Cheat Engine

RCard · How do I cheat? Reputation: 0 Joined: 25 Jan 2011 Posts: 5

Hello. I am writing a hook (trying to write to be more correct) in Delphi (so I can't use detours or whatever its called) to function via writing jmp to function's beginning which readdresses it to my function. My function is placed in DLL, which is injected to process dynamically, so it's base address can be higher than function's I want to hook, or lower. Although when it is higher it seems not to be a problem, but when it is lower I simply don't know how to calculate address to jump back.
For example: I want to hook GetTickCount64. If address of function in my DLL is higher that GetTickCount's64 (or rather myDLL's base address is higher than Kernel32's) I simply write to memory "E9(MyFunc's address-HookedFunc's address)", but I have no idea how to determine address if it is lower.

FLiNG · Newbie cheater Reputation: 0 Joined: 09 Apr 2011 Posts: 19

Isn't this method work for both situations, no matter your dll is higher or lower than the original fucntion adrress?

I am not sure if this work in delphi, although it should. I use this method in C# and c++ to calculate jump to a codecave and jump back as well.

RCard · How do I cheat? Reputation: 0 Joined: 25 Jan 2011 Posts: 5

Oh, yeah. Exactly. Sorry for my stupidity, I was simply sure it won't work Very Happy

Stylo · Posted: Fri Sep 30, 2011 10:23 am Post subject:

Think about it, that formula gives you the number of bytes to pass in order to get to your function.
It doesn't matter if it's lower or higher since it'll take it as an unsigned value.