[MetaHook] Find a function signature

Find a non-public function signature, we need a tool "IDA Pro"

( You can open picture in a new window :D )

Step 1

Load your PE file in IDA

Step 2

Find your function, you can use F5 to decompile a function

You can refer to the string and function to locate your function

Step 3

Find your function signature

Open IDA Hex view

And double-click your function in Function List (on IDA Window left)

All right, this is your function signature, copy this line

Step 4

Maby you use the signature in C/C++

Now, you can use SearchPattern() to get the function address in memory.

时间： 2024-10-06 00:31:02

[MetaHook] Find a function signature的相关文章

JNI: Passing multiple parameters in the function signature for GetMethodID

http://stackoverflow.com/questions/7940484/jni-passing-multiple-parameters-in-the-function-signature-for-getmethodid ASK : I am trying to execute a function in Java (from C) that has the following signature: public void execute(int x, int y, int acti

[MetaHook] Quake OpenGL function

Quake OpenGL function for MetaHook plugin. Thank hzqst :D QGL.h 1 #ifndef QGL_H 2 #define QGL_H 3 4 #include <gl/gl.h> 5 #include <gl/glext.h> 6 7 extern void (APIENTRY *qglAccum)(GLenum op, GLfloat value); 8 extern void (APIENTRY *qglAlphaFun

[MetaHook] Quake Bink function

If you want to play Bink video in game, maybe you need this code. QBink.h 1 #ifndef QBINK_H 2 #define QBINK_H 3 4 #include "bink.h" 5 6 extern void PTR4* (RADEXPLINK *qBinkLogoAddress)(void); 7 extern void (RADEXPLINK *qBinkSetError)(const char

[转]JSTL 自定义方法报错Invalid syntax for function signature in TLD.

Apache Tomcat/6.0.18 ${my:splitApply(apply)} <function> <name>splitApply</name> <function-class>org.darkness.oa.web.UtilFunction</function-class> <function-signature> java.util.List splitApply(org.darkness.oa.model.Meet

[ES6] Function Params

1. Default Value of function param: The function displayTopicsPreview() raises an error on the very first line when called with no arguments. Let's fix that! function displayTopicsPreview( topics ){ var message = "There are currently " + topics.

PatentTips – Java native function calling

BACKGROUND OF INVENTION This invention relates to a system and method for providing a native function call facility. In particular it relates to a system and method for providing a native function call facility in a Java Virtual Machine (JVM) for pla

Day5 - 常用模块学习

本节大纲: 模块介绍(模块导入方法) time &datetime模块 random os sys shutil json & picle shelve xml处理 yaml处理 configparser hashlib subprocess logging模块 re正则表达式模块,用一堆代码实现了某个功能的代码集合. 类似于函数式编程和面向过程编程,函数式编程则完成一个功能,其他代码用来调用即可,提供了代码的重用性和代码间的耦合.而对于一个复杂的功能来,可能需要多个函数才能完成(函数又

[转][C++ 11]override and final - write clean and maintainable C++ code

原文: http://arne-mertz.de/2015/12/modern-c-features-override-and-final/ Today I write about a pair of less often discussed, less complicated features introduced in C++11, which are nevertheless useful. Both can provide some additional security and cla

TypeScript官方文档翻译-5

1.1 Ambient Declarations 1.1 环境声明 An ambient declaration introduces a variable into a TypeScript scope, but has zero impact on the emitted JavaScript program. Programmers can use ambient declarations to tell the TypeScript compiler that some other co