-
Notifications
You must be signed in to change notification settings - Fork 0
/
hook.cpp
38 lines (34 loc) · 1.06 KB
/
hook.cpp
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
#include "includes.h"
// hooking functions by rake and solair
// patch bytes function
void Patch(BYTE* dst, BYTE* src, unsigned int size) {
DWORD oProc;
VirtualProtect(dst, size, PAGE_EXECUTE_READWRITE, &oProc);
memcpy(dst, src, size);
VirtualProtect(dst, size, oProc, &oProc);
}
// hook function
bool Hook(char* src, char* dst, int len) {
if (len < 5) return false;
DWORD oProc;
VirtualProtect(src, len, PAGE_EXECUTE_READWRITE, &oProc);
memset(src, 0x90, len);
uintptr_t relAddy = (uintptr_t)(dst - src - 5);
*src = (char)0xE9;
*(uintptr_t*)(src + 1) = (uintptr_t)relAddy;
VirtualProtect(src, len, oProc, &oProc);
return true;
}
// trampoline hook function
char* TrampHook(char* src, char* dst, unsigned int len) {
if (len < 5) return 0;
char* gateway = (char*)VirtualAlloc(0, len + 5, MEM_COMMIT | MEM_RESERVE, PAGE_EXECUTE_READWRITE);
memcpy(gateway, src, len);
uintptr_t jumpAddy = (uintptr_t)(src - gateway - 5);
*(gateway + len) = (char)0xE9;
*(uintptr_t*)(gateway + len + 1) = jumpAddy;
if (Hook(src, dst, len)) {
return gateway;
}
else return nullptr;
}