Information Security & US & Life & Love & Fashion & Hacking & Passion

Problem

You run a Linux machine and you want to run Snort in the background, starting up at boot time.

Solution

Snort provides a daemon mode to allow it to run in the background. This is activated by using the -D switch.

[root@frodo rules]# snort -D -c /etc/snort/snort.conf -l
/var/log/snort
[root@frodo rules]# ps -ef | grep snort
root     10738     1  0 11:34 ?  00:00:00 snort -D -c
/etc/snort/snort.conf -l /var/log/snortDiscussion

You'll probably want to run Snort like this: starting at boot and running in the background. If you want to start Snort earlier in the boot sequence, consult your system documentation as to how to edit the boot scripts.

The exact methods for starting Snort at boot vary slightly from distribution to distribution. There are likely to be some slight differences between the exact methods of setting this up on each different Linux distribution. The simplest method, if your system supports it, is to modify the /etc/rc.d/rc.local script. This script runs after all the other init scripts on the system, so your system will be unmonitored between the start of network services and the start of Snort. Add a line similar to the following to your rc.local script:

/usr/local/bin/snort -D -c /etc/snort/snort.conf -l /var/log/snort

You must verify the locations that are relevant to your particular setup. There is an example Snort startup script in /snort-2.x.x/contrib./S99snort.

Running Snort as a daemon is useful only if you are getting good notification from Snort about potential intrusions; otherwise, you are effectively ignoring it. You should refer to the other recipes regarding alerting.

To install from source, download it from the Snort web site (http://www.snort.org). Uncompress, unpack, compile, and install by using the following commands:

tar xzf snort-2.2.0.tar.gz
cd snort-2.2.0
./configure
make

And then as root:

make install

Discussion

Installing from source is nearly as easy as installing from precompiled packages, and it works across all Unix platforms. There is also a lot more flexibility in the options you can choose. First of all, you need to download the latest source tar file from snort.org. At this point, if possible, you should ensure that the source has not been meddled with; you can do this by verifying the checksum given using the MD5 utilities.

[simon@frodo downloads]$ md5sum snort-2.2.x.tar.gz
6194278217e4e3f733b046256a31f0e6 *snort-2.2.x.tar.gz

The source is a tarred gzip file; to extract it, enter the following at a command prompt:

[simon@frodo downloads]$ gunzip snort-2.2.x.tar.gz
[simon@frodo downloads]$ tar -xvf snort-2.2.x.tar

You'll then see the entire list of filenames scroll past as they are decompressed and extracted. This creates a directory structure under the current directory. In this case, with the base directory ./snort-2.2.0/. Change into this directory. At this point, if you wish to perform an ordinary installation, type the following:

[simon@frodo snort-2.2.x]$ ./configure

This will create the make file optimized for your architecture. There are a number of options that you can specify to configure. These are listed in Table 1-1. They include options for specifying switches for the compliers as well as turning on support for certain features.

--enable-debug

--with-snmp

--enable-smbalerts

--enable-flexresp

--with-mysql=DIR

--with-odbc=DIR

--with-postgresql=DIR

--with-oracle=DIR

--with-openssl=DIR

--with-libpq-includes=DIR

--with-libpq-libraries=DIR

--with-libpcap-include=DIR

--with-libpcap-libraries=DIR

--prefix=PATH

--exec-prefix=PATH

--help

For further information on these switches, you should read through the INSTALL file included in the /doc directory. Also in this file are some of the known issues and fixes for compilation on different Unix operating systems. The configure script may warn you of missing dependencies (other applications or utilities that are required by Snort). Download and install the required files from their respective web sites and rerun the configure command. In the many installations we've done, we can only recall coming across two missing prerequisites. These were libpcap, the library for performing packet capture on Linux systems, available for download from http://www.tcpdump.org, and Perl Compatible Regular Expressions (PCRE), available for download from http://www.pcre.org/.

Then you need to compile it using the make command:

[simon@frodo snort-2.2.0]$ make

Now go and get the hot beverage of your choice. This can take some time, even on a pretty fast machine. There are no test cases to run, so at this point, you need to run the install as root:

[root@frodo snort-2.2.0]# make install

Provided at this point you see no error messages, your installation is complete.

Also ensure that the directory to which Snort writes logfiles exists and is writable by the user that Snort runs as. If Snort can't write its logfiles, it will fail during any attempt to run it.

The INSTALL document in the /doc directory of Snort

http://www.tcpdump.org

http://www.pcre.org/

Apple Inc. is launching a smaller version of the iPod shuffle. It has a new feature that speaks the names of artists and songs.

Apple (nasdaq: AAPL - news - people ) touts the new $79 device, which stores 4 gigabytes - up to about 1,000 songs - as "significantly" smaller than a double-A battery. Mirroring design updates to the company's laptop computer line, the new Shuffle comes in a gray aluminum exterior.

Apple says the Shuffle's new VoiceOver feature comes in 14 languages.

Apple shares rose $3.16, 3.6 percent, to $91.79 in morning trading Wednesday.

