Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


Patching file with API Hook

 
Post new topic   Reply to topic    Cheat Engine Forum Index -> General Discussions
View previous topic :: View next topic  
Author Message
Redouane
Master Cheater
Reputation: 3

Joined: 05 Sep 2013
Posts: 347
Location: Algeria

PostPosted: Sat May 06, 2017 2:51 pm    Post subject: Patching file with API Hook Reply with quote

Hello,

I want to remplace all the calls to a windows API function (getSystemTimePreciseAsFileTime) with calls (or jmps) to a code cave in the main module, is it possible to do it without patching each call separately? maybe by updating something in the executable header (I've read about the import table, but I am not sure on how it gets loaded in memory and updated when the program gets executed).

Thanks
Back to top
View user's profile Send private message
atom0s
Moderator
Reputation: 133

Joined: 25 Jan 2006
Posts: 7067
Location: 127.0.0.1

PostPosted: Sun May 07, 2017 12:11 pm    Post subject: Reply with quote

Any reason why you want to replace every single API rather than a select few? Typically you are not going to need to hook that many API for any reason.

If you are looking to determine some information or similar, there are programs already made that will hook every API and print out their usage information. Such as:
http://www.rohitab.com/apimonitor

Keep in mind this is not marked to support Win10.

_________________
- Retired.
Back to top
View user's profile Send private message Visit poster's website
Redouane
Master Cheater
Reputation: 3

Joined: 05 Sep 2013
Posts: 347
Location: Algeria

PostPosted: Sun May 07, 2017 2:26 pm    Post subject: Reply with quote

atom0s wrote:
Any reason why you want to replace every single API rather than a select few? Typically you are not going to need to hook that many API for any reason.

If you are looking to determine some information or similar, there are programs already made that will hook every API and print out their usage information. Such as:
http://www.rohitab.com/apimonitor

Keep in mind this is not marked to support Win10.


I want to hook only one API function : GetSystemTimePreciseAsFileTime (remplace all the calls to that function with calls to an executable code cave in the main module), but I am wondering if it's possible to save the modifications to the executable without patching every call to that function (some calls are of the form : call register (like call esi)).
Thanks.
Back to top
View user's profile Send private message
atom0s
Moderator
Reputation: 133

Joined: 25 Jan 2006
Posts: 7067
Location: 127.0.0.1

PostPosted: Mon May 08, 2017 1:08 pm    Post subject: Reply with quote

You are over-thinking the need of what you are trying to do but I also understand you want to save the modifications. I'd suggest you write a loader for this though cause it will be able to hook the single API once for all instances of its usage rather than trying to patch every single time it's called.

It's much easier to just hook the API call and do what you need once than try and edit the exe to alter every call to this if there are a lot of them.

_________________
- Retired.
Back to top
View user's profile Send private message Visit poster's website
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> General Discussions All times are GMT - 6 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites