dll-syringe How to replace and call a function if I know the address of the target?

How to replace and call a function if I know the address of the target?

Open oovm opened this issue 1 year ago • 2 comments

I successfully injected the dll, but I don't know how to replace the function with my version based on the address (module offset) and call it.

The table decompiled by others shows relative addresses, but rust calls seem to be based on raw addresses.

In almost all cases, an error (exit code: 0xc0000005, STATUS_ACCESS_VIOLATION) will be reported

unsafe {
    let f: extern "fastcall" fn() -> bool = unsafe { std::mem::transmute(0x4E as *const ()) };
    f() // (exit code: 0xc0000005, STATUS_ACCESS_VIOLATION)
}

Oct 24 '24 15:10 oovm

dll-syringe dll-syringe copied to clipboard

How to replace and call a function if I know the address of the target?

dll-syringe
dll-syringe copied to clipboard