Home › Forum › MultiPlayer Game Hacks & Cheats › CrossFire Hacks & Cheats › CrossFire Hack Coding / Programming / Source Code › Hook DIP Engine
Hook DIP Engine
Hook DIP Engine
This was posted in 20 August 2012 by WE11ington. I'm 100% sure xKickAss used this hook on his release: http://www.mpgh.net/forum/175-crossf...-features.html I'm not sure why he didn't give any credits even to WE11ington, selfish?
Detour -> Azorbix
Midfunction -> Shadow_
WE11ington himself
Code:
#include <windows.h>
#include <d3d9.h>
#include <d3dx9.h>
#pragma comment(lib, "d3d9.lib")
#pragma comment(lib, "d3dx9.lib")
// NUMPAD1 => On/Off chams.
// NUMPAD2 => Change colors.
#define DIPEngine 0x004B6122
DWORD retDIPEngine = (DIPEngine + 0x8);
INT chams;
INT color;
#define Red D3DCOLOR_ARGB( 255, 255, 000, 000 )
#define Green D3DCOLOR_ARGB( 255, 000, 255, 000 )
#define Blue D3DCOLOR_ARGB( 255, 000, 000, 255 )
#define Black D3DCOLOR_ARGB( 255, 000, 000, 000 )
__declspec( naked ) HRESULT WINAPI DIPMidfunction( )
{
static LPDIRECT3DDEVICE9 pDevice;
static INT BaseVertexIndex;
static UINT MinVertexIndex, NumVertices, startIndex, primCount;
__asm
{
MOV ECX, DWORD PTR DS:[EAX]
MOV EDX, DWORD PTR DS:[ECX + 0x148]
MOV DWORD PTR DS:[pDevice], EAX
MOV ECX, DWORD PTR DS:[EBP + 0x18]
MOV DWORD PTR DS:[BaseVertexIndex], ECX
MOV ECX, DWORD PTR DS:[EBP + 0x8]
MOV DWORD PTR DS:[MinVertexIndex], ECX
MOV ECX, DWORD PTR DS:[EBP + 0x10]
MOV DWORD PTR DS:[NumVertices], ECX
MOV ECX, DWORD PTR DS:[EBP + 0xC]
MOV DWORD PTR DS:[startIndex], ECX
MOV ECX, DWORD PTR DS:[EBP + 0x14]
MOV DWORD PTR DS:[primCount], ECX
PUSHAD
}
if( GetAsyncKeyState(VK_NUMPAD1)&1 )
chams = !chams;
if( GetAsyncKeyState(VK_NUMPAD2)&1 )
color++;
if( color > 4 )
color = 0;
if( chams )
{
pDevice->SetRenderState( D3DRS_ZENABLE, D3DZB_FALSE );
if( color == 1 ) pDevice->SetRenderState( D3DRS_AMBIENT, Red );
if( color == 2 ) pDevice->SetRenderState( D3DRS_AMBIENT, Green );
if( color == 3 ) pDevice->SetRenderState( D3DRS_AMBIENT, Blue );
if( color == 4 ) pDevice->SetRenderState( D3DRS_AMBIENT, Black );
}
__asm
{
POPAD
JMP retDIPEngine
}
}
void *DetourCreate( BYTE *src, const BYTE *dst, const int len )
{
BYTE *jmp =( BYTE * ) malloc( len + 5 );
DWORD dwBack;
VirtualProtect( src, len, PAGE_READWRITE, &dwBack );
memcpy( jmp, src, len );
jmp += len;
jmp[0] = 0xE9;
*( DWORD * )( jmp + 1 ) =( DWORD )( src + len - jmp ) - 5;
src[0] = 0xE9;
*( DWORD * )( src + 1 ) = ( DWORD )( dst - src ) - 5;
for( int i=5; i<len; i++ )
src[i] = 0x90;
VirtualProtect( src, len, dwBack, &dwBack );
return( jmp - len );
}
