delphi – Unhook after hooked

Question:

To hook I know, I do it like this (dummy variables):

MSGBOX:=GetProcAddress(GetModuleHandle('kernel32.dll'),'MessageBox');
  ReadProcessMemory(INVALID_HANDLE_VALUE,MSGBOX,@OldMSG,sizeof(oldcode),b);

  Jmpmsg.push:=$68;
  Jmpmsg.PProc:=@NewMSG;
  Jmpmsg.ret:=$C3;

  WriteProcessMemory(INVALID_HANDLE_VALUE,CPA,@Jmpmsg,sizeof(far_jmp),b);

How can I be doing Unhook?

I already tried as follows:

WriteProcessMemory(INVALID_HANDLE_VALUE,MSGBOX,@OldMSG,sizeof(Oldcode),b);

But it gives me error 🙁

Answer:

Try making a memory backup before replacing the original call:

//faz o backup
ReadProcessMemory(INVALID_HANDLE_VALUE, CPA, @backup, sizeof(far_jmp), bytesBackup);

//substitui a chamada(faz o hook)
WriteProcessMemory(INVALID_HANDLE_VALUE, CPA, @Jmpmsg, sizeof(far_jmp), b);

//restaura o backup
WriteProcessMemory(INVALID_HANDLE_VALUE, CPA, @backup, bytesBackup, b);
Post Views: 1
Scroll to Top