能力值:
( LV9,RANK:280 )
|
-
-
2 楼
直接inline hook 即可。调用约定__stdcall,第一个参数是ID3DDevice9 *,后面填虚函数里剩下的参数
|
能力值:
( LV2,RANK:10 )
|
-
-
3 楼
就GetAdapterIdentifier虚函数能给个例子吗? 
|
能力值:
( LV9,RANK:280 )
|
-
-
4 楼
HRESULT(__stdcall *g_pfnGetAdapterIdentifier)(IDirect3D9 *, UINT ,DWORD ,D3DADAPTER_IDENTIFIER9*) = NULL;//全局变量
IDirect3D9 *pDirect3D9 = Direct3DCreate9(SDKVersion);
DWORD *pVTable = *(DWORD **)pDirect3D9;
g_pfnGetAdapterIdentifier = (HRESULT(__stdcall *)(IDirect3D9 *, UINT ,DWORD ,D3DADAPTER_IDENTIFIER9*))pVTable[5];
1.Detours inline hook例子:
//全局有效
DetourTransactionBegin();
DetourAttach(&(void *&)g_pfnGetAdapterIdentifier, NewGetAdapterIdentifier);
DetourTransactionCommit();
2.虚表hook:
//仅对刚才创建的pDirect3D9有效
//必须先取函数地址,否则等下WriteProcessMemory写的是函数头部的数据,而不是函数地址
DWORD pNewGetAdapterIdentifier = (DWORD)&NewGetAdapterIdentifier;
WriteProcessMemory(GetCurrentProcess(), (PVOID)&pVTable[5], &pNewGetAdapterIdentifier, sizeof(DWORD), NULL);
hook完之后去NewGetAdapterIdentifier里面:
HRESULT __stdcall NewGetAdapterIdentifier(IDirect3D9 *d3d9, UINT Adapter,DWORD Flags,D3DADAPTER_IDENTIFIER9* pIdentifier)
{
//在此添加你的代码
//调用原函数
return g_pfnGetAdapterIdentifier(d3d9, Adapter, Flags, pIdentifier);
}
|
|
|