DWORD WINAPI StartRoutine( LPVOID )
{
while( TRUE )
{
if( memcmp( ( void * )DIPEngine, (void * )( PBYTE )"\x8B\x08", 2 ) == 0 )
{
Sleep(200);
DetourCreate( ( PBYTE )DIPEngine, ( PBYTE )DIPMidfunction, 8 );
}
Sleep( 50 );
}
return 0;
}
BOOL WINAPI DllMain( HMODULE hDll, DWORD dwReason, LPVOID lpReserved )
{
if( dwReason == DLL_PROCESS_ATTACH )
{
DisableThreadLibraryCalls( hDll );
MessageBox( 0, "Hook DIP Engine", "Crossfire", 0 );
CreateThread( 0, 0, (LPTHREAD_START_ROUTINE)StartRoutine, 0, 0, 0 );
}
return TRUE;
}
Code:
DrawIndexPrimitive: 004B5FC0 53 PUSH EBX 004B5FC1 55 PUSH EBP 004B5FC2 8B6C24 10 MOV EBP,DWORD PTR SS:[ESP+10] 004B5FC6 56 PUSH ESI 004B5FC7 57 PUSH EDI 004B5FC8 50 PUSH EAX 004B5FC9 8BD9 MOV EBX,ECX 004B5FCB 68 00010000 PUSH 100 004B5FD0 B9 98346C00 MOV ECX,006C3498 004B5FD5 8BF2 MOV ESI,EDX 004B5FD7 E8 D470F5FF CALL 0040D0B0 004B5FDC 837E 14 00 CMP DWORD PTR DS:[ESI+14],0 004B5FE0 0F84 8B000000 JE 004B6071 004B5FE6 8B0D 5C506B00 MOV ECX,DWORD PTR DS:[6B505C] 004B5FEC 85C9 TEST ECX,ECX 004B5FEE 74 44 JE SHORT 004B6034 004B5FF0 F605 042B6D00 01 TEST BYTE PTR DS:[6D2B04],1 004B5FF7 75 24 JNZ SHORT 004B601D 004B5FF9 830D 042B6D00 01 OR DWORD PTR DS:[6D2B04],1 004B6000 68 002E6500 PUSH 00652E00 004B6005 C705 D8246D00 FC126700 MOV DWORD PTR DS:[6D24D8],006712FC 004B600F E8 43130900 CALL 00547357 004B6014 8B0D 5C506B00 MOV ECX,DWORD PTR DS:[6B505C] 004B601A 83C4 04 ADD ESP,4 004B601D 8B4424 14 MOV EAX,DWORD PTR SS:[ESP+14] 004B6021 8B11 MOV EDX,DWORD PTR DS:[ECX] 004B6023 8B52 68 MOV EDX,DWORD PTR DS:[EDX+68] 004B6026 68 D8246D00 PUSH 006D24D8 004B602B 50 PUSH EAX 004B602C 8B46 14 MOV EAX,DWORD PTR DS:[ESI+14] 004B602F 55 PUSH EBP 004B6030 53 PUSH EBX 004B6031 50 PUSH EAX 004B6032 FFD2 CALL EDX 004B6034 8B7E 14 MOV EDI,DWORD PTR DS:[ESI+14] 004B6037 E8 1494F9FF CALL 0044F450 004B603C 85FF TEST EDI,EDI 004B603E 74 31 JE SHORT 004B6071 004B6040 8B07 MOV EAX,DWORD PTR DS:[EDI] 004B6042 8B10 MOV EDX,DWORD PTR DS:[EAX] 004B6044 8BCF MOV ECX,EDI 004B6046 FFD2 CALL EDX 004B6048 84C0 TEST AL,AL 004B604A 74 25 JE SHORT 004B6071 004B604C 8B07 MOV EAX,DWORD PTR DS:[EDI] 004B604E 8B50 10 MOV EDX,DWORD PTR DS:[EAX+10] 004B6051 8BCF MOV ECX,EDI 004B6053 FFD2 CALL EDX 004B6055 85C0 TEST EAX,EAX 004B6057 74 18 JE SHORT 004B6071 004B6059 8B0D 702E6C00 MOV ECX,DWORD PTR DS:[6C2E70] 004B605F 8B09 MOV ECX,DWORD PTR DS:[ECX] 004B6061 8B11 MOV EDX,DWORD PTR DS:[ECX] 004B6063 6A 60 PUSH 60 004B6065 50 PUSH EAX 004B6066 8B82 78010000 MOV EAX,DWORD PTR DS:[EDX+178] 004B606C 6A 00 PUSH 0 004B606E 51 PUSH ECX 004B606F FFD0 CALL EAX 004B6071 