วิธีสร้างโปร warz ไว้ใช้เอง ทำง่ายนิดเดียว เพียงแค่หมั่นศึกษา การเขียนโปรแกรมด้วย ภาษา C C++ C#
สิ่งที่ต้องมีในการสร้างโปร warz
- microsoft visual studio express (2008 +)
มาเริ่มกันเลย
method 1: Source: main.cpp
// read more... // http://www.unknowncheats.me/forum/war-z/80387-useful-coding-and-info-thread.html #include <Windows.h> #include <stdio.h> #include <conio.h> #include <d3d9.h> #include <d3dx9.h> #include <iostream> #include <vector> #pragma comment(lib, "d3d9.lib") #pragma comment(lib, "d3dx9.lib") using namespace std; typedef HRESULT(__stdcall* EndScene_t)(LPDIRECT3DDEVICE9); EndScene_t pEndScene; DWORD dwEndScene = NULL; typedef HRESULT(__stdcall* DrawIndexedPrimitive_t)(LPDIRECT3DDEVICE9,D3DPRIMITIVETYPE,INT,UINT,UINT,UINT,UINT); DrawIndexedPrimitive_t pDrawIndexedPrimitive; DWORD dwDrawIndexedPrimitive = NULL; LPD3DXFONT pFont=NULL; D3DVIEWPORT9 Viewport; UINT Stride; IDirect3DVertexBuffer9 *pStreamData; UINT pOffsetInBytes; bool key1 = false; bool key2 = false; void RenderCross(LPDIRECT3DDEVICE9 pDev, DWORD color, int i) { pDev->GetViewport( &Viewport ); DWORD ScreenCenterX = (Viewport.Width / 2); DWORD ScreenCenterY = (Viewport.Height / 2); D3DRECT rec1 = {ScreenCenterX-i, ScreenCenterY, ScreenCenterX+ i, ScreenCenterY+1}; D3DRECT rec2 = {ScreenCenterX, ScreenCenterY-i, ScreenCenterX+ 1,ScreenCenterY+i}; pDev->Clear( 1, &rec1, D3DCLEAR_TARGET, color, 0, 0 ); pDev->Clear( 1, &rec2, D3DCLEAR_TARGET, color, 0, 0 ); } void RenderString(LPDIRECT3DDEVICE9 pDev, int x, int y, DWORD color, LPD3DXFONT g_pFont, const char *fmt, ...) { if( !pFont ) D3DXCreateFontA( pDev,13,0,FW_BOLD,1,0,DEFAULT_CHARSET,OUT_DEFAULT_PRECIS,DEFAULT_QUALITY,DEFAULT_PITCH | FF_DONTCARE,"Arial", &pFont ); if(!g_pFont) return; RECT FontPos = { x, y, x + 50, y + 50}; char buf[1024] = {''}; va_list va_alist; va_start(va_alist, fmt); vsprintf_s(buf, fmt, va_alist); va_end(va_alist); pDev->SetRenderState( D3DRS_ZENABLE,false ); pDev->SetRenderState( D3DRS_FILLMODE,D3DFILL_SOLID ); g_pFont->DrawTextA(NULL, buf, -1, &FontPos, DT_NOCLIP, color); pDev->SetRenderState( D3DRS_ZENABLE, true ); pDev->SetRenderState( D3DRS_FILLMODE,D3DFILL_SOLID ); } bool bDataCompare(const BYTE* pData, const BYTE* bMask, const char* szMask) { for(;*szMask;++szMask,++pData,++bMask) if(*szMask=='x' && *pData!=*bMask ) return false; return (*szMask) == NULL; } DWORD dwFindPattern(DWORD dwAddress,DWORD dwLen,BYTE *bMask,char * szMask) { for(DWORD i=0; i < dwLen; i++) if( bDataCompare( (BYTE*)( dwAddress+i ),bMask,szMask) ) return (DWORD)(dwAddress+i); return 0; } void *DetourFunc(BYTE *src, const BYTE *dst, const int len) { BYTE *jmp = (BYTE*)malloc(len+5); DWORD dwback; VirtualProtect(src, len, PAGE_READWRITE, &dwback); memcpy(jmp, src, len); jmp += len; jmp[0] = 0xE9; *(DWORD*)(jmp+1) = (DWORD)(src+len - jmp) - 5; src[0] = 0xE9; *(DWORD*)(src+1) = (DWORD)(dst - src) - 