Giter Club home page Giter Club logo

safetyhook's Introduction

SafetyHook

SafetyHook is a C++23 procedure hooking library for Windows x86 and x86_64 systems. It aims to make runtime procedure hooking as safe as possible while maintaining simplicity of its implementation. To that end it currently does:

  • Stops all other threads when creating or deleting hooks
  • Fixes the IP of threads that may be affected by the creation or deletion of hooks
  • Fixes IP relative displacements of relocated instructions (eg. lea rax, [rip + 0x1234])
  • Fixes relative offsets of relocated instructions (eg. jmp 0x1234)
  • Widens short branches into near branches
  • Handles short branches that land within the trampoline
  • Uses a modern disassembler engine that supports the latest instructions
  • Has a carefully designed API that is hard to misuse

Installation

SafetyHook can be added via CMake's FetchContent, git submodules, or copied directly into your project using the amalgamated builds. SafetyHook requires Zydis to function.

Amalgamated builds

This is the easiest way to use safety hook. You can find amalgamated builds on the releases page. Simply download the ZIP file containing Zydis (or without Zydis if you already have it in your project) and copy the files into your project.

You may need to define ZYDIS_STATIC_BUILD if you're using the build with Zydis included.

CMake FetchContent

include(FetchContent)

# Safetyhook
FetchContent_Declare(
    safetyhook
    GIT_REPOSITORY "https://github.com/cursey/safetyhook.git"
    GIT_TAG "origin/main"
)
FetchContent_MakeAvailable(safetyhook)

If you want SafetyHook to fetch Zydis you must enable the CMake option -DSAFETYHOOK_FETCH_ZYDIS=ON.

Usage

#include <iostream>

#include <safetyhook.hpp>

__declspec(noinline) int add(int x, int y) {
    return x + y;
}

SafetyHookInline g_add_hook{};

int hook_add(int x, int y) {
    return g_add_hook.call<int>(x * 2, y * 2);
}

int main() {
    std::cout << "unhooked add(2, 3) = " << add(2, 3) << "\n";

    // Create a hook on add (This uses SafetyHook's easy API).
    g_add_hook = safetyhook::create_inline(reinterpret_cast<void*>(add), reinterpret_cast<void*>(hook_add));

    std::cout << "hooked add(3, 4) = " << add(3, 4) << "\n";

    g_add_hook = {};

    std::cout << "unhooked add(5, 6) = " << add(5, 6) << "\n";

    return 0;
}

safetyhook's People

Contributors

cursey avatar netadr avatar angelfor3v3r avatar aixxe avatar praydog avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.