API tools faq
paste
Advertisement
Guest User

CrossFire_Project [http://www.unknowncheats.me/forum/]

a guest
Sep 16th, 2012
444
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
C++ 4.63 KB | None | 0 0
raw download clone embed print report
  1. //================================================================================================================
  2. //  A basic D3D framework
  3. //
  4. //  File Project : d3dbase.cpp
  5. //  Author       : Hans211
  6. //  Date Created : 11 April 2009
  7. //
  8. //  A basic D3D framework:
  9. //      - D3D menu with folders
  10. //      - Using LPD3DXFONT, left - center - right aligned text
  11. //
  12. //  Credits:
  13. //      - People of: DXT, Game-Deception, GHBsys, Unknown Cheats
  14. // 
  15. //  Tools used:
  16. //      - Microsoft Visual C++ 2010
  17. //      - Microsoft DirectX SDK (June 2010)
  18. //
  19. //  Features:
  20. //      - Use Insert key to show/hide menu
  21. //      - Use up and down arrow keys to manouvre through the menuitems
  22. //      - Use left and right arrow keys to toggle menuitems
  23. //      - Use Control + arrow keys to move the menu
  24. //      - Items can have multiple custom states like: "Off" "On" or "Head" "Neck" "Spine"
  25. //      - Support for textonly items
  26. //      - Support for folder style items
  27. //================================================================================================================
  28. //  CrossFire: Hook Engine
  29. //
  30. //  Date: 08 September 2012
  31. //
  32. //  Credits:
  33. //      - Menu        -> Hans211
  34. //      - Detour      -> Azorbix
  35. //      - Midfunction -> Shad0w_
  36. //      - Hook Engine -> WE11ington
  37. //================================================================================================================
  38.  
  39. #include "d3dbase.h"
  40.  
  41. LPD3DXFONT pFont;
  42.  
  43. #define PresentEngine       0x004C41AF
  44. DWORD retPresentEngine      = ( PresentEngine + 0x5 );
  45.  
  46. #define EndSceneEngine      0x00455ECF
  47. DWORD retEndSceneEngine     = ( EndSceneEngine + 0x8 );
  48.  
  49. #define DIPEngine           0x004B490D
  50. DWORD retDIPEngine          = ( DIPEngine + 0x8 );
  51.  
  52. VOID StartFont( LPDIRECT3DDEVICE9 pDevice )
  53. {
  54.     if( pFont )
  55.     {
  56.         pFont->Release();
  57.         pFont = 0;
  58.     }
  59.  
  60.     if( !pFont )
  61.     {
  62.         D3DXCreateFont( pDevice,
  63.                 14,
  64.                 0,
  65.                 FW_BOLD,
  66.                 1,
  67.                 0,
  68.                 DEFAULT_CHARSET,
  69.                 OUT_DEFAULT_PRECIS,
  70.                 ANTIALIASED_QUALITY,
  71.                 DEFAULT_PITCH | FF_DONTCARE,
  72.                 "Arial",
  73.                 &pFont );
  74.     }
  75. }
  76.  
  77. __declspec( naked ) HRESULT WINAPI PresentMidfunction( )
  78. {
  79.     static LPDIRECT3DDEVICE9 pDevice;
  80.  
  81.     __asm
  82.     {
  83.         MOV ECX, DWORD PTR DS:[EAX]
  84.         MOV EDX, DWORD PTR DS:[ECX + 0x44]
  85.         MOV DWORD PTR DS:[pDevice], EAX
  86.         PUSH 0
  87.         PUSHAD
  88.     }
  89.  
  90.     pDevice->SetRenderState( D3DRS_ZENABLE, D3DZB_FALSE );
  91.  
  92.     StartFont( pDevice );
  93.     DoMenu( pDevice );
  94.     DoHackMemory( pDevice );
  95.  
  96.     pDevice->SetRenderState( D3DRS_ZENABLE, D3DZB_TRUE );
  97.  
  98.     __asm
  99.     {
  100.         POPAD
  101.         JMP retPresentEngine
  102.     }
  103. }
  104.  
  105. __declspec( naked ) HRESULT WINAPI EndSceneMidfunction( )
  106. {
  107.     static LPDIRECT3DDEVICE9 pDevice;
  108.  
