[Source] Process Speed Hack ASM DLL

[Zeroi9]

Hey guys, Figured id share this Speed hack ASM dll i made while I was bored :P
Its just the basics of speed hacking, It must be injected into the process to work, only way to modify the speed value is through an address, Ive done this with my private dll, But havent reversed this one injected yet. But dont worry its not hard to find if you have reversing experience. Enjoy.

Code:

format PE GUI 4.0 DLL
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
;;;  Process Speeding DLL (The Basics);;
;;;       by: ZeR0                             ;;
;;;  Once injected Speed will start      ;;
;;;;;;; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
include 'win32ax.inc'

; .Data section for variables
.data

kernel   db "kernel32.dll",0
ToBeHooked db "QueryPerformanceCounter",0
rval dd ?

SpeedValue dd 5.0 ;value to multiply by :) 1 = normal

;.code section , where the magic happens :)
.code

proc DllMain hInstance, reason, lpReserved

   mov eax,[reason]
   cmp eax, DLL_PROCESS_ATTACH
   JNE .next

   call StartHook          ; call InsertHook Function defined below

   jmp .quit

.next:
   cmp eax, DLL_PROCESS_DETACH
   JNE .quit
   call unhook


.quit:
    mov  eax,TRUE
    ret
endp


proc StartHook

   push kernel
   call [GetModuleHandle]

   push ToBeHooked
   push eax
   call [GetProcAddress]

    push  .Hookwow
    push  eax
    push  5d
    call  [SetDetour]       ;SetDetour (Detours.dll must be in wow folder)
    mov   [rval], eax
    ret

endp


proc .Hookwow val

locals
   .temp1 dq ?
endl

        lea eax,[.temp1]
        push eax
        call [rval]            ; Un-Hook .Hookwow
        fild QWORD [.temp1]    ; load value
        fmul [SpeedValue]      ; multiply
        mov ecx, [val]
        fistp QWORD [ecx]      ; Store

ret
endp


proc unhook

    push kernel
    call [GetModuleHandle]

    push ToBeHooked
    push eax
    call [GetProcAddress]

    push  [rval]
    push  eax
    push  5d
    call  [RemoveDetour]
    ret


endp


.end DllMain

section '.reloc' fixups data discardable

Very simple to use, ethier write a small app. to inject this dll into wow, and speed starts right away, to edit the value you must find the address that holds SpeedValue and edit it. Also you MUST have Detour.dll in wow folder (next to wow.exe) Download link for detours.dll below but it can be found on alot of dev sites.

Have fun injecting!

Detours.dll DL link:
RapidShare: Easy Filehosting

*If link goes down post if you need detour.dll or just google it, its easy to find.

edit*/ for the noobs to compile this you need FASMW- Flat assembler

[shingetterrobo]

this is not so good an idea, it allows you to speedup but not down.

Code:

proc .Hookwow val

locals
   .temp1 dq ?
endl

        lea eax,[.temp1]
        push eax
        call [rval]            ; Un-Hook .Hookwow
        fild QWORD [.temp1]    ; load value
        fmul [SpeedValue]      ; multiply
        mov ecx, [val]
        fistp QWORD [ecx]      ; Store

ret
endp

try something like this

Code:

proc .Hookwow val

        fild QWORD [lastspeed]         ; load last speed 

        push lastspeed
        call [rval]                           ; call original QPC

        fisubr QWORD [lastspeed]     ; get the difference 
        fmul [SpeedValue]               ; multiply it by speed multiplier
        fiadd QWORD [cspeed]         ; add it to current speed
        fist QWORD [cspeed]           ; save current speed
        mov ecx, [val]
        fistp QWORD [ecx]              ; Store it

ret
endp

you might wish to also consider any of a number of ways to communicate between processes to set the speed multiplier

an improvement on the current speedhack might be to also check the stack for the return address and only apply the multiplier if its from the movement handler.

[Zeroi9]

Like i said it svery basic, Im using a real speed hack , to hook an address in Movement.cpp so i dont have to process speed at all, and I always communicate with the inejcted dll through memory by editing the address holding my value. This is just for newer peoples, or someone learning ASM. You do need some experience...

anyone is free to edit this.