 |
Cheat Engine
The Official Site of Cheat Engine
|
| View previous topic :: View next topic |
| Author |
Message |
4ng3licDew
Cheater
![]() Reputation: 0
Joined: 14 Feb 2008
Posts: 28
|
 Posted: Tue May 27, 2008 7:01 am Post subject: [C++] PostMessageA hooking using Detours 1.5 |
 |
|
Hi everyone,
Just want to share this info on how I use Detours 1.5 to hook PostMessageA.
The example I am going to show you is a simple auto click program for MapleStory. This program generates T keydown events.
The softwares you need are:
1. Microsoft Visual Studio C++ 6
2. Microsoft Detours Library 1.5
References and credits:
1. [TUT] DirectX9.0 Hooking via Detours + Custom Wrapper
by Wiccaan
http://forum.cheatengine.org/viewtopic.php?t=161045
2. Trampoline Documentation
by Ferocious
http://forum.cheatengine.org/viewtopic.php?t=236830
3. Detours 1.5
from Microsoft
http://research.microsoft.com/Research/downloads/Details/10e5d78c-592c-419d-a53e-bae8dbd81801/Details.aspx
4. Detours 1.5
from Wiccaan's above tut. This rar file only has detours.h and detour.lib files
http://home.comcast.net/~wiccaan/downloads/Detours.rar
Coding:
I will Skip all the win32 coding details and concentrate only on the hooking codes.
1. Open MS Visual Studio C++ and create a new empty win32 project.
2. Create a sub folder "Detours" in your project folder and copy the files detours.h and detour.lib into it.
3. Create your main.cpp file and put in these lines at the top.
| Code: |
#include <windows.h>
#pragma comment(lib, "Detours/detours.lib")
#include "Detours/detours.h"
|
4. Declare the function pointers for the target function (In this example it is PostMessageA), and the trampoline function.
| Code: |
// Function pointer type for PostMessageA in user32 DLL
typedef BOOL (__stdcall *PMAPtr) (HWND hWnd, UINT Msg, WPARAM wParam, LPARAM lParam);
PMAPtr pTargetPMA = NULL; // Target function pointer
PMAPtr pTrampolinePMA = NULL; // Trampoline function pointer
|
5. Create the detour function.
| Code: |
// This Detour function does nothing new. It just calls the trampoline function
BOOL WINAPI DetourPMA(HWND hWnd, UINT Msg, WPARAM wParam, LPARAM lParam) {
return pTrampolinePMA(hWnd, Msg, wParam, lParam);
}
|
6. You create the hook at start up.
| Code: |
HINSTANCE huInst; // Instance of user32 DLL
.
.
.
case WM_CREATE:
.
.
.
// Load user32 DLL
huInst = LoadLibrary("user32.dll");
// Get function pointer address of PostMessageA
pTargetPMA = (PMAPtr) GetProcAddress(huInst, "PostMessageA");
// Hook PostMessageA with the detour function DetourPMA
pTrampolinePMA = (PMAPtr) DetourFunction((PBYTE) pTargetPMA, (PBYTE) DetourPMA);
break;
|
After the hook is created, every time PostMessageA is called, it will call your function DetourPMA instead.
In this example, I only use the trampoline function pointer to jump back to the target function.
7. To send a key down event to Maplestory.
| Code: |
HWND cHandle; // Windows handle to MapleStory
UINT scancode;
LPARAM lparam;
.
.
.
// Get window handle on MapleStory
cHandle = FindWindow("MapleStoryClass", NULL);
// map virtual key code to scan code
scancode = MapVirtualKey(VK_T, 0);
// Format of lparam needs the scancode value
// to be at bit 16 to 23.
// + 1 is the repeat count
lparam = (scancode << 16) + 1;
pTrampolinePMA(cHandle, WM_KEYDOWN, NULL, lparam);
|
Edit: 8. To remove to hook when the program terminates.
| Code: |
// If the user wants to close the application
case WM_DESTROY:
.
.
.
// Remove hook
DetourRemove((PBYTE) pTrampolinePMA, (PBYTE) DetourPMA);
|
That's all there is to it. No more inline asm to worry about 
Attached to this message is the source code. Happy coding.
Last edited by 4ng3licDew on Tue May 27, 2008 8:35 am; edited 1 time in total |
|
| Back to top |
|
 |
oib111
I post too much
 Reputation: 0
Joined: 02 Apr 2007
Posts: 2947
Location: you wanna know why?
|
| Posted: Tue May 27, 2008 8:22 am Post subject: |
|
|
Very nice. Nice example of using Detours.
_________________
| 8D wrote: |
cigs dont make people high, which weed does, which causes them to do bad stuff. like killing |
|
|
| Back to top |
|
|
Overload
Master Cheater
 Reputation: 0
Joined: 08 Feb 2008
Posts: 293
|
| Posted: Tue May 27, 2008 10:01 am Post subject: |
|
|
This is cool...
Never really knew much about anything this advanced (stfu its advanced for me)
I'm going to mess with this code and see what i can learn
|
|
| Back to top |
|
|
oib111
I post too much
Reputation: 0
Joined: 02 Apr 2007
Posts: 2947
Location: you wanna know why?
|
| Posted: Tue May 27, 2008 4:52 pm Post subject: |
|
|
Btw, are the detour apis documented at msdn? Because I couldn't find the one that you were using there.
_________________
| 8D wrote: |
cigs dont make people high, which weed does, which causes them to do bad stuff. like killing |
|
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
