These are chat archives for EasyHook/EasyHook

14th
May 2016
annab0leyn
@annab0leyn
May 14 2016 19:01
hi guys!
I'm completely new to this, so I need some help
I have a program.exe which reads 3 dll libraries, say lib1.dll, lib2.dll, lib3.dll
there is a function in lib1.dll that I want to replace with my own custom one
can anyone help me with figuring out how to do this?
I know the function definition but I need to replace it without access to the code of the dlls
Nikolaj Mariager
@TinkerWorX
May 14 2016 20:45
Assuming you're on windows, just use hook GetProcAddress(GetModuleHandle("lib1.dll"), <function-name>).
annab0leyn
@annab0leyn
May 14 2016 20:50
I am on windows, yes, and I have Visual Studio 2015. But how do I compile that code, and how do I make sure it runs everytime I run program.exe?
I really feel like I need step by step instructions
I read the BEEP example here https://easyhook.github.io/tutorials/createlocalhook.html but it seems to call the function within the code. I need it to be replaced whenever its called by program.exe not call it explicitly
Also the code in lib1.dll is in C, not sure if that matters
Nikolaj Mariager
@TinkerWorX
May 14 2016 20:55
Well, if you need to hook something in lib1.dll specifically, I'd suggest you start by hooking LoadLibrary, and then wait for lib1.dll to be loaded. This way your hook is injected as early and as clean as possible.
Are you working in C# or C++?
annab0leyn
@annab0leyn
May 14 2016 20:56
well the .dll code is in C, but I know C++. I havent started anything with the hook yet, as Im completely unfamiliar with it
Nikolaj Mariager
@TinkerWorX
May 14 2016 20:56
I just need to know what environment you're going to work in. :) If it's C#, I can write up an example.
annab0leyn
@annab0leyn
May 14 2016 20:56
C++
or C :P but I guess thats not an option
Nikolaj Mariager
@TinkerWorX
May 14 2016 20:57
Ah
annab0leyn
@annab0leyn
May 14 2016 20:58
can the hook be in any language? or does it have to be identical language to the original (target) function
Nikolaj Mariager
@TinkerWorX
May 14 2016 20:58
Well, I can't really help much I guess, since I've only used EasyHook in C#. But the basic idea is you inject your code into the exe, hook LoadLibrary and then let the process run.
In LoadLibrary you wait for the string "lib1.dll" and when you get it, you load the module, inject your hooks and then you're done.
The language doesn't matter.
annab0leyn
@annab0leyn
May 14 2016 20:59
ok
can you show me how to do that in C#?
Nikolaj Mariager
@TinkerWorX
May 14 2016 21:00
Just need to be something that compiles down to x86/64 assembly as far as I know.
Sure thing, gemme a few.
annab0leyn
@annab0leyn
May 14 2016 21:00
well its x86 code in C, in the lib1.dll I mean
thank you
but please bear in mind I have never used EasyHook !
Nikolaj Mariager
@TinkerWorX
May 14 2016 21:02
It's pretty intuitive once you know what you need to do :)
I think that should do the trick, or at least, it gives you a gist of how it's done. :)
annab0leyn
@annab0leyn
May 14 2016 22:22
thank you! I'll check it out and get back to you!