carniato Posted December 27, 2025 Posted December 27, 2025 (edited) DirectX9 function hooking demonstration for Conquer Online using MinHook + ImGui overlay. Features: DirectX9 hooking (EndScene, Reset) ImGui overlay interface (toggle with INSERT key) Always Jump feature Wireframe/Chams rendering String modification system Chat.dll proxy for version 6609 Memory pattern scanning for VMT detection Usage: Version 6609 (Proxy Method): Rename original Chat.dll to OChat.dll in game folder Copy compiled Chat.dll to the same folder Launch game (no injector needed) Press INSERT to toggle ImGui interface Other Versions (DLL Injection): 1. Remove proxy code from src/hooks/proxy.cpp and src/dllmain.cpp 2. Compile as regular DLL 3. Inject DLL into game process 4. Press INSERT to toggle ImGui interface Building: • Visual Studio (Release & x86) • Output: Release/Chat.dll GitHub: https://github.com/cnthigu/conquer-dx9-hook Credits: Special thanks to @duki for sharing his knowledge and examples that made this project possible. Based on examples and concepts from: showstring-rainbow Dip-hook-chamswireframeshaders chatdll-proxyhook always-jump Libraries: • MinHook (included) • ImGui (included) Note: This is an educational project and example implementation. As a student, I combined these concepts to demonstrate what's possible with DirectX9 hooking in Conquer Online. Use your creativity there's so much more that can be done! If this helps you in any way, please consider giving it a like in git. Feedback and contributions are always welcome! Edited December 27, 2025 by carniato Quote
Spirited Posted December 29, 2025 Posted December 29, 2025 This is fantastic! Great work on this. I'm excited to see how people utilize this. Quote
xFranko Posted December 29, 2025 Posted December 29, 2025 Great work! Thank you! I wonder if we could take this a step further and be able to send custom packets too! Quote
carniato Posted December 30, 2025 Author Posted December 30, 2025 (edited) 20 hours ago, Spirited said: This is fantastic! Great work on this. I'm excited to see how people utilize this. Thank you, I really appreciate it! This started as a learning project, but it opened up a lot of ideas bots, client-side tools, and even questions like: could something like a voice system? It’s not meant to be something final, just an educational foundation. I hope it’s useful and inspires someone to create something new. 20 hours ago, xFranko said: Great work! Thank you! I wonder if we could take this a step further and be able to send custom packets too! Thanks! That’s an interesting idea. With an in-game ImGui interface, it’s easy to imagine building tools or buttons that trigger actions. Definitely an interesting topic for a separate, dedicated project. Thanks again for the support and for pinning the topic, and thanks to everyone who liked it on GitHub it really means a lot to me. Just an enthusiastic junior Edited December 30, 2025 by carniato Quote
carniato Posted January 1 Author Posted January 1 (edited) [Update] Packet Interceptor System - Real-Time Interception & Injection I've added a packet interceptor system to the project that enables real-time packet interception and injection via function hooking. Features: Real-time packet capture (before encryption) Packet injection (client encrypts automatically) In-game ImGui interface for packet visualization Packet history with hex dump Automatic character ID extraction How I found it: Found SendPacket (0x007414F0) in IDA. Starting from Winsock's send() function (known entry point) Tracing XREFs backwards: send() → encryption function → SendPacket Validated in x32dbg using call stack analysis By hooking this function, we can capture packets before they get encrypted. Technical Details: The function signature (from IDA pseudo-code): int __thiscall SendPacket( void* this, // Network object (ECX register) unsigned __int16* data, // Packet data (not encrypted!) size_t length // Packet size ) Key Insight: The client encrypts packets automatically after SendPacket. When we inject, we just call SendPacket with unencrypted data, no encryption code needed! Note: This was tested on client version 6609 only. The address (0x007414F0) is specific to this version. For other versions, you'll need to find SendPacket; Preview Video: [PREVIEW] Conquer Online Packet Interceptor - Intercept & Inject Packets in Real-Time This is still an educational project. Learning as I go, feedback welcome! Will post on GitHub soon. Edited January 2 by carniato Quote
