Originally Posted by
Clarkie
Well you guys have a lot of detour problems so i made a detour for you guys. I know dont post this and that.
I was using topblast's revival Base and i notice the Tjmp structure, which is exactly what you need to make a Jump function. So I edited it and used it to make a detour.
Credit
Clarkie making it
Topblast (only for the little structure)
[highlight=c++]#pragma pack(push)
#pragma pack(1)
typedef struct {
unsigned char bNop;
unsigned char bPush;
unsigned long dwAddress;
unsigned char bRet;
} TestJmp;
typedef struct {
unsigned char bOPS[7];
unsigned char bNop;
unsigned char bJmp;
unsigned long dwAddress;
} Tjmp;
#pragma pack(pop)
bool Detour::Hook(PBYTE pTargetAddr, PBYTE pNewAddr, VOID** pCallOrigAddress)
{
TestJmp recJump;
Tjmp RetJump;
DWORD dwProtect;
*pCallOrigAddress = VirtualAlloc(0, sizeof(Tjmp), (MEM_COMMIT | MEM_RESERVE), PAGE_EXECUTE_READWRITE);
if( pCallOrigAddress != NULL)
{
WriteNOP(&RetJump, sizeof(Tjmp));
for( int i = 0; i < (sizeof(TestJmp)+1); i++)
RetJump.bOPS[i] = pTargetAddr[i];
RetJump.bNop = 0x90;
RetJump.bJmp = 0xE9;
RetJump.dwAddress = (DWORD(pTargetAddr) + (sizeof(TestJmp)+1))-DWORD(*pCallOrigAddress)-(((sizeof(TestJmp)*2)));
memcpy(*pCallOrigAddress, &RetJump, sizeof(Tjmp));
if( WriteNOP(pTargetAddr, (sizeof(TestJmp))) == true &&
VirtualProtect(pTargetAddr, sizeof(TestJmp), PAGE_EXECUTE_READWRITE, &dwProtect) == TRUE)
{
WriteNOP(&recJump, sizeof(TestJmp));
recJump.bNop = 0x90;
recJump.bPush = 0x68;
recJump.dwAddress = DWORD(pNewAddr);
recJump.bRet = 0xC3;
memcpy(pTargetAddr, &recJump, sizeof(TestJmp));
VirtualProtect(pTargetAddr, sizeof(TestJmp), dwProtect, &dwProtect);
return true;
}
}
return false;
}
[/highlight]