Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


Dll Injection Question

 
Post new topic   Reply to topic    Cheat Engine Forum Index -> General programming
View previous topic :: View next topic  
Author Message
dnsi0
I post too much
Reputation: 0

Joined: 04 Jan 2007
Posts: 2674
PostPosted: Thu Aug 07, 2008 9:59 am    Post subject: Dll Injection Question Reply with quote
When you inject a dll into say maplestory. Will the original apis called ex.kernel32, ntdll etc. By unhooked? Or do you still need a hook hop?
Back to top
View user's profile Send private message
lurc
Grandmaster Cheater Supreme
Reputation: 2

Joined: 13 Nov 2006
Posts: 1900
PostPosted: Thu Aug 07, 2008 10:52 am    Post subject: Reply with quote
I'm pretty sure you can call them from MapleStory. MapleStory should be on the whitelist in GameGuard's hooks.
_________________
Back to top
View user's profile Send private message
Zand
Master Cheater
Reputation: 0

Joined: 21 Jul 2006
Posts: 424
PostPosted: Thu Aug 07, 2008 10:56 am    Post subject: Reply with quote
Do it in GameMon Very Happy
Back to top
View user's profile Send private message
rapion124
Grandmaster Cheater Supreme
Reputation: 0

Joined: 25 Mar 2007
Posts: 1095
PostPosted: Thu Aug 07, 2008 12:28 pm    Post subject: Reply with quote
lurc wrote:
I'm pretty sure you can call them from MapleStory. MapleStory should be on the whitelist in GameGuard's hooks.


Unfortunately no. The only process that doesn't get Usermode hooks is GameMon.
Back to top
View user's profile Send private message
dnsi0
I post too much
Reputation: 0

Joined: 04 Jan 2007
Posts: 2674
PostPosted: Thu Aug 07, 2008 1:00 pm    Post subject: Reply with quote
Ok. so we still need hookhop for kernel32 right?
Back to top
View user's profile Send private message
Zand
Master Cheater
Reputation: 0

Joined: 21 Jul 2006
Posts: 424
PostPosted: Fri Aug 08, 2008 2:46 am    Post subject: Reply with quote
How do you hookhop kernel32????
Back to top
View user's profile Send private message
Ksbunker
Advanced Cheater
Reputation: 0

Joined: 18 Oct 2006
Posts: 88
PostPosted: Fri Aug 08, 2008 9:32 pm    Post subject: re: Reply with quote
Code:
mov edi, edi
push ebp
mov ebp, esp
jmp API+5
Back to top
View user's profile Send private message
Slugsnack
Grandmaster Cheater Supreme
Reputation: 71

Joined: 24 Jan 2007
Posts: 1857
PostPosted: Sat Aug 09, 2008 3:52 am    Post subject: Reply with quote
Yes with DLL injection, APIs are still hooked and not only those from kernel32.dll, other system libraries like gdi32.dll, etc. have functions in them hooked. And yes, you could still trampoline past.

I still don't know why people always seem to find the need to add the "mov edi, edi" when they're trampolining.. It's as useless as a NOP in the context you are using it in, may as well take it out.
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> General programming All times are GMT - 6 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites