Code:
bool Match(const BYTE* pData, const BYTE* bMask, const char* szMask)
{
for(;*szMask;++szMask,++pData,++bMask)
if(*szMask=='x' && *pData!=*bMask )
return false;
return (*szMask) == NULL;
}
DWORD FindPattern(DWORD dwAddress,DWORD dwLen,BYTE *bMask,char * szMask)
{
for(DWORD i=0; i<dwLen; i++)
if(Match((BYTE*)(dwAddress + i), bMask, szMask))
return (DWORD)(dwAddress+i);
return 0;
}
void Detour(BYTE *pAddress, DWORD dwJumpTo, DWORD dwLen)
{
DWORD dwOldProtect, dwBkup, dwRelAddr;
VirtualProtect(pAddress, dwLen, PAGE_EXECUTE_READWRITE, &dwOldProtect);
dwRelAddr = (DWORD) (dwJumpTo - (DWORD) pAddress) - 5;
*pAddress = 0xE9;
*((DWORD *)(pAddress + 0x1)) = dwRelAddr;
for(DWORD x = 0x5; x < dwLen; x++) *(pAddress + x) = 0x90;
VirtualProtect(pAddress, dwLen, dwOldProtect, &dwBkup);
return;
}
Main.h
Code:
#include <windows.h>
#include "Main.h"
#include <d3d9.h>
#include <d3dx9.h>
#pragma comment(lib, "d3d9.lib")
#pragma comment(lib, "d3dx9.lib")
DWORD dwEndscene_hook = NULL;
DWORD dwEndscene_ret = NULL;
LPD3DXFONT pFont;
VOID WriteText( LPDIRECT3DDEVICE9 pDevice, INT x, INT y, DWORD color, CHAR *text )
{
RECT rect;
SetRect( &rect, x, y, x, y );
pFont->DrawText( NULL, text, -1, &rect, DT_NOCLIP | DT_LEFT, color );
}
VOID WINAPI JhemEndScence(LPDIRECT3DDEVICE9 pDevice)
{
if( pFont )
{
pFont->Release();
pFont = NULL;
}
if( !pFont )
{
D3DXCreateFont( pDevice, 14,0,FW_BOLD,1,0,DEFAULT_CHARSET,OUT_DEFAULT_PRECIS,DEFAULT_QUALITY,DEFAULT_PITCH | FF_DONTCARE,"Arial",&pFont );
}
if( pFont )
WriteText( pDevice, 15, 15, D3DCOLOR_ARGB(255,255,000,000), "MPGH Jhem \n MPGH.net" );
}
__declspec(naked) void MyEndscene()
{
__asm
{
MOV DWORD PTR SS : [EBP - 0x10], ESP
MOV ESI, DWORD PTR SS : [EBP + 0x8]
XOR EBX, EBX
PUSHFD
PUSHAD
PUSH[EBP + 0x8]
CALL JhemEndScence;
POPAD
POPFD
CMP ESI, EBX
jmp dwEndscene_ret;
}
}
void HookThread(void)
{
DWORD hD3D = (DWORD)LoadLibrary("d3d9.dll");
DWORD *vtbl;
DWORD adr = FindPattern(hD3D, 0x128000, (PBYTE)"\xC7\x06\x00\x00\x00\x00\x89\x86\x00\x00\x00\x00\x89\x86", "xx????xx????xx");
if(adr)
{
memcpy(&vtbl,(void*)(adr + 2),4);
dwEndscene_hook = vtbl[42] + 0x2A;
dwEndscene_ret = dwEndscene_hook + 0x0A;
Detour((PBYTE)dwEndscene_hook,(DWORD)MyEndscene,0x0A);
}
}
BOOL WINAPI DllMain(HINSTANCE hModule, DWORD dwReason, LPVOID lpvReserved)
{
if (dwReason == DLL_PROCESS_ATTACH)
{
DisableThreadLibraryCalls(hModule);
CreateThread(NULL, NULL, (LPTHREAD_START_ROUTINE)HookThread, NULL, NULL, NULL);
}
return TRUE;
}