How To Make A D3D Hook (a little complement to Dead Hells hooking tut)

**Swag** · 03-29-2012

Hey guys,

I saw Dead Hell posted a hook tutorial and i thought: let i make a little complement

Here we go:

Step 1: Make ofc. a new project (empty dll project)
Step 2: Make Includes.h
Step 3: Make Main.cpp
Step 4: Include SDK to your project

Okay, Put this in Includes.h:

Code:

#include <Windows.h>
#include <stdio.h>
#include <d3d9.h>
#include <d3dx9.h>

Lets start with the main part
Add this in Main.cpp:

Code:

#include "Includes.h"
#include "Funtions.h"

BYTE CheckWindowsVersion();

#define WINDOWS_XP  5
#define WINDOWS_7   6

DWORD* DIP_hook = NULL;
DWORD DIP_return = NULL;

bool WallHack = true;

And now we are going to make the wallhack function:

Code:

void myDIP(LPDIRECT3DDEVICE9 pDevice, D3DPRIMITIVETYPE Type,INT BaseVertexIndex,UINT MinVertexIndex,UINT NumVertices,UINT startIndex,UINT primCount)
{
    IDirect3DVertexBuffer9* pStreamData = NULL;
    UINT iOffsetInBytes,iStride;
    pDevice->GetStreamSource(0,&pStreamData,&iOffsetInBytes,&iStride);

    if(WallHack)
    if ((iStride==40)||(iStride==44))
    {
        pDevice->SetRenderState(D3DRS_ZENABLE, D3DZB_FALSE );
        pDevice->SetRenderState(D3DRS_ZFUNC,   D3DCMP_NEVER);
    }
}

Okay, we have make the wallhack function and now we are going to make the hook.
We are going to make a Windows XP hook and a Windows Vista+7 hook

Windows 7 part:

Code:

_declspec(naked) void myDIP_hook7()
{
	__asm
	{
		//Call myDIP
		MOV EAX, DWORD PTR [ESP+40];
		PUSH EAX;
		MOV EAX, DWORD PTR [ESP+40];
		PUSH EAX;
		MOV EAX, DWORD PTR [ESP+40];
		PUSH EAX;
		MOV EAX, DWORD PTR [ESP+40];
		PUSH EAX;
		MOV EAX, DWORD PTR [ESP+40];
		PUSH EAX;
		MOV EAX, DWORD PTR [ESP+40];
		PUSH EAX;
		MOV EAX, DWORD PTR [ESP+40];
		PUSH EAX;
		CALL myDIP;
		ADD ESP, 28;

		MOV EAX,DWORD PTR FS:[0];

		PUSH EAX;
		SUB ESP,0x20;

		JMP DIP_return;
	}
}

Windows XP Part:

Code:

_declspec(naked) void myDIP_hookxp()
{
	__asm
	{
		//Call myDIP
		MOV EAX, DWORD PTR [ESP+44];
		PUSH EAX;
		MOV EAX, DWORD PTR [ESP+44];
		PUSH EAX;
		MOV EAX, DWORD PTR [ESP+44];
		PUSH EAX;
		MOV EAX, DWORD PTR [ESP+44];
		PUSH EAX;
		MOV EAX, DWORD PTR [ESP+44];
		PUSH EAX;
		MOV EAX, DWORD PTR [ESP+44];
		PUSH EAX;
		MOV EAX, DWORD PTR [ESP+44];
		PUSH EAX;
		CALL myDIP;
		ADD ESP, 28;

		MOV EAX,DWORD PTR FS:[0];

		MOV DWORD PTR FS:[0],ESP;
		SUB ESP, 0x12;

		JMP DIP_return;
	}
}

We are going to add some functions now..
Make a new .H file and give it the name: Functions.h

Put this codes in Functions.h:
Include:

Code:

#include "Includes.h"

Function bCompare

Code:

bool bCompare(const BYTE* pData, const BYTE* bMask, const char* szMask)
{
	for(;*szMask;++szMask,++pData,++bMask)
		if(*szMask=='x' && *pData!=*bMask)   return 0;
	return (*szMask) == NULL;
}

Function FindPattern

Code:

DWORD FindPattern(DWORD dwAddress,DWORD dwLen,BYTE *bMask,char * szMask)
{
	for(DWORD i=0; i<dwLen; i++)
		if (bCompare((BYTE*)(dwAddress+i),bMask,szMask))  return (DWORD)(dwAddress+i);
	return 0;
}

