public void Run( RemoteHooking.IContext context, string channelName) { _server.IsInstalled(RemoteHooking.GetCurrentProcessId()); // 4c 89 4c 24 20 44 89 44 24 18 55 57 41 factUpdateOrigPtr = Process.GetCurrentProcess().MainModule.BaseAddress + 0x7b45f0; _server.ReportMessage(Process.GetCurrentProcess().MainModule.FileName); _server.ReportMessage(Process.GetCurrentProcess().MainModule.BaseAddress.ToString()); _server.ReportMessage((Process.GetCurrentProcess().MainModule.BaseAddress + 0x7b45f0).ToString()); var hook = LocalHook.Create(factUpdateOrigPtr, new FactUpdateHook(FactUpdate_Hooked), this); hook.ThreadACL.SetExclusiveACL(new Int32[] { 0 }); RemoteHooking.WakeUpProcess(); _server.ReportMessage("done hooking"); try { // Loop until FileMonitor closes (i.e. IPC fails) while (true) { System.Threading.Thread.Sleep(500); _server.Ping(); } } catch { // Ping() or ReportMessages() will raise an exception if host is unreachable } // Remove hooks hook.Dispose(); // Finalise cleanup of hooks EasyHook.LocalHook.Release(); }