Copyright 2009 Associated Press. All rights reserved. This material may not be published broadcast, rewritten, or redistributed

Smart phone maker Palm is doubling down on its new Pre phone by saying it plans to raise $83.9 million with a new stock offering to bolster the product's launch.

Palm (nasdaq: PALM - news - people ) said Monday it boosted a previously announced public offering to 23.125 million shares, from 18.5 million, and priced the stock at $6.00. The company's stock opened at $6.50 Tuesday and recently traded at $6.85, up 83 cents, or 13.8%.

Analysts have questioned whether the Sunnyvale, Calif.-based company's cash flow could sustain the rollout effort for the widely anticipated Palm Pre, a new smart phone set to launch in the first half of the year. Shrinking demand for Palm's older models has battered the company's sales.

Matthew Thornton, an analyst with Avian Securities in Boston, said Palm exercised a clause that forced its largest shareholder, hedge fund Elevation Partners, to remarket the 49.0% of stock it already owned.

Elevation, which bought shares at $3.25, will end up getting $49.0 million back. According to Thornton, it has already reinvested that money in more Palm shares -- a vote of confidence for the future of Palm. Elevation now owns a 33.0% stake in Palm.

Elevation Partners also has an investment in Forbes.

Palm has been navigating troubled waters of late. The smart phone maker last week warned investors that its sales for its fiscal third quarter fell more than 70.0%, based on preliminary estimates. The company blamed falling demand for its older phones, the weak global economy and late shipments of its Treo phone. (See "Palm Slapped By Dwindling Sales.")

Palm also said its next quarter will be tough, as sales of existing products continue to fall and profit margins thin.

BURLINGAME, Calif.--If you're in the PC business, life is pretty bleak right now. Sales of computers are plummeting. Prices are falling, fast. Outlets selling your wares, such as Circuit City, are folding. Oh, and just about the only thing that's selling right now are low-cost netbooks, lower-cost iPods and canned food.

It could be about to get worse. Much worse. According to a report in the Chinese-language Commercial Times, Taiwanese manufacturer Wintek will supply the touch panels for an Apple (nasdaq: AAPL - news - people ) device of some kind, possibly a netbook, that will launch by the third quarter.

It's unclear, as always, what the computer and gadget maker is doing. An Apple spokesman declined to comment on "rumors and speculation," and the Cupertino, Calif.-based company is known for working hard to keep upcoming products secret. These guys just aren't big talkers, period, saying little about the health of Apple co-founder Steve Jobs, who remains out on medical leave through June.

Apple, however, has continued to publicly resist the idea of competing in the market for low-cost netbooks. Chief Operating Officer Tim Cook criticized them as "inferior" during a call with investors in January, saying only that Apple will "watch" the space.

Apple can do that, in part, because its powerful, high-end notebooks have remained steady sellers, despite the downturn. Yet it remains a little baffling, considering that Gartner predicts sales of low-cost netbooks will double to 21 million units in 2009 from 11.7 million units last year. It's also possible that Apple is working on a better idea, something that could move its iPod line up market, rather than its notebook computers down market.

Here's what we know: Apple purchased PA Semi, a chip designer that builds powerful, power-sipping processors for the U.S. military, for $278 million in cash last year. Then Apple slugged it out in court with IBM (nyse: IBM - news - people ) to grab IBM chip designer turned blade-server honcho Mark Papermaster. It then put Papermaster in charge of its iPod and iPhone hardware. And now it looks as if Apple has placed orders for a whole bunch of touch screens.

Oh, and those chips Papermaster designed? Based on the same PowerPC architecture as PA Semi's. You connect the dots.

So when does the bomb drop? We can't be sure. But Jobs is due back by the end of June, and Apple's Worldwide Developers Conference is usually slated for June as well. If Jobs strides onto the stage with his coat glossy and his eyes shiny, chances are good he'll be there to rip the lid off an economy-sized box of pain for the rest of the PC business. He could unveil a powerful, media-friendly tablet based on the iPod Touch, or some other form of multi-core, touch-screen monster.

It looks like Apple is doing something right. In an economy like this only the strong survive. Yet even the strongest names in the technology sector are turning to the business weapon of last resort: layoffs. The only exceptions: Apple and communications chip specialist Qualcomm.

Of the 10 U.S.-based software and hardware companies with the largest market valuations, only Apple (nasdaq: AAPL - news - people ) and Qualcomm (nasdaq: QCOM - news - people ) have been spared the widespread job losses that have been plaguing corporate America over the past year.

Cisco (nasdaq: CSCO - news - people ), Intel (nasdaq: INTC - news - people ), Oracle (nasdaq: ORCL - news - people ), IBM (nyse: IBM - news - people ). These are all companies with fortress-like balance sheets and steady profits. Yet all of them have let workers go recently. Even Steve Ballmer, chief executive of mighty Microsoft (nasdaq: MSFT - news - people ), has swung the ax, announcing in January that the software giant will lay off 5,000 workers, or 5% of its workforce.