837E 18 00 CMP DWORD PTR DS:[ESI+18],0 004B6075 0F84 8B000000 JE 004B6106 004B607B 8B0D 5C506B00 MOV ECX,DWORD PTR DS:[6B505C] 004B6081 85C9 TEST ECX,ECX 004B6083 74 44 JE SHORT 004B60C9 004B6085 F605 042B6D00 01 TEST BYTE PTR DS:[6D2B04],1 004B608C 75 24 JNZ SHORT 004B60B2 004B608E 830D 042B6D00 01 OR DWORD PTR DS:[6D2B04],1 004B6095 68 002E6500 PUSH 00652E00 004B609A C705 D8246D00 FC126700 MOV DWORD PTR DS:[6D24D8],006712FC 004B60A4 E8 AE120900 CALL 00547357 004B60A9 8B0D 5C506B00 MOV ECX,DWORD PTR DS:[6B505C] 004B60AF 83C4 04 ADD ESP,4 004B60B2 8B4424 14 MOV EAX,DWORD PTR SS:[ESP+14] 004B60B6 8B11 MOV EDX,DWORD PTR DS:[ECX] 004B60B8 8B52 6C MOV EDX,DWORD PTR DS:[EDX+6C] 004B60BB 68 D8246D00 PUSH 006D24D8 004B60C0 50 PUSH EAX 004B60C1 8B46 18 MOV EAX,DWORD PTR DS:[ESI+18] 004B60C4 55 PUSH EBP 004B60C5 53 PUSH EBX 004B60C6 50 PUSH EAX 004B60C7 FFD2 CALL EDX 004B60C9 8B7E 18 MOV EDI,DWORD PTR DS:[ESI+18] 004B60CC E8 EF7DF9FF CALL 0044DEC0 004B60D1 85FF TEST EDI,EDI 004B60D3 74 31 JE SHORT 004B6106 004B60D5 8B07 MOV EAX,DWORD PTR DS:[EDI] 004B60D7 8B10 MOV EDX,DWORD PTR DS:[EAX] 004B60D9 8BCF MOV ECX,EDI 004B60DB FFD2 CALL EDX 004B60DD 84C0 TEST AL,AL 004B60DF 74 25 JE SHORT 004B6106 004B60E1 8B07 MOV EAX,DWORD PTR DS:[EDI] 004B60E3 8B50 10 MOV EDX,DWORD PTR DS:[EAX+10] 004B60E6 8BCF MOV ECX,EDI 004B60E8 FFD2 CALL EDX 004B60EA 85C0 TEST EAX,EAX 004B60EC 74 18 JE SHORT 004B6106 004B60EE 8B0D 702E6C00 MOV ECX,DWORD PTR DS:[6C2E70] 004B60F4 8B09 MOV ECX,DWORD PTR DS:[ECX] 004B60F6 8B11 MOV EDX,DWORD PTR DS:[ECX] 004B60F8 6A 08 PUSH 8 004B60FA 50 PUSH EAX 004B60FB 8B82 B4010000 MOV EAX,DWORD PTR DS:[EDX+1B4] 004B6101 6A 00 PUSH 0 004B6103 51 PUSH ECX 004B6104 FFD0 CALL EAX 004B6106 8BBE A4000000 MOV EDI,DWORD PTR DS:[ESI+A4] 004B610C 8B9E A0000000 MOV EBX,DWORD PTR DS:[ESI+A0] 004B6112 8B35 702E6C00 MOV ESI,DWORD PTR DS:[6C2E70] => DeviceGame 004B6118 8BEE MOV EBP,ESI 004B611A E8 B1ACFFFF CALL 004B0DD0 004B611F 8B45 00 MOV EAX,DWORD PTR SS:[EBP] 004B6122 8B08 MOV ECX,DWORD PTR DS:[EAX] 004B6124 8B91 48010000 MOV EDX,DWORD PTR DS:[ECX+148] => DrawIndexPrimitive 004B612A 57 PUSH EDI 004B612B 6A 00 PUSH 0 004B612D 53 PUSH EBX 004B612E 6A 00 PUSH 0 004B6130 6A 00 PUSH 0 004B6132 6A 04 PUSH 4 004B6134 50 PUSH EAX 004B6135 FFD2 CALL EDX 004B6137 5F POP EDI 004B6138 5E POP ESI 004B6139 5D POP EBP 004B613A 5B POP EBX 004B613B C2 0800 RETN 8
Code:
Pattern Scan for to update adress DIPEngine: \x8B\x08\x8B\x91\x00\x00\x00\x00\x57\x6A\x00\x53\x6A\x00\x6A\x00\x6A\x00\x50\xFF\xD2\x5F\x5E\x5D\x5B\xC2\x00\x00 xxxx????xx?xx?x?x?xxxxxxxx??
