CorsDev
commented
6 years ago Can you explain me how does the hook work and what do you do in order to find the functions fingerprint?
Open CorsDev opened 6 years ago
CorsDev
commented
6 years ago Can you explain me how does the hook work and what do you do in order to find the functions fingerprint?
CorsDev
commented
6 years ago Ok, i found out that it hangs on the first loop that searches the INVOKE function.
for (int i = 0; i < text_section_size - sizeof(INVOKE_FINGERPRINT); i++){
cout << i << "\n"; //it does print just 0 so I think the problem is the memcmp function
if (0 == memcmp(reinterpret_cast<void*>(text_section + i), &INVOKE_FINGERPRINT[0], sizeof(INVOKE_FINGERPRINT))){
invoke_address = (LPVOID)(text_section + i);
}
}
Matviy
commented
6 years ago Hi TheStraing, sorry for the late response.
The function fingerprint is found by breaking somewhere inside the Invoke() function and going backwards in the callstack until you get back into the main binary. Finding the function in the first place can be tricky.
Riot has made lots of changes to the client, and have quite likely removed ScaleForm at this point, though I have not checked. Which means that the Invole() function is no longer present.
Hi, when i try to inject the dll and try to listen to the port 7000 I do not get any kind of data. I tried use the debug version that should print the data on cmd and it doesn't show anything. It's strange since I do not get any kind of error so the Invoke function should have been found.