How is interception / redefinition of functions carried out by means of Dll Injection?

S

slinkinone2018-09-19 11:42:59

.NET

slinkinone, 2018-09-19 11:42:59

Good day!
People familiar with information security and Windows development are familiar with the term DLL Injection .
The question is, if the target application has a Function1 function that every 15 minutes throws a window with the message "15 minutes have passed!" ( just as an example ), how can I override this function using DLL Injection ? For example, I want to change the interval or add a check so that on Wednesdays the window is never ejected.

Reply

Answer the question

In order to leave comments, you need to log in

2 answer(s)

X

xmoonlight, 2018-09-19
@slinkinone

It's better to do it by "direct" methods via WinAPI HOOKS .

M

maaGames, 2018-09-19
@maaGames

You define the address of this function and in the place of its call you replace the address with the address of your function from the injected dll. Of course, there must be the same argument list and call type (stdcall, etc.).
If the function turned out to be inline, then everything becomes somewhat more complicated or simplified, as you're lucky.
Specifically, in this case, it is better to check in your function whether you need to skip the window and, if not, then call the original function so as not to copy its code to yourself, which is not always possible.
Such a check may be blocked by antivirus, so this is not for production, only for personal use.)