Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- /*returns pointer to old (detour+7) function*/
- MH_FUNC MH_Detour(MH_FUNC pFunc, MH_FUNC pNewFunc, MH_FUNC pDetour)
- {
- DWORD reqsz = 0;
- while ((reqsz += MH_instsz((void*)(pFunc+reqsz)) < 6);
- DWORD funcProt, detourProt;
- VirtualProtect((void*)pFunc, reqsz, PAGE_READWRITE, &funcProt);
- VirtualProtect((void*)pDetour, 6+reqsz+6, PAGE_READWRITE, &detourProt);
- BYTE bTemp[256]; MH_memcpy((void*)pFunc, (void*)&bTemp[0], reqsz);
- /* SAVE & OVERWRITE TOP OF ORIGINAL FUNCTION */
- DWORD dwDetour = (DWORD)pDetour, i = 0;
- *(pFunc + 0) = MH_PUSHimm; //PUSH imm32
- MH_memcpy((void*)&dwDetour, (void*)(pFunc + 1), 4); //imm32
- *(pFunc + 5) = MH_RET; //RET
- for (i = 6; i < reqsz; i++) *(pFunc + i) = MH_NOP;
- /* CALL NEW FUNCTION */
- DWORD dwNewFunc = (DWORD)pNewFunc;
- *(pDetour + 0) = MH_MOVEAXimm; //MOV EAX, imm32
- MH_memcpy((void*)&dwNewFunc, (void*)(pDetour + 1), 4); //imm32
- *(pDetour + 5) = MH_CALL; //CALL
- *(pDetour + 6) = MH_CALLeax; //eax
- /* ORIGINAL FUNCTION TOP */
- MH_FUNC pOldFunc = (pDetour + 7);
- MH_memcpy((void*)&bTemp[0], (void*)pOldFunc, reqsz);
- /* JUMP TO REST OF ORIGINAL FUNCTION */
- *(pOldFunc + reqsz) = MH_PUSHimm; //PUSH imm32
- MH_memcpy((void*)(pFunc+reqsz), (void*)(pOldFunc + reqsz + 1), 4); //imm32
- *(pOldFunc + reqsz + 5) = MH_RET; //RET
- return pOldFunc;
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
