These detours are 100% my code. If you fine code from someone in it.. you lying i spent the whole morning running and testing this thing. And unlike Topblast's detours it have a Detour Remove. These detours also explains everything it does so if your a novice to detours you can read and understand how it works.
Don't Hate, AppreciateCREDITS
- Clarkie
- Me, Myself and I
[highlight=C++]
bool Hook(PBYTE pTargetAddress, PBYTE pNewAddress, VOID**pCallOriginalAddress)
{
//Define your Variables
// I should not have to explain this. but it stores the information and use it again from VirtualProtect
DWORD dwProtect;
//Allocate Memory for your Data to be stored
LPVOID memAlloc;
// if memAlloc is NULL/0 then it failed
memAlloc = VirtualAlloc(0, 17, (MEM_COMMIT | MEM_RESERVE), PAGE_EXECUTE_READWRITE);
if( memAlloc == NULL) goto fail;
//Full memAlloc with the Bytes that were replace
memcpy(memAlloc, pTargetAddress, 7);
//Add a NOP to memAlloc
*(PBYTE)DWORD(DWORD(memAlloc) + 7) = 0x90;
// Add a JMP to memAlloc
*(PBYTE)DWORD(DWORD(memAlloc) + 8) = 0xE9;
// The address to Jump to.
*(PDWORD)(DWORD(memAlloc) + 9) = (DWORD(pTargetAddress)+8) - DWORD(memAlloc)- 14;
// Storing Extra Info that will not be used in memAlloc.
*(PDWORD)(DWORD(memAlloc) + 13) = DWORD(pTargetAddress);
//make your return equal memAlloc;
*pCallOriginalAddress = memAlloc;
if(VirtualProtect(pTargetAddress, 7, PAGE_EXECUTE_READWRITE, &dwProtect) != TRUE) goto fail;
//clean the area we are about to hook.
for(INT i = 0; i < 7; i++)
pTargetAddress[i] = 0x90;
//The Bytes we clean are now being filled with NOP
*pTargetAddress = 0x90;
// PUSH
*(PBYTE)DWORD(pTargetAddress+1) = 0x68;
// Address to Push to
*(PDWORD)DWORD(pTargetAddress+2) = DWORD(pNewAddress);
//return
*(PBYTE)DWORD(pTargetAddress+6) = 0xC3;
VirtualProtect(pTargetAddress, 7, dwProtect, &dwProtect);
return true;
fail:
return false;
}
// HookRemove not tested.
bool HookRemove(VOID**pCallOriginalAddress)
{
LPVOID memAlloc;
// Fill the Memory to reverse
memAlloc = *pCallOriginalAddress;
// Get the address to Targeted function
PBYTE pTargetAddress = (PBYTE)*(PDWORD)(DWORD(memAlloc) + 13);
// Return the bytes to the target function.
memcpy(pTargetAddress,memAlloc, 7);
// Free the Allocated Memory
return VirtualFree(memAlloc, 0, MEM_RELEASE);
}
[/highlight]
Unlike Departures DetoursAnd unlike Topblast's detours And unlike Topblast's detours
I just like programming, that is all.
Current Stuff:
- GPU Programmer (Cuda)
- Client/Server (Cloud Server)
- Mobile App Development
Clarkie (06-01-2011)
This is a black man. Born black died White.
AtomicStone (06-04-2011),NOOBJr (06-01-2011),Tony Stark` (06-01-2011)
CAFlames (06-01-2011)
ima call in the big guns
IP Check these guise jabuuuuuuty @Severus Snape
Hi Guys im @whit 's Cousin He is so awesome and i love his Signature
Tony Stark` (06-01-2011),whit (06-01-2011)
Drake (06-01-2011),Tony Stark` (06-01-2011)