LeagueReplayHook icon indicating copy to clipboard operation
LeagueReplayHook copied to clipboard

Published 20 hours ago verified publisher icon Matviy

No response

Open CorsDev opened this issue 5 years ago • 3 comments

Hi, when i try to inject the dll and try to listen to the port 7000 I do not get any kind of data. I tried use the debug version that should print the data on cmd and it doesn't show anything. It's strange since I do not get any kind of error so the Invoke function should have been found.

CorsDev avatar Oct 03 '18 11:10 CorsDev

Can you explain me how does the hook work and what do you do in order to find the functions fingerprint?

CorsDev avatar Oct 03 '18 11:10 CorsDev

Ok, i found out that it hangs on the first loop that searches the INVOKE function.

for (int i = 0; i < text_section_size - sizeof(INVOKE_FINGERPRINT); i++){

		cout << i << "\n"; //it does print just 0 so I think the problem is the memcmp function

		if (0 == memcmp(reinterpret_cast<void*>(text_section + i), &INVOKE_FINGERPRINT[0], sizeof(INVOKE_FINGERPRINT))){
			invoke_address = (LPVOID)(text_section + i);
		}
	}

CorsDev avatar Oct 03 '18 19:10 CorsDev

Hi TheStraing, sorry for the late response.

The function fingerprint is found by breaking somewhere inside the Invoke() function and going backwards in the callstack until you get back into the main binary. Finding the function in the first place can be tricky.

Riot has made lots of changes to the client, and have quite likely removed ScaleForm at this point, though I have not checked. Which means that the Invole() function is no longer present.

Matviy avatar Nov 08 '18 07:11 Matviy