5; VirtualProtect(src, len, dwback, &dwback); return (jmp-len); } void SetModelColor(LPDIRECT3DDEVICE9 pDev, float r, float g, float b, float a, float glowr, float glowg, float glowb, float glowa) { float lightValues[4] = {r, g, b, a}; float glowValues[4] = {glowr, glowg, glowb, glowa}; pDev->SetPixelShaderConstantF(1, lightValues, 1); pDev->SetPixelShaderConstantF(3, glowValues, 1); } static int PlayersNV[] = { 4510, 1898, 4185, 8862, 3339, 1336, 3323, 3955, 5643, 7796, 6088, 7771, 4868, 9023, 5224, 7769, 7805, 4236, 4700, 4433, 8674, 5182, 8830, 8952, 4528, 8690, 3692, 4759, 6115, 3898, 6304, 7007, 3823, 6575, 6152, 4114, 6111, 7371, 5452, 4537, 4175, 4053, 4186, 4753, 7586, 7343, 7712, 2962, 7020, 7024, 8826, 8959, 6961, 5748, 6981, 7094, 2961, 2952, 2951 }; static bool bCheckNum(int rec[],int vert) { int i = 0; while(rec[i] != 0) { if(rec[i]==vert){return(true);} i++; } return(false); } // begin hook here HRESULT __stdcall hkEndScene(LPDIRECT3DDEVICE9 pDev) { RenderString(pDev, 5, 5, D3DCOLOR_ARGB (255,255,255,0 ), pFont, "[BugZ v1.0] Press Delete to turn Chams, or Home to set Transparency On/Off "); if (key1)RenderCross(pDev, D3DCOLOR_ARGB (255,255,255,0 ), 15); if((GetAsyncKeyState(VK_DELETE) & 0x1))key1 = !key1; if((GetAsyncKeyState(VK_HOME) & 0x1))key2 = !key2; return pEndScene(pDev); } HRESULT __stdcall hkDrawIndexedPrimitive(LPDIRECT3DDEVICE9 pDev, D3DPRIMITIVETYPE Type, INT BaseVertexIndex, UINT MinVertexIndex, UINT NumVertices, UINT startIndex, UINT primCount) { if(pDev->GetStreamSource(0, &pStreamData, &pOffsetInBytes, &Stride) == D3D_OK ) pStreamData->Release(); if (key1) { // Disable fog pDev->SetRenderState(D3DRS_FOGENABLE, FALSE); // Fullbright pDev->SetRenderState(D3DRS_LIGHTING, FALSE); pDev->SetRenderState(D3DRS_AMBIENT,D3DCOLOR_ARGB(255,255,255,255)); if (Stride == 32 && bCheckNum(PlayersNV,NumVertices)) // Players color { DWORD dwOldZEnable = D3DZB_TRUE; SetModelColor(pDev, 1.0f, 0.0f, 1.0f, 0.50f, 1.5f, 1.5f, 1.5f, 1.5f); pDev->GetRenderState(D3DRS_ZENABLE, &dwOldZEnable); pDev->SetRenderState(D3DRS_ZENABLE, D3DZB_FALSE); pDrawIndexedPrimitive(pDev, Type, BaseVertexIndex, MinVertexIndex, NumVertices, startIndex, primCount); pDev->SetRenderState(D3DRS_ZENABLE, dwOldZEnable); SetModelColor(pDev, 1.0f, 0.0f, 1.0f, 0.50f, 1.5f, 1.5f, 1.5f, 1.5f); } else if (Stride == 32 ) // Zombies color { DWORD dwOldZEnable = D3DZB_TRUE; SetModelColor(pDev, 1.0f, 0.0f, 0.0f, 0.50f, 1.5f, 1.5f, 1.5f, 1.5f); pDev->GetRenderState(D3DRS_ZENABLE, &dwOldZEnable); pDev->SetRenderState(D3DRS_ZENABLE, D3DZB_FALSE); pDrawIndexedPrimitive(pDev, Type, BaseVertexIndex, MinVertexIndex, NumVertices, startIndex, primCount); pDev->SetRenderState(D3DRS_ZENABLE, dwOldZEnable); SetModelColor(pDev, 1.0f, 0.0f, 0.0f, 0.50f, 1.5f, 1.5f, 1.5f, 1.5f); } if (Stride == 20 && key2) { pDev->SetRenderState(D3DRS_ALPHABLENDENABLE,D3DZB_TRUE); pDev->SetRenderState(D3DRS_DESTBLEND,D3DBLEND_INVSRCALPHA); } } return pDrawIndexedPrimitive(pDev, Type, BaseVertexIndex, MinVertexIndex, NumVertices, startIndex, primCount); } // End hook here // dll & d3d9 Init void Init3d() { HMODULE hModule = NULL; while(!hModule) { hModule = GetModuleHandleA("d3d9.dll"); Sleep(200); } DWORD* VTableStart = 0; DWORD FoundByGordon = dwFindPattern((DWORD)hModule, 0x128000,(PBYTE)"xC7x06x00x00x00x00x89x86x00x00x00x00x89x86", "xx????xx????xx"); memcpy(&VTableStart, (void*)(FoundByGordon+2), 4); dwDrawIndexedPrimitive = (DWORD)VTableStart[82]; dwEndScene = (DWORD)VTableStart[42]; pEndScene = ( EndScene_t )DetourFunc((PBYTE) dwEndScene,(PBYTE)hkEndScene, 5); pDrawIndexedPrimitive = ( DrawIndexedPrimitive_t )DetourFunc((PBYTE) dwDrawIndexedPrimitive, (PBYTE)hkDrawIndexedPrimitive, 5); } int APIENTRY DllMain(HINSTANCE hInstance, DWORD dwReason, LPVOID lpReserved) { if (dwReason == DLL_PROCESS_ATTACH) { CreateThread(NULL, NULL, (LPTHREAD_START_ROUTINE)Init3d, NULL, NULL, NULL); } else if (dwReason == DLL_PROCESS_DETACH) { // test.dll Terminating! } return 1; // ok }
method 2: Source: main.cpp
#include <Windows.h> #include <stdio.h> #include <conio.h> #include <d3d9.h> #include <d3dx9.h> #pragma comment(lib, "d3d9.lib") #pragma comment(lib, "d3dx9.lib") #define PI 3.141 #define Yellow D3DCOLOR_ARGB( 255, 255, 255, 000 ) typedef HRESULT ( WINAPI * DrawIPrim )( LPDIRECT3DDEVICE9, D3DPRIMITIVETYPE, INT, UINT, UINT, UINT, UINT ); VOID Jump( DWORD Address, DWORD Your_Detour ); DWORD Old = NULL; LPDIRECT3DDEVICE9 pDev; LPDIRECT3D9 pD3D; D3DVIEWPORT9 Viewport; DrawIPrim pDrawIPrim = NULL; DWORD dwEndscene_hook = NULL; DWORD dwEndscene_ret = NULL; DWORD dwDIP_hook = NULL; DWORD dwDIP_ret = NULL; DWORD dwReset_hook = NULL; DWORD dwReset_ret = NULL; DWORD bJump = NULL; LPD3DXFONT pFont=NULL; LPD3DXLINE pLine=NULL; HMODULE D3D9 = NULL; VOID RenderString(LPDIRECT3DDEVICE9 pDev, int x, int y, DWORD color, LPD3DXFONT g_pFont, const char *fmt, ...) { if( !pFont ) D3DXCreateFontA( pDev,13,0,FW_BOLD,1,0,DEFAULT_CHARSET,OUT_DEFAULT_PRECIS,DEFAULT_QUALITY,DEFAULT_PITCH | FF_DONTCARE,"Arial", &pFont ); if(!g_pFont) return; RECT FontPos = { x, y, x + 50, y + 50}; char buf[1024] = {''}; va_list va_alist; va_start(va_alist, fmt); vsprintf_s(buf, fmt, va_alist); va_end(va_alist); pDev->SetRenderState( D3DRS_ZENABLE,false ); pDev->SetRenderState( D3DRS_FILLMODE,D3DFILL_SOLID ); g_pFont->DrawTextA(NULL, buf, -1, &FontPos, DT_NOCLIP, color); pDev->SetRenderState( D3DRS_ZENABLE, true ); pDev->SetRenderState( D3DRS_FILLMODE,D3DFILL_SOLID ); } VOID FillRGB(LPDIRECT3DDEVICE9 pDev,int x, int y, int w, int h, DWORD color ) { D3DRECT rec = { x, y, x + w, y + h }; pDev->Clear( 1, &rec, D3DCLEAR_TARGET, color, 0, 0 ); } VOID RenderBox(LPDIRECT3DDEVICE9 pDev, int x, int y, int w, int h, int px, DWORD color, DWORD color2) { //box FillRGB(pDev, x, y, w, h, color); //border FillRGB(pDev, x, (y + h - px), w, px,color2); FillRGB(pDev, x, y, px, h,color2 ); FillRGB(pDev, x, y, w, px,color2); FillRGB(pDev, (x + w - px), y, px, h,color2); } VOID RenderCircle(LPDIRECT3DDEVICE9 pDev,int X, int Y, int radius, int numSides, DWORD Color) { if (!pLine) D3DXCreateLine(pDev, &pLine); D3DXVECTOR2 Line[128]; float Step = (float)(PI * 2.0 / numSides); int Count = 0; for (float a=0; a < PI*2.0; a += Step) { float X1 = radius * cos(a) + X; float Y1 = radius * sin(a) + Y; float X2 = radius * cos(a+Step) + X; float Y2 = radius * sin(a+Step) + Y; Line[Count].x = X1; Line[Count].y = Y1; Line[Count+1].x = X2; Line[Count+1].y = Y2; Count += 2; } pLine->Begin(); pLine->Draw(Line,Count,Color); pLine->End(); pLine->Release(); } VOID RenderCross(LPDIRECT3DDEVICE9 pDev, DWORD color, int i) { pDev->GetViewport( &Viewport ); DWORD ScreenCenterX = (Viewport.Width / 2); DWORD ScreenCenterY = (Viewport.Height / 2); D3DRECT rec1 = {ScreenCenterX-i, ScreenCenterY, ScreenCenterX+ i, ScreenCenterY+1}; D3DRECT rec2 = {ScreenCenterX, ScreenCenterY-i, ScreenCenterX+ 1,ScreenCenterY+i}; pDev->Clear( 1, &rec1, D3DCLEAR_TARGET, color, 0, 0 ); pDev->Clear( 1, &rec2, D3DCLEAR_TARGET, color, 0, 0 ); //RenderCircle(pDev, ScreenCenterX, ScreenCenterY, i+3,i+3, color); } bool IsMenuOn =false; VOID WINAPI hkEndScene(LPDIRECT3DDEVICE9 pDev ) { __asm nop if((GetAsyncKeyState(VK_DELETE) & 0x1)) IsMenuOn = !IsMenuOn; RenderString(pDev, 5, 5, Yellow, pFont, "[BugZ v1.0] Press Delete to turn Chams On/Off "); if (IsMenuOn){ RenderCross(pDev, Yellow, 15); } } __declspec(naked) void MyEndscene( ) { __asm { MOV DWORD PTR SS:[EBP-0x10],ESP MOV ESI,DWORD PTR SS:[EBP+0x8] XOR EBX,EBX //replace patched code PUSHFD PUSHAD PUSH [EBP+0x8] CALL hkEndScene; POPAD POPFD CMP ESI,EBX //replace patched code jmp dwEndscene_ret; //jump back to normal endscene } } VOID SetModelColor(LPDIRECT3DDEVICE9 pDev, float r, float g, float b, float a, float glowr, float glowg, float glowb, float glowa) { float lightValues[4] = {r, g, b, a}; float glowValues[4] = {glowr, glowg, glowb, glowa}; pDev->SetPixelShaderConstantF(1, lightValues, 1); pDev->SetPixelShaderConstantF(3, glowValues, 1); } VOID WINAPI hkDrawIndexedPrimitive(LPDIRECT3DDEVICE9 pDev, D3DPRIMITIVETYPE Type, INT BIndex, UINT MIndex, UINT NVertices, UINT SIndex, UINT PCount ) { bJump = TRUE; LPDIRECT3DVERTEXBUFFER9 Stream_Data; UINT Offset = 0; UINT Stride = 0; if( pDev->GetStreamSource( 0, &Stream_Data, &Offset, &Stride ) == S_OK )Stream_Data->Release(); if (IsMenuOn) { // Disable fog pDev->SetRenderState(D3DRS_FOGENABLE, false); // Fullbright pDev->SetRenderState(D3DRS_LIGHTING, FALSE); pDev->SetRenderState(D3DRS_AMBIENT,D3DCOLOR_ARGB(255,255,255,255)); switch (Stride) { case 20: // Buildings //pDev->SetRenderState(D3DRS_ALPHABLENDENABLE,TRUE); pDev->SetRenderState(D3DRS_DESTBLEND,D3DBLEND_INVSRCALPHA); // Transparency