Midfunction -> Shadow_
WE11ington himself
All functions credits go to We11ington, exept Detours and Mid Func
Leeched and detected
Originally Posted by Avene
This was posted in 20 August 2012 by WE11ington. I'm 100% sure xKickAss used this hook on his release: http://www.mpgh.net/forum/175-crossf...-features.html I'm not sure why he didn't give any credits even to WE11ington, selfish?
Detour -> Azorbix
Midfunction -> Shadow_
WE11ington himself
Code:
#include <windows.h>
#include <d3d9.h>
#include <d3dx9.h>
#pragma comment(lib, "d3d9.lib")
#pragma comment(lib, "d3dx9.lib")
// NUMPAD1 => On/Off chams.
// NUMPAD2 => Change colors.
#define DIPEngine 0x004B6122
DWORD retDIPEngine = (DIPEngine + 0x8);
INT chams;
INT color;
#define Red D3DCOLOR_ARGB( 255, 255, 000, 000 )
#define Green D3DCOLOR_ARGB( 255, 000, 255, 000 )
#define Blue D3DCOLOR_ARGB( 255, 000, 000, 255 )
#define Black D3DCOLOR_ARGB( 255, 000, 000, 000 )
__declspec( naked ) HRESULT WINAPI DIPMidfunction( )
{
static LPDIRECT3DDEVICE9 pDevice;
static INT BaseVertexIndex;
static UINT MinVertexIndex, NumVertices, startIndex, primCount;
__asm
{
MOV ECX, DWORD PTR DS:[EAX]
MOV EDX, DWORD PTR DS:[ECX + 0x148]
MOV DWORD PTR DS:[pDevice], EAX
MOV ECX, DWORD PTR DS:[EBP + 0x18]
MOV DWORD PTR DS:[BaseVertexIndex], ECX
MOV ECX, DWORD PTR DS:[EBP + 0x8]
MOV DWORD PTR DS:[MinVertexIndex], ECX
MOV ECX, DWORD PTR DS:[EBP + 0x10]
MOV DWORD PTR DS:[NumVertices], ECX
MOV ECX, DWORD PTR DS:[EBP + 0xC]
MOV DWORD PTR DS:[startIndex], ECX
MOV ECX, DWORD PTR DS:[EBP + 0x14]
MOV DWORD PTR DS:[primCount], ECX
PUSHAD
}
if( GetAsyncKeyState(VK_NUMPAD1)&1 )
chams = !chams;
if( GetAsyncKeyState(VK_NUMPAD2)&1 )
color++;
if( color > 4 )
color = 0;
if( chams )
{
pDevice->SetRenderState( D3DRS_ZENABLE, D3DZB_FALSE );
if( color == 1 ) pDevice->SetRenderState( D3DRS_AMBIENT, Red );
if( color == 2 ) pDevice->SetRenderState( D3DRS_AMBIENT, Green );
if( color == 3 ) pDevice->SetRenderState( D3DRS_AMBIENT, Blue );
if( color == 4 ) pDevice->SetRenderState( D3DRS_AMBIENT, Black );
}
__asm
{
POPAD
JMP retDIPEngine
}
}
void *DetourCreate( BYTE *src, const BYTE *dst, const int len )
{
BYTE *jmp =( BYTE * ) malloc( len + 5 );
DWORD dwBack;
VirtualProtect( src, len, PAGE_READWRITE, &dwBack );
memcpy( jmp, src, len );
jmp += len;
jmp[0] = 0xE9;
*( DWORD * )( jmp + 1 ) =( DWORD )( src + len - jmp ) - 5;
src[0] = 0xE9;
*( DWORD * )( src + 1 ) = ( DWORD )( dst - src ) - 5;
for( int i=5; i<len; i++ )
src[i] = 0x90;
VirtualProtect( src, len, dwBack, &dwBack );
return( jmp - len );
}
DWORD WINAPI StartRoutine( LPVOID )
