Recent

Author Topic: Using Resource and API hooking for game hacks  (Read 12599 times)

shonay

  • Full Member
  • ***
  • Posts: 169
Re: Using Resource and API hooking for game hacks
« Reply #15 on: May 20, 2015, 04:38:33 pm »
I swear down,this guy always gives me cause to smile every time I read from him

You the best Getmem. Thanks a billion!
Gracias mi Hermanos
When the power of love overcomes the love of power, the world would know Peace

- Jimi Hendrix.

shonay

  • Full Member
  • ***
  • Posts: 169
Re: Using Resource and API hooking for game hacks
« Reply #16 on: May 21, 2015, 10:51:11 pm »
Good evening

I'm Mastering using the DDetours Library, but porting to Lazarus... hasnt been Fun these days , but a, still learning as i know i have a whole lot to fight with to achieve success there
in the mean time, i decided to get busy with some hooking , by trying to change the code from C++ to pascal, hence i wrote something like this , outta ma spare time..

Now i get some errors, here. Which goes like this

Code: [Select]
Options changed, recompiling clean with -B
sendRecvDLL.lpr(37,13) Hint: Conversion between ordinals and pointers is not portable
sendRecvDLL.lpr(37,33) Hint: Conversion between ordinals and pointers is not portable
sendRecvDLL.lpr(38,60) Hint: Local variable "OldProtect" does not seem to be initialized
sendRecvDLL.lpr(40,28) Hint: Conversion between ordinals and pointers is not portable
sendRecvDLL.lpr(43,19) Hint: Conversion between ordinals and pointers is not portable
sendRecvDLL.lpr(43,11) Hint: Conversion between ordinals and pointers is not portable
sendRecvDLL.lpr(45,25) Hint: Conversion between ordinals and pointers is not portable
sendRecvDLL.lpr(45,17) Hint: Conversion between ordinals and pointers is not portable
sendRecvDLL.lpr(71,4) Error: Wrong number of parameters specified for call to "HookAPI"
sendRecvDLL.lpr(24,10) Hint: Found declaration: HookAPI(AnsiString,AnsiString,Pointer,var Pointer):Boolean;
sendRecvDLL.lpr(73,4) Error: Wrong number of parameters specified for call to "HookAPI"
sendRecvDLL.lpr(24,10) Hint: Found declaration: HookAPI(AnsiString,AnsiString,Pointer,var Pointer):Boolean;
sendRecvDLL.lpr(79,12) Error: Identifier not found "DllProc"
sendRecvDLL.lpr(82) Fatal: There were 3 errors compiling module, stopping


Code: [Select]
library sendRecvDLL;

{$mode delphi}{$H+}

uses
   SysUtils,
   Classes,
   Winsock2,
   Windows;

var
  TrampolineSend: function(Sock: TSocket; var Buf; Len, Flags: Integer): Integer; stdcall;
  TrampolineRecv: function(Sock: TSocket; var Buf; Len, Flags: Integer): Integer; stdcall;

function BufferToHex(Buf: PChar; Len: Integer): String;
var
  I: Integer;
begin
  Result := '';
  for I := 0 to Len - 1 do
    Result := Result + IntToHex(Ord(Buf[I]), 2) + ' ';
end;

function HookAPI(TargetModule, TargetProc: string; NewProc: pointer; var OldProc: pointer): boolean;
var
  Address: longword;
  OldProtect: longword;
  OldFunction: pointer;
  Proc: pointer;
  hModule: longword;

  begin
Result:=False;
try
hModule := LoadLibrary(pchar(TargetModule));
Proc := GetProcAddress(hModule, pchar(TargetProc));
Address := longword(NewProc) - longword(Proc) - 5;
VirtualProtect(Proc, 5, PAGE_EXECUTE_READWRITE, OldProtect);
GetMem(OldFunction, 255);
longword(OldFunction^) := longword(Proc);
byte(pointer(Proc)^) := $e9;
longword(pointer(longword(Proc) + 1)^) := Address;
    VirtualProtect(Proc, 5, OldProtect, OldProtect);
    OldProc := pointer(longword(OldFunction) + 5);
    FreeLibrary(hModule);
      except
  Exit;
     end;
Result:=True;
end;

function InterceptSend(Sock: TSocket; var Buf; Len, Flags: Integer): Integer; stdcall;
begin
  MessageBoxW(0, PWideChar('Send: ' + BufferToHex(@Buf, Len)), PWideChar('Send'), 0);
Result:=TrampolineSend(Sock, Buf, Len, Flags);
end;

function InterceptRecv(Sock: TSocket; var Buf; Len, Flags: Integer): Integer; stdcall;
begin
  Result := TrampolineRecv(Sock, Buf, Len, Flags);
  MessageBoxW(0, PWideChar('Recv: ' + BufferToHex(@Buf, Len)), PWideChar('Recv'), 0);
end;

