| Re: Function Hooking [message #490171 is a reply to message #490170] |
Sun, 28 December 2014 10:58   |
Neijwiert
Messages: 124
Registered: October 2009
Karma:
|
Recruit |
|
|
| iRANian wrote on Sun, 28 December 2014 07:05 |
What you can also do is place a JMP at the very start of the original function to your own hook. Then when you want to call the original function you re-create the first 5 bytes you overwrote in assembly then just jmp 5 bytes into the original function.
function:
push ebp ; byte 1
push edi ; byte 2
push esi ; byte 3
push ebx ; byte 4
push ecx ; byte 5
push edx ; byte 6
Then after jumping hooking:
function:
jmp <hookfunc> ; byte 1-5
push edx ; byte 6
void HookFunc()
{
blabla
}
void _declspec(naked)Call original func()
{
_asm
{
push ebp ; byte 1
push edi ; byte 2
push esi ; byte 3
push ebx ; byte 4
push ecx ; byte 5
jmp to byte 6; where 'push edx' is located
}
}
|
That was exactly what I was trying to achieve in my first attempt. Yet it somehow didn't jump to the new function, If you toggle the spoilers in the first post you can see how I tried it.
|
|
|
|
Search
Help
Members
Register
Login
Home