{
while( TRUE )
{
if( memcmp( ( void * )DIPEngine, (void * )( PBYTE )"\x8B\x08", 2 ) == 0 )
{
Sleep(200);
DetourCreate( ( PBYTE )DIPEngine, ( PBYTE )DIPMidfunction, 8 );
}
Sleep( 50 );
}
return 0;
}
BOOL WINAPI DllMain( HMODULE hDll, DWORD dwReason, LPVOID lpReserved )
{
if( dwReason == DLL_PROCESS_ATTACH )
{
DisableThreadLibraryCalls( hDll );
MessageBox( 0, "Hook DIP Engine", "Crossfire", 0 );
CreateThread( 0, 0, (LPTHREAD_START_ROUTINE)StartRoutine, 0, 0, 0 );
}
return TRUE;
}
Code:
DrawIndexPrimitive: 004B5FC0 53 PUSH EBX 004B5FC1 55 PUSH EBP 004B5FC2 8B6C24 10 MOV EBP,DWORD PTR SS:[ESP+10] 004B5FC6 56 PUSH ESI 004B5FC7 57 PUSH EDI 004B5FC8 50 PUSH EAX 004B5FC9 8BD9 MOV EBX,ECX 004B5FCB 68 00010000 PUSH 100 004B5FD0 B9 98346C00 MOV ECX,006C3498 004B5FD5 8BF2 MOV ESI,EDX 004B5FD7 E8 D470F5FF CALL 0040D0B0 004B5FDC 837E 14 00 CMP DWORD PTR DS:[ESI+14],0 004B5FE0 0F84 8B000000 JE 004B6071 004B5FE6 8B0D 5C506B00 MOV ECX,DWORD PTR DS:[6B505C] 004B5FEC 85C9 TEST ECX,ECX 004B5FEE 74 44 JE SHORT 004B6034 004B5FF0 F605 042B6D00 01 TEST BYTE PTR DS:[6D2B04],1 004B5FF7 75 24 JNZ SHORT 004B601D 004B5FF9 830D 042B6D00 01 OR DWORD PTR DS:[6D2B04],1 004B6000 68 002E6500 PUSH 00652E00 004B6005 C705 D8246D00 FC126700 MOV DWORD PTR DS:[6D24D8],006712FC 004B600F E8 43130900 CALL 00547357 004B6014 8B0D 5C506B00 MOV ECX,DWORD PTR DS:[6B505C] 004B601A 83C4 04 ADD ESP,4 004B601D 8B4424 14 MOV EAX,DWORD PTR SS:[ESP+14] 004B6021 8B11 MOV EDX,DWORD PTR DS:[ECX] 004B6023 8B52 68 MOV EDX,DWORD PTR DS:[EDX+68] 004B6026 68 D8246D00 PUSH 006D24D8 004B602B 50 PUSH EAX 004B602C 8B46 14 MOV EAX,DWORD PTR DS:[ESI+14] 004B602F 55 PUSH EBP 004B6030 53 PUSH EBX 004B6031 50 PUSH EAX 004B6032 FFD2 CALL EDX 004B6034 8B7E 14 MOV EDI,DWORD PTR DS:[ESI+14] 004B6037 E8 1494F9FF CALL 0044F450 004B603C 85FF TEST EDI,EDI 004B603E 74 31 JE SHORT 004B6071 004B6040 8B07 MOV EAX,DWORD PTR DS:[EDI] 004B6042 8B10 MOV EDX,DWORD PTR DS:[EAX] 004B6044 8BCF MOV ECX,EDI 004B6046 FFD2 CALL EDX 004B6048 84C0 TEST AL,AL 004B604A 74 25 JE SHORT 004B6071 004B604C 8B07 MOV EAX,DWORD PTR DS:[EDI] 004B604E 8B50 10 MOV EDX,DWORD PTR DS:[EAX+10] 004B6051 8BCF MOV ECX,EDI 004B6053 FFD2 CALL EDX 004B6055 85C0 TEST EAX,EAX 004B6057 74 18 JE SHORT 004B6071 004B6059 8B0D 702E6C00 MOV ECX,DWORD PTR DS:[6C2E70] 004B605F 8B09 MOV ECX,DWORD PTR DS:[ECX] 004B6061 8B11 MOV EDX,DWORD PTR DS:[ECX] 004B6063 6A 60 PUSH 60 004B6065 50 PUSH EAX 004B6066 8B82 78010000 MOV EAX,DWORD PTR DS:[EDX+178] 004B606C 6A 00 PUSH 0 004B606E 51 PUSH ECX 004B606F FFD0 CALL EAX 004B6071 837E 18 