Hooking a function without knowing its signature
Posted: Fri Sep 23, 2016 7:55 pm
Hey everyone,
I want to make a small application for a research that hooks functions that I don't know their signature and simply trace the parameters of a predefined stack size.
I was thinking of making my replaced function an ellipsis function, but than, how would I make the call to the original function?
There are applications out there that are doing that (like rohitab api monitor or winapioverride), but they are missing a functionality I need for my research.
Is this possible with the MadCodeHook framework? and does any one have any ideas how to achieve that goal?
Thanks a lot!
I want to make a small application for a research that hooks functions that I don't know their signature and simply trace the parameters of a predefined stack size.
I was thinking of making my replaced function an ellipsis function, but than, how would I make the call to the original function?
There are applications out there that are doing that (like rohitab api monitor or winapioverride), but they are missing a functionality I need for my research.
Is this possible with the MadCodeHook framework? and does any one have any ideas how to achieve that goal?
Thanks a lot!