While Qualcomm isn't laying off, it is clamping down. Chief Executive Paul Jacobs announced a wage freeze and a hiring cap, ending a hiring spree that saw the company adding thousands of jobs to its payroll over the past few years.

"We have not done what a lot of other companies have done, which is have massive layoffs across the company," Jacobs said at Qualcomm's annual shareholders meeting Tuesday. "We have had some targeted reductions, but for the most part we've managed to maintain our workforce."

Apple, meanwhile, continues to think different. While competitors are flooding the market with cheap netbook computers, Apple is sticking to its strategy: Sell pricey, yet powerful, computers and stylish music players, as well as smart phones. The result: Apple has maintained its gross margins of 34.7%, even as other companies struggle to make a buck.

To be sure, Apple employees haven't been immune to the kind of corporate reshuffling that goes along with a steady paycheck these days. Back in May, Apple eliminated 175 sales jobs at its Elk Grove, Calif., campus. Those employees, however, were offered the option of relocating to Austin, Texas.

So, how long can Apple avoid layoffs? At this point, let's hope forever. If Apple employees all have jobs by the time the economy hits bottom, it will give the rest of us someone to sell oranges to. Tip: There's a good spot for a fruit stand around the freeway exit near Apple's headquarters.

Shares of some top internet companies are mixed at noon:

Akamai Technologies (nasdaq: AKAM - news - people ) rose $.11 or .7 percent, to $16.34.

Amazon fell $3.35 or 5.2 percent, to $61.42.

eBay (nasdaq: EBAY - news - people ) fell $.34 or 3.3 percent, to $10.12.

Google (nasdaq: GOOG - news - people ) fell $6.46 or 2.1 percent, to $299.18.

Yahoo (nasdaq: YHOO - news - people ) rose $.36 or 2.9 percent, to $12.89.

Copyright 2009 Associated Press. All rights reserved. This material may not be published broadcast, rewritten, or redistributed

The traditional advice about building a Web site was to spend a lot of time in advance planning its organization, ensuring that all the inside pages fit together in a logical hierarchy. Next, navigation aids were placed on the home page, so that the routes to all that inside content were intuitive and readily apparent. And since first impressions are as important online as off, lots of time and effort should be spent designing the home page, as it would be the first thing your visitors would see.

No one is now saying that Web layouts should be complicated, or Web site design shouldn't be attractive. But because of search engines, users end up never encountering that home page or availing themselves of the careful arrangement of the site's material.

Instead, they're taken directly to the inside page that has the specific material they are looking for. And once they find what they're looking for, they're off somewhere else.

What that means, says Jerry Sheehan of the California Institute for Telecommunications and Information Technology, is that Web developers shouldn't sweat the details of how a site is pieced together, since Google (nasdaq: GOOG - news - people ) will only end up hiding a lot of that work from many, if not most, Web users.

"We are stuck designing for the total user experience," Sheehan says. "But in fact, the actual user experience is to simply come and get something, and then go. The natural predilection is to spend lots of time working on the right design. But we might be better off taking 20% of that effort and using it to come up with 20% more content for the site."

Sheehan's institute helps state agencies get help from academia to undertake technology projects more complex than they could by themselves. He said he developed his new approach to Web design by looking at the traffic on his group's own Web site, and noticing that many visitors came directly from Google to an inside page, without ever bothering to check out the other parts of the site.

Sony Corp. said Friday that Ryoji Chubachi is stepping down as president, and Howard Stringer, chairman and chief executive, will stay on, adding the presidency as another title.

The Japanese electronics and entertainment company, battered by the global slump and the strong yen, is projecting its first annual net loss in 14 years.

Sony (nyse: SNE - news - people ) said Chubachi will step down April 1. Further details weren't immediately available. But the Tokyo-based company said it is holding a news conference later Friday on new management, and Stringer will be there.

Chubachi, 61, oversees Sony's core electronics sector, at the center of the unfolding economic woes at one of Japan's most famous manufacturers. He became president in 2005, when Welsh-born American Stringer, 67, became the first foreigner to head Sony.

Both executives had promised a dramatic turnaround at Sony, the maker of Bravia flat-panel televisions, PlayStation 3 game machine and Cyber-shot digital cameras.

But the global slowdown - hitting during the key year-end shopping season - and the surging yen, which erodes foreign earnings, have proved too much. Sony is particularly vulnerable to overseas demand because exports make up about 80 percent of its sales.

Sony is expecting a 150 billion yen net loss for the fiscal year through March. That's a reversal from a net profit of 369.4 billion yen the previous year.

