Hook Specific address

[PSLorde]

How use HookCode for specific address? example: $0042E843

and function:

function ConnectKey(var _holdrand: DWORD): DWORD;
const
Key_1 = $2F6B6F5;
Key_2 = $14698B7;
Key_3 = $27F41C3;
Key_4 = $0B327BD;
begin
_holdrand := ((_holdrand * Key_1 + Key_2) shr $10) * Key_3 + Key_4;
Result := (_holdrand shr $10);
end;

[madshi]

It works the same way as hooking APIs. Your hook callback function and "next hook" function variable need to have the same calling convention and parameters as the function you want to hook. Have you tried? Does it not work?

[PSLorde]

It works the same way as hooking APIs. Your hook callback function and "next hook" function variable need to have the same calling convention and parameters as the function you want to hook. Have you tried? Does it not work?

Code: Select all

TrampolineNext                : function(var _holdrand: DWORD): DWORD;

function ConnectKey(var _holdrand: DWORD): DWORD;
const
  Key_1 = $2F6B6F5;
  Key_2 = $14698B7;
  Key_3 = $27F41C3;
  Key_4 = $0B327BD;
begin
  _holdrand := ((_holdrand * Key_1 + Key_2) shr $10) * Key_3 + Key_4;
  Result := (_holdrand shr $10);
end;

HookCode(Pointer($0042E843), @ConnectKey, @TrampolineNext);

are wrong? because it return fail at HookCode.

[madshi]

You mean HookCode fails? If so, what does GetLastError say?

[PSLorde]

You mean HookCode fails? If so, what does GetLastError say?

GetLastError say 7798786 on

Code: Select all

if not HookCode(Pointer($0042E843), @ConnectKey, @TrampolineNext) then
        WriteLn(IntToStr(GetLastError));

Using that worked:

Code: Select all

procedure PatchCode(Address: Pointer; const NewCode; Size: Integer);
var
  OldProtect: DWORD;
begin
  if VirtualProtect(Address, Size, PAGE_EXECUTE_READWRITE, OldProtect) then
  begin
    Move(NewCode, Address^, Size);
    FlushInstructionCache(GetCurrentProcess, Address, Size);
    VirtualProtect(Address, Size, OldProtect, @OldProtect);
  end;
end;

procedure RedirectProcedure(OldAddress, NewAddress: Pointer);
var
  NewCode: TInstruction;
begin
  NewCode.Opcode := $E9;
  NewCode.Offset := NativeInt(NewAddress)-NativeInt(OldAddress)-SizeOf(NewCode);
  PatchCode(OldAddress, NewCode, SizeOf(NewCode));
end;

[madshi]

That error code means "code not interceptable", which means that madCodeHook thinks that it's not safe to hook that code.

Can you do this:

Code: Select all

uses madDisAsm;

var as1 : AnsiString;
begin
  ParseFunction(Pointer($0042E843), as1);

Then please post the contents of "as1" here.

[PSLorde]

That error code means "code not interceptable", which means that madCodeHook thinks that it's not safe to hook that code.

Can you do this:

Code: Select all

uses madDisAsm;

var as1 : AnsiString;
begin
  ParseFunction(Pointer($0042E843), as1);

Then please post the contents of "as1" here.

Code: Select all

0042e843 sub_42e843:                      ; function entry point
0042e843   jmp     loc_4a3b80
0042e843
0042e843 ; ---------------------------------------------------------
0042e843
004a3b80 loc_4a3b80:
004a3b80   mov     eax, [ecx]
004a3b82   imul    eax, eax, $2f6b6f5
004a3b88   add     eax, $14698b7
004a3b8d   mov     [ecx], eax
004a3b8f   shr     eax, $10
004a3b92   imul    eax, eax, $27f41c3
004a3b98   add     eax, $b327bd
004a3b9d   shr     eax, $10
004a3ba0   ret

I'm also using the code at asm for now, since without asm it crashs app.

Code: Select all

function MyAssemblyFunction(var Value: Integer): Integer;
begin
  asm
    MOV EAX, [ECX]

    IMUL EAX, KeyPackage_1
    ADD EAX, KeyPackage_2
    MOV [ECX], EAX

    SHR EAX, $10
    IMUL EAX, KeyPackage_3
    ADD EAX, KeyPackage_4

    SHR EAX, $10

    RETN
  end;
end;

but as said previous, using the patch code, not HookCode.

[madshi]

Try hooking loc_4a3b80 instead of sub_42e843, that should work.