| Author |
Message |
|
Jimster480
Site Owner
Joined: Thu Feb 09, 2006 7:01 pm
Posts: 1653
Location: MIA [305] , USA
|
 EAT Hooking
Using cpp Syntax Highlighting
DWORD EATHook (HMODULE mod,CHAR * FN,VOID * HA,VOID ** OA ) // Credits: Jimster480
{
DWORD EATA,OP ;
IMAGE_DOS_HEADER *DOSH = (IMAGE_DOS_HEADER *)mod ;
IMAGE_NT_HEADERS *NTH = NULL;
if(DOSH ->e_magic != IMAGE_DOS_SIGNATURE ) return NULL;
NTH = ((PIMAGE_NT_HEADERS )((DWORD )(DOSH ) + (DWORD )(DOSH ->e_lfanew )));
if(NTH ->Signature != IMAGE_NT_SIGNATURE ) return NULL;
EATA = NTH ->OptionalHeader. DataDirectory[IMAGE_DIRECTORY_ENTRY_EXPORT ]. VirtualAddress;
IMAGE_EXPORT_DIRECTORY *EATP = (IMAGE_EXPORT_DIRECTORY *) ((DWORD )EATA + (DWORD )mod );
for (DWORD i = 0;i < EATP ->NumberOfFunctions ;i ++)
{
DWORD * ENTP = (DWORD *)((DWORD )mod + ((DWORD )EATP ->AddressOfNames + (sizeof(DWORD )*i )));
if(strcmp((char*)((DWORD )mod + *ENTP ),FN )== 0 )
{
WORD * AONP = (WORD *)((DWORD )mod + ((DWORD )EATP ->AddressOfNameOrdinals + (i *sizeof(WORD ))));
DWORD * AOF = (DWORD *)((DWORD )mod + ((DWORD )EATP ->AddressOfFunctions + (sizeof(DWORD )**AONP )));
if(!VirtualProtect (AOF, sizeof(DWORD ),PAGE_READWRITE, &OP )) return NULL;
*OA = (void*)(*AOF +DWORD (mod ));
*AOF = (((DWORD )HA )-DWORD (mod ));
if(!VirtualProtect (AOF, sizeof(DWORD ),OP, &OP )) return NULL;
return 1;
}
}
return NULL;
}
Parsed in 0.027 seconds How To Use. Ex: EATHook(GetModuleHandle("Opengl32.dll"),"glBegin",((VOID*)(&h_glBegin)),((VOID**)(&d_glBegin))); that would be how you would hook GL Begin. Basically what it does is modify the address of the DLL's export so that any calls to GetProcAddress return your function address instead of the real one.
_________________
|
| Fri Nov 23, 2007 2:38 am |
    
|
|
|
Nero
Advanced
Joined: Sat May 10, 2008 7:28 pm
Posts: 76
Location: joo mama's house
|
O_O?