Airplist Posted January 1 Posted January 1 3 hours ago, carniato said: [Update] Packet Proxy System - Real-Time Interception & Injection I've added a packet proxy system to the project that enables real-time packet interception and injection. Real-time packet capture (before encryption) Packet injection (client encrypts automatically) How I found it: Found SendPacket (0x007414F0) in IDA Pro, then validated it in x32dbg by putting a breakpoint on Winsock's send() and tracing the call stack. By hooking this function, we can capture packets before they get encrypted. Preview Video: [PREVIEW] Conquer Online Packet Proxy - Intercept & Inject Packets in Real-Time This is still an educational project. I'm learning as I go, so feedback is always welcome. Will post on GitHub soon, just finishing up. Been up all night working on this good job Quote
xFranko Posted January 2 Posted January 2 22 hours ago, carniato said: [Update] Packet Proxy System - Real-Time Interception & Injection I've added a packet proxy system to the project that enables real-time packet interception and injection. Real-time packet capture (before encryption) Packet injection (client encrypts automatically) How I found it: Found SendPacket (0x007414F0) in IDA Pro, then validated it in x32dbg by putting a breakpoint on Winsock's send() and tracing the call stack. By hooking this function, we can capture packets before they get encrypted. Preview Video: [PREVIEW] Conquer Online Packet Proxy - Intercept & Inject Packets in Real-Time This is still an educational project. I'm learning as I go, so feedback is always welcome. Will post on GitHub soon, just finishing up. Been up all night working on this Hey this is so cool!!!! Quote
darkfox Posted January 2 Posted January 2 I am waiting for your repository updates for test it, its very good feature the 'proxy packets' Quote
carniato Posted January 2 Author Posted January 2 12 hours ago, xFranko said: Hey this is so cool!!!! Thanks! It's really cool to see it working! 46 minutes ago, darkfox said: I am waiting for your repository updates for test it, its very good feature the 'proxy packets' Thanks! I'm organizing everything to post on GitHub soon. Just to clarify: it's actually a "packet interceptor" (not a proxy), it's a function hook that intercepts packets before encryption. Small technical difference! Finishing up the documentation. Should be on GitHub in a few days! Quote
kennylovecode Posted January 6 Posted January 6 In fact, have you found that while you are using imgui, the fps of the original game drawing window is dropping sharply. That's why I gave up using imgui, because I didn't find a solution. Quote
kennylovecode Posted January 6 Posted January 6 On 1/3/2026 at 3:21 AM, darkfox said: I am waiting for your repository updates for test it, its very good feature the 'proxy packets' Doing it yourself is much faster than waiting for others to update, isn't it? developer Quote
Shang Posted January 6 Posted January 6 (edited) 3 hours ago, kennylovecode said: Doing it yourself is much faster than waiting for others to update, isn't it? developer Most likely he is waiting him to post it on Github so that he will start selling a proxy he been doing the same for over 5 years already. Checking for free releases then sells it on his blog for 50$ maybe , open source has its bad sides also. I can see on his own community group someone released a source for free along with an open loader , he deleted his post and probably removed the guy from the group and he sells it on his own blog now and he sells the loader as well. I also can see another guy already selling the a broken ShowString hook edits on his other group. That's why so many people already have such features and even more advanced and not gonna share to community , Everything you post openly it becomes the source of living for other people . This is full disrespect to the person who shared and the amount of time he spent developing it. That's why Conquer Development Communities are DEAD. If you share anything openly its just like bringing more and more of potential scammers into the domain. Their most famous words are " Share for the community to improve " " If you share the servers will be better" " Share for education " and their best friends are " Jet brains " , " Il Spy " , " Ghidra " and next day it ends with your hard work is being sold , it cant be maintained , new scammers spotted ! Edited January 6 by Shang Quote
Berniemack Posted January 6 Posted January 6 (edited) 1 hour ago, Shang said: Most likely he is waiting him to post it on Github so that he will start selling a proxy he been doing the same for over 5 years already. Checking for free releases then sells it on his blog for 50$ maybe , open source has its bad sides also. I can see on his own community group someone released a source for free along with an open loader , he deleted his post and probably removed the guy from the group and he sells it on his own blog now and he sells the loader as well. I also can see another guy already selling the a broken ShowString hook edits on his other group. That's why so many people already have such features and even more advanced and not gonna share to community , Everything you post openly it becomes the source of living for other people . This is full disrespect to the person who shared and the amount of time he spent developing it. That's why Conquer Development Communities are DEAD. If you share anything openly its just like bringing more and more of potential scammers into the domain. Their most famous words are " Share for the community to improve " " If you share the servers will be better" " Share for education " and their best friends are " Jet brains " , " Il Spy " , " Ghidra " and next day it ends with your hard work is being sold , it cant be maintained , new scammers spotted ! It's an interesting discussion to be had for sure, I have no real skin in this game, and dont really care as deeply about that side of things as others seem to online. I want to preface that I am not making an argument pro or contrary to anything, simply sharing my 2 cents. 1) I just dont get how this works haha, how does someone open source something and then someone else sells the same thing? If its open why wouldnt people just download and use the open source stuff? (if the answer is people are stupid well thats just capitalism isnt it? If im giving away fruit and some guy comes grabs them opens up a shop next to me selling them packaged or something I cant be mad at him) I do open source because I have a job, that pays my bills and living. I dont need what I work on for my own personal enjoyment/development/growth to generate me money. If someone else out there does, and can why do I care? If I wanted to make money from it and not them I wouldnt make it open source? I just dont get where heads are butting here. 2) The community is dead because it was a niche game at its peak, and even at the start it was always based on greed (literally every top server ever was just a "here guys you can actually afford to max your items here cause its $80 for a bulk pack instead of $200") also in regards to "If you share anything openly its just like bringing more and more of potential scammers into the domain." I mean yes but this is data bias... The open source isnt what makes the "scammers" viable, its opposite. They are viable because all they do is present a simple way to get all of this together for a buyer that doesnt know how to or doesnt want to do the work of gathering it all themselves from whats already freely out there. If it was all easily accessible they wouldnt have a job or a "service" to provide. Edited January 6 by Berniemack Quote
kennylovecode Posted January 7 Posted January 7 5 hours ago, Berniemack said: 这确实是一个值得探讨的话题。我本人对此事并不关心,也不像网上其他人那样对此过度关注。首先声明,我并非支持或反对任何观点,只是分享一下我的看法。1 )我实在搞不懂这其中的运作机制,哈哈,为什么有人开源了某个东西,然后其他人却拿去卖呢?既然是开源的,为什么人们不直接下载使用呢?(如果答案是人们愚蠢,那不就是资本主义吗?如果我免费赠送水果,有人拿走后在我旁边开店包装出售,我又不能责怪他。)我开源是因为我有工作,可以养家糊口。我不需要我为了个人娱乐/发展/成长而创作的东西来赚钱。如果其他人想赚钱,而且有能力赚钱,我为什么要关心呢?如果我想从中赚钱而不是让他们赚钱,我就不会开源了。我真不明白大家争论的焦点在哪儿。2 )社区消亡是因为这游戏鼎盛时期就是个小众游戏,而且从一开始就充斥着贪婪(几乎所有顶级服务器都是“伙计们,你们现在终于可以买得起满级装备了,因为批量购买只要80美元,而不是200美元”)。至于“如果你公开分享任何东西,就等于把越来越多的潜在骗子引进来”,我的意思是,没错,但这其实是数据偏见……开源并不是让“骗子”有利可图的原因,恰恰相反。他们之所以有利可图,是因为他们为那些不知道如何收集或者不想自己从网上免费获取资源的买家提供了一种简单的购买方式。如果所有东西都唾手可得,他们也就没有工作或“服务”可做了。 Let me answer you, because not everyone is as smart as you can find it, and most people will get it quickly by using money Therefore, we only need to pay attention to how and why we do it, and we ignore what others do. Quote
kennylovecode Posted January 7 Posted January 7 7 hours ago, Shang said: Most likely he is waiting him to post it on Github so that he will start selling a proxy he been doing the same for over 5 years already. Checking for free releases then sells it on his blog for 50$ maybe , open source has its bad sides also. I can see on his own community group someone released a source for free along with an open loader , he deleted his post and probably removed the guy from the group and he sells it on his own blog now and he sells the loader as well. I also can see another guy already selling the a broken ShowString hook edits on his other group. That's why so many people already have such features and even more advanced and not gonna share to community , Everything you post openly it becomes the source of living for other people . This is full disrespect to the person who shared and the amount of time he spent developing it. That's why Conquer Development Communities are DEAD. If you share anything openly its just like bringing more and more of potential scammers into the domain. Their most famous words are " Share for the community to improve " " If you share the servers will be better" " Share for education " and their best friends are " Jet brains " , " Il Spy " , " Ghidra " and next day it ends with your hard work is being sold , it cant be maintained , new scammers spotted ! Hi, actually, I know him, but I didn't make it so obvious, but we can't control him to do so. Therefore, I think that open source should be limited. We provide you with an idea, a framework and some foundations, and we can't let these people copy and paste them and sell them. Quote
