Code archives/Miscellaneous/Function Hooking
This code has been declared by its author to be Public Domain code.
Download source code
| |||||
| Based on http://blitzbasic.com/codearcs/codearcs.php?code=1758 but now as an Object and support for Unhooking and rehooking. .Hook(func, newfunc) - Redirects all calls to func to newfunc *do not use twice on the same function per instance without .UnHook first as the backup will get overwritten with the hooked version. .UnHook() - Sets the addresses back to original .ReHook() - Simply redo .Hook with the same addresses '' Test Local MyHook:AzHook=New AzHook A(1,2) MyHook.Hook(A,B) A(1,2) MyHook.UnHook() A(1,2) MyHook.ReHook() A(1,2) Function A(x,z) Print "A" Print x+" "+z EndFunction Function B(x,z) Print "B" Print z+" "+x EndFunction | |||||
Strict Extern "Win32" Function GetCurrentProcess:Int() Function ReadProcessMemory:Int(hProcess:Int,lpBaseAddress:Byte Ptr,lpBuffer:Byte Ptr,nSize:Int,lpNumberOfBytesRead:Byte Ptr) Function WriteProcessMemory:Int(hProcess:Int,lpBaseAddress:Byte Ptr,lpBuffer:Byte Ptr,nSize:Int,lpNumberOfBytesWritten:Byte Ptr) EndExtern Type AzHook Field _func:Byte Ptr Field _newfunc:Byte Ptr Field _d:Byte[6] Field _backup:Byte[6] Method New() _d[0]=$E9 _d[5]=$C3 EndMethod Method Hook:Int(func:Byte Ptr, newfunc:Byte Ptr) Local c=(Byte Ptr(newfunc)-Byte Ptr(func)-5) Local cp:Byte Ptr=Varptr c _func=func _newfunc=newfunc If _savefunc(func) _d[1]=cp[0] _d[2]=cp[1] _d[3]=cp[2] _d[4]=cp[3] Return _writefunc(func,_d) EndIf Return False EndMethod Method UnHook:Int() Return _writefunc(_func,_backup) EndMethod Method ReHook:Int() Return _writefunc(_func,_d) EndMethod Method _writefunc:Int(func:Byte Ptr, datatowrite:Byte Ptr) Local ret Return WriteProcessMemory(GetCurrentProcess(), func, datatowrite, 6, Varptr ret) EndMethod Method _savefunc:Int(func:Byte Ptr) Local ret Return ReadProcessMemory(GetCurrentProcess(), func, _backup, 6, Varptr ret) EndMethod EndType |
Comments
None.
Code Archives Forum
   |