[Snippet] Dynamically Get VTable
I was reading a topic here https://www.mpgh.net/forum/31-c-c-pro...-logger-4.html Which makes a good point that not everybody has the same d3d9.dll version which means you can't use a static address for hooking if you want your hack to work for all version, Stephen made a very good example of searching the vTable by using a Wild card search, for an address which has a pointer to the vTable. Anyway to cut a long story short here is my Delphi version based from his idea.
[highlight=delphi]
function GetD3d9Vtable(dwIndex: DWord): Cardinal;
var
pD3D9 : PByte;
pVtable : ^DWord;
cAddress: Cardinal;
const
//Pattern Used To scan for bytes
baVtablePattern: array[0..15] of Byte = ($33,$C0,$C7,$06,$00,$00,$00,$00,$89,$86,$00,$00,$ 00,$00,$89,$86);
//Mask used in WildCard $01 notes Wild cards
baVtableMask : array[0..15] of Byte = ($00,$00,$00,$00,$01,$01,$01,$01,$00,$00,$01,$01,$ 01,$01,$00,$00);
begin
//Get Base Adress of D3D9.dll
pD3D9:= PByte(GetModuleHandleA('d3d9.dll'));
//Wild Card Search For Pointer To VTable Address
cAddress:= WildCardSearch(pD3D9,@baVtablePattern,@baVtableMas k,SizeOf(baVtablePattern),128000,False);
//If results Returned an Adress
if cAddress > 0 then
begin
//Add 4 bytes to land on real Vtable pointer address
cAddress:= cAddress + $4;
//Get Vtable Index Pointer
pVtable:= Pointer(Dword(Ptr(cAddress)^) + dwIndex * 4);
//Return as Cardinal Index position pointer
Result := pVtable^
end
else
Result:= 0;
end;
[/highlight]
How to use...
[highlight=delphi]
var
dwPresent: Cardinal;
begin
//Checking to see if game is ready, this includes to see if d3d9.dll is loaded into memory
Repeat
Sleep(500);
Until ((IsGameReadyForHook = True) and (dwThrdMain = 0));
//Call our function to get Pointer address for hooking(Index 17 = Present)
dwPresent:= GetD3d9Vtable(17);
//Example hook replace "&" with "@" otherwise forum takes it a mention
if (HookJMP(Pointer(dwPresent) , &PresentCallBack, &PresentNext)) then
...
...
...
[/highlight]
As some people know I spent a few hours wondering why my PTC method wasn't working, Its because I had a static address from debugging D3D9.dll in olly, Little did I know my D3D9.dll was updated between my last hack and this one, Hence the reason this function was created to find it dynamically. Hope it might help someone who has ran into the same problem.
