CA D3D VMT Hook with HS bypass

Basicly it is a simple VMT hook that rehooks whenever the devicepointer has changed and it 'hooks' the VMT backup from hackshield too.

Code:

DWORD GetAddressPtr(int index)
{
    DWORD dwBase = *(DWORD*)dwDevicePointer;
    if(dwBase == 0) return 0;

    dwBase = *(DWORD*)dwBase;
    if(dwBase == 0) return 0;

    dwBase = *(DWORD*)dwBase;
    if(dwBase == 0) return 0;

    return dwBase+4*index;
}

DWORD GetD3DHSApi(int index)
{
    DWORD dwVA = dwHSDevicePointer;

    if(IsBadReadPtr((void*)dwVA, 4)) return 0;
    
    dwVA = *(DWORD*)dwVA;
    
    if(!dwVA || IsBadReadPtr((void*)dwVA, 0x200)) return 0;
    
    return dwVA + (4*index);
}

#define HOOKD3DAPI(a, b) \
    if(*(DWORD*)GetAddressPtr(b) != (DWORD)&hk##a) { \
        p##a = (a##_t) *(DWORD*)GetAddressPtr(b); \
        *(DWORD*)GetAddressPtr(b) = (DWORD)&hk##a; \
        *(DWORD*)GetD3DHSApi(b) = (DWORD)&hk##a; \
    }


DWORD WINAPI HookD3DApis(LPVOID)
{
    bool bValid = false;
    while(true) {
        bValid = GetAddressPtr(0) > 0;

        if(bValid) {
            HOOKD3DAPI(Reset, 16)
            HOOKD3DAPI(EndScene, 42)
            HOOKD3DAPI(DrawIndexedPrimitive, 82)
            HOOKD3DAPI(SetStreamSource, 100)
        }
        
        Sleep(300);
    }

    return 1;
}

HookD3DApis is a thread

sigs:

Code:

dwHSDevicePointer = g_pTools->dwFindPattern((DWORD)GetModuleHandle(ehsvc), 0x90000, (PBYTE)"\x8B\x84\x11\x00\x00\x00\x00\x8B\x8D\xCC\xFD\xFF\xFF\x8B\x95", "xxx????xxxxxxxx");
    if(dwHSDevicePointer) {
        dwHSDevicePointer = *(DWORD*)(dwHSDevicePointer+3);
        dwHSDevicePointer += 0x10;
    }

DWORD dwTempDevicePointer = g_pTools->dwFindPattern((DWORD)GetModuleHandle(0), (DWORD)0xFFFFFFFF, (PBYTE)"\xA1\x00\x00\x00\x00\x89\x45\xF8\x8D", "x????xxxx");
    if(dwTempDevicePointer) {
        dwDevicePointer = *(DWORD*)(dwTempDevicePointer+1);
    }

Works for CA EU, CA NA and CA BR

credits for gordon

Credits go to Gor/don

Nice leech...
If Gordon wanted it here i believe he would of posted here...

can this be used in gellins base? if so, on what file should i include it?

I believe thats what he made it for .. i think idk

Thats awesome.
If you read this gordon, THANKS!

This will stop your text dissapearing in menus

I made my own so mine never dissapears.

More people need to see this. I see WAAAAAAAAAYYYYYY too many messages asking 'how do i fix my font disappearing?????

'. Look up CD3DFont class.

My detours were getting unhooked by HackShield so this is a great alternative. I would recommend using this if you want to hook DrawIndexedPrimitive / SetStreamSource etc. It would be nice to see some public hacks with Chams / Wallhacks. Your golden ticket to it is up there. ^^.

Originally Posted by Tyrannus

More people need to see this. I see WAAAAAAAAAYYYYYY too many messages asking 'how do i fix my font disappearing?????

'. Look up CD3DFont class.

Hmm. Somebody else told me that too.
Its funny, Becuase i can hook everything else BUT DiP >.<
Hackshield removes my DiP too, And when i go to recreate it, I get kicked D:

I might have to go to that font class, But i dont want to edit my whole source for it :\

Originally Posted by ac1d_buRn

If you are using the code posted above it works flawlessly.

Make sure you reset your textures or else you will get an error upon entering 2nd game / item shop.

Originally Posted by Tyrannus

If you are using the code posted above it works flawlessly.

Make sure you reset your textures or else you will get an error upon entering 2nd game / item shop.

No im not.
I am using an auto finding device tho, Then detouring with a vTable

*Patched in the next update* xD

Originally Posted by whit

Nice leech...
If Gordon wanted it here i believe he would of posted here...

correct

Originally Posted by whit

I believe thats what he made it for .. i think idk

No, thats wrong.

Originally Posted by ac1d_buRn

Thats awesome.
If you read this gordon, THANKS!

This will stop your text dissapearing in menus

no problem

Originally Posted by Tyrannus

If you are using the code posted above it works flawlessly.

Make sure you reset your textures or else you will get an error upon entering 2nd game / item shop.

yes thats very important or the hack will crash (but not cause of hackshield)

Originally Posted by pimpinallovertheworld666

*Patched in the next update* xD

this wont be patched for a very long time. i use this since months

thanks gordon i dont know how to press it on UC ..
so i will press it here

I just have 1 question though, will this work on War Rock also? If I have War Rock's device pointer? HS seems to unhook GetTransform on Vista for me so my W2S fails.

CA D3D VMT Hook with HS bypass

Post a Reply

Similar Threads

Tags for this Thread