View Single Post
  #1  
Old 01-13-2017, 23:22
sh3dow sh3dow is offline
Family
 
Join Date: Oct 2014
Posts: 158
Rept. Given: 113
Rept. Rcvd 79 Times in 24 Posts
Thanks Given: 458
Thanks Rcvd at 202 Times in 75 Posts
sh3dow Reputation: 79
SignatureToDetour: Converts IDA Pro signatures to C++ Detours

this tool is helpful when you try to hook functions that aren't in the Win32 API.
Example:

Given a signature like the following from IDA Pro:
PHP Code:
char __cdecl sub_1193D40(int a1unsigned int a2signed int *a3_BYTE **a4, const char *a5
SignatureToDetour will output ("InternalFunction" being the user supplied desired name):
PHP Code:
#define INTERNALFUNCTION_ADDRESS 0x1193D40
char(__cdecloriginalInternalFunction)(intunsigned intsigned int *, BYTE **, const char *);
char hkInternalFunction(int a1,  unsigned int a2,  signed int *a3,  BYTE **a4,  const char *a5)
{
    return 
originalInternalFunction(a1a2a3a4a5);
}

originalInternalFunction = (char(__cdecl*)(intunsigned intsigned int *, BYTE **, const char *))DetourFunction((PBYTE)INTERNALFUNCTION_ADDRESS, (PBYTE)hkInternalFunction); 
source
PHP Code:
https://github.com/ChairGraveyard/SignatureToDetour 
Reply With Quote
The Following 7 Users Say Thank You to sh3dow For This Useful Post:
alephz (01-16-2017), Fyyre (08-07-2017), mudlord (01-15-2017), user1 (01-15-2017), WRP (01-14-2017), zeffy (07-27-2017)