I was recently somewhat surprised to find that there is really no C++ way to resolve a virtual function to its address at run-time. Admittedly, there is no good reason why anybody would morally need to do this, but when you’ve already lowered yourself to patching another process’s own code without consent, it seems like [...]
Update: A new version of this exists, but since new DLLs were pushed out a while back, neither sample works any longer. The function offsets are wrong, and the hook injection method is a little too flaky to be relied upon. Feel free to use the code as a basis, but I’d recommend the use [...]
When I mention my reverse-engineering feats or failures to technically-minded friends, I tend to get one of a few responses. Not uncommon is ‘I wouldn’t know where to start.’ Well, I know it’s just a figure of speech, but I always start in the same place: PEiD. Many programs are built with third-party post-applied protection [...]
One of the topics that I often find myself bluffing through on GameDev is Direct3D hooking. In particular, how to display an overlay of your own on the window of another Direct3D program, often a commercial game. It’s pretty clear that the simplest method would involve somehow hooking the call to IDirect3DDevice8/9/10::Present, but the details [...]
After last time’s failure, things started to become personal. I started exploring all kinds of new avenues and employing many techniques that aren’t so commonly used. In parallel, I drew up a map of the inner-workings of iTunes 7.0.2.16 and began coding up a framework from which to launch a full-scale attack once I knew [...]
First of all, I refer you to D3DMatrixDecompose. If you want to break a standard 3D transformation matrix into its rotational, translational and scaling parts, without caring how it’s done, then look no further. If your needs are a little more specific and you’re sure you aren’t reinventing this wheel, then read on. There is [...]
This isn’t exactly news, but I thought I’d briefly run through the now standard method of injecting a DLL of your choice into an arbitrary process under 32-bit Windows. It will serve as a foundation for the upcoming post on function hooking via DLL injection. So you have analysed a target program, know how it [...]
I’m a huge fan of post-processing in games. It seems that no matter what I’m writing, I can’t resist the temptation to install an over-the-top bloom effect and some tone-mapping. And that’s me being conservative. The great thing about tone-mapping is that you can throw it on the end of just about any rendering pipeline [...]
So I had the motivation; it was time for action. The first step in undertaking such a large project is to research: Research like a maniac until Google dries up. It took me three days (on top of work) until I was happy that there was no more pre-invented wheel to take advantage of. The [...]
On the whole, D3DX does a great job of making our lives easier, us Direct3D 9 programmers. But one topic that has generated a lot of confusion yet very little documentation is the correct usage of the BLENDINDICES shader semantic. If you’re having trouble getting your CPU and GPU to communicate blend-indices correctly, the first [...]