C# (CSharp) NACF.Hooks DetourEngine примеры использования

Пример #1

Файл: X86EngineProvider.cs Проект: ZeroLP/NACF

        public void Uninstall()
        {
            fixed(byte *p = OriginalTargetFunctionInstructions)
            DetourEngine.MemCpy(TargetFunctionAddress, (nint)p, OriginalTargetFunctionInstructions.Length);

            Console.WriteLine($"Successfully uninstalled hook at: 0x{TargetFunctionAddress:X}");
        }

Пример #2

Файл: X86EngineProvider.cs Проект: ZeroLP/NACF

        public void Install()
        {
            fixed(byte *p = RelativeJmpInstructions)
            DetourEngine.MemCpy(TargetFunctionAddress, (nint)p, RelativeJmpInstructions.Length);

            Console.WriteLine($"Successfully installed hook at: 0x{TargetFunctionAddress:X}");
        }

Пример #3

Файл: X86EngineProvider.cs Проект: ZeroLP/NACF

        public X86EngineProvider(nint targetFuncAddr, nint hookedFuncAddr)
        {
            TargetFunctionAddress = targetFuncAddr;
            HookedFunctionAddress = hookedFuncAddr;

            OriginalTargetFunctionInstructions = new byte[5];

            fixed(byte *p = OriginalTargetFunctionInstructions)
            DetourEngine.MemCpy((nint)p, targetFuncAddr, OriginalTargetFunctionInstructions.Length);

            BuildHook();
        }

Пример #4

        private unsafe nuint CreateGatewayStub(nint gatewayStubAddr, nint addrToJmpTo)
        {
            X64AbsoluteJmpInstructions = new byte[]
            {
                0x49, 0xBA,                                                       //movabs r10
                0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA,                   //[QWORD]
                0x41, 0xFF, 0xE2                                                  //jmp r10
            };

            fixed(byte *allocInstructions = &X64AbsoluteJmpInstructions[0])
            {
                *(nint *)((nint)allocInstructions + 2) = addrToJmpTo;                                             //Write hooked QWORD function address to third byte/second instruction

                DetourEngine.MemCpy(gatewayStubAddr, (nint)allocInstructions, X64AbsoluteJmpInstructions.Length); //Write instructions to the gateway stub address
            }

            return((nuint)X64AbsoluteJmpInstructions.Length);
        }

Пример #5

        public X64EngineProvider(nint targetFuncAddr, nint hookedFuncAddr)
        {
            nint gatewayStubAddr = AllocateSinglePageNearAddress(targetFuncAddr);

            if (CreateGatewayStub(gatewayStubAddr, hookedFuncAddr) == 0)
            {
                throw new Exception($"Failed to create gateway stub at: 0x{gatewayStubAddr:X}");
            }
            else
            {
                TargetFunctionAddress = targetFuncAddr;
                HookedFunctionAddress = hookedFuncAddr;

                OriginalTargetFunctionInstructions = new byte[5];

                fixed(byte *p = OriginalTargetFunctionInstructions)
                DetourEngine.MemCpy((nint)p, targetFuncAddr, OriginalTargetFunctionInstructions.Length);

                BuildHook(gatewayStubAddr);
            }
        }