Dev Pionter //Discuss

**whit** · 02-20-2011

Well i was fooling around with ca today hooking all different ways. And when i got to the Device Pionter i would crash on start up. So it led me to believe HS patched the use of it?

Here the hook i use if yall wanna test..
[Highlight=c++]

void d3dXhook(void)
{
DWORD* device = ***(DWORD****)0x90BF20;

pReset = (oReset) DetourCreate(( BYTE* )device[16], ( BYTE* )Reset, 5);
pPresent = (oPresent) DetourCreate(( BYTE* )device[17], ( BYTE* )Present, 5);
}

[/Highlight]

Does the same happen to yall?
EDIT: thers something wrong with syntax highlighter. Suppose to be device[16] and device[17]

**Nubzgetkillz** · 02-20-2011

Try this?

Code:

DWORD * FindDevice(VOID)
{
    DWORD Base = (DWORD)LoadLibraryW(L"d3d9.dll");

    for(DWORD i = 0; i < 0x128000; i++ )
    {
      if ( (*(BYTE *)(Base+i+0x00))==0xC7
        && (*(BYTE *)(Base+i+0x01))==0x06
        && (*(BYTE *)(Base+i+0x06))==0x89
        && (*(BYTE *)(Base+i+0x07))==0x86
        && (*(BYTE *)(Base+i+0x0C))==0x89
        && (*(BYTE *)(Base+i+0x0D))==0x86 )
        return (DWORD *)(Base + i + 2);
    }
    return NULL;
}  

void HookZors(void)
{
    DWORD * VtablePtr = FindDevice();
    DWORD* devicePtr = ***(DWORD****)VtablePtr;

    DWORD * VTable ;
    *(DWORD *)&VTable = *(DWORD *)VtablePtr;

    oReset = ( tReset )DetourCreate(( BYTE* )VTable[16], ( BYTE* )hkReset,5);
    oPresent = ( tPresent )DetourCreate(( BYTE* )VTable[17], ( BYTE* )hkPresent,5);
}

Credits: Clone for findDevice function

**whit** · 02-20-2011

Nah i just wanna know did ca patch the use of Dev pionter i have working hook

**kotentopf** · 02-21-2011

Code:

DWORD* VTable = 0;
	
while(!GetModuleHandle(L"d3d9.dll")){
	Sleep(100);

ADDY addy = Hack.Addresses.FindPattern((DWORD)GetModuleHandle(L"d3d9.dll"), 0x1280000, (PBYTE)"\xC7\x06\x00\x00\x00\x00\x89\x86\x00\x00\x00\x00\x89\x86", "xx????xx????xx");
memcpy(&VTable, (void*)(addy+2), 4);

pReset   = (oReset)D3D.Misc.DetourCreate(( PBYTE )VTable[16],   ( PBYTE )Reset,   5 );	
pPresent = (oPresent)D3D.Misc.DetourCreate(( PBYTE )VTable[17], ( PBYTE )Present, 5 );

this?

**Nubzgetkillz** · 02-21-2011

Originally Posted by whit

Nah i just wanna know did ca patch the use of Dev pionter i have working hook

No They did not patch the use of the Device Pointer.

**Alessandro10** · 02-21-2011

Don't patch Whit..

**whit** · 02-21-2011

Im talking about the engine Dev Pionter Guys..
Not The Device in d3d9.dll

**kotentopf** · 02-21-2011

Originally Posted by whit

Im talking about the engine Dev Pionter Guys..
Not The Device in d3d9.dll

Code:

Hack.Addresses.Device = Hack.Addresses.FindPattern((DWORD)GetModuleHandle(L"Engine.exe"), 0x4BE000,(PBYTE)"\x00\x00\x00\x00\xE8\x00\x00\x00\x00\x8B\x95\x00\x00\x00\x00\x8B\x42\x08\x89\x85\x00\x00\x00\x00\x8B\x8D\x00\x00\x00\x00\x89\x8D\x00\x00\x00\x00\x8B\x95\x00\x00\x00\x00\x89\x95\x00\x00\x00\x00\x8B\x85\x00\x00\x00\x00\x8B\x48\x04","????x????xx????xxxxx????xx????xx????xx????xx????xx????xxx");

**(LPDIRECT3DDEVICE9**)Hack.Addresses.Device

i dont know if this REALY work

**whit** · 02-21-2011

Originally Posted by kotentopf

Code:

Hack.Addresses.Device = Hack.Addresses.FindPattern((DWORD)GetModuleHandle(L"Engine.exe"), 0x4BE000,(PBYTE)"\x00\x00\x00\x00\xE8\x00\x00\x00\x00\x8B\x95\x00\x00\x00\x00\x8B\x42\x08\x89\x85\x00\x00\x00\x00\x8B\x8D\x00\x00\x00\x00\x89\x8D\x00\x00\x00\x00\x8B\x95\x00\x00\x00\x00\x89\x95\x00\x00\x00\x00\x8B\x85\x00\x00\x00\x00\x8B\x48\x04","????x????xx????xxxxx????xx????xx????xx????xx????xx????xxx"); **(LPDIRECT3DDEVICE9**)Hack.Addresses.Device

i dont know if this REALY work

Thanks For sig

but off topic:
I think i figured out sig scans
Its all about the Static and dynamic bytes ( idk which ones which ) but ones an x and the other "0x00" isa ? in the mask

**Alessandro10** · 02-21-2011

Whit is Noob

/Joke

**whit** · 02-21-2011

Originally Posted by Alessandro10

Whit is Noob

/Joke

yea at reversing/ollydbg and ASM but thats what learnings for

**NOOB** · 02-21-2011

Originally Posted by Alessandro10

Whit is Noob

/Joke

and NOOB is whit.

**Alessandro10** · 02-21-2011

ASM 32 / 64 Bits is Excelent! But Hard!

**whit** · 02-21-2011

Originally Posted by Alessandro10

ASM 32 / 64 Bits is Excelent! But Hard!

Im learning win32 asm thanks to @Void

**kotentopf** · 02-21-2011

Originally Posted by whit

Thanks For sig

but off topic:
I think i figured out sig scans
Its all about the Static and dynamic bytes ( idk which ones which ) but ones an x and the other "0x00" isa ? in the mask

x = static
? = dynamic

an byte (f.e. 0x90 "\x90") in the cshell which is the same byte after a patch, than its static (x)
an byte (f.e. 0x37 "\x37") in the cshell which is after a patch not the same byte (f.e. than its 0x40 "\x40") is dynamic (?)

Thread: Dev Pionter //Discuss

Thread Tools

Display

Dev Pionter //Discuss

The Following User Says Thank You to kotentopf For This Useful Post:

The Following User Says Thank You to NOOB For This Useful Post:

The Following User Says Thank You to kotentopf For This Useful Post: