Exetools  

Go Back   Exetools > General > Source Code

Notices

Reply
 
Thread Tools Display Modes
  #1  
Old 01-13-2017, 23:22
sh3dow sh3dow is offline
Family
 
Join Date: Oct 2014
Posts: 158
Rept. Given: 113
Rept. Rcvd 79 Times in 24 Posts
Thanks Given: 458
Thanks Rcvd at 202 Times in 75 Posts
sh3dow Reputation: 79
SignatureToDetour: Converts IDA Pro signatures to C++ Detours

this tool is helpful when you try to hook functions that aren't in the Win32 API.
Example:

Given a signature like the following from IDA Pro:
PHP Code:
char __cdecl sub_1193D40(int a1unsigned int a2signed int *a3_BYTE **a4, const char *a5
SignatureToDetour will output ("InternalFunction" being the user supplied desired name):
PHP Code:
#define INTERNALFUNCTION_ADDRESS 0x1193D40
char(__cdecloriginalInternalFunction)(intunsigned intsigned int *, BYTE **, const char *);
char hkInternalFunction(int a1,  unsigned int a2,  signed int *a3,  BYTE **a4,  const char *a5)
{
    return 
originalInternalFunction(a1a2a3a4a5);
}

originalInternalFunction = (char(__cdecl*)(intunsigned intsigned int *, BYTE **, const char *))DetourFunction((PBYTE)INTERNALFUNCTION_ADDRESS, (PBYTE)hkInternalFunction); 
source
PHP Code:
https://github.com/ChairGraveyard/SignatureToDetour 
Reply With Quote
The Following 7 Users Say Thank You to sh3dow For This Useful Post:
alephz (01-16-2017), Fyyre (08-07-2017), mudlord (01-15-2017), user1 (01-15-2017), WRP (01-14-2017), zeffy (07-27-2017)
  #2  
Old 01-23-2017, 19:18
΢Цһ ΢Цһ is offline
Friend
 
Join Date: Dec 2006
Location: ....
Posts: 22
Rept. Given: 0
Rept. Rcvd 1 Time in 1 Post
Thanks Given: 1
Thanks Rcvd at 4 Times in 4 Posts
΢Цһ Reputation: 1
Good tool. Maybe it's better to Write IDA plugin.
Reply With Quote
  #3  
Old 01-23-2017, 21:14
Shub-Nigurrath's Avatar
Shub-Nigurrath Shub-Nigurrath is offline
VIP
 
Join Date: Mar 2004
Location: Obscure Kadath
Posts: 922
Rept. Given: 62
Rept. Rcvd 419 Times in 94 Posts
Thanks Given: 70
Thanks Rcvd at 333 Times in 102 Posts
Shub-Nigurrath Reputation: 400-499 Shub-Nigurrath Reputation: 400-499 Shub-Nigurrath Reputation: 400-499 Shub-Nigurrath Reputation: 400-499 Shub-Nigurrath Reputation: 400-499
very nice, always have to do it manually!
__________________
Ŝħůb-Ňìĝùŕřaŧħ ₪)
There are only 10 types of people in the world: Those who understand binary, and those who don't
http://www.accessroot.com
Reply With Quote
Reply

Tags
detours, hook, ida pro plugin

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is On


Similar Threads
Thread Thread Starter Forum Replies Last Post
Microsoft Detours Pro v3.0 b30wulf Source Code 38 06-22-2018 10:41


All times are GMT +8. The time now is 04:13.


Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX, chessgod101
( 1998 - 2024 )