hot patching hook

1. ; hot patching hook
2. ; xorc1zt
3.  
4. Procedure HotPatchHook(TargetFuncAddress.l, ProxyFuncAddress.l)
5.   ;E9 XX XX XX XX EB F9
6.   Protection.w
7.   JumpOffset.l = ( ProxyFuncAddress - ( TargetFuncAddress-5 ) )-5
8.   VirtualProtect_(TargetFuncAddress-5, 7, #PAGE_EXECUTE_READWRITE, @Protection)
9.   PokeA( TargetFuncAddress-5, $E9 ) ;Far Jump
10.   PokeL( TargetFuncAddress-4, JumpOffset )
11.   PokeA( TargetFuncAddress,   $EB ) ;Short Jump
12.   PokeA( TargetFuncAddress+1, $F9 ) ; -5
13.   VirtualProtect_(TargetFuncAddress-5, 7, Protection, @Protection )
14. EndProcedure
15.  
16. Procedure RemoveHook(TargetFuncAddress.l)
17.   ;90 90 90 90 90 8B FF
18.   Protection.w
19.   VirtualProtect_(TargetFuncAddress-5, 7, #PAGE_EXECUTE_READWRITE, @Protection)
20.   PokeA( TargetFuncAddress-5, $90 )
21.   PokeA( TargetFuncAddress-4, $90 )
22.   PokeA( TargetFuncAddress-3, $90 )
23.   PokeA( TargetFuncAddress-2, $90 )
24.   PokeA( TargetFuncAddress-1, $90 )
25.   PokeA( TargetFuncAddress,   $8B )
26.   PokeA( TargetFuncAddress+1, $FF )
27.   VirtualProtect_(TargetFuncAddress-5, 7, Protection, @Protection )
28. EndProcedure
29.  
30. Procedure.b IsHotPatchable(TargetFuncAddress.l)
31.   op.q = PeekQ(TargetFuncAddress-5)
32.   If FindString(Hex(op), "FF8B9090909090", 3)
33.     ProcedureReturn #True
34.   EndIf
35.   ProcedureReturn #False
36. EndProcedure