[badboy]

Thanks, it works now. I can finally start with seriously messing up my game

I think the function I choose will do, but does anyone a function which is called every frame?

[LINK/2012]

CGame__Process (0x53BEE0) ?
Not sure if is called each frame but I guess that it is...

[badboy]

What if I want to call more functions:

CODE

DEFINE_HOOKER( hook )
{
    if (start == 0)
        Main();

    ASM
    {
        mov eax, 0x442AD0
        jmp eax  
    }
}


void Main()
{
    DWORD* CPlayer = (DWORD*)0xB7CD98;
    
    RequestModel(400, 0);
    LoadRequestedModels(1);
    start = 1;
}

How do I get the ESP value right, can I just call and pop esp. Or do I also have to mov eax, xx or push eax?

CODE

void RequestModel(DWORD id, DWORD unknown)
{
    __asm
    {
        push    unknown
        push    id
        push    0x4087E0
        pop      id
        pop      unknown
    }
}

And in the load requested models function, " arg_0 = byte ptr 4" VS doesn't want to compile if I try to push a byte.

[LINK/2012]

What if I want to call more functions:

Yes, you can, and is like what you did.

But, you should take care of somethings:
*Your hook (if it's not replacing a call...) must be a naked function (http://msdn.microsoft.com/en-us/library/5ekezyy2%28v=vs.80%29.aspx).
*You should take care of the registers, because any function is free to modify the value of EAX, ECX and EDX without pushing they, so If there's any important information there, you should save it!

How do I get the ESP value right, can I just call and pop esp. Or do I also have to mov eax, xx or push eax?

And in the load requested models function, " arg_0 = byte ptr 4" VS doesn't want to compile if I try to push a byte.

The stack can only hold 32bits values.
So, what if you want a 8bit value?
You should say to the assembler that you want a byte in the value pointed by [].

CODE

mov al, byte ptr [esp+4] // I want a byte at [esp+4]

This post has been edited by LINK2012: Jul 7 2012, 05:17 PM

[badboy]

Ok, thanks for all the help