Вопрос Хук функции vtable

[sisicat]

насколько я понял,

Пожалуйста, авторизуйтесь для просмотра ссылки.

dwCSGOInput это оффсет на объект CCSGOInput
там же есть vtable с нужной мне функцией

.rdata:00000000013DDCE8 ; class CCSGOInput: CClientInput, IKeybindChangeListener, IInputHandler;  [MI] (#classinformer)
.rdata:00000000013DDCE8                 dq offset ??_R4CCSGOInput@@6B@ ; const CCSGOInput::`RTTI Complete Object Locator'
.rdata:00000000013DDCF0 ; const CCSGOInput::`vftable'
.rdata:00000000013DDCF0 ??_7CCSGOInput@@6B@ dq offset sub_8AC730
.rdata:00000000013DDCF0                                         ; DATA XREF: sub_C0B20+1C↑o
.rdata:00000000013DDCF0                                         ; sub_8A91A0+A↑o
.rdata:00000000013DDCF8                 dq offset sub_8C6150
.rdata:00000000013DDD00                 dq offset sub_8D6CB0
.rdata:00000000013DDD08                 dq offset sub_8C8670
.rdata:00000000013DDD10                 dq offset sub_8D1E60
.rdata:00000000013DDD18                 dq offset sub_79B0C0
.rdata:00000000013DDD20                 dq offset sub_7ACBA0
.rdata:00000000013DDD28                 dq offset sub_8BA2E0
.rdata:00000000013DDD30                 dq offset sub_7A7340
.rdata:00000000013DDD38                 dq offset longjmp_1
.rdata:00000000013DDD40                 dq offset sub_8B7EB0
.rdata:00000000013DDD48                 dq offset sub_8C63D0
.rdata:00000000013DDD50                 dq offset sub_8D1840
.rdata:00000000013DDD58                 dq offset sub_8D1490
.rdata:00000000013DDD60                 dq offset sub_8D19C0
.rdata:00000000013DDD68                 dq offset sub_8D1760
.rdata:00000000013DDD70                 dq offset sub_7A4050
.rdata:00000000013DDD78                 dq offset sub_798F20
.rdata:00000000013DDD80                 dq offset sub_8B3AB0
.rdata:00000000013DDD88                 dq offset sub_8C8130
.rdata:00000000013DDD90                 dq offset sub_7AAB20
.rdata:00000000013DDD98                 dq offset sub_8CEEF0  <-- CreateMove: double __fastcall sub_8CEEF0(__int64 a1, unsigned int a2, __int64 a3)
.rdata:00000000013DDDA0                 dq offset sub_8CB790
.rdata:00000000013DDDA8                 dq offset sub_8CB810
.rdata:00000000013DDDB0                 dq offset sub_7AB090
.rdata:00000000013DDDB8                 dq offset sub_7A08D0
.rdata:00000000013DDDC0                 dq offset nullsub_2069
.rdata:00000000013DDDC8                 dq offset nullsub_2070
.rdata:00000000013DDDD0                 dq offset sub_7A7900

код

typedef double(__fastcall* oCreateMoveFn)(__int64, unsigned int, __int64);
inline oCreateMoveFn oCreateMove = nullptr;

double __fastcall CreateMoveHook(__int64 a1, unsigned int a2, __int64 a3)
{
    std::cout << "Hooked createmove\n";
    return oCreateMove(a1, a2, a3);
}

uintptr_t* obj = (uintptr_t*)(baseAddress + 0x1A69E40);
uintptr_t* vtable = (uintptr_t*)(*obj);
oCreateMove = (oCreateMoveFn)vtable[20];
vtable[20] = (uintptr_t)&CreateMoveHook;

итого у меня просто крашит, хотя через минхук все нормально

 

[sisicat]

пофиксил, офсет устаревший был