Hooking with ASM

[Nazgul]

Hello,

I need to hook something for a school project, we've an address, and instead of the regular assembly we've to rewrite it with a jump to our code call an address and return. I did this in VS easily like this:

Qt Code:

Switch view

void __declspec(naked) NewFunc ( void )
{
 
    __asm
    {
         lea ebx,[ebp-0x0C]
 
         call MyFunction // my function
 
         popad
         pop ebx  // Notice how we reproduce the assembly that was overwritten
         leave
 
         jmp back// back is just address + 5
    }
}
 
*(LPBYTE)Address = 0xE9;
    *(PDWORD)( Address + 1 ) = ((LONG_PTR)HookFunc)-((LONG_PTR)Address))- 5;

void __declspec(naked) NewFunc ( void )
{

    __asm
    {
         lea ebx,[ebp-0x0C]
         
         call MyFunction // my function

         popad
         pop ebx  // Notice how we reproduce the assembly that was overwritten
         leave

         jmp back// back is just address + 5
    }
}

*(LPBYTE)Address = 0xE9;
    *(PDWORD)( Address + 1 ) = ((LONG_PTR)HookFunc)-((LONG_PTR)Address))- 5;

To copy to clipboard, switch view to plain text mode 

Now is my question can I do something similar in QtCreator?

Else what is my best option, make a .dll and inject it and when clicked, call my function in the .exe?

Thanks

[squidge]

QtCreator isn't a compiler, it's an IDE, so yes, you can do the above, just use VS as your compiler.

If you want to use the compiler that comes with the Qt SDK, then read the inline assembly howto for GCC.

[Nazgul]

Thanks,

but this line does not work

Qt Code:

Switch view

*(char*)address = 0xE9; // jmp
    *(void **)((char *)address + 1) = (void*)(((char*)NewFun()) - ((char *)address + 5));

*(char*)address = 0xE9; // jmp
    *(void **)((char *)address + 1) = (void*)(((char*)NewFun()) - ((char *)address + 5));

To copy to clipboard, switch view to plain text mode 

error I get:

void value not ingored as it ought to be

EDIT:
btw, this is the NewFun

Qt Code:

Switch view

void Hook::NewFun()
{
    __asm__ (
 
            );
}

void Hook::NewFun()
{
    __asm__ (
           
            );
}

To copy to clipboard, switch view to plain text mode 

[squidge]

The reason for the error is fairly obvious, but this isn't the place to talk about such topics. You would be better on a GCC forum as this topic has nothing to do with Qt.

[Nazgul]

The reason for the error is fairly obvious, but this isn't the place to talk about such topics. You would be better on a GCC forum as this topic has nothing to do with Qt.

Sorry I forgot that, I would also register myself on a GCC forum, but why not telling me?

[wysota]

Because if he told you, you wouldn't register on a GCC forum and you would ask the next totally Qt-unrelated question here and not there.

[Nazgul]

Because if he told you, you wouldn't register on a GCC forum and you would ask the next totally Qt-unrelated question here and not there.

Actually I registered

http://www.avrfreaks.net/index.php?n...=viewforum&f=2

EDIT: found out that

NewSendFun() -> should be -> NewSendFun;

Now I get a new error

invalid use of member (did you forget the '&'? )

[high_flyer]

Because if he told you, you wouldn't register on a GCC forum and you would ask the next totally Qt-unrelated question here and not there.

Now I get a new error

and you thought if he got registered on that other forum it will stop him from asking it here as well ;-)

[Nazgul]

and you thought if he got registered on that other forum it will stop him from asking it here as well ;-)

It's not weird that I ask on both right? I could not ask question there with some wierd bug, no I did it at the forum "old nabble".

So if someone would be so kind?

[squidge]

Forgive me for my bluntness, but what part of "This is a Qt forum and your questions have nothing to do with Qt" are you struggling with?

[Nazgul]

Forgive me for my bluntness, but what part of "This is a Qt forum and your questions have nothing to do with Qt" are you struggling with?

This is a general programming forum now, so my question is not off topic right?

So how can I jump fom my address to my asm code?

[wysota]

This is a general programming forum now, so my question is not off topic right?

Only because I have moved your thread here. You originally posted it in the Qt section.

And I doubt you will get your answer here because we are aware of the fact that people at GCC forum are more skilled than us to answer this question so why should we do bugchasing for you here if they can probably pull a proper answer right out of their heads.