我电脑环境是:WIN2003+DIRECTX9.0C
主要目的是:在一个DX8的游戏画面左上角显示时间。当然也有其他的停止。例如FPS什么的
下面的代码是 用madcodehook 写的。能正常在基于DX9的游戏下 显示字符串。
unit Unit1;
interface
uses
Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms,
Direct3D9, shellapi,DXTypes,madcodehook,
D3DX9;
var
PresentNext: function(const Self: IDirect3DDevice9;
const SourceRect, DestRect: PRect; const DestWindowOverride: HWND;
DirtyRegion: PRgnData): HResult; stdcall = nil;
CreateDeviceNext: function(const Self: pointer; Adapter: longword;
DeviceType: TD3DDevType; hFocusWindow: HWND; BehaviorFlags: DWord;
pPresentationParameters: PD3DPresentParameters;
out ppReturnedDeviceInterface: IDirect3DDevice9): HResult; stdcall = nil;
Direct3DCreate9Next:function (SDKVersion: cardinal): Pointer; stdcall;
Procedure InstallHook();
//------------------------------------------------------------------------------
implementation
function GetInterfaceMethod(intf: IUnknown; methodIndex: dword): pointer;
begin
Result := pointer(pointer(dword(pointer(intf)^) + methodIndex * 4)^);
end;
function GetPtrMethod(ptr: pointer; methodIndex: dword): pointer;
begin
Result := pointer(pointer(dword(ptr^) + methodIndex * 4)^);
end;
//------------------------------------------------------------------------------
function PresentCallback(const Self: IDirect3DDevice9;
const SourceRect, DestRect: PRect; const DestWindowOverride: HWND;
DirtyRegion: PRgnData): HResult; stdcall;
var
MenuFont: D3DX9.ID3DXFont;
rec: PRect;
begin
//Your Drawing Code Here. This Function Gets Called Everytime The Surface Needs Refreshing
D3DXCreateFontA(Self, 30, 0, FW_BOLD, 1, False, DEFAULT_CHARSET,
OUT_DEFAULT_PRECIS, ANTIALIASED_QUALITY, DEFAULT_PITCH or
FF_DONTCARE, 'Arial', MenuFont);
GetMem(rec, 16);
SetRect(rec^, 20, 100, Screen.Width, screen.Height);
MenuFont.DrawTextA(nil, 'Standard DirectX Hook By Ultimation',
-1, rec, DT_LEFT, D3DCOLOR_ARGB(255, 255, 255, 255));
Result := PresentNext(self, SourceRect, DestRect, DestWindowOverride, DirtyRegion);
freemem(rec,16);
end;
function CreateDeviceCallback(const Self: pointer; Adapter: longword;
DeviceType: TD3DDevType; hFocusWindow: HWND; BehaviorFlags: DWord;
pPresentationParameters: PD3DPresentParameters;
out ppReturnedDeviceInterface: IDirect3DDevice9): HResult; stdcall;
begin
Result := CreateDeviceNext(self, Adapter, DeviceType, hFocusWindow,
BehaviorFlags, pPresentationParameters, ppReturnedDeviceInterface);
if (Result = 0) and (@PresentNext = nil) then
hookcode(GetInterfaceMethod(ppReturnedDeviceInterface, 17),
@PresentCallback, @PresentNext);
end;
function Direct3DCreate9CallBack(SDKVersion: cardinal): Pointer; stdcall;
begin
Result := Direct3DCreate9next(SDKVersion);
if not (Result = nil) and (@CreateDeviceNext = nil) then
hookcode(GetPtrMethod(Result, 16), @CreateDeviceCallback,
@CreateDeviceNext);
end;
Procedure InstallHook();
begin
hookapi('d3d9.dll','Direct3DCreate9',@Direct3DCreate9CallBack,@Direct3DCreate9Next);
end;
end.
现在这个游戏是DX8的(看调用了DXD8.DLL).
于是我把下面的代码改成了DX8的。
注入后 游戏提示:找不到 d3dx81ab.dll.
很奇怪~~~~
library hook;
{$IMAGEBASE $59800000}
uses
Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms,
Direct3D8, shellapi,DXTypes,madcodehook,
D3DX8;
var
PresentNext: function(const Self: IDirect3DDevice8;
const SourceRect, DestRect: PRect; const DestWindowOverride: HWND;
DirtyRegion: PRgnData): HResult; stdcall = nil;
CreateDeviceNext: function(const Self: pointer; Adapter: longword;
DeviceType: TD3DDevType; hFocusWindow: HWND; BehaviorFlags: DWord;
pPresentationParameters: PD3DPresentParameters;
out ppReturnedDeviceInterface: IDirect3DDevice8): HResult; stdcall = nil;
Direct3DCreate8Next:function (SDKVersion: cardinal): Pointer; stdcall;
//------------------------------------------------------------------------------
function GetInterfaceMethod(intf: IUnknown; methodIndex: dword): pointer;
begin
Result := pointer(pointer(dword(pointer(intf)^) + methodIndex * 4)^);
end;
function GetPtrMethod(ptr: pointer; methodIndex: dword): pointer;
begin
Result := pointer(pointer(dword(ptr^) + methodIndex * 4)^);
end;
//------------------------------------------------------------------------------
function PresentCallback(const Self: IDirect3DDevice8;
const SourceRect, DestRect: PRect; const DestWindowOverride: HWND;
DirtyRegion: PRgnData): HResult; stdcall;
var
MenuFont: D3DX8.ID3DXFont;
rec: PRect;
cfont:hfont;
begin
cfont:=CreateFont(16,9, 0 ,0 ,991,0,0,0,GB2312_CHARSET,OUT_DEFAULT_PRECIS,CLIP_DEFAULT_PRECIS
,DEFAULT_QUALITY,DEFAULT_PITCH or FF_SCRIPT,'Arial');
D3DXCreateFont(Self,cfont,menufont);
GetMem(rec, 16);
SetRect(rec^, 20, 100, Screen.Width, screen.Height);
MenuFont.DrawTextA('Standard DirectX Hook By Ultimation',
-1, rec^, DT_LEFT, D3DCOLOR_ARGB(255, 255, 255, 255));
Result := PresentNext(self, SourceRect, DestRect, DestWindowOverride, DirtyRegion);
freemem(rec,16);
end;
function CreateDeviceCallback(const Self: pointer; Adapter: longword;
DeviceType: TD3DDevType; hFocusWindow: HWND; BehaviorFlags: DWord;
pPresentationParameters: PD3DPresentParameters;
out ppReturnedDeviceInterface: IDirect3DDevice8): HResult; stdcall;
begin
Result := CreateDeviceNext(self, Adapter, DeviceType, hFocusWindow,
BehaviorFlags, pPresentationParameters, ppReturnedDeviceInterface);
if (Result = 0) and (@PresentNext = nil) then
hookcode(GetInterfaceMethod(ppReturnedDeviceInterface, 17),
@PresentCallback, @PresentNext);
end;
function Direct3DCreate8CallBack(SDKVersion: cardinal): Pointer; stdcall;
begin
Result := Direct3DCreate8next(SDKVersion);
if not (Result = nil) and (@CreateDeviceNext = nil) then
hookcode(GetPtrMethod(Result, 16), @CreateDeviceCallback,
@CreateDeviceNext);
end;
begin
hookapi('d3d8.dll','Direct3DCreate8',@Direct3DCreate8CallBack,@Direct3DCreate8Next);
end.
[培训]科锐逆向工程师培训第53期2025年7月8日开班!
