Original post by zoomgod Updated 4-29-2010
I don't like static offsets and with patches coming for BF2 and BF2142 I have been looking at my code to see how I can head off any work they may create. With my ClassManager offset being hardcoded I decided to make this little function to get a pointer to the ClassManager from RendDX9.dll.
Tested on BF2 1.41 and BF2142 v1.50
Put this in header file
Code:
// Tested on BF2(1.41) and BF2142(1.50)
CClassManager* getBFClassManager(void);
Code:
// Tested on BF2(1.41) and BF2142(1.50)
char szClassManagerPatt[] = "\x89\x35\x99\x99\x99\x99\xFF\x15\x99\x99\x99\x99\x8B\x0D\x99\x99\x99\x99\x8B\x01";
char szClassManagerMask[] = "xx????xx????xx????xx";
CClassManager* getBFClassManager(void)
{
HMODULE hModule = NULL;
while (hModule==NULL)
{
hModule = GetModuleHandle("RendDx9.dll");
if (hModule == NULL) Sleep(200);
}
DWORD dwInitDLL = (DWORD)GetProcAddress(hModule, "initDll");
CloseHandle(hModule);
DWORD* ptr = 0;
if (dwInitDLL)
{
DWORD dwPointerOffset = FindPattern(dwInitDLL, dwInitDLL + 512, (BYTE*)szClassManagerPatt, szClassManagerMask);
if (dwPointerOffset)
{
ptr = (DWORD*)(dwPointerOffset + 2);
break;
}
}
// No more detection
size_t Length = strlen(szClassManagerMask);
ZeroMemory( (void*)szClassManagerPatt, Length );
ZeroMemory( (void*)szClassManagerMask, Length );
if (ptr)
return *((CClassManager**)((DWORD)*ptr));
return 0;
}
You will need Strife's FindPattern function, scroll to end and get the updated version.
UnKnoWnCheaTs - Multiplayer Game Hacking and Cheats
Credits:
Me for being lazy
Strife for his FindPattern function
Patrick@GD for initDll idea
Portable way to get ClassManager 
Linear Mode
