Finding DirectX11 Context

[JohnnyG]

Is there any ****ing way to find the device context of this shit coded game (world of warcraft)
they load ded11.dll 100 times and unload it and dont even use createdevicecontextandswapchain methode....

Anyone got idea?

[aeo]

I use this for my D3D hooking and it works great for wow.

[Source] Universal D3D11 hook

[JohnnyG]

I use this for my D3D hooking and it works great for wow.

[Source] Universal D3D11 hook

my gosh didnt know it was THAT easy.... though i would have to search for the classes and structures which hold the device context derived from this function..
but no all i have to do is to call this function even though the game already "created" this....
thanks anyway

[Cypher]

my gosh didnt know it was THAT easy.... though i would have to search for the classes and structures which hold the device context derived from this function..
but no all i have to do is to call this function even though the game already "created" this....
thanks anyway

Unfortunately it doesn't always work. I think it will work if the 'Windowed' flag matches for both your device and the game's device, otherwise it will sometimes fail. At least that's what was happening for DX9 last time I tried it. I ended up just hooking all the creation APIs instead...

If you want to do it the "hard way" for DX11 you'll need to hook a lot more APIs because there are a lot more ways to create both the device and swap chain...

Here's my shitty example (fair warning: code may make you want to gouge out your eyes with a rusty spoon):
https://code.google.com/p/hadesmem/s...erus/d3d11.cpp

It doesn't handle all the ways to create the device and swap chain, but it handles (afaik) the most common ones...

I believe I end up hooking:
D3D11CreateDeviceAndSwapChain
D3D11CreateDevice
CreateDXGIFactory
IDXGIFactory::CreateSwapChain

There are other things you'll need to hook to cover all your bases, but I think those should cover most games... Need to try it more though, I've only really tested half a dozen.

[tok_junior]

It is actually quite simple to do just about anything by hooking CGxDeviceD3d methods instead of D3D. I played around a bit with it last night, and managed to both run LUA, call other functions, and draw junk.

[Cypher]

It is actually quite simple to do just about anything by hooking CGxDeviceD3d methods instead of D3D. I played around a bit with it last night, and managed to both run LUA, call other functions, and draw junk.

It sounds like you're referring to hooking the game's engine... That's far more dangerous than hooking D3D.

[tok_junior]

It sounds like you're referring to hooking the game's engine... That's far more dangerous than hooking D3D.

I'm sure you're right, but technically it's just as easy for Blizz to scan for a vtable hook in the d3ddevice as it is to scan for a detour in an engine function, right?

[DarkLinux]

Not unless they create a white list of allowed DLLs... Fraps or even Mumble could get you banned if all they did was check to see if the vtable did not pointed to the directx lib... Thats why lots use directx, but again, they could add something like that in...

[tok_junior]

Not unless they create a white list of allowed DLLs... Fraps or even Mumble could get you banned if all they did was check to see if the vtable did not pointed to the directx lib... Thats why lots use directx, but again, they could add something like that in...

Ah, true. Well, I haven't seen any scans of the offsets I'm using, so I'll keep doing it for now, seem fairly low risk as long as my work stays private