  109.     __asm
  110.     {
  111.         MOV ECX, DWORD PTR DS:[EAX]
  112.         MOV EDX, DWORD PTR DS:[ECX + 0xA8]
  113.         MOV DWORD PTR DS:[pDevice], EAX
  114.         PUSHAD
  115.     }
  116.  
  117.     pDevice->SetRenderState( D3DRS_ZENABLE, D3DZB_FALSE );
  118.  
  119.     StartFont( pDevice );
  120.     DoMenu( pDevice );
  121.     DoHackMemory( pDevice );
  122.  
  123.     pDevice->SetRenderState( D3DRS_ZENABLE, D3DZB_TRUE );
  124.  
  125.     __asm
  126.     {
  127.         POPAD
  128.         JMP retEndSceneEngine
  129.     }
  130. }
  131.  
  132. __declspec( naked ) HRESULT WINAPI DIPMidfunction( )
  133. {
  134.     static LPDIRECT3DDEVICE9 pDevice;
  135.  
  136.     __asm
  137.     {
  138.         MOV EDX, DWORD PTR DS:[EAX]
  139.         MOV EDX, DWORD PTR DS:[EDX + 0x148]
  140.         MOV DWORD PTR DS:[pDevice], EAX
  141.         PUSHAD
  142.     }
  143.  
  144.     DoHackDirectx( pDevice );
  145.  
  146.     __asm
  147.     {
  148.         POPAD
  149.         JMP retDIPEngine
  150.     }
  151. }
  152.  
  153. VOID *DetourCreate( BYTE *src, CONST BYTE *dst, CONST INT len )
  154. {
  155.     BYTE *jmp = ( BYTE * )malloc( len + 5 );
  156.     DWORD dwBack;
  157.  
  158.     VirtualProtect( src, len, PAGE_READWRITE, &dwBack );
  159.     memcpy( jmp, src, len );   
  160.     jmp += len;
  161.     jmp[0] = 0xE9;
  162.     *( DWORD * )( jmp + 1 ) = ( DWORD )( src + len - jmp ) - 5;
  163.  
  164.     src[0] = 0xE9;
  165.     *( DWORD * )( src + 1 ) = ( DWORD )( dst - src ) - 5;
  166.     for( INT i = 5; i < len; i++ )
  167.         src[i] = 0x90;
  168.     VirtualProtect( src, len, dwBack, &dwBack );
  169.  
  170.     return( jmp - len );
  171. }
  172.  
  173. DWORD WINAPI D3Dinit( LPVOID )
  174. {
  175.     while( TRUE )
  176.     {
  177.         if( ( memcmp( ( VOID * )PresentEngine , ( VOID * )( PBYTE )"\x8B\x51", 2 ) == 0 ) &&
  178.             ( memcmp( ( VOID * )EndSceneEngine, ( VOID * )( PBYTE )"\x8B\x08", 2 ) == 0 ) &&
  179.             ( memcmp( ( VOID * )DIPEngine     , ( VOID * )( PBYTE )"\x8B\x10", 2 ) == 0 ) )
  180.         {
  181.             Sleep( 50 );
  182.             //DetourCreate( ( PBYTE )PresentEngine , ( PBYTE )PresentMidfunction , 5 );
  183.             DetourCreate( ( PBYTE )EndSceneEngine, ( PBYTE )EndSceneMidfunction, 8 );
  184.             DetourCreate( ( PBYTE )DIPEngine     , ( PBYTE )DIPMidfunction     , 8 );
  185.         }
  186.  
  187.         Sleep( 50 );
  188.     }
  189.  
  190.     return 0;
  191. }
  192.  
  193. BOOL WINAPI DllMain( HMODULE hDll, DWORD dwReason, LPVOID lpReserved )
  194. {
  195.     DisableThreadLibraryCalls( hDll );
  196.     if( dwReason == DLL_PROCESS_ATTACH )
  197.     {
  198.         MessageBox( 0, "CrossFire Project", "HOOK", 0 );
  199.         CreateThread( 0, 0, ( LPTHREAD_START_ROUTINE )D3Dinit, 0, 0, 0 );
  200.     }
  201.  
  202.     return TRUE;
  203. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!