Will adopt the way of global hook DLL injection target process, and managed to hook the target function is Fun in the process, make it when they first enter my function called Fun_My, these are not problems, but when I want to uninstall hooks, if just code execution in my function Fun_My code, will collapse, because I have unloaded the DLL, the DLL has not in the target in the process, then Fun_My is invalid content, is not the correct code before, so the target process collapses,
In this case, my DLL execution detach to uninstall, how to ensure that the code is not in Fun_My execution,
, of course, I must be carried out in advance to unhook function, only the last hook to the function, may also in Fun_My execution, has not yet been performed returns, it is out of the question,
We have met, or thought about this problem, have what good treatment method, discussion on the technology and advice is welcome, thank you,
CodePudding user response:
Recommend to the corresponding developersCodePudding user response:
This is no way and you can't know whether your code is executed at that time you just wasn't thinkingGive you jum refers to a direction to a NEW piece of executable memory chip (describe this place has the springboard for convenience) and then in JMP to your DLL
When your DLL uninstalled before you can change the springboard code to program in JMP back after execute don't directly into your DLL can UNHOOK off your DLL with respect to OK
About JUMP springboard best start assembly code written to two places to JUMP using a JNZ control JUMP (go to your HOOK or back to the source function to continue) so you only have to change a BYTE can control flow to significantly reduce error UNHOOK
CodePudding user response:
I don't think it's so complicated, you sync your Fun_My function in the detach and not to go, wait for Fun_My after the function to detach.