How does the detour crate work?

Oct 19, 2022 rust · hooking

We want to hook a function, so that our code gets called... but we also want the original code to execute. How the heck does that work?

00:00 Where were we
02:08 Disassembling for fun and profit
05:47 Double buffering, for some reason
07:25 Why detouring isn't trivial
08:56 Control flow in assembly
10:04 Registers and the AMD64 ABI
11:18 Functions and how to call them
13:14 The JMP instruction
14:01 Simple obfuscation techniques
15:13 How it all works
17:53 Homework assignment
18:12 Outtakes

Discuss this video on /r/fasterthanlime

If you liked what you saw, please support my work!

Donate on GitHub Donate on Patreon

Another random video

I'm in ur address space

Apr 11, 2022

50 minute watch

Hey Notepad! Nice process you got there. Would be a shame if someone were to... butt in.

In this video, we learn about applications and processes and threads, and use Win32 APIs to create a remote thread in another process, running into all kinds of complications on the way there.

Watch now

You can watch more videos over there

Looking for the homepage?