Anmeldungsdatum: Aug 2007
Beiträge: 8643
Benutzer-Bewertung:
|
Full Source Hack for WarZ v1.0. Please keep in mind use it on your own risk.
Credits: Zooom and s0beit
CPP Code: #include <Windows.h> #include <stdio.h> #include <conio.h> #include <d3d9.h> #include <d3dx9.h> #pragma comment(lib, "d3d9.lib") #pragma comment(lib, "d3dx9.lib") #define PI 3.141 #define Yellow D3DCOLOR_ARGB( 255, 255, 255, 000 ) typedef HRESULT ( WINAPI * DrawIPrim )( LPDIRECT3DDEVICE9, D3DPRIMITIVETYPE, INT, UINT, UINT, UINT, UINT ); VOID Jump( DWORD Address, DWORD Your_Detour ); DWORD Old = NULL; LPDIRECT3DDEVICE9 pDev; LPDIRECT3D9 pD3D; D3DVIEWPORT9 Viewport; DrawIPrim pDrawIPrim = NULL; DWORD dwEndscene_hook = NULL; DWORD dwEndscene_ret = NULL; DWORD dwDIP_hook = NULL; DWORD dwDIP_ret = NULL; DWORD dwReset_hook = NULL; DWORD dwReset_ret = NULL; DWORD bJump = NULL; LPD3DXFONT pFont=NULL; LPD3DXLINE pLine=NULL; HMODULE D3D9 = NULL; VOID RenderString(LPDIRECT3DDEVICE9 pDev, int x, int y, DWORD color, LPD3DXFONT g_pFont, const char *fmt, ...) { if( !pFont ) D3DXCreateFontA( pDev,13,0,FW_BOLD,1,0,DEFAULT_CHARSET,OUT_DEFAULT_PRECIS,DEFAULT_QUALITY,DEFAULT_PITCH | FF_DONTCARE,"Arial", &pFont ); if(!g_pFont) return; RECT FontPos = { x, y, x + 50, y + 50}; char buf[1024] = {'\0'}; va_list va_alist; va_start(va_alist, fmt); vsprintf_s(buf, fmt, va_alist); va_end(va_alist); pDev->SetRenderState( D3DRS_ZENABLE,false ); pDev->SetRenderState( D3DRS_FILLMODE,D3DFILL_SOLID ); g_pFont->DrawTextA(NULL, buf, -1, &FontPos, DT_NOCLIP, color); pDev->SetRenderState( D3DRS_ZENABLE, true ); pDev->SetRenderState( D3DRS_FILLMODE,D3DFILL_SOLID ); } VOID FillRGB(LPDIRECT3DDEVICE9 pDev,int x, int y, int w, int h, DWORD color ) { D3DRECT rec = { x, y, x + w, y + h }; pDev->Clear( 1, &rec, D3DCLEAR_TARGET, color, 0, 0 ); } VOID RenderBox(LPDIRECT3DDEVICE9 pDev, int x, int y, int w, int h, int px, DWORD color, DWORD color2) { //box FillRGB(pDev, x, y, w, h, color); //border FillRGB(pDev, x, (y + h - px), w, px,color2); FillRGB(pDev, x, y, px, h,color2 ); FillRGB(pDev, x, y, w, px,color2); FillRGB(pDev, (x + w - px), y, px, h,color2); } VOID RenderCircle(LPDIRECT3DDEVICE9 pDev,int X, int Y, int radius, int numSides, DWORD Color) { if (!pLine) D3DXCreateLine(pDev, &pLine); D3DXVECTOR2 Line[128]; float Step = (float)(PI * 2.0 / numSides); int Count = 0; for (float a=0; a < PI*2.0; a += Step) { float X1 = radius * cos(a) + X; float Y1 = radius * sin(a) + Y; float X2 = radius * cos(a+Step) + X; float Y2 = radius * sin(a+Step) + Y; Line[Count].x = X1; Line[Count].y = Y1; Line[Count+1].x = X2; Line[Count+1].y = Y2; Count += 2; } pLine->Begin(); pLine->Draw(Line,Count,Color); pLine->End(); pLine->Release(); } VOID RenderCross(LPDIRECT3DDEVICE9 pDev, DWORD color, int i) { pDev->GetViewport( &Viewport ); DWORD ScreenCenterX = (Viewport.Width / 2); DWORD ScreenCenterY = (Viewport.Height / 2); D3DRECT rec1 = {ScreenCenterX-i, ScreenCenterY, ScreenCenterX+ i, ScreenCenterY+1}; D3DRECT rec2 = {ScreenCenterX, ScreenCenterY-i, ScreenCenterX+ 1,ScreenCenterY+i}; pDev->Clear( 1, &rec1, D3DCLEAR_TARGET, color, 0, 0 ); pDev->Clear( 1, &rec2, D3DCLEAR_TARGET, color, 0, 0 ); //RenderCircle(pDev, ScreenCenterX, ScreenCenterY, i+3,i+3, color); } bool IsMenuOn =false; VOID WINAPI hkEndScene(LPDIRECT3DDEVICE9 pDev ) { __asm nop if((GetAsyncKeyState(VK_DELETE) & 0x1)) IsMenuOn = !IsMenuOn; RenderString(pDev, 5, 5, Yellow, pFont, "[BugZ v1.0] Press Delete to turn Chams On/Off "); if (IsMenuOn){ RenderCross(pDev, Yellow, 15); } } __declspec(naked) void MyEndscene( ) { __asm { MOV DWORD PTR SS:[EBP-0x10],ESP MOV ESI,DWORD PTR SS:[EBP+0x8] XOR EBX,EBX //replace patched code PUSHFD PUSHAD PUSH [EBP+0x8] CALL hkEndScene; POPAD POPFD CMP ESI,EBX //replace patched code jmp dwEndscene_ret; //jump back to normal endscene } } VOID SetModelColor(LPDIRECT3DDEVICE9 pDev, float r, float g, float b, float a, float glowr, float glowg, float glowb, float glowa) { float lightValues[4] = {r, g, b, a}; float glowValues[4] = {glowr, glowg, glowb, glowa}; pDev->SetPixelShaderConstantF(1, lightValues, 1); pDev->SetPixelShaderConstantF(3, glowValues, 1); } VOID WINAPI hkDrawIndexedPrimitive(LPDIRECT3DDEVICE9 pDev, D3DPRIMITIVETYPE Type, INT BIndex, UINT MIndex, UINT NVertices, UINT SIndex, UINT PCount ) { bJump = TRUE; LPDIRECT3DVERTEXBUFFER9 Stream_Data; UINT Offset = 0; UINT Stride = 0; if( pDev->GetStreamSource( 0, &Stream_Data, &Offset, &Stride ) == S_OK )Stream_Data->Release(); if (IsMenuOn) { // Disable fog pDev->SetRenderState(D3DRS_FOGENABLE, false); // Fullbright pDev->SetRenderState(D3DRS_LIGHTING, FALSE); pDev->SetRenderState(D3DRS_AMBIENT,D3DCOLOR_ARGB(255,255,255,255)); switch (Stride) { case 20: // Buildings //pDev->SetRenderState(D3DRS_ALPHABLENDENABLE,TRUE); pDev->SetRenderState(D3DRS_DESTBLEND,D3DBLEND_INVSRCALPHA); // Transparency break; case 32: // Players and Zombies //PlayerChams pDev->SetRenderState(D3DRS_LIGHTING, FALSE); // Wallhack pDev->SetRenderState(D3DRS_ZENABLE, FALSE); SetModelColor(pDev, 1.0f, 0.0f, 0.0f, 0.50f, 1.5f, 1.5f, 1.5f, 1.5f); pDrawIPrim( pDev, Type, BIndex, MIndex, NVertices, SIndex, PCount ); pDev->SetRenderState(D3DRS_ZENABLE, TRUE); break; default: