memory access violation or nexon's own checks, for example)
Your detour method has been detected

your help is very much appreciated

thanked and +REPd

**Departure** · 05-22-2011

Code:

void Memoria( void* pvAddress, void* pvBuffer, size_t len )
{
	if( *(BYTE*)pvAddress == *(BYTE*)pvBuffer )
		return;

	memcpy( ( void* )pvAddress, ( void* )pvBuffer, len );
}

You will need to use VirtualProtect for memory patches also...

Example:

Code:

Function WriteIt(pAddress: Pointer; Bytes: Array of Byte): Boolean;
var
  dwProtect: DWord;
begin
  Result:= False;
  if VirtualProtect(pAddress, SizeOf(Bytes), PAGE_EXECUTE_READWRITE, @dwProtect) then
   begin
    Move(Bytes, pAddress^, Length(Bytes));
    VirtualProtect(pAddress, SizeOf(Bytes), dwProtect, @dwProtect);
    Result := True
   end;
end;

Thread: problem v2

Thread Tools

Display

problem v2

The Following User Says Thank You to freedompeace For This Useful Post:

The Following User Says Thank You to Departure For This Useful Post: