Dll hook right or no

**wdevil12** · 04-12-09

okey maybe some can explain me i think write or not.

Step 01: Yourdll.dll
Step 02: Start --- What mean this ? i need write somewhere it ?
Step 03: PUSH DLL-offset (Step 1)
Step 04: CALL LoadLibraryA
Step 05: OR EAX,EAX -- I need write it manual ?
Step 06: JE EntryPoint
Step 07: PUSH Start-offset (Step 2)
Step 08: PUSH EAX --- i need write it manual ?
Step 09: CALL GetProcAddress
Step 10: CALL EAX --- i need write it manual ?
Step 11: JE EntryPoint --- you mean jmp Entry ?

Here images step by step how i do it ? i have some mistakes or all it's ok ?

**MentaL**

**Annaev** · 05-12-09

isnt right

---------- Post added at 05:48 PM ---------- Previous post was at 05:47 PM ----------

You need to push the procedure address name too

**bastard79** · 05-12-09

Step 01: Yourdll.dll
Step 02: Start --- What mean this ? i need write somewhere it ? --- Name of func
Step 03: PUSH DLL-offset (Step 1)
Step 04: CALL LoadLibraryA
Step 05: OR EAX,EAX -- I need write it manual ? --- yes
Step 06: JE EntryPoint
Step 07: PUSH Start-offset (Step 2)
Step 08: PUSH EAX --- i need write it manual ? --- yes
Step 09: CALL GetProcAddress
Step 10: CALL EAX --- i need write it manual ? --- yes
Step 11: JE EntryPoint --- you mean jmp Entry ? --- no, is the entry point offset(when u open with olly is the 1st value(in black) in left column.

I think XD

**wdevil12** · 05-12-09

Originally Posted by bastard79

Step 01: Yourdll.dll
Step 02: Start --- What mean this ? i need write somewhere it ? --- Name of func
Step 03: PUSH DLL-offset (Step 1)
Step 04: CALL LoadLibraryA
Step 05: OR EAX,EAX -- I need write it manual ? --- yes
Step 06: JE EntryPoint
Step 07: PUSH Start-offset (Step 2)
Step 08: PUSH EAX --- i need write it manual ? --- yes
Step 09: CALL GetProcAddress
Step 10: CALL EAX --- i need write it manual ? --- yes
Step 11: JE EntryPoint --- you mean jmp Entry ? --- no, is the entry point offset(when u open with olly is the 1st value(in black) in left column.

I think XD

i dont understand what name i need write in step 2
if i write press space and write start they dont accept that
all other process i understand

**bastard79** · 06-12-09

Originally Posted by wdevil12

i dont understand what name i need write in step 2
if i write press space and write start they dont accept that
all other process i understand

and what not write ?

Right click -> follow in dump -> selection

**Annaev** · 06-12-09

First of all, you need to know if your Library have Process Address or not.

If have ProcAddress
follow this
http://forum.ragezone.com/f196/guide...ml#post4803536

If no have, just your part
Step 01: Yourdll.dll
Step 02: Start --- What mean this ? i need write somewhere it ? --- Name of func
Step 03: PUSH DLL-offset (Step 1)
Step 04: CALL LoadLibraryA
Step 05: OR EAX,EAX -- I need write it manual ? --- yes
Step 06: JE EntryPoint

**wdevil12** · 06-12-09

Originally Posted by Annaev

First of all, you need to know if your Library have Process Address or not.

If have ProcAddress
follow this
http://forum.ragezone.com/f196/guide...ml#post4803536

If no have, just your part
Step 01: Yourdll.dll
Step 02: Start --- What mean this ? i need write somewhere it ? --- Name of func
Step 03: PUSH DLL-offset (Step 1)
Step 04: CALL LoadLibraryA
Step 05: OR EAX,EAX -- I need write it manual ? --- yes
Step 06: JE EntryPoint

i have process adress but here have new problem
0066ffc1 PUSH 0FF how i can write it they dont accept command like this

Dll hook right or no

Thread Tools

Search Thread

Dll hook right or no

Re: [Help]Dll hook right or no

Re: [Help]Dll hook right or no

Re: [Help]Dll hook right or no

Re: [Help]Dll hook right or no

Re: [Help]Dll hook right or no

Re: [Help]Dll hook right or no

Advertisement