How does the detour crate work?

We want to hook a function, so that our code gets called... but we also want the original code to execute. How the heck does that work?

00:00 Where were we
02:08 Disassembling for fun and profit
05:47 Double buffering, for some reason
07:25 Why detouring isn't trivial
08:56 Control flow in assembly
10:04 Registers and the AMD64 ABI
11:18 Functions and how to call them
13:14 The JMP instruction
14:01 Simple obfuscation techniques
15:13 How it all works
17:53 Homework assignment
18:12 Outtakes

If you liked what you saw, please support my work!

Github logo Donate on GitHub Patreon logo Donate on Patreon

Another random video

video cover image
C++ vs Rust: which is faster?

I ported some Advent of Code solutions from C/C++ to Rust, and used the opportunity to compare performance. When I couldn't explain why they performed differently, I had no choice but to disassemble both and look at what the codegen was like!

Watch now

You can watch more videos over there

Looking for the homepage?