|
| Thu Oct 16, 2008 10:43 pm |
|
|
|
Hitler
Elite
Joined: Sat Aug 22, 2009 9:46 pm
Posts: 156
Location: Hitler
|
Re: EAT Hooking
Using cpp Syntax Highlighting
DWORD EATHook (HMODULE mod,CHAR * FN,VOID * HA,VOID ** OA ) // Credits: Jimster480
{
DWORD EATA,OP ;
IMAGE_DOS_HEADER *DOSH = (IMAGE_DOS_HEADER *)mod ;
IMAGE_NT_HEADERS *NTH = NULL;
if(DOSH ->e_magic != IMAGE_DOS_SIGNATURE ) return NULL;
NTH = ((PIMAGE_NT_HEADERS )((DWORD )(DOSH ) + (DWORD )(DOSH ->e_lfanew )));
if(NTH ->Signature != IMAGE_NT_SIGNATURE ) return NULL;
EATA = NTH ->OptionalHeader. DataDirectory[IMAGE_DIRECTORY_ENTRY_EXPORT ]. VirtualAddress;
IMAGE_EXPORT_DIRECTORY *EATP = (IMAGE_EXPORT_DIRECTORY *) ((DWORD )EATA + (DWORD )mod );
for (DWORD i = 0;i < EATP ->NumberOfFunctions ;i ++)
{
DWORD * ENTP = (DWORD *)((DWORD )mod + ((DWORD )EATP ->AddressOfNames + (sizeof(DWORD )*i )));
if(strcmp((char*)((DWORD )mod + *ENTP ),FN )== 0 )
{
WORD * AONP = (WORD *)((DWORD )mod + ((DWORD )EATP ->AddressOfNameOrdinals + (i *sizeof(WORD ))));
DWORD * AOF = (DWORD *)((DWORD )mod + ((DWORD )EATP ->AddressOfFunctions + (sizeof(DWORD )**AONP )));
if(!VirtualProtect (AOF, sizeof(DWORD ),PAGE_READWRITE, &OP )) return NULL;
*OA = (void*)(*AOF +DWORD (mod ));
*AOF = (((DWORD )HA )-DWORD (mod ));
if(!VirtualProtect (AOF, sizeof(DWORD ),OP, &OP )) return NULL;
return 1;
}
}
return NULL;
}
Parsed in 0.026 seconds lol ass script
_________________
|
| Sun Oct 04, 2009 8:53 pm |
|
|
|
Jimster480
Site Owner
Joined: Thu Feb 09, 2006 7:01 pm
Posts: 1653
Location: MIA [305] , USA
|
Re: EAT Hooking dun exactly know y u copied what i posted?
_________________
|
| Mon Oct 05, 2009 3:27 pm |
|
|
|
(+)
Ultra Elite
Joined: Wed Jul 02, 2008 11:21 am
Posts: 674
|
Re: EAT Hooking [b]Is there an update for your EAT hook Mr. Prod .  ( If theres is somethin to update anyways ) Window 7 Ultimate ... Great work ! As usual ...  Been tryin to use it like this ( Am I wrong ? ). Compiles but the dll keeps on detaching ... Or rather doesnt attach . Thanks .  ( Im not saying it doesnt work or anything else like that ... ) ~~~~ Edit~~~~~~~ Hmm, seems to be the injection method your using is a lot better than mine ... Whats the right way to inject this mr . prod ? J480.cpp
Using cpp Syntax Highlighting
---------------------------------------------------------
#include "J480.h"
typedef void (APIENTRY *f_glbegin )(GLenum mode );
typedef void (APIENTRY *f_glviewport ) (GLint x, GLint y, GLsizei width, GLsizei height );
typedef void (APIENTRY *f_glvertex3fv ) (const GLfloat *v );
typedef void (APIENTRY *f_glvertex2f ) (GLfloat x, GLfloat y );
typedef void (APIENTRY *f_glpolygonOffset ) (GLfloat factor, GLfloat units );
typedef void (APIENTRY *f_glclear )(GLbitfield mask );
typedef void (APIENTRY *f_glTranslatef )(GLfloat x,GLfloat y,GLfloat z );
typedef void (APIENTRY *f_wglSwapBuffers )(HDC hDC );
typedef void (APIENTRY *f_glPushMatrix )(void);
typedef void (APIENTRY *f_glVertex3f )(GLfloat x,GLfloat y,GLfloat z );
typedef void (APIENTRY *f_glPopMatrix )(void);
typedef void (APIENTRY *f_glEnable )(GLenum cap );
//------------------------------------------------------------------------
f_glbegin d_glBegin = NULL;
f_glviewport d_glViewport = NULL;
f_glvertex3fv d_glVertex3fv = NULL;
f_glvertex2f d_glVertex2f = NULL;
f_glpolygonOffset d_glPolygonOffset = NULL;
f_glclear d_glClear = NULL;
f_glTranslatef d_glTranslatef = NULL;
f_wglSwapBuffers d_wglSwapBuffers = NULL;
f_glPushMatrix d_glPushMatrix = NULL;
f_glVertex3f d_glVertex3f = NULL;
f_glPopMatrix d_glPopMatrix = NULL;
f_glEnable d_glEnable = NULL;
//------------------------------------------------------------------------
void APIENTRY h_glBegin (GLenum mode )
{
d_glBegin (mode );
}
void APIENTRY h_glViewport (GLint x, GLint y, GLsizei width, GLsizei height )
{
d_glViewport (x, y, width, height );
}
void APIENTRY h_glVertex3fv (const GLfloat *v )
{
d_glVertex3fv (v );
}
void APIENTRY h_glVertex2f (GLfloat x, GLfloat y )
{
d_glVertex2f (x, y );
}
void APIENTRY h_glPolygonOffset (GLfloat factor, GLfloat units )
{
d_glPolygonOffset (factor, units );
}
void APIENTRY h_glClear (GLbitfield mask )
{
d_glClear (mask );
}
void APIENTRY h_glTranslatef (GLfloat x,GLfloat y,GLfloat z )
{
d_glTranslatef (x,y,z );
}
void APIENTRY h_wglSwapBuffers (HDC hDC )
{
d_wglSwapBuffers (hDC );
}
void APIENTRY h_glPushMatrix (void)
{
d_glPushMatrix ();
}
void APIENTRY h_glVertex3f (GLfloat x,GLfloat y,GLfloat z )
{
d_glVertex3f (x,y,z );
}
void APIENTRY h_glPopMatrix (void)
{
d_glPopMatrix ();
}
void APIENTRY h_glEnable (GLenum cap )
{
d_glEnable (cap );
}
BOOL APIENTRY DllMain (HANDLE hModule,DWORD reason,LPVOID lpReserved )
{switch(reason ){case DLL_PROCESS_ATTACH :{
DisableThreadLibraryCalls ((HMODULE )hModule );
EATHook (GetModuleHandle ((LPCWSTR )"Opengl32.dll"), "glBegin", ((VOID *)(&h_glBegin )), ((VOID **)(&d_glBegin )));
EATHook (GetModuleHandle ((LPCWSTR )"Opengl32.dll"), "glClear", ((VOID *)(&h_glClear )), ((VOID **)(&d_glClear )));
EATHook (GetModuleHandle ((LPCWSTR )"Opengl32.dll"), "glTranslatef", ((VOID *)(&h_glTranslatef )), ((VOID **)(&d_glTranslatef )));
EATHook (GetModuleHandle ((LPCWSTR )"Opengl32.dll"), "wglSwapBuffers", ((VOID *)(&h_wglSwapBuffers )), ((VOID **)(&d_wglSwapBuffers )));
EATHook (GetModuleHandle ((LPCWSTR )"Opengl32.dll"), "glViewport", ((VOID *)(&h_glViewport )), ((VOID **)(&d_glViewport )));
EATHook (GetModuleHandle ((LPCWSTR )"Opengl32.dll"), "glPushMatrix", ((VOID *)(&h_glPushMatrix )), ((VOID **)(&d_glPushMatrix )));
EATHook (GetModuleHandle ((LPCWSTR )"Opengl32.dll"), "glVertex3f", ((VOID *)(&h_glVertex3f )), ((VOID **)(&d_glVertex3f )));
EATHook (GetModuleHandle ((LPCWSTR )"Opengl32.dll"), "glPopMatrix", ((VOID *)(&h_glPopMatrix )), ((VOID **)(&d_glPopMatrix )));
EATHook (GetModuleHandle ((LPCWSTR )"Opengl32.dll"), "glEnable", ((VOID *)(&h_glEnable )), ((VOID **)(&d_glEnable )));
EATHook (GetModuleHandle ((LPCWSTR )"Opengl32.dll"), "glVertex2f", ((VOID *)(&h_glVertex2f )), ((VOID **)(&d_glVertex2f )));
EATHook (GetModuleHandle ((LPCWSTR )"Opengl32.dll"), "glVertex3fv", ((VOID *)(&h_glVertex3fv )), ((VOID **)(&d_glVertex3fv )));
EATHook (GetModuleHandle ((LPCWSTR )"Opengl32.dll"), "glPolygonOffset", ((VOID *)(&h_glPolygonOffset )), ((VOID **)(&d_glPolygonOffset )));
}break;case DLL_PROCESS_DETACH :{
}break;}return TRUE ;}
---------------------------------------------------------
J480. h
---------------------------------------------------------
#pragma once
#define WIN32_LEAN_AND_MEAN
#include <windows.h>
#include "GL/gl.h"
#include "GL/glu.h"
#include "GL/glaux.h"
#include "GL/glut.h"
#pragma comment(lib, "GL/opengl32.lib")
#pragma comment(lib, "GL/glaux.lib")
#pragma comment(lib, "GL/glu32.lib")
#pragma comment(lib, "GL/glut32.lib")
#pragma comment(lib, "user32.lib")
DWORD EATHook (HMODULE mod,CHAR * FN,VOID * HA,VOID ** OA ) // Credits: Jimster480
{
DWORD EATA,OP ;
IMAGE_DOS_HEADER *DOSH = (IMAGE_DOS_HEADER *)mod ;
IMAGE_NT_HEADERS *NTH = NULL;
if(DOSH ->e_magic != IMAGE_DOS_SIGNATURE ) return NULL;
NTH = ((PIMAGE_NT_HEADERS )((DWORD )(DOSH ) + (DWORD )(DOSH ->e_lfanew )));
if(NTH ->Signature != IMAGE_NT_SIGNATURE ) return NULL;
EATA = NTH ->OptionalHeader. DataDirectory[IMAGE_DIRECTORY_ENTRY_EXPORT ]. VirtualAddress;
IMAGE_EXPORT_DIRECTORY *EATP = (IMAGE_EXPORT_DIRECTORY *) ((DWORD )EATA + (DWORD )mod );
for (DWORD i = 0;i < EATP ->NumberOfFunctions ;i ++)
{
DWORD * ENTP = (DWORD *)((DWORD )mod + ((DWORD )EATP ->AddressOfNames + (sizeof(DWORD )*i )));
if(strcmp((char*)((DWORD )mod + *ENTP ),FN )== 0 )
{
WORD * AONP = (WORD *)((DWORD )mod + ((DWORD )EATP ->AddressOfNameOrdinals + (i *sizeof(WORD ))));
DWORD * AOF = (DWORD *)((DWORD )mod + ((DWORD )EATP ->AddressOfFunctions + (sizeof(DWORD )**AONP )));
if(!VirtualProtect (AOF, sizeof(DWORD ),PAGE_READWRITE, &OP )) return NULL;
*OA = (void*)(*AOF +DWORD (mod ));
*AOF = (((DWORD )HA )-DWORD (mod ));
if(!VirtualProtect (AOF, sizeof(DWORD ),OP, &OP )) return NULL;
return 1;
}
}
return NULL;
}
//-----------------------------------------------------------------
Parsed in 0.077 seconds
|
| Sat Oct 31, 2009 10:31 am |
|
|
|
Jimster480
Site Owner
Joined: Thu Feb 09, 2006 7:01 pm
Posts: 1653
Location: MIA [305] , USA
|
Re: EAT Hooking you must have the right sleep time in order for it to work. you can also try hooks like this
Using cpp Syntax Highlighting
OGL = GetModuleHandle ("Opengl32.dll");
if(!EATHook (OGL, "glBegin", ((VOID *)(&h_glBegin )), ((VOID **)(&d_glBegin )))) return false;
that way if the hook fails it ejects the DLL. Then you can put debug info in between the hooks and see when it fails.
Parsed in 0.012 seconds
_________________
|
| Sat Oct 31, 2009 3:41 pm |
|
|
|
(+)
Ultra Elite
Joined: Wed Jul 02, 2008 11:21 am
Posts: 674
|
Re: EAT Hooking ok thanks .  Do you got any other hook ideas?
|
| Sat Oct 31, 2009 4:27 pm |
|
|
|
Jimster480
Site Owner
Joined: Thu Feb 09, 2006 7:01 pm
Posts: 1653
Location: MIA [305] , USA
|
Re: EAT Hooking this is the best type of hooking you can use for hooking api's like this.
_________________
|
| Sat Oct 31, 2009 4:33 pm |
|
|
|
(+)
Ultra Elite
Joined: Wed Jul 02, 2008 11:21 am
Posts: 674
|
Re: EAT Hooking ok , i understand it all now ...  Eathook + module hide is best . One more question . Is it safe to use SetCursorPos(); on vac2 ?
|
| Sun Nov 01, 2009 10:26 am |
|
|
|
Jimster480
Site Owner
Joined: Thu Feb 09, 2006 7:01 pm
Posts: 1653
Location: MIA [305] , USA
|
Re: EAT Hooking yes, they dont check for you using any API's, only hooking API's. So you can call w/e u want.
_________________
|
| Sun Nov 01, 2009 1:58 pm |
|
|
|
(+)
Ultra Elite
Joined: Wed Jul 02, 2008 11:21 am
Posts: 674
|
Re: EAT Hooking Youre the "MAN" ! Your so great man !
|
| Sun Nov 01, 2009 2:21 pm |
|
|
|
(+)
Ultra Elite
Joined: Wed Jul 02, 2008 11:21 am
Posts: 674
|
Re: EAT Hooking Your EAT Hook Mr. Prod , is the perfect EAT HooK ... EXTRA SIMPLE WALLHACK :
Using cpp Syntax Highlighting
/*----------------------------------------------------------------------------------------------------------------------------*/
#include <windows.h>
#include <gl/gl.h>
#include <gl/glu.h>
#include <gl/glaux.h>
#include <GL/glut.h>
#pragma comment(lib, "GL/opengl32.lib")
#pragma comment(lib, "GL/glaux.lib")
#pragma comment(lib, "GL/glu32.lib")
#pragma comment(lib, "GL/glut32.lib")
///////////////////////////////////
typedef void (APIENTRY *f_glbegin )(GLenum mode );
void APIENTRY h_glBegin (GLenum mode );
DWORD EATHook (HMODULE mod,CHAR * FN,VOID * HA,VOID ** OA );
///////////////////////////////////
f_glbegin d_glBegin = NULL;
////////////////////////////////////////////////////////////////////////////////////////
BOOL APIENTRY DllMain ( HMODULE hModule, DWORD ul_reason_for_call, LPVOID lpReserved )
{
if (ul_reason_for_call == DLL_PROCESS_ATTACH )
{
DisableThreadLibraryCalls (hModule );
EATHook (LoadLibraryA ((LPCSTR )"Opengl32.dll"), "glBegin", ((VOID *)(&h_glBegin )), ((VOID **)(&d_glBegin )));
}
return TRUE ;
}
////////////////////////////////////////////////////////////////////////////////////////
void APIENTRY h_glBegin (GLenum mode )
{
if(mode ==GL_TRIANGLES ||mode ==GL_TRIANGLE_FAN ||mode ==GL_TRIANGLE_STRIP )
{
glDisable (GL_DEPTH_TEST );
}
return d_glBegin (mode );
}
/////////////////////////////////////////
DWORD EATHook (HMODULE mod,CHAR * FN,VOID * HA,VOID ** OA ) // Credits: Jimster480
{
DWORD EATA,OP ;
IMAGE_DOS_HEADER *DOSH = (IMAGE_DOS_HEADER *)mod ;
IMAGE_NT_HEADERS *NTH = NULL;
if(DOSH ->e_magic != IMAGE_DOS_SIGNATURE ) return NULL;
NTH = ((PIMAGE_NT_HEADERS )((DWORD )(DOSH ) + (DWORD )(DOSH ->e_lfanew )));
if(NTH ->Signature != IMAGE_NT_SIGNATURE ) return NULL;
EATA = NTH ->OptionalHeader. DataDirectory[IMAGE_DIRECTORY_ENTRY_EXPORT ]. VirtualAddress;
IMAGE_EXPORT_DIRECTORY *EATP = (IMAGE_EXPORT_DIRECTORY *) ((DWORD )EATA + (DWORD )mod );
for (DWORD i = 0;i < EATP ->NumberOfFunctions ;i ++)
{
DWORD * ENTP = (DWORD *)((DWORD )mod + ((DWORD )EATP ->AddressOfNames + (sizeof(DWORD )*i )));
if(strcmp((char*)((DWORD )mod + *ENTP ),FN )== 0 )
{
WORD * AONP = (WORD *)((DWORD )mod + ((DWORD )EATP ->AddressOfNameOrdinals + (i *sizeof(WORD ))));
DWORD * AOF = (DWORD *)((DWORD )mod + ((DWORD )EATP ->AddressOfFunctions + (sizeof(DWORD )**AONP )));
if(!VirtualProtect (AOF, sizeof(DWORD ),PAGE_READWRITE, &OP )) return NULL;
*OA = (void*)(*AOF +DWORD (mod ));
*AOF = (((DWORD )HA )-DWORD (mod ));
if(!VirtualProtect (AOF, sizeof(DWORD ),OP, &OP )) return NULL;
return 1;
}
}
return NULL;
}
//////////////////////////////////////////////////////////////////////////////////
/*----------------------------------------------------------------------------------------------------------------------------*/Parsed in 0.039 seconds
Last edited by (+) on Wed Jan 06, 2010 6:08 am, edited 2 times in total.
|
| Fri Dec 11, 2009 2:44 pm |
|
|
|
Linux
N00b
Joined: Sat Nov 21, 2009 1:12 am
Posts: 16
|
Re: EAT Hooking  | | | | (+) wrote: Your EAT Hook Mr. Prod , is the perfect EAT HooK ... EXTRA SIMPLE WALLHACK : /*----------------------------------------------------------------------------------------------------------------------------*/ #include <windows.h> #include <gl/gl.h> #include <gl/glu.h> #..... | | | | |
Not SSW !! But ESW !!!!!!!
|
| Sat Dec 12, 2009 6:36 pm |
|
|
|
Hitler
Elite
Joined: Sat Aug 22, 2009 9:46 pm
Posts: 156
Location: Hitler
|
Re: EAT Hooking OMG HOW DO U LOAD IT?
_________________
|
| Fri Jan 01, 2010 8:11 pm |
|
|
|
(+)
Ultra Elite
Joined: Wed Jul 02, 2008 11:21 am
Posts: 674
|
Re: EAT Hooking I finally understand the best way for eathook to work without sleep time dependency.
You need to do LoadLibraryA("opengl32.dll"); at the first instance you dll is injected .
This will force Opengl.dll to load at your specified time and not have to
wait for the game to load it which is much too long . Around 100+ ms .
So don't use GetModuleHandleA and sleep combination it makes it harder .
And doing while ( hMod == NULL) hMod = GetModuleHandleA("...");
Will cause crash with premature injection . (Injecting before opengl.dll is loaded by the game.)
So if you dont add any sleep time and just force OGL.dll to load earlier is best .
But just my opinion ...
|
| Sun Aug 29, 2010 5:40 pm |
|
|
Who is online |
Users browsing this forum: No registered users and 1 guest |
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum
|
|
