Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ; hot patching hook
- ; xorc1zt
- Procedure HotPatchHook(TargetFuncAddress.l, ProxyFuncAddress.l)
- ;E9 XX XX XX XX EB F9
- Protection.w
- JumpOffset.l = ( ProxyFuncAddress - ( TargetFuncAddress-5 ) )-5
- VirtualProtect_(TargetFuncAddress-5, 7, #PAGE_EXECUTE_READWRITE, @Protection)
- PokeA( TargetFuncAddress-5, $E9 ) ;Far Jump
- PokeL( TargetFuncAddress-4, JumpOffset )
- PokeA( TargetFuncAddress, $EB ) ;Short Jump
- PokeA( TargetFuncAddress+1, $F9 ) ; -5
- VirtualProtect_(TargetFuncAddress-5, 7, Protection, @Protection )
- EndProcedure
- Procedure RemoveHook(TargetFuncAddress.l)
- ;90 90 90 90 90 8B FF
- Protection.w
- VirtualProtect_(TargetFuncAddress-5, 7, #PAGE_EXECUTE_READWRITE, @Protection)
- PokeA( TargetFuncAddress-5, $90 )
- PokeA( TargetFuncAddress-4, $90 )
- PokeA( TargetFuncAddress-3, $90 )
- PokeA( TargetFuncAddress-2, $90 )
- PokeA( TargetFuncAddress-1, $90 )
- PokeA( TargetFuncAddress, $8B )
- PokeA( TargetFuncAddress+1, $FF )
- VirtualProtect_(TargetFuncAddress-5, 7, Protection, @Protection )
- EndProcedure
- Procedure.b IsHotPatchable(TargetFuncAddress.l)
- op.q = PeekQ(TargetFuncAddress-5)
- If FindString(Hex(op), "FF8B9090909090", 3)
- ProcedureReturn #True
- EndIf
- ProcedureReturn #False
- EndProcedure
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement