How does the detour crate work?
We want to hook a function, so that our code gets called... but we also want the original code to execute. How the heck does that work?
00:00 Where were we
02:08 Disassembling for fun and profit
05:47 Double buffering, for some reason
07:25 Why detouring isn't trivial
08:56 Control flow in assembly
10:04 Registers and the AMD64 ABI
11:18 Functions and how to call them
13:14 The JMP instruction
14:01 Simple obfuscation techniques
15:13 How it all works
17:53 Homework assignment
If you liked what you saw, please support my work!
Another random video
Hey Notepad! Nice process you got there. Would be a shame if someone were to... butt in.
In this video, we learn about applications and processes and threads, and use Win32 APIs to create a remote thread in another process, running into all kinds of complications on the way there.
You can watch more videos over there