//=================================================================================== uintptr_t CSignature::GetVstdSignature(const char *chPattern) { // we need to do this becuase (i assume that) under the hood, dlopen only // loads up the sections that it needs into memory, meaning that we cannot // get the string table from the module. static int fd = open(sharedobj::vstdlib().path.c_str(), O_RDONLY); static void *module = mmap(NULL, lseek(fd, 0, SEEK_END), PROT_READ, MAP_SHARED, fd, 0); static link_map *moduleMap = sharedobj::vstdlib().lmap; // static void *module = (void *)moduleMap->l_addr; static Elf32_Shdr *textHeader = getSectionHeader(module, ".text"); static int textOffset = textHeader->sh_offset; static int textSize = textHeader->sh_size; // we need to remap the address that we got from the pattern search from our // mapped file to the actual memory we do this by rebasing the address // (subbing the mmapped one and adding the dlopened one. uintptr_t patr = dwFindPattern(((uintptr_t) module) + textOffset, ((uintptr_t) module) + textOffset + textSize, chPattern); if (!patr) return NULL; return patr - (uintptr_t)(module) + moduleMap->l_addr; }
//=================================================================================== DWORD CSignature::GetEngineSignature(char* chPattern) { static HMODULE hmModule = GetModuleHandleSafe("engine.dll"); static PIMAGE_DOS_HEADER pDOSHeader = (PIMAGE_DOS_HEADER)hmModule; static PIMAGE_NT_HEADERS pNTHeaders = (PIMAGE_NT_HEADERS)(((DWORD)hmModule) + pDOSHeader->e_lfanew); return dwFindPattern(((DWORD)hmModule) + pNTHeaders->OptionalHeader.BaseOfCode, ((DWORD)hmModule) + pNTHeaders->OptionalHeader.SizeOfCode, chPattern); }
int PrepareExtension() { if (preparedextension) return 0; preparedextension = true; std::string init = InitializeSdk(); if (init != "") { MessageBoxA(NULL, init.c_str(), "!LAC ERROR!", MB_OK); return 1; } DWORD executestringcmd = dwFindPattern((DWORD)GetModuleHandleA("engine.dll"), 0xFEADBEEF, (BYTE*)"\x55\x8B\xEC\x8B\x45\x08\x56\x8B\xF1\x85\xC0\x74\x22", "xxxxxxxxxxxxx"); if (!executestringcmd) { MessageBoxA(NULL, "didnt get stringcmd", "!LAC ERROR!", MB_OK); Msg("!LAC ERROR! didnt get stringcmd"); return 1; } DWORD onquerycvarval = dwFindPattern((DWORD)GetModuleHandleA("engine.dll"), 0xFEADBEEF, (BYTE*)"\x55\x8B\xEC\x8B\x45\x08\x8B\x50\x10\x56", "xxxxxxxxxx"); if (!onquerycvarval) { MessageBoxA(NULL, "didnt get query cvar value", "!LAC ERROR!", MB_OK); Msg("!LAC ERROR! didnt get query cvar value"); return 1; } ExecuteStringCmd = (OrigExecuteStringCmd)DetourCreate((BYTE*)executestringcmd, (BYTE*)hooked_ExecuteStringCmd, 6); ProcessRespondCvarValue = (OrigProcessRespondCvarValue)DetourCreate((BYTE*)onquerycvarval, (BYTE*)hooked_ProcessRespondCvarValue, 6); return 0; }
void CDirect3DHook::Install() { if(!m_bHookInstalled) { HMODULE hModule = NULL; char buffer[MAX_PATH]; // Getting path to system dir and to d3d8.dll ::GetSystemDirectory(buffer,MAX_PATH); // Append dll name strcat(buffer,"\\d3d9.dll"); LoadLibrary(buffer); while( !hModule ) { hModule = GetModuleHandleA(buffer); Sleep(100); } DWORD* VTableStart = 0; DWORD DevicePointer = dwFindPattern((DWORD)hModule, 0x128000, (PBYTE)"\xC7\x06\x00\x00\x00\x00\x89\x86\x00\x00\x00\x00\x89\x86", "xx????xx????xx"); memcpy(&VTableStart, (void*)(DevicePointer+2), 4); dwReset = (DWORD)VTableStart[16]; dwEndScene = (DWORD)VTableStart[42]; m_pReset = (Reset_t)DetourFunction((PBYTE)dwReset,(PBYTE)hkReset); m_pEndScene = (EndScene_t)DetourFunction((PBYTE)dwEndScene,(PBYTE)hkEndScene); CLogFile::Printf("Hooked 'Direct3D Reset and EndScene"); m_bHookInstalled = true; } }