Overview
This blog post is to provide a very basic overview of what a hook is and the general process of how it works. Hooks are used to ensure your code is run when a certain function of a process is run. For this blog post we are going to be using the scenario of your player character being damaged in game. So, we want to run our own code every time the player’s health decreases, this allows us to do many fun things within a process.
Hooking is used quite a lot in certain malware (for instance to steal login information from a binary despite the password being hidden via asterisks), game hacking and also enhancing the functionality of a program.
The general process of hooking a function
- Find the function you want to hook into (whenever the function will be run, your own code will run).
- Change certain instruction(s) to jump to your own code.
- Run your own code and any collateral instruction(s) which have been overwriten for the jump instruction in step 2.
- Make sure your own code jumps back to the instruction after your jump in the hooked function.
Here is an image example of a very basic hook into part of a function which subtracts damage from our player’s health. In order to place our own code into a process we can inject a DLL into the process by using an injector (Guided Hacking’s Injector is pretty good) and then using a function like VirtualProtect() to change the protection of the function you want to hook to then to overwrite bytes for the jump to your own code.
Additional Resources
If you’re interesting in learning how to do this rather than the theory behind it then I recommend watching/reading the following resources: