How to find the Correct Offset for Present()

[WafflesJohnny]

Hello there,

Thank you for putting this code together. I was having trouble understanding with one thing though; how do I get the correct memory offset for a particular game? I'm assuming I have to get the offset as memory address for the Present() method. I looked inside the Windows/System32 directory and was able to retrieve an absolute memory address from d3d11.dll for Present().

I'm not sure I was looking in the correct place though as I haven't had any success in hooking a game yet. Any guidance is appreciated.

[matty45]

Get x64dbg and run the game using it, (as long as it does not have any anti-debugging features)

Go into the symbols tab and look for dxgi.dll, then search for ?Present@CDXGISwapChain@@UEAAJII@Z in the right panel. There will be other symbols which look the same so if you cant find it, i recommend trying them instead.

Take away its address from the modules base address to get your offset.

eg: 0x7FFC60254670 - 0x7FFC60250000 = 0x4670

Oh, you might have to download the debug symbols so you can see them when you search for them.