Results 1 to 14 of 14
  1. #1
    Jhem's Avatar
    Join Date
    Mar 2012
    Gender
    male
    Location
    167,646,447
    Posts
    4,996
    Reputation
    1203
    Thanks
    7,206
    My Mood
    Stressed

    Undetected EndScene Hook for AssaultFire

    Actually this is undetected for AssaultFire, thanks to _Shadows & creator of FindPatter,mask,Detour & etc.
    This is for Windows 7 only.

    Main.h
    Code:
    bool Match(const BYTE* pData, const BYTE* bMask, const char* szMask)
    {
        for(;*szMask;++szMask,++pData,++bMask)
            if(*szMask=='x' && *pData!=*bMask ) 
                return false;
        return (*szMask) == NULL;
    }
    
    DWORD FindPattern(DWORD dwAddress,DWORD dwLen,BYTE *bMask,char * szMask)
    {
        for(DWORD i=0; i<dwLen; i++)
            if(Match((BYTE*)(dwAddress + i), bMask, szMask))
                return (DWORD)(dwAddress+i);
        return 0;
    }
    
    void Detour(BYTE *pAddress, DWORD dwJumpTo, DWORD dwLen)
    {
        DWORD dwOldProtect, dwBkup, dwRelAddr;
        VirtualProtect(pAddress, dwLen, PAGE_EXECUTE_READWRITE, &dwOldProtect);
        dwRelAddr = (DWORD) (dwJumpTo - (DWORD) pAddress) - 5;
        *pAddress = 0xE9;
        *((DWORD *)(pAddress + 0x1)) = dwRelAddr;
        for(DWORD x = 0x5; x < dwLen; x++) *(pAddress + x) = 0x90;
    	VirtualProtect(pAddress, dwLen, dwOldProtect, &dwBkup);
        return;
    }
    Main.h
    Code:
    #include <windows.h>
    #include "Main.h"
    #include <d3d9.h>
    #include <d3dx9.h>
    #pragma comment(lib, "d3d9.lib")
    #pragma comment(lib, "d3dx9.lib")
    
    DWORD dwEndscene_hook = NULL;
    DWORD dwEndscene_ret = NULL;
    
    LPD3DXFONT pFont;
    
    VOID WriteText( LPDIRECT3DDEVICE9 pDevice, INT x, INT y, DWORD color, CHAR *text )
    {    
        RECT rect;
        SetRect( &rect, x, y, x, y );
        pFont->DrawText( NULL, text, -1, &rect, DT_NOCLIP | DT_LEFT, color );
    }
    VOID WINAPI JhemEndScence(LPDIRECT3DDEVICE9 pDevice)
    {
    	if( pFont )
        {
            pFont->Release();
            pFont = NULL;
        }
        if( !pFont )
        {
            D3DXCreateFont( pDevice, 14,0,FW_BOLD,1,0,DEFAULT_CHARSET,OUT_DEFAULT_PRECIS,DEFAULT_QUALITY,DEFAULT_PITCH | FF_DONTCARE,"Arial",&pFont );
        }
    	if( pFont )
            WriteText( pDevice, 15, 15, D3DCOLOR_ARGB(255,255,000,000), "MPGH Jhem \n MPGH.net" );
    
    }
    
    __declspec(naked) void MyEndscene()
    {
        __asm
        {
    			MOV DWORD PTR SS : [EBP - 0x10], ESP
                MOV ESI, DWORD PTR SS : [EBP + 0x8]
                XOR EBX, EBX                       
                PUSHFD
                PUSHAD
                PUSH[EBP + 0x8]
                CALL JhemEndScence;
    			POPAD
                POPFD
                CMP ESI, EBX                       
                jmp dwEndscene_ret;               
        }
    }
    
    void HookThread(void)
    {
    	DWORD hD3D = (DWORD)LoadLibrary("d3d9.dll");
    	DWORD *vtbl;
    
    	DWORD adr = FindPattern(hD3D, 0x128000, (PBYTE)"\xC7\x06\x00\x00\x00\x00\x89\x86\x00\x00\x00\x00\x89\x86", "xx????xx????xx");
    	if(adr)
    	{
    		memcpy(&vtbl,(void*)(adr + 2),4);
    		dwEndscene_hook = vtbl[42] + 0x2A;
    		dwEndscene_ret = dwEndscene_hook + 0x0A;
    		Detour((PBYTE)dwEndscene_hook,(DWORD)MyEndscene,0x0A);
    	}
    }
    BOOL WINAPI DllMain(HINSTANCE hModule, DWORD dwReason, LPVOID lpvReserved)
    {
        if (dwReason == DLL_PROCESS_ATTACH)
        {
            DisableThreadLibraryCalls(hModule);
            CreateThread(NULL, NULL, (LPTHREAD_START_ROUTINE)HookThread, NULL, NULL, NULL);
        }
        return TRUE;
    }

    Screen shot:









    Last edited by Jhem; 06-30-2014 at 12:39 AM.







  2. The Following 3 Users Say Thank You to Jhem For This Useful Post:

    Coder.Fail (07-02-2014),DaneCoder (07-12-2014),remzkee0903 (07-28-2014)

  3. #2
    ExEchromE's Avatar
    Join Date
    Aug 2013
    Gender
    male
    Location
    Secret!
    Posts
    80
    Reputation
    10
    Thanks
    461
    I try but No Text Showing!


  4. #3
    Threadstarter
    I love myself
    나도 너를 사랑해

    Premium Member
    Minionforce
    Jhem's Avatar
    Join Date
    Mar 2012
    Gender
    male
    Location
    167,646,447
    Posts
    4,996
    Reputation
    1203
    Thanks
    7,206
    My Mood
    Stressed
    Quote Originally Posted by ExEchromE View Post
    I try but No Text Showing!
    Make sure you inject it properly.
    https://www.mpgh.net/forum/778-assaul...saultfire.html

    Add messagebeep or anything to mention if the the injection is successful.







