I understand how to call a method not encased in a class using offsets like this through DLL injection:
test.dll
#define TEST_FUNCTION_OFFSET 0x109010 // random offset
typedef __int64(__cdecl * _test)(void);
_test test;
DWORD WINAPI MainThread(LPVOID param) {
std::uintptr_t base_address = reinterpret_cast<uintptr_t>(GetModuleHandle(NULL));
test = (_test)(base_address + TEST_FUNCTION_OFFSET);
test();
}
BOOL APIENTRY DllMain(HMODULE hModule, DWORD ul_reason_for_call, LPVOID lpReserved) {
switch (ul_reason_for_call) {
case DLL_PROCESS_ATTACH:
CreateThread(NULL, NULL, MainThread, hModule, NULL, NULL);
break;
case DLL_PROCESS_DETACH:
break;
} return TRUE;
}
main.cpp
#include <iostream>
#include "example.h"
void test() {
std::cout << "Test" << std::endl;
}
int main() {
example ex;
ex.incrementID();
return 0;
}
example.h
class example {
private:
int _id = 1234;
public:
void incrementID() { _id++; };
};
But how would I go about calling incrementID() on the ex object in main() if I have the addresses of example::incrementID() and ex?
Aucun commentaire:
Enregistrer un commentaire