Fwd: Fwd: [gsoc18] Boost.Detour & Mentor Search
---------- Forwarded message ---------- From: Michael Kiros <michaelakiros@gmail.com> Date: 22 March 2018 at 10:16 Subject: Re: [boost] Fwd: [gsoc18] Boost.Detour & Mentor Search To: Vinícius dos Santos Oliveira <vini.ipsmaker@gmail.com> What's the proper interception place then? If the game's main function was called main and your hook function was called _main_hook, then you'd need a way to get your function inside of the same address space of game's process. So that would mean DLL injection, adding your DLL to the list of loaded modules etc. What's the workflow? For software where the source code is available you'd simply compile your executable with the hooks and you wouldn't have to go through the problem of having your shared library/DLL getting loaded by the process. On 21 March 2018 at 23:25, Vinícius dos Santos Oliveira < vini.ipsmaker@gmail.com> wrote:
2018-03-22 1:16 GMT-03:00 Michael Kiros <michaelakiros@gmail.com>:
That repo represents the last, latest state of the repository [...]
Thanks.
[...] Like you said, it's easier to work with DLLs because their functions
are exported so you'd just located the address of the function using the export symbol table and the Windows API functions/POSIX equivalent.
I was more concerned with the separation of library/application when I made the question.
Suppose I want to change Tibia to cheat the game. There is a main function there on the executable (it's not _your main_). What's the proper interception place then? What's the workflow? Open the executable using your executable and transfer control flow once you prepare the hooks?
The 'hook types' that would be required would be specializations of a
single type and each type would represent a different approach to hooking a function.
Thanks.
-- Vinícius dos Santos Oliveira https://vinipsmaker.github.io/
participants (1)
-
Michael Kiros