Exetools

Exetools (https://forum.exetools.com/index.php)
-   Source Code (https://forum.exetools.com/forumdisplay.php?f=46)
-   -   SignatureToDetour: Converts IDA Pro signatures to C++ Detours (https://forum.exetools.com/showthread.php?t=18075)

sh3dow 01-13-2017 23:22

SignatureToDetour: Converts IDA Pro signatures to C++ Detours
 
this tool is helpful when you try to hook functions that aren't in the Win32 API.
Example:

Given a signature like the following from IDA Pro:
PHP Code:

char __cdecl sub_1193D40(int a1unsigned int a2signed int *a3_BYTE **a4, const char *a5

SignatureToDetour will output ("InternalFunction" being the user supplied desired name):
PHP Code:

#define INTERNALFUNCTION_ADDRESS 0x1193D40
char(__cdecloriginalInternalFunction)(intunsigned intsigned int *, BYTE **, const char *);
char hkInternalFunction(int a1,  unsigned int a2,  signed int *a3,  BYTE **a4,  const char *a5)
{
    return 
originalInternalFunction(a1a2a3a4a5);
}

originalInternalFunction = (char(__cdecl*)(intunsigned intsigned int *, BYTE **, const char *))DetourFunction((PBYTE)INTERNALFUNCTION_ADDRESS, (PBYTE)hkInternalFunction); 

source
PHP Code:

https://github.com/ChairGraveyard/SignatureToDetour 


΢Цһµ¶ 01-23-2017 19:18

Good tool. Maybe it's better to Write IDA plugin.

Shub-Nigurrath 01-23-2017 21:14

very nice, always have to do it manually!


All times are GMT +8. The time now is 09:04.

Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2024, vBulletin Solutions, Inc.
Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX