https://blog.lentic.de/ Recent content on fahersto's blog Hugo -- gohugo.io en <a href="https://creativecommons.org/licenses/by-nc/4.0/" target="_blank" rel="noopener">CC BY-NC 4.0</a> Fri, 12 Dec 2025 00:00:00 +0000 https://blog.lentic.de/posts/gameengine_lessons/ Fri, 12 Dec 2025 00:00:00 +0000 https://blog.lentic.de/posts/gameengine_lessons/ Game engine tech stack As some of you may know, I have spent a considerable amount of time developing a game engine in C++. Toward the end of the year, I want to take some time to reflect on where I&rsquo;m at and how I plan to move forward. Let us begin with a list of libraries that are currently used: Rendering: OpenGL Physics: Jolt Audio: FMOD GUI: ImGui, ImGuizmo, ImNodes Text: msdf-gen Window: GLFW Serialization: yaml-cpp Testing: googletest Scripting: sol3 Navigation: recastnavigation Asset Importing: assimp, ufbx Logging: spdlog Profiling: tracy Graphics Debugging: RenderDoc Feature showreel Building on these libraries we implemented several features. https://blog.lentic.de/posts/process_doppelganging/ Sun, 03 Dec 2023 00:00:00 +0000 https://blog.lentic.de/posts/process_doppelganging/ What is Process Doppelgänging? Process Doppelgänging is a code injection technique which allows to load and execute arbitrary code in the context of a benign process without calling Windows API functions commonly invoked to achieve code injection. The technique was published by Tal Liberman and Eugene Kogan at Black Hat Europe 2017. The concept is to abuse NTFS transactions to create a process from a malicious section that is seemingly backed by a benign file. https://blog.lentic.de/posts/textrendering/ Wed, 06 Jul 2022 00:00:00 +0000 https://blog.lentic.de/posts/textrendering/ Text rendering One of the latest additions to my OpenGL game engine is text rendering. TIt took more effort than I expected, and that&rsquo;s why this article exists. The OpenGL standard does not define text rendering. This was surprising to me at first, because while OpenGL is a low-level graphics API, rendering text seemed pretty low-level to me. Boy was I wrong. To ensure the correct placement of individual glyphs, a number of variables must be taken into account, as shown in the following figure: https://blog.lentic.de/posts/spline/ Sun, 20 Mar 2022 00:00:00 +0000 https://blog.lentic.de/posts/spline/ Natural cubic spline Piecewise spline interpolation fits cubic polynomials through a set of points. In contrast to utilizing a polynomial of a higher degree, this results in a smooth interpolation that stays much closer to the target points. The interpolation is based on a t value. The t value has to be monotonically increasing. This in turn means that a regular spline can only ever go into one direction. However, parametric splines overcome this limitation. https://blog.lentic.de/posts/ghostwriting/ Sat, 19 Mar 2022 00:00:00 +0000 https://blog.lentic.de/posts/ghostwriting/ I recently had the chance to study several code injection techniques in-depth. Specifically Host-Based Code Injection Attacks (HBCIAs). This term was introduced to distinguish code injection attacks that target the local system from ones that target remote systems such as SQL injection. I have implemented 22 HBCIA techniques over the last couple of months and the GhostWriting technique stood out to me in particular. What is GhostWriting? GhostWriting is an advanced code injection technique that combines thread hijacking, a write-gadget to write to an arbitrary memory location and an endless loop to stall execution. https://blog.lentic.de/posts/obregistercallbacks/ Fri, 18 Mar 2022 00:00:00 +0000 https://blog.lentic.de/posts/obregistercallbacks/ Monitor handle acquisition Acquiring a handle to a target process is a critical step in many code injection techniques. The Windows operating system exposes a mechanism that allows kernel mode drivers to supply handle operation callbacks. These callbacks can be registered by calling ObRegisterCallbacks. When a handle is created or duplicated the pre-operation callback is invoked before the operation is performed and the post-operation callback after the operation occurred. This mechanism is utilized by many antivirus and Anti-Cheat solutions to protect processes from code injection. https://blog.lentic.de/posts/revisiting_age_of_empires/ Wed, 05 Jan 2022 00:00:00 +0000 https://blog.lentic.de/posts/revisiting_age_of_empires/ Background The new years has just begun and it&rsquo;s been half a year since I published my findings on Age of Empires 2: Definitive Edition and even longer since these issues have been brought to the games developers and Microsofts attention. Has the issue been fixed? NO. Brush off a bad day: In Soviet Russia projectile dodges you: As always this works online and in all game modes. Will it be fixed? https://blog.lentic.de/posts/imogui/ Mon, 27 Sep 2021 00:00:00 +0000 https://blog.lentic.de/posts/imogui/ imogui is my GUI library to hook existing overlays and draw on them using imgui. All of imgui&rsquo;s powerfull widgets such as buttons, plots and colorpickers can be used to create an interactive extension to any program using one of the supported overlays. This is very convenient as some of the supported overlays allow to add to any third party application (such as Steam). This project uses hookFTW to hook into the drawing function of the target overlay to achieve its functionality. https://blog.lentic.de/posts/hookftw/ Wed, 15 Sep 2021 00:00:00 +0000 https://blog.lentic.de/posts/hookftw/ This is a post is about my C++ hooking library for Windows (GitHub). What is a hooking library? A hooking library allows to change a target programs control flow. This can be useful to debug own applications but also to change or extend functionality of other programs. This functionality can be achieved using different methods. I implemented the following methods: Byte patching .text section Import Address Table (IAT) Virtual Function Table (VFT) Vectored Expcetion Handler (VEH) Why write another Windows hooking library? https://blog.lentic.de/posts/age_of_empires/ Mon, 14 Jun 2021 00:00:00 +0000 https://blog.lentic.de/posts/age_of_empires/ This is a repost. The original article can be found here. This blog post describes my lockdown project of (partially) reversing the popular 2019 videogame Age of Empires 2: Definitive Edition. My efforts did not only educate me about lock-step simulation and 90s coding practices, but also lead to various multiplayer hacks. First I&rsquo;ll give a brief background on the game&rsquo;s multiplayer architecture. Then I&rsquo;ll explain how I interactively explored the game&rsquo;s internals, until I could do things that should not be possible. https://blog.lentic.de/posts/codina_colada/ Sun, 13 Dec 2020 00:00:00 +0000 https://blog.lentic.de/posts/codina_colada/ Implementation of raymarching. CodinaColada is my 2d game engine. Its main purpose is to be a sandbox in which I can implement any functionality I&rsquo;m interested in. Technologies OpenGL Box2D Tracy To improve performance of my engine I need to know where the biggest potentials for improvements are. This can be determined using a profiler. Tracy is one such profiler. It is able to measure CPU and GPU performance. This is done by introducing macros inside the functions to be instrumented which then create zones as can be seen in the image showing the performance of a single frame below.