The last - and only - time Sony reported a loss, for the fiscal year ending March 1995, the red ink came from one-time losses in its movie division, marred by box office flops and lax cost controls.

log.h

#define WIN32_LEAN_AND_MEAN

#ifndef _MAIN_H
#define _MAIN_H

char *GetDirectoryFile(char *filename);
void __cdecl add_log (const char * fmt, ...);
#endif

source code by fatboy

#include <iostream.h>

void main()

#include "stdafx.h"
#include <windows.h>
#include <detours.h>
#include <d3d8.h>
#include <d3dx8.h>
#include "log.h"
#include <fstream>
#include <iostream>
#pragma comment(lib, "d3dx8.lib")
#pragma comment(lib, "d3d8.lib")
using namespace std;
static DWORD dwBeginScene = 0x6D9D9250;
static DWORD dwEndScene = 0x6d9d93a0;
static DWORD dwDrawIndexedPrimitive = 0x6d9d73a0;
static DWORD dwSetStreamSource = 0x6d9d6760;
static DWORD dwSetViewport = 0x6d9d5b90 ;


int m_Stride;
int texnum;
int nNumVertices;
int nPrimitiveCount;

LPDIRECT3DTEXTURE8 Red,Yellow,Green,Blue,Purple,Pink,Orange;
bool Color = true;
bool Logger = false;
ofstream ofile;
char dlldir[320];
float ScreenCenterX = 0.0f;
float ScreenCenterY = 0.0f;
bool xhair = false;
bool WallHack = false;
bool WallHack2 = false;
HANDLE hand1 =NULL;
HANDLE hand2 =NULL;

DWORD bytes;

//Logger
int texarray[1000];
int arraycounter;
int delarray[500];
int dcount;
unsigned int arrc;
int i=0;


D3DCOLOR redt = D3DCOLOR_XRGB( 255, 0, 0 );


char *GetDirectoryFile(char *filename)
{
static char path[320];
strcpy(path, dlldir);
strcat(path, filename);
return path;
}

void __cdecl add_log (const char *fmt, ...)
{
if(ofile != NULL)
{
if(!fmt) { return; }

va_list va_alist;
char logbuf[256] = {0};

va_start (va_alist, fmt);
_vsnprintf (logbuf+strlen(logbuf), sizeof(logbuf) - strlen(logbuf), fmt, va_alist);
va_end (va_alist);

ofile << logbuf << endl;
}
}

HRESULT GenerateTexture(IDirect3DDevice8 *pD3Ddev, IDirect3DTexture8 **ppD3Dtex, DWORD colour32)
{
if( FAILED(pD3Ddev->CreateTexture(8, 8, 1, 0, D3DFMT_A4R4G4B4, D3DPOOL_MANAGED, ppD3Dtex)) )
return E_FAIL;

WORD colour16 = ((WORD)((colour32>>28)&0xF)<<12)
|(WORD)(((colour32>>20)&0xF)<<8)
|(WORD)(((colour32>>12)&0xF)<<4)
|(WORD)(((colour32>>4)&0xF)<<0);

D3DLOCKED_RECT d3dlr;
(*ppD3Dtex)->LockRect(0, &d3dlr, 0, 0);
WORD *pDst16 = (WORD*)d3dlr.pBits;

for(int xy=0; xy < 8*8; xy++)
*pDst16++ = colour16;

(*ppD3Dtex)->UnlockRect(0);

return S_OK;
}


//=================================EndScene_Start=================================================================================//
typedef HRESULT ( WINAPI* oEndScene ) ( LPDIRECT3DDEVICE8 pDevice );
oEndScene pEndScene;

HRESULT WINAPI myEndScene(LPDIRECT3DDEVICE8 pDevice)
{
if(Color)
{
GenerateTexture(pDevice, &Red, D3DCOLOR_ARGB (255 , 255 , 0 , 0 ));
GenerateTexture(pDevice, &Yellow, D3DCOLOR_ARGB (255 , 255 , 255 , 0 ));
GenerateTexture(pDevice, &Green, D3DCOLOR_ARGB (255 , 0 , 255 , 0 ));
GenerateTexture(pDevice, &Blue, D3DCOLOR_ARGB (255 , 0 , 0 , 255 ));
GenerateTexture(pDevice, &Purple, D3DCOLOR_ARGB (255 , 102 , 0 , 153 ));
GenerateTexture(pDevice, &Pink, D3DCOLOR_ARGB (255 , 255 , 20 , 147 ));
GenerateTexture(pDevice, &Orange, D3DCOLOR_ARGB (255 , 255 , 165 , 0 ));
Color=false;
}

if(xhair)
{
D3DRECT rec2 = {ScreenCenterX-20, ScreenCenterY, ScreenCenterX+ 20, ScreenCenterY+2};
D3DRECT rec3 = {ScreenCenterX, ScreenCenterY-20, ScreenCenterX+ 2,ScreenCenterY+20};
pDevice->Clear(1, &rec2, D3DCLEAR_TARGET,redt, 0, 0);
pDevice->Clear(1, &rec3, D3DCLEAR_TARGET,redt, 0, 0);
}

//=============================================UnHooK_Start===================================================//

if((GetAsyncKeyState(VK_F5)&1))
{
int end =NULL;
int dip =NULL;
int svp =NULL;
int sss =NULL;


BYTE Unhook[5] = {0x8B,0xFF,0x55,0x8B,0xEC};//Original Function Bytes.
hand1 = GetCurrentProcess();
DWORD dwmodualBase=(DWORD)GetModuleHandle("d3d8.dll");
end = 0x6d9d93a0;
dip = 0x6d9d73a0;
svp = 0x6d9d5b90;
sss = 0x6d9d6760;

WriteProcessMemory(hand1, (void*) end, Unhook, 5, &bytes);
WriteProcessMemory(hand1, (void*) dip, Unhook, 5, &bytes);
WriteProcessMemory(hand1, (void*) svp ,Unhook, 5, &bytes);
WriteProcessMemory(hand1, (void*) sss,Unhook, 5, &bytes);
}
//=========================================UnHook_End=========================================================//

if((GetAsyncKeyState(VK_F1)&1)){xhair=!xhair;}
if((GetAsyncKeyState(VK_F2)&1)){WallHack=!WallHack;}

return pEndScene(pDevice);
}
//====================================EndScene_End============================================================================//




//=================================Dip_Start============================================================================================//
typedef HRESULT ( WINAPI* oDrawIndexedPrimitive ) ( LPDIRECT3DDEVICE8 pDevice, D3DPRIMITIVETYPE pType, UINT nMinIndex, UINT nNumVertices, UINT nStartIndex, UINT nPrimitiveCount );
oDrawIndexedPrimitive pDrawIndexedPrimitive;

HRESULT WINAPI myDrawIndexedPrimitive(LPDIRECT3DDEVICE8 pDevice, D3DPRIMITIVETYPE pType, UINT nMinIndex, UINT nNumVertices, UINT nStartIndex, UINT nPrimitiveCount)
{




if(WallHack)
{
texnum = (nNumVertices*100000)+nPrimitiveCount;
if(m_Stride==40 &&

(texnum==7500121 )||(texnum==8500105 )||(texnum==12400168)||(texnum==37000650)||
(texnum==18000274)||(texnum==8800105 )||(texnum==36900650)||(texnum==19600314)||
(texnum==21800306)||(texnum==7500121 )||(texnum==8500105 )||(texnum==12400168)||
(texnum==21800306)||(texnum==36900650)||(texnum==7500121 )||(texnum==37000650)||
(texnum==18000274)||(texnum==7500121 )||(texnum==8500105 )||(texnum==38000658)||
(texnum==22100268)||(texnum==62400752)||(texnum==27900456)||(texnum==45700654)||
(texnum==4800040 )||(texnum==83600752)||(texnum==33400477)||(texnum==38100666)||
(texnum==2800036 )||(texnum==62400752)||(texnum==29700492)||(texnum==84900778)||
(texnum==27500442)||(texnum==52100658)||(texnum==62400752)||(texnum==33600552)||
(texnum==44100646)||(texnum==18000274)||(texnum==37200508)||(texnum==45700654)||
(texnum==37200508)||(texnum==52100658)||(texnum==52100658) &&



(nNumVertices == 100 && nPrimitiveCount == 121) || //Foot
(nNumVertices == 105 && nPrimitiveCount == 168) || //Right Arm
(nNumVertices == 132 && nPrimitiveCount == 180) || //Hand
(nNumVertices == 159 && nPrimitiveCount == 200) || //Left Arm
(nNumVertices == 338 && nPrimitiveCount == 534) || //Underbody thanks japennese guy =)
//(nNumVertices == 448 && nPrimitiveCount == 776) || //Head
(nNumVertices == 804 && nPrimitiveCount == 1016) || //Body //SRG Option item
(nNumVertices == 109 && nPrimitiveCount == 110) || //Bulletproof Vest
(nNumVertices == 336 && nPrimitiveCount == 532)) //Battle Pants

{
pDevice->SetRenderState(D3DRS_ZENABLE, D3DZB_FALSE);
pDevice->SetRenderState(D3DRS_ZFUNC,D3DCMP_NEVER);
pDevice->SetTexture(0,Orange);
//pDevice->SetRenderState(D3DRS_FILLMODE, D3DFILL_WIREFRAME );

pDrawIndexedPrimitive(pDevice, pType, nMinIndex, nNumVertices, nStartIndex, nPrimitiveCount);

//pDevice->SetRenderState(D3DRS_FILLMODE, D3DFILL_SOLID );
pDevice->SetRenderState(D3DRS_ZENABLE, D3DZB_TRUE);
pDevice->SetRenderState(D3DRS_ZFUNC,D3DCMP_LESSEQUAL);
pDevice->SetTexture(0,Pink);
}

if(m_Stride==40 && texnum== 21300174)
{
pDevice->SetRenderState(D3DRS_ZENABLE, D3DZB_FALSE);
pDevice->SetRenderState(D3DRS_ZFUNC,D3DCMP_NEVER);
pDevice->SetTexture(0,Green);//GreenNade
pDrawIndexedPrimitive(pDevice, pType, nMinIndex, nNumVertices, nStartIndex, nPrimitiveCount);
pDevice->SetRenderState(D3DRS_ZENABLE, D3DZB_TRUE);
pDevice->SetRenderState(D3DRS_ZFUNC,D3DCMP_LESSEQUAL);
pDevice->SetTexture(0,Purple);
}


