Exetools  

Go Back   Exetools > General > General Discussion

Notices

Reply
 
Thread Tools Display Modes
  #16  
Old 01-12-2024, 07:45
th3tuga th3tuga is offline
Friend
 
Join Date: Oct 2023
Posts: 24
Rept. Given: 0
Rept. Rcvd 0 Times in 0 Posts
Thanks Given: 0
Thanks Rcvd at 10 Times in 6 Posts
th3tuga Reputation: 0
Quote:
Originally Posted by Gregory Morse View Post
I do not understand. Can someone explain with a simple example?
Dump the dll that is loaded from the resource, using DnSpy after it's loaded.
Then edit the dumped dll with your patches.
Remove the dll module initialize including the load statements from the exe.
Place the edited dll in the same folder with the exe and run. That's all.

I also use the nick Selya on some forums, since you cannot PM me here.
I respond only to known people though (no crack requests please).
Reply With Quote
  #17  
Old 01-13-2024, 12:31
cracki cracki is offline
Friend
 
Join Date: Oct 2003
Posts: 95
Rept. Given: 19
Rept. Rcvd 9 Times in 5 Posts
Thanks Given: 12
Thanks Rcvd at 8 Times in 4 Posts
cracki Reputation: 9
Quote:
Originally Posted by Levis View Post
Yes, all you need is to find a DLL or something that being called right before your target method, from the main executable, or any 3rd parties DLL,... then inject some small pieces of code to Reflective load your DLL into AppDomain, then you can do whatever you want, in this case, you're able to perform IL patch before the target method being called.
Remember that if your target is .NET Core, your hooking DLL must be .NET Core, too. Exact Runtime and exact version. For e.g, Target is .NET 6, then your code must be .NET 6, and so on.

If using function name is hard (when it's obfuscated), then you can try to resolve method using Method token. There is no big difference.
Thanks a lot for your guidance! The approach you suggested seems quite practical for my case

One other question:
How i can "resolve method using Method token" by HarmonyLib? is this possible?

Thanks again for the valuable insight!
Reply With Quote
  #18  
Old 01-13-2024, 17:47
Aakriti Aakriti is offline
Guest
 
Join Date: Sep 2023
Posts: 5
Rept. Given: 0
Rept. Rcvd 0 Times in 0 Posts
Thanks Given: 0
Thanks Rcvd at 1 Time in 1 Post
Aakriti Reputation: 0
Quote:
Originally Posted by Levis View Post
In this case I think that you should write your own hooking program to dynamically patching the DLL during runtime. LibHarmony should make in-memory patching becomes easier. Just need to wait until the dll is loaded into memory and then call your patching module.
Using LibHarmony to create a custom hooking program for dynamic DLL patching is an efficient solution. This solution speeds the patching process by utilizing in-memory patching and waiting for DLL loading, hence increasing adaptability and runtime flexibility.
Reply With Quote
The Following User Says Thank You to Aakriti For This Useful Post:
cracki (01-14-2024)
  #19  
Old 01-14-2024, 00:26
sendersu sendersu is offline
VIP
 
Join Date: Oct 2010
Posts: 1,081
Rept. Given: 333
Rept. Rcvd 225 Times in 117 Posts
Thanks Given: 244
Thanks Rcvd at 520 Times in 291 Posts
sendersu Reputation: 200-299 sendersu Reputation: 200-299 sendersu Reputation: 200-299
var method = AccessTools.TypeByName(typeName).Module.ResolveMethod(token);
Reply With Quote
The Following User Says Thank You to sendersu For This Useful Post:
cracki (01-14-2024)
Reply

Tags
.net, assembly, dnspy, dotnet

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



All times are GMT +8. The time now is 15:57.


Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX, chessgod101
( 1998 - 2024 )