darkfox Posted January 10 Posted January 10 (edited) On 1/6/2026 at 7:09 PM, Shang said: Most likely he is waiting him to post it on Github so that he will start selling a proxy he been doing the same for over 5 years already. Checking for free releases then sells it on his blog for 50$ maybe , open source has its bad sides also. I can see on his own community group someone released a source for free along with an open loader , he deleted his post and probably removed the guy from the group and he sells it on his own blog now and he sells the loader as well. I also can see another guy already selling the a broken ShowString hook edits on his other group. That's why so many people already have such features and even more advanced and not gonna share to community , Everything you post openly it becomes the source of living for other people . This is full disrespect to the person who shared and the amount of time he spent developing it. That's why Conquer Development Communities are DEAD. If you share anything openly its just like bringing more and more of potential scammers into the domain. Their most famous words are " Share for the community to improve " " If you share the servers will be better" " Share for education " and their best friends are " Jet brains " , " Il Spy " , " Ghidra " and next day it ends with your hard work is being sold , it cant be maintained , new scammers spotted ! I'm not sure if you say it for me, I just test things, I constantly publish things for the community like the ConquerLoader. Edited January 10 by darkfox Quote
darkfox Posted January 10 Posted January 10 On 1/6/2026 at 3:41 PM, kennylovecode said: Doing it yourself is much faster than waiting for others to update, isn't it? developer To be honest, I'm not very involved in that topic yet, so for me it would mean more research time. Quote
xFranko Posted January 10 Posted January 10 On 1/6/2026 at 8:09 PM, Shang said: Most likely he is waiting him to post it on Github so that he will start selling a proxy he been doing the same for over 5 years already. Checking for free releases then sells it on his blog for 50$ maybe , open source has its bad sides also. I can see on his own community group someone released a source for free along with an open loader , he deleted his post and probably removed the guy from the group and he sells it on his own blog now and he sells the loader as well. I also can see another guy already selling the a broken ShowString hook edits on his other group. That's why so many people already have such features and even more advanced and not gonna share to community , Everything you post openly it becomes the source of living for other people . This is full disrespect to the person who shared and the amount of time he spent developing it. That's why Conquer Development Communities are DEAD. If you share anything openly its just like bringing more and more of potential scammers into the domain. Their most famous words are " Share for the community to improve " " If you share the servers will be better" " Share for education " and their best friends are " Jet brains " , " Il Spy " , " Ghidra " and next day it ends with your hard work is being sold , it cant be maintained , new scammers spotted ! If something is open source and the license explicitly allows redistribution, I don’t see an issue with someone packaging it so less-experienced users can use it without having to compile or set everything up themselves. Also, it’s not fair to paint @darkfox as a bad actor. He has personally helped me multiple times without ever asking for anything in return. He also continues to maintain ConquerLoader, and in many cases he didn’t even take credit for large parts of it, instead properly crediting the original authors. Quote
kennylovecode Posted January 11 Posted January 11 19 hours ago, xFranko said: If something is open source and the license explicitly allows redistribution, I don’t see an issue with someone packaging it so less-experienced users can use it without having to compile or set everything up themselves. Also, it’s not fair to paint @darkfox as a bad actor. He has personally helped me multiple times without ever asking for anything in return. He also continues to maintain ConquerLoader, and in many cases he didn’t even take credit for large parts of it, instead properly crediting the original authors. I don't intend to set anyone against each other. I'm just saying that we should independently think and research the concept of not solely waiting for others to help us. Quote
xFranko Posted January 11 Posted January 11 Just now, kennylovecode said: I don't intend to set anyone against each other. I'm just saying that we should independently think and research the concept of not solely waiting for others to help us. Yep I understand your motive was for good intention, I was just replying to "Shang" Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.