11
To make a hook I know, I do it as follows (Fictitious variables):
MSGBOX:=GetProcAddress(GetModuleHandle('kernel32.dll'),'MessageBox');
ReadProcessMemory(INVALID_HANDLE_VALUE,MSGBOX,@OldMSG,sizeof(oldcode),b);
Jmpmsg.push:=$68;
Jmpmsg.PProc:=@NewMSG;
Jmpmsg.ret:=$C3;
WriteProcessMemory(INVALID_HANDLE_VALUE,CPA,@Jmpmsg,sizeof(far_jmp),b);
How can I be doing the Unhook?
I’ve tried it this way:
WriteProcessMemory(INVALID_HANDLE_VALUE,MSGBOX,@OldMSG,sizeof(Oldcode),b);
But make a mistake :(