Topic: Hooking a dll into the main.exe + how to change

Hooking a dll into the main.exe + how to change

There are still a lot of people who are asking for help at hooking their .dll data into their mains. This is a quick guide on how to hook the dll.

1. Open the main.exe with ollydbg and look at which offset you are. Then write the offset down (maybe into a txt file or just at a sheet of paper
http://img38.imageshack.us/img38/778/61753174.jpg

2. Search some free space
http://img42.imageshack.us/img42/2056/36856674.jpg

3. Choose 1 Free Offset follow it into the dumb (RB->Follow to Dumb->Selection) and write there the name of your dll
http://img522.imageshack.us/img522/6114/91284849.jpg

4. Next go to some other free offsets and write Push (and the offset of your dll)
http://img240.imageshack.us/img240/4623/32473113.jpg

5. Now we need to Load the Dll... to get the command on an easy way we just search it
Press CTRL+N (STRG +N) a new window will open and then type LoadLibraryA and when you see this just follow it (press enter when you are at the command) Another window will pop up where you will see something like this

http://img101.imageshack.us/img101/8084/35163557.jpg

follow 1 of the call dword.. commands (mark it and press enter)

6. now you are at the command just press space and copy that command then go back to your push command (the one you just added) and paste the command you just copied. And next write jmp (the offset you wrote down at step 1)
http://img133.imageshack.us/img133/2906/49626540ef.jpg

7. Now Press the RB->copy->copy All, RB->Copy To Executable->Selection
a new window will pop up go into it press RB and do save file and you are done

Afterwards you can change the Entry Point to the Offset of your dll by useing PE EXPLORER (a very nice tool)
But dont forget if you are hooking more then 1 dll the jmp command of the first dll must be the offset of the push command of the second dll! and the jmp of the second dll should be the original entry point.

Hopes this guide will help some people to learn how to hook the dll data to the main.

UPDATE!!!! how to change the entry point after you hooked.

Well as i said above you need to change the entry point of your main after you are done with your hook i recommend the programme PE EXPLORER from heaven tools its really good. So i guess i have some work to do and continue with the guide troublesome but i cant change it -.-...


STEP 1
Ok lets start and open PE Explorer and you will see this window:
http://img39.imageshack.us/img39/7946/step1t.jpg

Press at open file and search your main...
http://img101.imageshack.us/img101/1118/step11.jpg
(i deleted some stuff out of there cuz i dont think you guys need to know some details over there

STEP 2
I dont have to say a lot to this step just check out the screen shot and read there:
http://img24.imageshack.us/img24/2807/step2w.jpg

Okay now change the ep like i did it here:
Now PE Explorer will ask you if you really want to change the ep.. gosh how stupid if we wouldnt want to change it why should we have done the steps before -.- so press YES!


STEP 3
Just save your work (the usually save button dont think you need a screen shot for this) and you are done with your hook wow great isent it...


Credits:
- Hacke (RZ)

Re: Hooking a dll into the main.exe + how to change

THK YOU