public Hook(Process wowProc) { Memory = new ExternalProcessReader(wowProc); _dx3D = new Dirext3D(wowProc); _wowProcess = wowProc; Installed = false; }
protected virtual void Dispose(bool disposing) { Restore(); if (disposing) { try { // free managed resources if (_dxAddress != null) { _dxAddress.Device.Dispose(); _dxAddress = null; } } catch (Exception ex) { Logging.Log(ex); } } }
static void Main(string[] args) { Console.WriteLine("Please enter the process name with out extension (for example, if process name is game.exe enter just game) and press Enter."); var processName = Console.ReadLine(); var processCollection = System.Diagnostics.Process.GetProcessesByName(processName); if (processCollection == null || !processCollection.Any()) { Console.WriteLine($"No process found by the name: {processName} exit the console (hit enter or the X) and try again"); Console.ReadLine(); return; } var process = processCollection.FirstOrDefault(); if (process == null) { Console.WriteLine($"No process found by the name: {processName} or is now invalid, exit the console (hit enter or the X) and try again"); Console.ReadLine(); return; } var dxDevice = new Dirext3D(process); var dxVersion = dxDevice.UsingDirectX11 ? "Directx11" : "Directx9"; var functionToHook = dxDevice.UsingDirectX11 ? "public delegate int DxgiSwapChainPresentDelegate(IntPtr swapChainPtr, int syncInterval, int flags)" : "public delegate int Direct3D9EndScene(IntPtr device)"; var processSize = IntPtr.Size == 4 ? "x86" : "x64"; Console.WriteLine($"DirectX version: {dxVersion}"); Console.WriteLine($"Process architecture: {processSize}"); Console.WriteLine($"Function to hook: {functionToHook}"); var rebased = new IntPtr(dxDevice.HookAddress.ToInt64() - process.MainModule.BaseAddress.ToInt64()); Console.WriteLine($"ImageBase + offset hook address= {dxDevice.HookAddress.ToString("X")}"); Console.WriteLine($"Offset hook address: = {rebased.ToString("X")}"); Console.WriteLine("Hit enter to exit or close the console"); Console.ReadLine(); }
/// <summary> /// Apply the DirectX function hook to the WoW process /// </summary> /// <returns>true if it applied correctly. Otherwise, false</returns> public bool Apply() { //Lets check if we are already hooked. if (IsApplied) { //Were already hooked. //So lets restore the original bytes. Restore(); } _allocatedMemory = BotManager.Memory.CreateAllocatedMemory(CODECAVESIZE + 0x1000 + 0x4 + 0x4); _dxAddress = new Dirext3D(BotManager.Memory.Process); // store original bytes _endSceneOriginalBytes = BotManager.Memory.ReadBytes(_dxAddress.HookPtr - 5, 10); int jumpLoc = 0; if (_endSceneOriginalBytes[5] == 0xE9) { DialogResult result = MessageBox.Show(LocalSettings.Translations["Hook Found"], LocalSettings.Translations["Warning"], MessageBoxButtons.YesNo, MessageBoxIcon.Warning); if (result == DialogResult.No) { return(false); } Logging.Log("Detected Another hook. Trying to hook anyway."); var offset = BotManager.Memory.Read <int>(_dxAddress.HookPtr + 1); jumpLoc = _dxAddress.HookPtr.ToInt32() + offset + 5; } foreach (int b in _endSceneOriginalBytes.Where(b => b == 0xE9).Select((b, i) => i)) { Logging.Log("E9 byte Detected at index: " + b); } if (_endSceneOriginalBytes[0] == 0xE9) { MessageBox.Show(LocalSettings.Translations["Reattach"]); return(false); } try { _allocatedMemory.WriteBytes("codeCavePtr", _eraser); _allocatedMemory.WriteBytes("injectedCode", _eraser); _allocatedMemory.Write("addressInjection", 0); _allocatedMemory.Write("returnInjectionAsm", 0); var asm = new List <string> { "pushad", // save registers to the stack "pushfd", "mov eax, [" + _allocatedMemory["addressInjection"] + "]", "test eax, eax", // Test if you need launch injected code "je @out", "mov eax, [" + _allocatedMemory["addressInjection"] + "]", "call eax", // Launch Function "mov [" + _allocatedMemory["returnInjectionAsm"] + "], eax", // Copy pointer return value "mov edx, " + _allocatedMemory["addressInjection"], // Enter value 0 of so we know we are done "mov ecx, 0", "mov [edx], ecx", "@out:", // Close function "popfd", // load reg "popad" }; asm = AddRandomAsm(asm); // injected code int sizeAsm = Inject(asm, _allocatedMemory["injectedCode"]); // Size asm jumpback int sizeJumpBack; // copy and save original instructions if (jumpLoc != 0) { asm.Clear(); asm.Add("jmp " + (uint)jumpLoc); Inject(asm, IntPtr.Add(_allocatedMemory["injectedCode"], sizeAsm)); sizeJumpBack = 5; } else { BotManager.Memory.WriteBytes(IntPtr.Add(_allocatedMemory["injectedCode"], sizeAsm), new[] { _endSceneOriginalBytes[5], _endSceneOriginalBytes[6] }); sizeJumpBack = 2; } asm.Clear(); asm.Add("jmp " + ((uint)_dxAddress.HookPtr + sizeJumpBack)); // short jump takes 2 bytes. // create jump back stub Inject(asm, _allocatedMemory["injectedCode"] + sizeAsm + sizeJumpBack); // create hook jump asm.Clear(); asm.Add("@top:"); asm.Add("jmp " + _allocatedMemory["injectedCode"]); asm.Add("jmp @top"); Inject(asm, _dxAddress.HookPtr - 5); IsApplied = true; } catch (Exception ex) { Logging.Log(ex); return(false); } return(true); }