00 CMP DWORD PTR DS:[ESI+18],0 004B6075 0F84 8B000000 JE 004B6106 004B607B 8B0D 5C506B00 MOV ECX,DWORD PTR DS:[6B505C] 004B6081 85C9 TEST ECX,ECX 004B6083 74 44 JE SHORT 004B60C9 004B6085 F605 042B6D00 01 TEST BYTE PTR DS:[6D2B04],1 004B608C 75 24 JNZ SHORT 004B60B2 004B608E 830D 042B6D00 01 OR DWORD PTR DS:[6D2B04],1 004B6095 68 002E6500 PUSH 00652E00 004B609A C705 D8246D00 FC126700 MOV DWORD PTR DS:[6D24D8],006712FC 004B60A4 E8 AE120900 CALL 00547357 004B60A9 8B0D 5C506B00 MOV ECX,DWORD PTR DS:[6B505C] 004B60AF 83C4 04 ADD ESP,4 004B60B2 8B4424 14 MOV EAX,DWORD PTR SS:[ESP+14] 004B60B6 8B11 MOV EDX,DWORD PTR DS:[ECX] 004B60B8 8B52 6C MOV EDX,DWORD PTR DS:[EDX+6C] 004B60BB 68 D8246D00 PUSH 006D24D8 004B60C0 50 PUSH EAX 004B60C1 8B46 18 MOV EAX,DWORD PTR DS:[ESI+18] 004B60C4 55 PUSH EBP 004B60C5 53 PUSH EBX 004B60C6 50 PUSH EAX 004B60C7 FFD2 CALL EDX 004B60C9 8B7E 18 MOV EDI,DWORD PTR DS:[ESI+18] 004B60CC E8 EF7DF9FF CALL 0044DEC0 004B60D1 85FF TEST EDI,EDI 004B60D3 74 31 JE SHORT 004B6106 004B60D5 8B07 MOV EAX,DWORD PTR DS:[EDI] 004B60D7 8B10 MOV EDX,DWORD PTR DS:[EAX] 004B60D9 8BCF MOV ECX,EDI 004B60DB FFD2 CALL EDX 004B60DD 84C0 TEST AL,AL 004B60DF 74 25 JE SHORT 004B6106 004B60E1 8B07 MOV EAX,DWORD PTR DS:[EDI] 004B60E3 8B50 10 MOV EDX,DWORD PTR DS:[EAX+10] 004B60E6 8BCF MOV ECX,EDI 004B60E8 FFD2 CALL EDX 004B60EA 85C0 TEST EAX,EAX 004B60EC 74 18 JE SHORT 004B6106 004B60EE 8B0D 702E6C00 MOV ECX,DWORD PTR DS:[6C2E70] 004B60F4 8B09 MOV ECX,DWORD PTR DS:[ECX] 004B60F6 8B11 MOV EDX,DWORD PTR DS:[ECX] 004B60F8 6A 08 PUSH 8 004B60FA 50 PUSH EAX 004B60FB 8B82 B4010000 MOV EAX,DWORD PTR DS:[EDX+1B4] 004B6101 6A 00 PUSH 0 004B6103 51 PUSH ECX 004B6104 FFD0 CALL EAX 004B6106 8BBE A4000000 MOV EDI,DWORD PTR DS:[ESI+A4] 004B610C 8B9E A0000000 MOV EBX,DWORD PTR DS:[ESI+A0] 004B6112 8B35 702E6C00 MOV ESI,DWORD PTR DS:[6C2E70] => DeviceGame 004B6118 8BEE MOV EBP,ESI 004B611A E8 B1ACFFFF CALL 004B0DD0 004B611F 8B45 00 MOV EAX,DWORD PTR SS:[EBP] 004B6122 8B08 MOV ECX,DWORD PTR DS:[EAX] 004B6124 8B91 48010000 MOV EDX,DWORD PTR DS:[ECX+148] => DrawIndexPrimitive 004B612A 57 PUSH EDI 004B612B 6A 00 PUSH 0 004B612D 53 PUSH EBX 004B612E 6A 00 PUSH 0 004B6130 6A 00 PUSH 0 004B6132 6A 04 PUSH 4 004B6134 50 PUSH EAX 004B6135 FFD2 CALL EDX 004B6137 5F POP EDI 004B6138 5E POP ESI 004B6139 5D POP EBP 004B613A 5B POP EBX 004B613B C2 0800 RETN 8
Code:
Pattern Scan for to update adress DIPEngine: \x8B\x08\x8B\x91\x00\x00\x00\x00\x57\x6A\x00\x53\x6A\x00\x6A\x00\x6A\x00\x50\xFF\xD2\x5F\x5E\x5D\x5B\xC2\x00\x00 xxxx????xx?xx?x?x?xxxxxxxx??
