3

うーん、フッキングについて学びたいのですが、ネットで見つけたチュートリアルが動かないようです。

私がやりたいのは、C++ でのジャンプ フックです。

コードは次のとおりです。

void DoHook(DWORD* Address, DWORD* Hook, DWORD pid){   

    HANDLE Server = OpenProcess(PROCESS_VM_OPERATION | PROCESS_VM_WRITE | PROCESS_VM_READ , false, pid );
    Address = (DWORD*)Address + 0x18;
    DWORD OldProt;     
    DWORD HookOffset = (DWORD*)Hook-(DWORD*)Address-5;
    std::wcout << "Hook on address" << std::hex << Address<< std::endl;
    std::wcout << "Hook offset is " << std::hex << HookOffset << std::endl;

    if ( ! VirtualProtectEx(Server, (LPVOID) Address, 40,PAGE_EXECUTE_READWRITE, &OldProt) ) {
        ErrorExit(L"VirtualProtectEx");
    };

    char* CharPointer = (char*) Address;
    BYTE newdata[5]={0xE9}; 
    BYTE x;
    int i = 1;
    while ( HookOffset > 0 ) {
        x = HookOffset & 0xff;
        newdata[5-i] = x;
        i++;
        HookOffset >>= 8;
    }
    std::wcout << "Bytes " <<newdata[0] << " " << newdata[1] << " " << newdata[2] << " " << newdata[3] << " " << newdata[4] << std::endl;

    DWORD newdatasize = sizeof(newdata);
    if ( ! WriteProcessMemory(Server,Address,(LPCVOID*)newdata,newdatasize,NULL) ) {
        ErrorExit(L"WriteProcessMemory");
    }

//  VirtualProtect((void*) Address, 40, 0x40, &OldProt);

    return;
}

出力テキストは次のとおりです。

Process ID is 2764 // PID of the app that's being hooked
Function address is 00A81190 // this is the function i'm doing the jump to
Entry point is 00080000 // for the app that's being hooked
Hook on address 00080060 // for the app that's being hooked
Hook offset is 28048e // HookAddress - FunctionAddress - 5
Bytes e9 0 28 4 8e // this is the jump i'm planning to do
Press any key to continue . . .

ただし、アプリケーションは更新されません。

4

1 に答える 1