if(nNumVertices == 158 && nPrimitiveCount == 131)
{
pDevice->SetRenderState(D3DRS_ZENABLE, D3DZB_FALSE);
pDevice->SetRenderState(D3DRS_ZFUNC,D3DCMP_NEVER);
pDevice->SetTexture(0,Red);//GreenNade
pDrawIndexedPrimitive(pDevice, pType, nMinIndex, nNumVertices, nStartIndex, nPrimitiveCount);
pDevice->SetRenderState(D3DRS_ZENABLE, D3DZB_TRUE);
pDevice->SetRenderState(D3DRS_ZFUNC,D3DCMP_LESSEQUAL);
pDevice->SetTexture(0,Yellow);
}

if (nNumVertices == 171 && nPrimitiveCount == 143)
{

pDevice->SetRenderState(D3DRS_ZENABLE, D3DZB_FALSE);
pDevice->SetRenderState(D3DRS_ZFUNC,D3DCMP_NEVER);
pDevice->SetTexture(0,Red);//GreenNade
pDrawIndexedPrimitive(pDevice, pType, nMinIndex, nNumVertices, nStartIndex, nPrimitiveCount);
pDevice->SetRenderState(D3DRS_ZENABLE, D3DZB_TRUE);
pDevice->SetRenderState(D3DRS_ZFUNC,D3DCMP_LESSEQUAL);
pDevice->SetTexture(0,Yellow);
}



if(m_Stride==40 &&//face,mask etc...
(texnum==34900580)|| // Delta Force Head
(texnum==36100604)|| // Spetsnaz Head
(texnum==38000658)|| // Spetsnaz Legs
(texnum==18300268)|| // Spetsnaz Body
(texnum==36200604)|| // GIGN Head
(texnum==21200306)|| // GIGN Body
(texnum==35500568)|| // GSG9 Head
(texnum==2200024)|| // GSG9 Bangs
(texnum==8800105)|| // GSG9 Feet
(texnum==36900650)|| // GSG9 Legs
(texnum==19600314)|| // GSG9 Body
(texnum==36700612)|| // SAS Head
(texnum==8500105)|| // SAS Feet
(texnum==37000650)|| // SAS Legs
(texnum==18000274)|| // SAS Body
(texnum==35300556)|| // KSF Head
(texnum==7500121)|| // KSF Arms
(texnum==9200115)|| // KSF Feet
(texnum==12400168)|| // KSF Hands
(texnum==30100522)|| // KSF Legs
(texnum==18700288)|| // KSF Body
(texnum==40900594)|| // ARTC Head
(texnum==11700190)|| // ARTC Arms
(texnum==9100118)|| // ARTC Feet
(texnum==12500170)|| // ARTC Hands
(texnum==37000634)|| // ARTC Legs
(texnum==41700516)|| // ARTC Body
(texnum==19400260)|| // ROKMC Body
(texnum==37900592)|| // ROKMC Head
(texnum==36500642)|| // ROKMC Legs
(texnum==44800776)|| // SRG Head
(texnum==15900200)|| // SRG Left Arm
(texnum==10500168)|| // SRG Right Arm
(texnum==80401016)|| // SRG Body
(texnum==10000121)|| // SRG Feet
(texnum==13200180)|| // SRG Hands
(texnum==33800534)|| // SRG Leg
(texnum==13200212)|| // Delta Force Helmet
(texnum==13200212)|| // Delta Force Helmet 2
(texnum==34700538)|| // Delta Force Gas Mask
(texnum==19500352)|| // Delta Force Balaclava
(texnum==84900778)|| // Delta Force Clan BDU
(texnum==27500442)|| // Delta Force Body Armor
(texnum==42800576)|| // Delta Force Body Armor 2
(texnum==52100658)|| // Delta Force Tactical Vest
(texnum==12200196)|| // Spetsnaz Helmet
(texnum==27100464)|| // Spetsnaz Gas Mask
(texnum==33600552)|| // Spetsnaz Body Armor
(texnum==44100646)|| // Spetsnaz Tactical Vest
(texnum==17800292)|| // GIGN Red Bandana
(texnum==21300290)|| // GIGN Helmet
(texnum==2800036)|| // GIGN Helmet Lens
(texnum==35700558)|| // GIGN Gas Mask
(texnum==22100396)|| // GIGN Balaclava
(texnum==29700492)|| // GIGN Body Armor
(texnum==11200188)|| // ROKMC Beret
(texnum==12000194)|| // ROKMC Helmet
(texnum==29800450)|| // ROKMC Gas Mask
(texnum==27100394)|| // ROKMC Body Armor
(texnum==28700374)|| // ROKMC X Harness
(texnum==34700470)|| // ROKMC X Harness
(texnum==5100056)|| // ROKMC Pouch
(texnum==9900163)|| // ROKMC Left Arm
(texnum==18300163)|| // ROKMC Right Arm
(texnum==16400266)|| // GSG9 Red Bandana
(texnum==16200243)|| // GSG9 Helmet
(texnum==31900466)|| // GSG9 Gas Mask
(texnum==19300342)|| // GSG9 Balaclava
(texnum==83600752)|| // GSG9 Clan BDU
(texnum==33400477)|| // GSG9 Body Armor
(texnum==10500163)|| // GSG9 Rolled Up Sleeves
(texnum==38100666)|| // GSG9 Tactical Knee Pads
(texnum==9600172)|| // SAS Boonie Hat
(texnum==14200236)|| // SAS Helmet
(texnum==37800552)|| // SAS Gas Mask
(texnum==28100486)|| // SAS Balaclava
(texnum==62400752)|| // SAS Clan BDU
(texnum==27900456)|| // SAS Body Armor
(texnum==45700654)|| // SAS Tactical Vest
(texnum==39800532)|| // SAS Tactical Vest 2
(texnum==9200100)|| // SAS Holster
(texnum==4800040)|| // SAS Magazine Pouch
(texnum==4000044)|| // SAS Pouch
(texnum==6500110) || // KSF Boonie Hat
(texnum==12900208)|| // KSF Helmet
(texnum==29600448)|| // KSF Gas Mask
(texnum==31100398)|| // KSF Sunglasses
(texnum==84700776)|| // KSF Clan BDU
(texnum==600004)|| // KSF Clan BDU Logo
(texnum==36500606)|| // KSF Body Armor
(texnum==63100646)|| // KSF Tactical Vest
(texnum==19800163)|| // KSF Rolled Up Sleeves
(texnum==7000066)|| // KSF Holster
(texnum==10400190)|| // SRG Beret
(texnum==23800294)|| // SRG Deer Head
(texnum==11600180)|| // SRG NIJ IIIA Helmet
(texnum==17100278)|| // SRG Red Bandana
(texnum==14600198)|| // SRG Battle Cap
(texnum==18200266)|| // SRG Helmet
(texnum==19100106)|| // SRG Gas Mask
(texnum==54300350)|| // SRG Sunglasses
(texnum==30800380)|| // SRG Mid Class Sunglasses
(texnum==79300995)|| // SRG Clan BDU 1
(texnum==13300138)|| // SRG Clan BDU 2
(texnum==300001)|| // SRG Clan BDU 3
(texnum==1200012)|| // SRG Clan BDU Logo
(texnum==10900110)|| // SRG Bulletproof Vest
(texnum==6200064)|| // SRG Holster
(texnum==22700250)|| // SRG Pouch
(texnum==2800036)|| // Force Recon Helmet Lens
(texnum==35700558)|| // Force Recon Gas Mask
(texnum==22100396)|| // Force Recon Balaclava
(texnum==29700492)|| // Force Recon Body Armor
(texnum==11200188)|| // Force Recon Beret
(texnum==12000194)|| // Force Recon Helmet
(texnum==29800450)|| // Force Recon Gas Mask
(texnum==27100394)|| // Force Recon Body Armor
(texnum==28700374)|| // Force Recon X Harness
(texnum==34700470)|| // Force Recon X Harness
(texnum==5100056)|| // Force Recon Pouch
(texnum==9900163)|| // Force ReconLeft Arm
(texnum==18300163)|| // Force Recon Right Arm


(nNumVertices == 448 && nPrimitiveCount == 776))

{
pDevice->SetTexture(0,Blue);
}


{
pDevice->SetRenderState(D3DRS_FOGENABLE,false);
}

/*Logger
if(m_Stride==40){


while(GetAsyncKeyState(VK_NUMPAD1)&1) arrc--; //Used as manual index for adding textures to delarray
while(GetAsyncKeyState(VK_NUMPAD3)&1) arrc++;
bool alrdy=false;
bool inarr=false;

if(texarray[arrc]==texnum)
if(delarray[i]==texarray[arrc])
alrdy=true;
for(int i=0;i<dcount;i++) //sees if said texture is in delarray
if(delarray[i]==texnum)
inarr=true;
if(texarray[arrc]==texnum || inarr){ //If true, color model differently
LPDIRECT3DTEXTURE8 texCol;
DWORD dwOldZEnable = D3DZB_TRUE;
pDevice->SetTexture(0, NULL);
pDevice->GetRenderState(D3DRS_ZENABLE, &dwOldZEnable);
pDevice->SetRenderState(D3DRS_ZENABLE, D3DZB_FALSE);
if(alrdy) //Different colors for selected models that are already being logged (For removal from array)
texCol=Blue;
else
texCol=Red;
pDevice->SetTexture(0, texCol);
pDrawIndexedPrimitive(pDevice, pType, nMinIndex, nNumVertices, nStartIndex, nPrimitiveCount);
pDevice->SetRenderState(D3DRS_ZENABLE, dwOldZEnable);