  5. #4
    Coder.Fail's Avatar
    Join Date
    Jun 2014
    Gender
    male
    Posts
    91
    Reputation
    43
    Thanks
    484
    Quote Originally Posted by ExEchromE View Post
    I try but No Text Showing!
    This hook are working in Assault Fire BR !
    ***** : luislokao98

  6. #5
    ExEchromE's Avatar
    Join Date
    Aug 2013
    Gender
    male
    Location
    Secret!
    Posts
    80
    Reputation
    10
    Thanks
    461
    Quote Originally Posted by Coder.Fail View Post
    This hook are working in Assault Fire BR !
    outdate on PH


  7. #6
    Threadstarter
    I love myself
    나도 너를 사랑해

    Premium Member
    Minionforce
    Jhem's Avatar
    Join Date
    Mar 2012
    Gender
    male
    Location
    167,646,447
    Posts
    4,996
    Reputation
    1203
    Thanks
    7,206
    My Mood
    Stressed
    Quote Originally Posted by ExEchromE View Post
    outdate on PH
    LOL, you make me laugh.







  8. #7
    DaneCoder's Avatar
    Join Date
    May 2014
    Gender
    male
    Location
    Scientists Convention
    Posts
    460
    Reputation
    10
    Thanks
    776
    My Mood
    Doubtful
    Thanks Jhem working on PH
    FUCK YOU

  9. #8
    remzkee0903's Avatar
    Join Date
    Aug 2009
    Gender
    male
    Location
    Philippines
    Posts
    286
    Reputation
    11
    Thanks
    367
    My Mood
    Angelic
    Working as it always was. I will kept this in future needs. I've found your other threads really helpful. Thanks @Jhem..

    -SiLent But DeadLy-

  10. #9
    Threadstarter
    I love myself
    나도 너를 사랑해

    Premium Member
    Minionforce
    Jhem's Avatar
    Join Date
    Mar 2012
    Gender
    male
    Location
    167,646,447
    Posts
    4,996
    Reputation
    1203
    Thanks
    7,206
    My Mood
    Stressed
    Quote Originally Posted by remzkee0903 View Post
    Working as it always was. I will kept this in future needs. I've found your other threads really helpful. Thanks @Jhem..
    That is a good news. I hope someday this section/forum will start growing because of you & the others.







  11. #10
    emmsk8's Avatar
    Join Date
    Mar 2014
    Gender
    male
    Posts
    4
    Reputation
    10
    Thanks
    489
    My Mood
    Inspired
    try this code... gdlck!!!!
    Code:
    DWORD ProcurarDevice(DWORD Len)
    {
    DWORD dwObjBase = 0;
    
    dwObjBase = (DWORD)LoadLibrary("d3d9.dll");
    while (dwObjBase++ < dwObjBase + Len)
    {
    if ( (*(WORD*)(dwObjBase + 0x00)) == 0x06C7
    && (*(WORD*)(dwObjBase + 0x06)) == 0x8689
    && (*(WORD*)(dwObjBase + 0x0C)) == 0x8689
    ) { dwObjBase += 2; break; }
    }
    return( dwObjBase );
    }
    DWORD PegarEndrDevice(int VTableIndex)
    {
    PDWORD VTable;
    *(DWORD*)&VTable = *(DWORD*)ProcurarDevice(0x128000);
    return VTable[VTableIndex];
    }
    
    // pReset = (Reset_t)DetourFunction((PBYTE)PegarEndrDevice(16),(PBYTE)nReset);
    ------------------------------------------------------------------------------------------------------------------
    Code:
    DWORD ProcurarDevice(DWORD Len)
    {
    DWORD dwObjBase = 0;
    
    dwObjBase = (DWORD)LoadLibrary("d3d9.dll");
    while (dwObjBase++ < dwObjBase + Len)
    {
    if ( (*(WORD*)(dwObjBase + 0x00)) == 0x06C7
    && (*(WORD*)(dwObjBase + 0x06)) == 0x8689
    && (*(WORD*)(dwObjBase + 0x0C)) == 0x8689
    ) { dwObjBase += 2; break; }
    }
    return( dwObjBase );
    }
    
    void Hook()
    {
    PDWORD VTable;
    *(DWORD*)&VTable = *(DWORD*)ProcurarDevice(0x128000);
    pEndScene = (tEndScene) DetourFunction((PBYTE)VTable[ENDSCENE], (PBYTE)EndScene);
    Sleep( 100 );
    }
    Last edited by Lovroman; 09-03-2014 at 06:05 AM.

  12. #11
    jeric112's Avatar
    Join Date
    Sep 2014
    Gender
    male
    Posts
    0
    Reputation
    10
    Thanks
    0
    hey it this still working ??

  13. #12
    DjLvke's Avatar
    Join Date
    May 2014
    Gender
    male
    Posts
    23
    Reputation
    10
    Thanks
    126
    My Mood
    Breezy
    Can you give me the Direct .dll Can i download without bulding this to .dll

  14. #13
    DjLvke's Avatar
    Join Date
    May 2014
    Gender
    male
    Posts
    23
    Reputation
    10
    Thanks
    126
    My Mood
    Breezy
    it always have Errors when i try bulding it..

  15. #14
    MAKULIT's Avatar
    Join Date
    Oct 2014
    Gender
    male
    Posts
    3
    Reputation
    10
    Thanks
    0
    No Effect.. i build it but no cheat was made ...

    if any Hotkeys ? at this Hook?
    Last edited by MAKULIT; 10-09-2014 at 07:59 PM. Reason: Working