MakeJMP Function

Code:

void MakeJMP( BYTE *pAddress, DWORD dwJumpTo, DWORD dwLen )
{
    DWORD dwOldProtect, dwBkup, dwRelAddr;
    
    VirtualProtect(pAddress, dwLen, PAGE_EXECUTE_READWRITE, &dwOldProtect);
    dwRelAddr = (DWORD) (dwJumpTo - (DWORD) pAddress) - 5;
    *pAddress = 0xE9;
    
    *((DWORD *)(pAddress + 0x1)) = dwRelAddr;
    for(DWORD x = 0x5; x < dwLen; x++) *(pAddress + x) = 0x90;
    VirtualProtect(pAddress, dwLen, dwOldProtect, &dwBkup);
    
    return;
}

CheckWindowsVersion Function:

Code:

BYTE CheckWindowsVersion()
{
	HKEY key = NULL;
	DWORD size = 100;
	char buffer[200] = {NULL};
	RegOpenKeyExA(HKEY_LOCAL_MACHINE, "SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion", NULL, KEY_ALL_ACCESS, &key);
	RegQueryValueExA(key, "CurrentVersion", NULL, NULL, (LPBYTE)&buffer, &size);
	RegCloseKey(key);
	if ((!strcmp(buffer, "5.1")) || (!strcmp(buffer, "5.2")))
		return WINDOWS_XP;

	if ((!strcmp(buffer, "6.0")) || (!strcmp(buffer, "6.1")))
		return WINDOWS_7;
	return NULL;
}

Okay, that was Function.h
Go back to Main.cpp and add this:

Code:

void D3Dhook()
{
    LoadLibraryA("d3d9.dll");
    DWORD D3D9, adr, *VTable;
    do
    {
        D3D9 = (DWORD)LoadLibraryA("d3d9.dll");
        Sleep(100);
    } while (D3D9 == NULL);

    adr = FindPattern(D3D9, 0x128000, (PBYTE)"\xC7\x06\x00\x00\x00\x00\x89\x86\x00\x00\x00\x00\x89\x8", "xx????xx????xx");
    if (adr) {
        memcpy(&VTable,(void *)(adr+2),4);

        if (CheckWindowsVersion() == WINDOWS_7) {
        MakeJMP((BYTE *)0x4FF51658, (DWORD)myDIP_hook7, 0x6);
        DWORD dwJMPback = 0x4FF51659;
	}
	else if (CheckWindowsVersion() == WINDOWS_XP)
	{
        MakeJMP((BYTE *)0x4FF51658, (DWORD)myDIP_hookxp, 0x6);
        DWORD dwJMPback = 0x4FF51659;
 		}
	}
}

And a DLLMain:

Code:

extern "C" __declspec(dllexport) BOOL APIENTRY DllMain(HINSTANCE hDll, DWORD dwReason, LPVOID lpvReserved)
{
	if (dwReason == DLL_PROCESS_ATTACH)

	{
		DisableThreadLibraryCalls(hDll);
		
		D3Dhook();

	}else if(dwReason == DLL_PROCESS_DETACH) {
	}
	return TRUE;
}

DeadHell showed you guys how to make a hook and i showed in this tutorial how to make a Windows XP and Windows 7 hook..

Did i make a foult in this Tut.? Please PM me!

Credits:
I don't use this hook but i toke the codes from @Dead(H)ell Tutorial so the first credits go to him.
Ow, and DeadHell, in you tutorial you jump back at the same rule as you're hooking on.. I should jump back on the next rule

And Ofc. @giniyat101
And my great friend xD @Royku

I hope you guys like it...
Please press thanks and/or Rep

@Scata
@Royku
@Hero
@Jigsaw

Request Sticky

Thanks!

**darkness99** · 03-29-2012

OMG! i was going to post a tutorial in windows xp i was creating it :S

good job

**Swag** · 03-29-2012

Originally Posted by darkness99

OMG! i was going to post a tutorial in windows xp i was creating it :S

good job

Oow, sorry ..
But thanks

**Royku** · 03-29-2012

where are my credits

**Swag** · 03-29-2012

Originally Posted by Royku

where are my credits

Oops, sorry bro

Edited/

**UltraPGNoob** · 03-29-2012

another way to check if you're using win seven or xp

Code:

enum Version {
	VISTA_SEVEN,
	XP
};

char VISTA_PATH[MAX_PATH];

int CheckWindowsVersion()
{
	sprintf_s(VISTA_PATH, MAX_PATH, "C:\\Users\\%s\\AppData\\Roaming", getenv("USERNAME"));

	if (strcmp(VISTA_PATH, getenv("AppData")) == 0)
		return VISTA_SEVEN;
	else
		return XP;
}

