Hey guys, first post, just releasing my personal code for assembly hooking, hope you guys put it to good use.
Source:
Code:
typedef struct
{
BOOL hooked;
INT_PTR origAddress;
INT_PTR hookAddress;
BYTE origAsm[6];
BYTE hookedAsm[6];
} HOOK;
BOOL HookFunction( HOOK* hook )
{
if( hook->hooked )
return TRUE;
DWORD oldProtection;
DWORD numBytes;
if( *(INT_PTR*)(hook->hookedAsm + 1) == 0 )
{
hook->hookedAsm[0] = 0xe9; // jmp
hook->hookedAsm[5] = 0xc3; // retn
INT_PTR relativeAddress = hook->hookAddress - hook->origAddress - 5;
*(INT_PTR*)(hook->hookedAsm + 1) = relativeAddress;
}
VirtualProtect( (LPVOID)hook->origAddress, 6, PAGE_READWRITE, &oldProtection );
if( !ReadProcessMemory( GetCurrentProcess(), (LPVOID)hook->origAddress, hook->origAsm, 6, &numBytes ) || numBytes != 6 )
return FALSE;
numBytes = 0;
if( !WriteProcessMemory( GetCurrentProcess(), (LPVOID)hook->origAddress, hook->hookedAsm, 6, &numBytes ) || numBytes != 6 )
return FALSE;
VirtualProtect( (LPVOID)hook->origAddress, 6, oldProtection, NULL );
hook->hooked = TRUE;
return TRUE;
}
BOOL UnhookFunction( HOOK* hook )
{
if( !hook->hooked )
return TRUE;
DWORD oldProtection;
DWORD numBytes;
VirtualProtect( (LPVOID)hook->origAddress, 6, PAGE_READWRITE, &oldProtection );
if( !WriteProcessMemory( GetCurrentProcess(), (LPVOID)hook->origAddress, hook->origAsm, 6, &numBytes ) || numBytes != 6 )
return FALSE;
VirtualProtect( (LPVOID)hook->origAddress, 6, oldProtection, NULL );
hook->hooked = FALSE;
return TRUE;
}
Example usage:
Code:
static HOOK hkLoadLibraryA;
extern "C" HMODULE WINAPI LoadLibraryAHook( LPCSTR lpLibFileName )
{
UnhookFunction( &hkLoadLibraryA );
HMODULE returned = LoadLibraryA( lpLibFileName );
HookFunction( &hkLoadLibraryA );
// Own code goes here
return returned;
}
void Hook()
{
hkLoadLibraryA.origAddress = (INT_PTR)LoadLibraryA;
hkLoadLibraryA.hookAddress = (INT_PTR)LoadLibraryAHook;
HookFunction( &hkLoadLibraryA );
}