-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathhook.cpp
More file actions
65 lines (44 loc) · 1.58 KB
/
hook.cpp
File metadata and controls
65 lines (44 loc) · 1.58 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
#include "pch.h"
#include "hook.h"
bool Hook::Detour32(BYTE* src, BYTE* dst, const uintptr_t len)
{
if (len < 5) return false;
DWORD curProtection;
VirtualProtect(src, len, PAGE_EXECUTE_READWRITE, &curProtection);
uintptr_t relativeAddress = dst - src - 5;
*src = 0xE9;
*(uintptr_t*)(src + 1) = relativeAddress;
VirtualProtect(src, len, curProtection, &curProtection);
return true;
}
//-------------------------------------------------------------//
BYTE* Hook::TrampHook32(BYTE* src, BYTE* dst, const uintptr_t len)
{
// Make sure the length is greater than 5
if (len < 5) return 0;
// Create the gateway (len + 5 for the overwritten bytes + the jmp)
BYTE* gateway = (BYTE*)VirtualAlloc(0, len, MEM_COMMIT | MEM_RESERVE, PAGE_EXECUTE_READWRITE);
//Write the stolen bytes into the gateway
if (gateway)
memcpy(gateway, src, len);
// Get the gateway to destination addy
uintptr_t gatewayRelativeAddr = src - gateway - 5;
// Add the jmp opcode to the end of the gateway
*(gateway + len) = 0xE9;
// Add the address to the jmp
*(uintptr_t*)((uintptr_t)gateway + len + 1) = gatewayRelativeAddr;
// Perform the detour
Detour32(src, dst, len);
return gateway;
}
//-------------------------------------------------------------//
bool Hook::ReturnBytes(BYTE* src, BYTE* dst, const uintptr_t len, BYTE* gateway)
{
if (len < 5) return false;
DWORD curProtection;
VirtualProtect(src, len, PAGE_EXECUTE_READWRITE, &curProtection);
uintptr_t relativeAddress = dst - src - 5;
memcpy(src, gateway, len);
VirtualProtect(src, len, curProtection, &curProtection);
return true;
}