Midfunction -> Shadow_
WE11ington himself
@Jutie THis its not a undetected base, its just a DIP Hook method !
Originally Posted by XarutoUsoCrack
@Jutie THis its not a undetected base, its just a DIP Hook method !
sure xkickass didn't gave credits 
why even directly hook DIP though... pointless and easily detectable. dig deeper
why did you post this base? 
do not post this base!!!
Now I know xkickAss is a big leecher
Please edit this thread
Please edit this thread
you are sure? memory hacks are working with my hack now, try to do it with dip hookBtw saeed, cosmic.. never gave credits to anyone, and ask to @Jeovante if saeed know coding
---------- Post added at 01:02 PM ---------- Previous post was at 01:00 PM ----------
Originally Posted by ranger35
Now I know xkickAss is a big leecher
Please edit this thread
Please edit this thread
you don't even know what is c++and btw if you know something about coding, you can see that that code has only chams
Originally Posted by xKickAssBackup
you are sure? memory hacks are working with my hack now, try to do it with dip hookBtw saeed, cosmic.. never gave credits to anyone, and ask to @Jeovante if saeed know coding
---------- Post added at 01:02 PM ---------- Previous post was at 01:00 PM ----------
you don't even know what is c++and btw if you know something about coding, you can see that that code has only chams
Code:
if( GetAsyncKeyState(VK_NUMPAD1)&1 )
chams = !chams;
if( GetAsyncKeyState(VK_NUMPAD2)&1 )
color++;
if( color > 4 )
color = 0;
if( chams )
{
pDevice->SetRenderState( D3DRS_ZENABLE, D3DZB_FALSE );
if( color == 1 ) pDevice->SetRenderState( D3DRS_AMBIENT, Red );
if( color == 2 ) pDevice->SetRenderState( D3DRS_AMBIENT, Green );
if( color == 3 ) pDevice->SetRenderState( D3DRS_AMBIENT, Blue );
if( color == 4 ) pDevice->SetRenderState( D3DRS_AMBIENT, Black );
}
__asm
{
POPAD
JMP retDIPEngine
}
aww shet you gewd at coding cause you saw the word chams
Originally Posted by xKickAssBackup
you are sure? memory hacks are working with my hack now, try to do it with dip hookBtw saeed, cosmic.. never gave credits to anyone, and ask to @Jeovante if saeed know coding
---------- Post added at 01:02 PM ---------- Previous post was at 01:00 PM ----------
you don't even know what is c++and btw if you know something about coding, you can see that that code has only chams
Originally Posted by NSixx
you is so good at knowing things since
only shows !chams,
aww shet you gewd at coding cause you saw the word chams
Code:
if( GetAsyncKeyState(VK_NUMPAD1)&1 )
chams = !chams;
if( GetAsyncKeyState(VK_NUMPAD2)&1 )
color++;
if( color > 4 )
color = 0;
if( chams )
{
pDevice->SetRenderState( D3DRS_ZENABLE, D3DZB_FALSE );
if( color == 1 ) pDevice->SetRenderState( D3DRS_AMBIENT, Red );
if( color == 2 ) pDevice->SetRenderState( D3DRS_AMBIENT, Green );
if( color == 3 ) pDevice->SetRenderState( D3DRS_AMBIENT, Blue );
if( color == 4 ) pDevice->SetRenderState( D3DRS_AMBIENT, Black );
}
__asm
{
POPAD
JMP retDIPEngine
}
aww shet you gewd at coding cause you saw the word chams
Similar Threads
- 62Last post
- 4Last post
- 0Last post
- 11Last post