//=======================================Device Pointer Sample - TopicsExpress

//=======================================Device Pointer Sample Hook==================================================================== #include #include #pragma comment (lib, d3d9.lib) IDirect3DDevice9 * pGameDevice; /* FEARMP.exe 00501838 8B3D F06F5700 MOV EDI,DWORD PTR DS:[576FF0] //Device Pointer 0050183E 8B4C24 14 MOV ECX,DWORD PTR SS:[ESP+14] 00501842 53 PUSH EBX 00501843 8B5C24 10 MOV EBX,DWORD PTR SS:[ESP+10] 00501847 55 PUSH EBP 00501848 8B2F MOV EBP,DWORD PTR DS:[EDI] 0050184A 8BC3 MOV EAX,EBX 0050184C E8 CFFBFFFF CALL FEARMP.00501420 00501851 8B5424 18 MOV EDX,DWORD PTR SS:[ESP+18] 00501855 8B4C24 28 MOV ECX,DWORD PTR SS:[ESP+28] 00501859 50 PUSH EAX 0050185A 8B4424 28 MOV EAX,DWORD PTR SS:[ESP+28] 0050185E 52 PUSH EDX 0050185F 8B5424 28 MOV EDX,DWORD PTR SS:[ESP+28] 00501863 2BC8 SUB ECX,EAX 00501865 51 PUSH ECX 00501866 50 PUSH EAX 00501867 52 PUSH EDX 00501868 8BC3 MOV EAX,EBX 0050186A E8 91F3FFFF CALL FEARMP.00500C00 0050186F 50 PUSH EAX 00501870 57 PUSH EDI 00501871 FF95 48010000 CALL DWORD PTR SS:[EBP+148] //call to DrawIndexedPrimitive */ /**************************************************************************************************/ //////////////// ///BeginScene/// //////////////// typedef HRESULT(WINAPI* BeginScene_)(LPDIRECT3DDEVICE9 pDevice); BeginScene_ pBeginScene; HRESULT WINAPI nBeginScene(LPDIRECT3DDEVICE9 pDevice) { _asm NOP; HRESULT hRet = pBeginScene(pDevice); return hRet; } /**************************************************************************************************/ ////////////// ///EndScene/// ////////////// typedef HRESULT(WINAPI* EndScene_)(LPDIRECT3DDEVICE9 pDevice); EndScene_ pEndScene; HRESULT WINAPI nEndScene(LPDIRECT3DDEVICE9 pDevice) { _asm NOP; HRESULT hRet = pEndScene(pDevice); return hRet; } /**************************************************************************************************/ ////////////////////////// ///DrawIndexedPrimitive/// ////////////////////////// typedef HRESULT(WINAPI* DrawIndexedPrimitive_)(LPDIRECT3DDEVICE9 pDevice, D3DPRIMITIVETYPE Type, INT BaseVertexIndex, UINT MinIndex, UINT NumVertices, UINT StartIndex, UINT PrimitiveCount); DrawIndexedPrimitive_ pDrawIndexedPrimitive; HRESULT WINAPI nDrawIndexedPrimitive(LPDIRECT3DDEVICE9 pDevice, D3DPRIMITIVETYPE Type, INT BaseVertexIndex, UINT MinIndex, UINT NumVertices, UINT StartIndex, UINT PrimitiveCount) { _asm NOP; HRESULT hRet = pDrawIndexedPrimitive(pDevice, Type, BaseVertexIndex, MinIndex, NumVertices, StartIndex, PrimitiveCount); return hRet; } /**************************************************************************************************/ ///////////////////// ///SetStreamSource/// ///////////////////// typedef HRESULT(WINAPI* SetStreamSource_)(LPDIRECT3DDEVICE9 pDevice, UINT StreamNumber, IDirect3DVertexBuffer9 * pStreamData, UINT OffsetInBytes, UINT Stride); SetStreamSource_ pSetStreamSource; HRESULT WINAPI nSetStreamSource(LPDIRECT3DDEVICE9 pDevice, UINT StreamNumber, IDirect3DVertexBuffer9 * pStreamData, UINT OffsetInBytes, UINT Stride) { _asm NOP; HRESULT hRet = pSetStreamSource(pDevice, StreamNumber, pStreamData, OffsetInBytes, Stride); return hRet; } /**************************************************************************************************/ /////////// ///Reset/// /////////// /**************************************************************************************************/ DWORD dwWait(LPVOID lpArgs) { DWORD FearBase = NULL; for (;FearBase == NULL;Sleep(100)) FearBase = (DWORD)GetModuleHandle(i3gfxdx.dll); //get base address for PointBlank for(;pGameDevice == NULL; Sleep(500)) //do this to allow the game to get spun up, if we dont, pGameDevice will always equal 0x00000000(Necessary for injection on game launch) { DWORD dwProtect; VirtualProtect((void*)(FearBase + 0x176FF0), 4, PAGE_EXECUTE_READWRITE, &dwProtect); memcpy(&pGameDevice, (void*)(FearBase + 0x176FF0), 4); VirtualProtect((void*)(FearBase + 0x176FF0), 4, dwProtect, NULL); } DWORD* pdwNewDevice = (DWORD*)pGameDevice; pdwNewDevice = (DWORD*)pdwNewDevice[0]; //turn our pointer into an array for the vtable //Hook accordingly //Note: Requires MS Detours v1.5 //For further indexes, consult the d3d9.h pReset = (Reset_)//FSpenXa->MakeJMP((PBYTE)pdwNewDevice[16],(DWORD)nReset); pBeginScene = (BeginScene_)//FSpenXa->MakeJMP((PBYTE)pdwNewDevice[41],(DWORD)nBeginScene); pEndScene = (EndScene_)//FSpenXa->MakeJMP((PBYTE)pdwNewDevice[42],(DWORD)nEndScene); pDrawIndexedPrimitive = (DrawIndexedPrimitive_)//FSpenXa->MakeJMP((PBYTE)pdwNewDevice[82],(DWORD)nDrawIndexedPrimitive); pSetStreamSource = (SetStreamSource_)//FSpenXa->MakeJMP((PBYTE)pdwNewDevice[100],(DWORD)nSetStreamSource); return 0; }

Ort: Zürich Great Appartment in Zurich With 1 Room

The last wishes of Alexander the Great......... On his death bed,

Im sick of hearing about feminism. Why cant women just accept that

Many of you are curious about the canning of water for emergency

President of The United States The current President has fought

Your share will raise money for Syria. (2 days left!) Please

WELL I BEEN IN THE ER FOR THE PAST 5 HOURS. I WENT TO WATCH THE

This Friday Night! ZZYZX Writers Group and Open Mic! Join us

Here he is folks. Male hound dumped by uncaring owner that said

Well as it turns out, all dressed up and no where to go, story of

The advent of “Item” (read rogue) elements in the oligarchic

InkOwl? - Compatible Ink Cartridge Replacement for CANON PFI-101M