search

justinstenning / Direct3DHook

DirectX Capture and Overlays by using Direct3D API hooks
http://spazzarama.com/2011/03/14/c-screen-capture-and-overlays-for-direct3d-9-10-and-11-using-api-hooks
MIT License
580 stars 178 forks source link

Crashes on injection for certain games #60

Open legacygoof opened 6 years ago

legacygoof commented 6 years ago

For sure doesnt work for overwatch, throws failed injection even if i dont use auto detect, anything i should do? heres the inner exception "ApplicationException: STATUS_INTERNAL_ERROR: Unknown error in injected assembler code. (Code: 175439872)"

justinstenning commented 6 years ago

Remote injection is failing, this could be a memory protection issue or similar employed by the game.

Requires further investigation with Overwatch.

hanrelan commented 6 years ago

Seeing a similar problem with PUBG. The inner exception is:

OutOfMemoryException: STATUS_NO_MEMORY: Unable to allocate memory in target process. (Code: 5)
jazzup commented 6 years ago

Here's what I tried with a couple of games that gave me similar exceptions. Before you continue reading, you should know that I wasn't successful in hooking them, but you may try because it could work with PUBG or Overwatch (I have neither to test)

  1. First upgrade to the latest EasyHook v2.7.6270.0

  2. Instead of using the usual Inject Method, use CreateAndInject..."Creates a new process which is started suspended until you call WakeUpProcess from within your injected library Run() method. This allows you to hook the target BEFORE any of its usual code is executed. In situations where a target has debugging and hook preventions, you will get a chance to block those mechanisms for example..." and "Please note that this method might fail when injecting into managed processes..." Document Document If you have trouble with parameters, consult: Document

  3. In EntryPoint's Run Method, wake up your target...EasyHook.RemoteHooking.WakeUpProcess();

  4. You will have to modify TestScreenshot's btnInject_Click code and AttachProcess() because of step 2, i.e. you won't be starting the game from its shortcut or executable directly.

In my attempts, I tested the above changes against games where the usual Inject Method worked just to make sure all is well. CreateAndInject worked too. It also worked on apps like mspaint.exe (all unmanaged targets)

When it fails on both games, the exception has now changed to : STATUS_INTERNAL_ERROR: C++ completion routine has returned success but didn't raise the remote event. (Code: 1) Hooking doesn't seem to get past CreateAndInject and never reaches EntryPoint...If you fire process explorer, you will see that the target has started but your libraries haven't loaded. Target has to be killed for CreateAndInject to continue, but by then there is no target.

This is somehow similar to (although it deals with managed): https://github.com/EasyHook/EasyHook/issues/21 Expected Behavior: guest is loaded, and execute before target. Actual Behavior:guest is not loaded, and create and inject can not return until the target is finished.