 |
Cheat Engine
The Official Site of Cheat Engine
|
| View previous topic :: View next topic |
| Author |
Message |
myistank
Cheater
![]() Reputation: 0
Joined: 08 Dec 2007
Posts: 46
|
 Posted: Sat May 29, 2010 10:02 am Post subject: about Hook WriteProcessMemory |
 |
|
| Code: |
BOOL WINAPI MyWriteProcessMemory(
HANDLE hProcess, // handle to process
LPVOID lpBaseAddress, // base of memory area
LPVOID lpBuffer, // data buffer
DWORD nSize, // number of bytes to write
LPDWORD lpNumberOfBytesWritten // number of bytes written
);
DETOUR_TRAMPOLINE(BOOL WINAPI CopyWriteProcessMemory(HANDLE, LPVOID, LPVOID, DWORD, LPDWORD), WriteProcessMemory);
BOOL WINAPI MyWriteProcessMemory(
HANDLE hProcess, // handle to process
LPVOID lpBaseAddress, // base of memory area
LPVOID lpBuffer, // data buffer
DWORD nSize, // number of bytes to write
LPDWORD lpNumberOfBytesWritten) // number of bytes written
{
BOOL nResult=CopyWriteProcessMemory(hProcess,lpBaseAddress,lpBaseAddress,nSize,lpNumberOfBytesWritten);
MessageBoxA(NULL,(LPCTSTR)lpBaseAddress,"Hook!",MB_OK);
return nResult;
}
BOOL APIENTRY DllMain( HANDLE hModule,
DWORD ul_reason_for_call,
LPVOID lpReserved
)
{
switch (ul_reason_for_call)
{
case DLL_PROCESS_ATTACH:
OutputDebugString("Detour dll Load!");
DetourFunctionWithTrampoline((PBYTE)CopyWriteProcessMemory, (PBYTE)MyWriteProcessMemory);
break;
case DLL_THREAD_ATTACH:
break;
case DLL_THREAD_DETACH:
break;
case DLL_PROCESS_DETACH:
OutputDebugString("Detour dll Exit!");
DetourRemove((PBYTE)CopyWriteProcessMemory, (PBYTE)MyWriteProcessMemory);
break;
}
return TRUE;
}
|
Who can tell me how to use the "Detours" to Hook WriteProcessMemory?
I want to get WriteProcessMemory the memory of information.
this's my code.
When I use the "WriteProcessMemory" after the injection, but it won't execute "MessageBoxA" 
|
|
| Back to top |
|
 |
atom0s
Moderator
 Reputation: 205
Joined: 25 Jan 2006
Posts: 8587
Location: 127.0.0.1
|
| Posted: Sat Jun 12, 2010 7:20 pm Post subject: |
|
|
For Detours 2.1 you can do:
| Code: |
#include <Windows.h>
//
// You will need to change these if you do not have the
// paths for Detours added to your global directories.
#pragma comment( lib, "detours.lib" )
#include <detours.h>
extern "C"
{
// Original Definition
// BOOL WINAPI WriteProcessMemory( HANDLE hProcess, LPVOID lpBaseAddress, LPCVOID lpBuffer, SIZE_T nSize, SIZE_T *lpNumberOfBytesWritten );
BOOL ( WINAPI *Real_WriteProcessMemory )( HANDLE, LPVOID, LPCVOID, SIZE_T, SIZE_T* ) = WriteProcessMemory;
}
BOOL WINAPI Mine_WriteProcessMemory( HANDLE hProcess, LPVOID lpBaseAddress, LPCVOID lpBuffer, SIZE_T nSize, SIZE_T *lpNumberOfBytesWritten )
{
// Do whatever you need here..
// Edit the below line if you do not want to call the original etc.
return Real_WriteProcessMemory( hProcess, lpBaseAddress, lpBuffer, nSize, lpNumberOfBytesWritten );
}
BOOL WINAPI DllMain( HMODULE hModule, DWORD dwReason, LPVOID lpReserved )
{
switch( dwReason )
{
case DLL_PROCESS_ATTACH:
DetourTransactionBegin();
DetourUpdateThread( GetCurrentThread() );
DetourAttach( &(PVOID&)Real_WriteProcessMemory, Mine_WriteProcessMemory );
DetourTransactionCommit();
break;
}
return TRUE;
} |
I tossed this together in Notepad so there might be some small mistakes. But that is the basics for using Detours 2.1 I suggest reading the help file with 2.1 to learn the differences between 1.5 etc. Also read the EULA and such as it is different from 1.5's and there are some things you need to know if you wish to distribute projects with Detours in them.
Overall you will be better off writing your own detouring library or using another that isn't from Microsoft if you plan to distribute.
_________________
- Retired. |
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
