Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


[fpc/delphi] calling an injected dll function

 
Post new topic   Reply to topic    Cheat Engine Forum Index -> General programming
View previous topic :: View next topic  
Author Message
mezzo
Cheater
Reputation: 1

Joined: 08 Sep 2010
Posts: 28
PostPosted: Sat Dec 24, 2011 8:41 pm    Post subject: [fpc/delphi] calling an injected dll function Reply with quote
I programmed a little DLL which does it's thing when injected (DLL_PROCESS_ATTACH).

I would however also like to patch some code to call a function exported by
my DLL. My question is, how do I figure out what opcodes to write so it executes my function ? Is there a win32 call or some pascal/delphi magic that will tell me what memory address (I presume) my DLL function(s) are located at?

Any and all help is welcome.

(even if it is rtfm accompanied by an msdn link)


EDIT:
I guess I have to use the GetProcAddress function to get the address in hex and then add a 'call' asm operand in front ?
Back to top
View user's profile Send private message
NoMercy
Master Cheater
Reputation: 1

Joined: 09 Feb 2009
Posts: 289
PostPosted: Sun Dec 25, 2011 4:48 am    Post subject: Reply with quote
Check out on msdn the GetProcAddress().

This is just one of the many variants.

Check this out for more methods:

http://msdn.microsoft.com/en-us/library/wf2w9f6x%28v=vs.80%29.aspx
Back to top
View user's profile Send private message
mezzo
Cheater
Reputation: 1

Joined: 08 Sep 2010
Posts: 28
PostPosted: Sun Jan 01, 2012 8:01 pm    Post subject: Reply with quote
For some weird reason I kept getting bogus return values from GetProcAddress under freepascal. But I figured it out through some code I found online.

This is what I made of it:

Code:

function writepatch:boolean;stdcall;

begin

  AddressFunc := Cardinal(@hunger);
  JMP[0] := $E8; JMP[1] := 0; JMP[2] := 0; JMP[3] := 0; JMP[4] := 0;JMP[5] := $90;
  searchforstuff;     // find patch location, put address in cAddress global
  Calculation := ((AddressFunc-cAddress)-5);
  Move(Calculation, JMP[1], 4);
  //writeln('Patch should be written to: ' +IntToHex(cAddress,8));
  //writeln('I would jump to: ' +IntToHex(AddressFunc,8));
  //writeln('patch: '+inttohex(JMP[0],2)+inttohex(JMP[1],2)+inttohex(JMP[2],2)+inttohex(JMP[3],2)+inttohex(JMP[4],2)+inttohex(JMP[5],2));
  //writeln('Unprotecting...');
  if not VirtualProtect(Pointer(cAddress), 6, PAGE_EXECUTE_READWRITE, @oldprotect) then
     RaiseLastWin32Error;

  //writeln('Virtualprotect done, starting to patch...');
  WriteByte(cAddress, JMP[0]);
  WriteByte(cAddress+1, JMP[1]);
  WriteByte(cAddress+2, JMP[2]);
  WriteByte(cAddress+3, JMP[3]);
  WriteByte(cAddress+4, JMP[4]);
  WriteByte(cAddress+5, JMP[5]);

  writeln('Reprotecting: ');
  if not VirtualProtect(Pointer(cAddress), 6, oldprotect^, nil) then
     RaiseLastWin32Error;
  Result := true;

end;                               


Probably not the most elegant way but it seems to be working for what I need..
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> General programming All times are GMT - 6 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites