11-29-2022, 23:34
|
|
Friend
|
|
Join Date: Aug 2016
Location: RCE
Posts: 61
Rept. Given: 1
Rept. Rcvd 4 Times in 2 Posts
Thanks Given: 54
Thanks Rcvd at 81 Times in 35 Posts
|
|
Quote:
Originally Posted by user1
This code only for x86 for x64 need changed
anyone can help with this?
Code:
#define DETOUR_DEFINE(F) BYTE OH_##F[5]; BYTE NH_##F[5];
#define DETOUR_SET(F) DetourSet((DWORD)F, (DWORD)D_##F, OH_##F, NH_##F)
#define DETOUR_EXEC(R, F, ...) { CopyMemory((LPVOID)F, OH_##F, 5); R = F(__VA_ARGS__); CopyMemory((LPVOID)F, NH_##F, 5); }
VOID DetourSet(DWORD old_func, DWORD new_func, BYTE* old_header, BYTE* new_header)
{
DWORD op;
VirtualProtect((LPVOID)old_func, 5, PAGE_EXECUTE_READWRITE, &op);
CopyMemory(old_header, (LPVOID)old_func, 5);
DWORD size = new_func - (old_func + 5);
new_header[0] = 0xE9;
new_header[1] = size >> 0;
new_header[2] = size >> 8;
new_header[3] = size >> 16;
new_header[4] = size >> 24;
CopyMemory((LPVOID)old_func, new_header, 5);
}
|
Hi
Maybe you just need to change DWORD to UInt64 (old_func, new_func).
Also you might face error in some functions(size of instructions), you can't overwrite bytes blindly unless you don't have any plan to use original function anymore !!!
|
Similar Threads
Threaded Mode