}
}
if(GetAsyncKeyState(VK_F5)&1) add_log("Logged tesx: %i", texarray[arrc]); //F5 will print currently selected texnum to logfile
if(GetAsyncKeyState(VK_F6)&1) { //For adding/removing textures to array
bool inarr=true;
for(int k=0;k<dcount;k++){
if(delarray[k]==texarray[arrc])
{
inarr=false;//Found selected texture to already exist
delarray[k]=0;//Delete texture
break;//Cancel loop
}
}
if(inarr==true)
{
delarray[dcount]=texarray[arrc];//Add texture
dcount++;
}
}
if(GetAsyncKeyState(VK_F7)&1){
int total=1;
add_log("omfg values?!? {");
for(int x=0;x<dcount;x++)//Loops through all recorded variables and prints them in a nice array based format
if(delarray[x]){
add_log("%i,",delarray[x]); //add_log2==add_log but without endl
total++;
}
add_log("}; %i variables in array",total);
}
bool found = false; //THIS PART CREDITS TO KRYPTEC
for(int y=0; y<arraycounter; y++) //THIS IS HIS LOGGING FUNCTION
{
if(texnum==texarray[y])found=true; //I JUST CREATED AN INTERFACE FOR IT
}
if(!found && arraycounter < 1000)
{
texarray[arraycounter]=texnum;
arraycounter++;
}*/


}
return pDrawIndexedPrimitive(pDevice, pType, nMinIndex, nNumVertices, nStartIndex, nPrimitiveCount);
}
//=====================================Dip_End====== ================================================== ===================//


//=====================================Sss_Start==== ================================================== ====================//
typedef HRESULT ( WINAPI* oSetStreamSource ) ( LPDIRECT3DDEVICE8 pDevice, UINT nStreamNumber, LPDIRECT3DVERTEXBUFFER8 pStreamData, UINT nStride );
oSetStreamSource pSetStreamSource;

HRESULT WINAPI mySetStreamSource(LPDIRECT3DDEVICE8 pDevice, UINT nStreamNumber, LPDIRECT3DVERTEXBUFFER8 pStreamData, UINT nStride)
{
if(nStreamNumber==0)
m_Stride = nStride;

return pSetStreamSource(pDevice, nStreamNumber, pStreamData, nStride);
}
//====================================Sss_End======= ================================================== ===================//

//====================================Svp_Start===== ================================================== ===================//
typedef HRESULT (WINAPI* oSetViewport)(LPDIRECT3DDEVICE8 pDevice,CONST D3DVIEWPORT8* pViewport);
oSetViewport pSetViewport;

HRESULT WINAPI mySetViewport(LPDIRECT3DDEVICE8 pDevice,CONST D3DVIEWPORT8* pViewport)
{
ScreenCenterX = ( float )pViewport->Width / 2;
ScreenCenterY = ( float )pViewport->Height / 2;

return pSetViewport(pDevice,pViewport);
}
//===================================Svp_End======== ================================================== ===================//

typedef HRESULT ( WINAPI* oBeginScene ) ( LPDIRECT3DDEVICE8 pDevice );
oBeginScene pBeginScene;

HRESULT WINAPI myBeginScene(LPDIRECT3DDEVICE8 pDevice)
{
if((GetAsyncKeyState(VK_F6)&1))
{
pEndScene = (oEndScene)DetourFunction((PBYTE)dwEndScene, (PBYTE)myEndScene);
pDrawIndexedPrimitive = (oDrawIndexedPrimitive)DetourFunction((PBYTE)dwDra wIndexedPrimitive, (PBYTE)myDrawIndexedPrimitive);
pSetStreamSource = (oSetStreamSource)DetourFunction((PBYTE)dwSetStrea mSource, (PBYTE)mySetStreamSource);
pSetViewport=(oSetViewport)DetourFunction((PBYTE)d wSetViewport,(PBYTE)mySetViewport);
}

return pBeginScene(pDevice);
}


BOOL WINAPI DllMain ( HMODULE hModule, DWORD dwReason, LPVOID lpReserved )
{
DisableThreadLibraryCalls(hModule);

if ( dwReason == DLL_PROCESS_ATTACH )
{

//=========Log==========================//
GetModuleFileName(hModule, dlldir, 512);
for(int i = strlen(dlldir); i > 0; i--) { if(dlldir[i] == '\') { dlldir[i+1] = 0; break; } }
ofile.open(GetDirectoryFile("log.txt"), ios::app);
//=========Log=========================//

pBeginScene = (oBeginScene)DetourFunction((PBYTE)dwBeginScene, (PBYTE)myBeginScene);
pEndScene = (oEndScene)DetourFunction((PBYTE)dwEndScene, (PBYTE)myEndScene);
pDrawIndexedPrimitive = (oDrawIndexedPrimitive)DetourFunction((PBYTE)dwDra wIndexedPrimitive, (PBYTE)myDrawIndexedPrimitive);
pSetStreamSource = (oSetStreamSource)DetourFunction((PBYTE)dwSetStrea mSource, (PBYTE)mySetStreamSource);
pSetViewport=(oSetViewport)DetourFunction((PBYTE)d wSetViewport,(PBYTE)mySetViewport);

}
return TRUE;
}