**Coder[Vb10e]** · 03-29-2012

nice tut

**MysteryCoder** · 03-29-2012

OMG I Wrote All The Things My Self But Am Getting An Error On:
if ((!strcmp(buffer, "5.1")) || (!strcmp(buffer, "5.2")))
return WINDOWS_XP;

if ((!strcmp(buffer, "6.0")) || (!strcmp(buffer, "6.1")))
return WINDOWS_7;

WINDOWS_XP
WINDOWS_7

Can Anyone Help?

---------- Post added at 07:30 PM ---------- Previous post was at 07:09 PM ----------

BTW Good Job

I Liked The TuT

Your Great

**UltraPGNoob** · 03-29-2012

did you define those two variables? if yes, it shouldn't do that.
maybe change the func type to int?

**MysteryCoder** · 03-29-2012

Originally Posted by UltraPGNoob

did you define those two variables? if yes, it shouldn't do that.
maybe change the func type to int?

What U Mean?

**darkness99** · 03-29-2012

Originally Posted by MysteryCoder

OMG I Wrote All The Things My Self But Am Getting An Error On:
if ((!strcmp(buffer, "5.1")) || (!strcmp(buffer, "5.2")))
return WINDOWS_XP;

if ((!strcmp(buffer, "6.0")) || (!strcmp(buffer, "6.1")))
return WINDOWS_7;

WINDOWS_XP
WINDOWS_7

Can Anyone Help?

---------- Post added at 07:30 PM ---------- Previous post was at 07:09 PM ----------

BTW Good Job I Liked The TuT Your Great

so ur who write them

---------- Post added at 04:38 PM ---------- Previous post was at 04:38 PM ----------

Windows XP = 5 Returns
Windows 7 = 6 Returns

**UltraPGNoob** · 03-29-2012

did you wrote this :

Code:

#define WINDOWS_XP  5
#define WINDOWS_7   6

btw you didn't really announced which error you got?

**MysteryCoder** · 03-29-2012

Originally Posted by darkness99

so ur who write them

---------- Post added at 04:38 PM ---------- Previous post was at 04:38 PM ----------

Windows XP = 5 Returns
Windows 7 = 6 Returns

???????????????????????????

---------- Post added at 07:40 PM ---------- Previous post was at 07:39 PM ----------

Originally Posted by UltraPGNoob

did you wrote this :

Code:

#define WINDOWS_XP  5
#define WINDOWS_7   6

btw you didn't really announced which error you got?

dude tv me and solve the prob plz?

---------- Post added at 07:40 PM ---------- Previous post was at 07:40 PM ----------

error C2065: 'WINDOWS_XP' : undeclared identifier
error C2065: 'WINDOWS_7' : undeclared identifier

**UltraPGNoob** · 03-29-2012

I can't tv you from school. I'm on a restricted network. sry

don't need to tv you it's a declaration problem

just add that :

Code:

#define WINDOWS_XP  5
#define WINDOWS_7   6

it's written in the first post you didn't clearly read Swag's post

**MysteryCoder** · 03-29-2012

Originally Posted by UltraPGNoob

I can't tv you from school. I'm on a restricted network. sry

don't need to tv you it's a declaration problem

just add that :

Code:

#define WINDOWS_XP  5
#define WINDOWS_7   6

it's written in the first post you didn't clearly read Swag's post

i did bro, but still am getting the same error

error C2065: 'WINDOWS_XP' : undeclared identifier
error C2065: 'WINDOWS_7' : undeclared identifier

Thread: How To Make A D3D Hook (a little complement to Dead Hells hooking tut)

Thread Tools

Display

How To Make A D3D Hook (a little complement to Dead Hells hooking tut)

The Following 12 Users Say Thank You to Swag For This Useful Post:

The Following 5 Users Say Thank You to Royku For This Useful Post:

Similar Threads

[Tutorial] How To Make A D3D Hook [ Complete Tutorial ]

[Tutorial] How To Make A D3D Menu in VB.NET for CF[Doesnt Require A Hook]

[Tutorial] How to Make a D3D Crosshair

How To Make Warrock D3d Menu Hack with all hack functions

[Tutorial] How To Make Longevity's ca hook to work