Redirect API calls  

Send By: Lord Trancos
Web :
Date: 08/05/00

Tip accessed 498 times


Unfortunately this alone trick is good for the same process. I am tried to discover as making it with other processes.
The example is quite silly, but to this trick A LOT OF game can be taken out.

We go to redireccionar the function of the API; Rectangle.

 {Codigo fuente original de Erik Sperling}
 {Adaptado por Lord Trancos}

 type PImportJump = ^TImportJump;
      TImportJumP = packed record
                      JMP : WORD;
                      Proc : ^POINTER;

 function NewRectangle(_handle: THANDLE; _left, _top, _right, _bottom: integer): BOOL; stdcall;
 {Esto es lo que se ejecutara en lugar del Rectangle}
   ShowMessage(IntToStr(_right - _left) + 'x' + IntToStr(_bottom - _top));

 procedure TForm1.FormCreate(Sender: TObject);
 {Parcheamos la direccion de la llamada del API en la IAT}
 {(Import address table) del proceso.}
 var p : PImportJump;
     OldProtect : INTEGER;

   p := @Windows.Rectangle;
   if VirtualProtect(p^.Proc, 4, PAGE_EXECUTE_READWRITE, @OldProtect) = false then halt;
   p^.Proc^ := @NewRectangle;
   if VirtualProtect(p^.Proc, 4, OldProtect, @OldProtect) = false then halt;

 procedure TForm1.Button1Click(Sender: TObject);
 {Cuando pulsemos el boton NO se dibujara el rectangulo sino que se}
 {ejecutara lo que hay en NewRectangle.}
   Windows.Rectangle(Form1.Canvas.Handle, 10, 10, 100, 100);