procedure DLLEntryPoint(dwReason: DWORD);
begin
case dwReason of
  DLL_PROCESS_ATTACH:
begin
if not Assigned(TrampolineSend) then
HookAPI('ws2_32.dll',@send,InterceptSend); //error here
if not Assigned(TrampolineRecv) then
HookAPI('ws2_32.dll',@recv,InterceptRecv); // error here
end;
end;
end;

begin
    DllProc:=@DLLEntryPoint;
    DLLEntryPoint(DLL_PROCESS_ATTACH);
end.
When the power of love overcomes the love of power, the world would know Peace

- Jimi Hendrix.

taazz

  • Hero Member
  • *****
  • Posts: 5368
Re: Using Resource and API hooking for game hacks
« Reply #17 on: May 21, 2015, 11:35:06 pm »
you do no specify which function you want to hook I guess, you only provide the the dll name.
Good judgement is the result of experience … Experience is the result of bad judgement.

OS : Windows 7 64 bit
Laz: Lazarus 1.4.4 FPC 2.6.4 i386-win32-win32/win64

shonay

  • Full Member
  • ***
  • Posts: 169
Re: Using Resource and API hooking for game hacks
« Reply #18 on: May 22, 2015, 12:04:05 am »
you do no specify which function you want to hook I guess, you only provide the the dll name.

I did. Send() recv() in source code
When the power of love overcomes the love of power, the world would know Peace

- Jimi Hendrix.

balazsszekely

  • Guest
Re: Using Resource and API hooking for game hacks
« Reply #19 on: May 22, 2015, 07:22:02 am »
@shonay
I don't want to be rude or anything, but you should really learn the basics first. The error message is pretty clear:
Code: [Select]
sendRecvDLL.lpr(71,4) Error: Wrong number of parameters specified for call to "HookAPI"HookApi expects 4 parameters, you only passing 3. If you cannot figure out this by yourself, you're not ready for api hooking.

shonay

  • Full Member
  • ***
  • Posts: 169
Re: Using Resource and API hooking for game hacks
« Reply #20 on: May 22, 2015, 10:45:45 pm »
@getmem, thanks a whole lot, had to re study some things I did in the past to refresh my skills, still a bit confused tho, if this works I'm typing from my phone as I got too tired to code on my laptop. Had a really busy day!
This code is for hooking hence I missed the ways to input the parameters, but do I get this correctly here

Code: [Select]

function HookApi(lpModule, lpRoutine: PChar; pNewAddr: Pointer):Pointer;
type
  TDetourRec = packed record
    bJmpOpcode: Byte;
    dwAddress: DWord;
end;
var
  lpDetourCode: TDetourRec;
  lpGatewayCode: TDetourRec;
  pTargetAddr: Pointer;
  pJmpGateway: Pointer;
  dwTargetProtect: DWord;
const
  DETOUR_JMP = $E9;
  DETOUR_SIZE = $05;
begin
  result := nil;

  pTargetAddr := GetProcAddress(GetModuleHandle(lpModule), lpRoutine);
  if pTargetAddr = nil then exit;

  pJmpGateway := VirtualAlloc(0, DETOUR_SIZE, MEM_COMMIT or MEM_RESERVE, PAGE_EXECUTE_READWRITE);
  if pJmpGateway <> nil then
  begin

    lpDetourCode.bJmpOpcode := DETOUR_JMP;
    lpDetourCode.dwAddress := DWord(pNewAddr) - DWord(pJmpGateway) - DETOUR_SIZE;

    CopyMemory(pJmpGateway, @lpDetourCode, DETOUR_SIZE);

    lpGatewayCode.bJmpOpcode := DETOUR_JMP;
    lpGatewayCode.dwAddress := DWord(pJmpGateway) - DWord(pTargetAddr) - DETOUR_SIZE;

    if VirtualProtect(pTargetAddr, DETOUR_SIZE, PAGE_EXECUTE_READWRITE, dwTargetProtect) then
    begin
      CopyMemory(pTargetAddr, @lpGatewayCode, DETOUR_SIZE);
      result := Pointer(DWord(pTargetAddr) + DETOUR_SIZE);
    end;
  end;
end;

And if I want to call in the hook function supposed I hooked message box, I call it this way

Code: [Select]
HookApi('user32.dll',MessageBox, @newMessageBox);

Now the question is did I get this correctly? Don't be offended once again
« Last Edit: May 22, 2015, 10:48:41 pm by shonay »
When the power of love overcomes the love of power, the world would know Peace

- Jimi Hendrix.

 

TinyPortal © 2005-2018