Jump to content
Tuts 4 You

Detour 2.1 Hook problem


Surrogate

Recommended Posts

Posted

Hi i seem to be having a problem with my LoadBitmapW hook, im using Detour 2.1

Im trying to hook SPIDER.EXE Windows XP version of the game, SPIDER.EXE resource has Numeric and String resources bitmaps for ids

example 108,106, "FELT", "CARDBACK", "CARD1" etc etc

FELT, CARDBACK will pass just fine in the LPCWSTR lpBitmapName, but when spider.exe resource has 2 images as Numbers resource bitmap id 108, 106..

the debugger tells me bad ptr 0x00006c (lpBitmapName) etc.. which is the 108 resource id for the bitmap


HBITMAP __stdcall Mine_LoadBitmapW(HINSTANCE hInstance, LPCWSTR lpBitmapName)
{
HBITMAP hBitmap = NULL; TCHAR tszModuleName[MAX_PATH] = {0};
GetModuleBaseName(GetCurrentProcess(), NULL, tszModuleName, sizeof(tszModuleName));
if(_tcsicmp(tszModuleName, _T("spider.exe"))==0)
{
wchar_t szOut[10] = {0};
wsprintf(szOut,_T("%s\n"),lpBitmapName);
OutputDebugString(szOut);
} hBitmap = Real_LoadBitmapW(hInstance, lpBitmapName);
return hBitmap;
}

Anyone have any solution to this problem? ive tried to convert lpBitmapName to a Integer (i.e int nValue = *(int*)lpBitmapName) but still no results

Posted

On MSDN it says:

lpBitmapName [in]

A pointer to a null-terminated string that contains the name of the bitmap resource to be loaded. Alternatively, this parameter can consist of the resource identifier in the low-order word and zero in the high-order word. The MAKEINTRESOURCE macro can be used to create this value.

So it should look like this:


if(HIWORD(lpBitmapName))
{
wsprintf(szOut,_T("%s\n"),lpBitmapName);
}
else
{
wsprintf(szOut,_T("%u\n"),lpBitmapName);
}

And why do you check for the exe name? There's no use for that unless you inject some dll into every process. You should know what processes you hook into by that point :D

Posted

On MSDN it says:

lpBitmapName [in]

A pointer to a null-terminated string that contains the name of the bitmap resource to be loaded. Alternatively, this parameter can consist of the resource identifier in the low-order word and zero in the high-order word. The MAKEINTRESOURCE macro can be used to create this value.

So it should look like this:


if(HIWORD(lpBitmapName))
{
wsprintf(szOut,_T("%s\n"),lpBitmapName);
}
else
{
wsprintf(szOut,_T("%u\n"),lpBitmapName);
}

And why do you check for the exe name? There's no use for that unless you inject some dll into every process. You should know what processes you hook into by that point :D

Hi and thank you for your solution it helped me out, i was checking exe name i thought the Debugger would be the parent Process

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...