break; } } bJump = FALSE; } __declspec(naked) void MyDIP( ) { __asm { MOV EDI,DWORD PTR SS:[EBP+0x8] XOR EBX,EBX CMP EDI,EBX // replace patched code PUSHFD PUSHAD MOV EDX,[bJump] CMP EDX,0x0 JG DONE PUSH [EBP+0x20] // Push arguments of DIP PUSH [EBP+0x1C] PUSH [EBP+0x18] PUSH [EBP+0x14] PUSH [EBP+0x10] PUSH [EBP+0x0C] PUSH [EBP+0x08] CALL hkDrawIndexedPrimitive DONE: POPAD POPFD jmp dwDIP_ret; // jump back to normal DIP } } VOID WINAPI hkReset( ) { if( pFont != NULL ) if( pFont->Release( ) == S_OK ) pFont = NULL; } __declspec(naked) void MyReset( ) { __asm { PUSHAD PUSHFD CALL hkReset POPFD POPAD MOV ESI,DWORD PTR SS:[EBP-0x08] MOV EDI,DWORD PTR SS:[EBP-0x04] POP EBX JMP dwReset_ret } } VOID WINAPI GETD3D( VOID ) { HWND ConsoleWindow = GetConsoleWindow( ); ShowWindow( ConsoleWindow, SW_HIDE ); // hide ConsoleWindow... while( D3D9 == NULL ) { D3D9 = GetModuleHandleA( "d3d9.dll" ); Sleep( 100 ); } D3DPRESENT_PARAMETERS D3D_PP = {0}; IDirect3D9 * (WINAPI *oDirect3DCreate9)(UINT SDKVersion); *(PDWORD)&oDirect3DCreate9 = (DWORD)GetProcAddress( D3D9, "Direct3DCreate9" ); _cprintf( "Direct3DCreate9\n" ); pD3D = oDirect3DCreate9( D3D_SDK_VERSION ); D3D_PP.Windowed = TRUE; D3D_PP.SwapEffect = D3DSWAPEFFECT_DISCARD; D3D_PP.BackBufferFormat = D3DFMT_UNKNOWN; _cprintf( "CreateDevice\n" ); pD3D->CreateDevice( D3DADAPTER_DEFAULT, D3DDEVTYPE_HAL,ConsoleWindow, D3DCREATE_SOFTWARE_VERTEXPROCESSING, &D3D_PP, &pDev ); PDWORD VTABLE = *(DWORD**)pDev; dwEndscene_hook = VTABLE[42] + 0x2A; dwEndscene_ret = dwEndscene_hook + 0x0A; dwDIP_hook = VTABLE[82] + 0x2D; dwDIP_ret = dwDIP_hook + 0x7; dwReset_hook = VTABLE[16] + 165; dwReset_ret = dwReset_hook + 0x7; *(PDWORD)&pDrawIPrim = (DWORD)VTABLE[82]; _cprintf( "Jump\n" ); Jump( (DWORD)dwEndscene_hook, (DWORD)MyEndscene ); Jump( (DWORD)dwDIP_hook, (DWORD)MyDIP ); Jump( (DWORD)dwReset_hook, (DWORD)MyReset ); _cprintf( "Done\n" ); Sleep( 400 ); pDev->Release( ); pD3D->Release( ); FreeConsole( ); } VOID Jump( DWORD Address, DWORD Your_Detour ) { VirtualProtect( (LPVOID)Address, 5, PAGE_EXECUTE_READWRITE, &Old ); *(PBYTE)Address = (BYTE)0xE9; *(PDWORD)(Address + 1) = ( Your_Detour - Address - 5) ; VirtualProtect( (LPVOID)Address, 5, Old, &Old ); } BOOL WINAPI DllMain( HINSTANCE hModule, DWORD dwReason, LPVOID lpvReserved ) { if( dwReason == DLL_PROCESS_ATTACH ) { DisableThreadLibraryCalls( hModule ); AllocConsole( ); _cprintf( "Ready\n" ); CreateThread( NULL, NULL, (LPTHREAD_START_ROUTINE) GETD3D, NULL, NULL, NULL); } return TRUE; }
Um Links zu sehen, musst du dich registrieren
Download WarZ v1.0 simple hack
|
English