break; case 32: // Players and Zombies //PlayerChams pDev->SetRenderState(D3DRS_LIGHTING, FALSE); // Wallhack pDev->SetRenderState(D3DRS_ZENABLE, FALSE); SetModelColor(pDev, 1.0f, 0.0f, 0.0f, 0.50f, 1.5f, 1.5f, 1.5f, 1.5f); pDrawIPrim( pDev, Type, BIndex, MIndex, NVertices, SIndex, PCount ); pDev->SetRenderState(D3DRS_ZENABLE, TRUE); break; default: break; } } bJump = FALSE; } __declspec(naked) void MyDIP( ) { __asm { MOV EDI,DWORD PTR SS:[EBP+0x8] XOR EBX,EBX CMP EDI,EBX // replace patched code PUSHFD PUSHAD MOV EDX,[bJump] CMP EDX,0x0 JG DONE PUSH [EBP+0x20] // Push arguments of DIP PUSH [EBP+0x1C] PUSH [EBP+0x18] PUSH [EBP+0x14] PUSH [EBP+0x10] PUSH [EBP+0x0C] PUSH [EBP+0x08] CALL hkDrawIndexedPrimitive DONE: POPAD POPFD jmp dwDIP_ret; // jump back to normal DIP } } VOID WINAPI hkReset( ) { if( pFont != NULL ) if( pFont->Release( ) == S_OK ) pFont = NULL; } __declspec(naked) void MyReset( ) { __asm { PUSHAD PUSHFD CALL hkReset POPFD POPAD MOV ESI,DWORD PTR SS:[EBP-0x08] MOV EDI,DWORD PTR SS:[EBP-0x04] POP EBX JMP dwReset_ret } } VOID WINAPI GETD3D( VOID ) { HWND ConsoleWindow = GetConsoleWindow( ); ShowWindow( ConsoleWindow, SW_HIDE ); // hide ConsoleWindow... while( D3D9 == NULL ) { D3D9 = GetModuleHandleA( "d3d9.dll" ); Sleep( 100 ); } D3DPRESENT_PARAMETERS D3D_PP = {0}; IDirect3D9 * (WINAPI *oDirect3DCreate9)(UINT SDKVersion); *(PDWORD)&oDirect3DCreate9 = (DWORD)GetProcAddress( D3D9, "Direct3DCreate9" ); _cprintf( "Direct3DCreate9n" ); pD3D = oDirect3DCreate9( D3D_SDK_VERSION ); D3D_PP.Windowed = TRUE; D3D_PP.SwapEffect = D3DSWAPEFFECT_DISCARD; D3D_PP.BackBufferFormat = D3DFMT_UNKNOWN; _cprintf( "CreateDevicen" ); pD3D->CreateDevice( D3DADAPTER_DEFAULT, D3DDEVTYPE_HAL,ConsoleWindow, D3DCREATE_SOFTWARE_VERTEXPROCESSING, &D3D_PP, &pDev ); PDWORD VTABLE = *(DWORD**)pDev; dwEndscene_hook = VTABLE[42] + 0x2A; dwEndscene_ret = dwEndscene_hook + 0x0A; dwDIP_hook = VTABLE[82] + 0x2D; dwDIP_ret = dwDIP_hook + 0x7; dwReset_hook = VTABLE[16] + 165; dwReset_ret = dwReset_hook + 0x7; *(PDWORD)&pDrawIPrim = (DWORD)VTABLE[82]; _cprintf( "Jumpn" ); Jump( (DWORD)dwEndscene_hook, (DWORD)MyEndscene ); Jump( (DWORD)dwDIP_hook, (DWORD)MyDIP ); Jump( (DWORD)dwReset_hook, (DWORD)MyReset ); _cprintf( "Donen" ); Sleep( 400 ); pDev->Release( ); pD3D->Release( ); FreeConsole( ); } VOID Jump( DWORD Address, DWORD Your_Detour ) { VirtualProtect( (LPVOID)Address, 5, PAGE_EXECUTE_READWRITE, &Old ); *(PBYTE)Address = (BYTE)0xE9; *(PDWORD)(Address + 1) = ( Your_Detour - Address - 5) ; VirtualProtect( (LPVOID)Address, 5, Old, &Old ); } BOOL WINAPI DllMain( HINSTANCE hModule, DWORD dwReason, LPVOID lpvReserved ) { if( dwReason == DLL_PROCESS_ATTACH ) { DisableThreadLibraryCalls( hModule ); AllocConsole( ); _cprintf( "Readyn" ); CreateThread( NULL, NULL, (LPTHREAD_START_ROUTINE) GETD3D, NULL, NULL, NULL); } return TRUE; }