If I remember correctly, I didn't write any documentation.
Syringe originally worked with a pair of files: a DLL and a "hook" information file, which was practically a list of hex addresses. At these addresses, Syringe placed breakpoints in the original code and invokes the respective DLL method. To communicate with the original code, the CPU registers (EAX through EDI) are transmitted in a simple structure. The DLL also had direct access to the original app's memory.
However, a lot of all that changed in the process of Ares development, so I suppose when AlexB, Renegade or DCoder see this, they should be able to give a deeper insight.
It's also a good idea to check out both Syringe and YR++/Ares and have a look. I'm sure you could practically "steal" the Syringe.hpp file from YR++ and adapt it to your own project for any uncompressed 32-bit exe file. QUICK_EDIT
I intend to grab Syringe.hpp and ASMMacros.h once I figure out some licensing info and how to properly credit the Ares/YR++ authors.
Here's some questions I have:
1. How do I load a Syringe control file and how does one look like (is it an .inj file?)
2. When Syringe hits one of the breakpoints it set, does it execute the original instruction at that offset?
3. Does syringe restore the original registers values after all hooks has been run on a location?
4. One of the "arguments" to a hook is the "length", why is this needed and what exactly is it for? I assume it's the length in bytes of the instructions that syringe should restore when the breakpoint is triggered? QUICK_EDIT
1) Syringe does it. It looks in the exe's directory for dlls that have a corresponding dll.inj file. At the moment, all dlls are included when running an exe through Syringe, even if they don't apply to the exe.
Just launch
Syringe.exe "exe-name" [optional parameters go here]
2+3+4) No, the bytes at the hooks location are overwritten. If you look at Ares' dll.inj file, you will see lines like XXXXXXXX=Name,6, the XXX part is the instruction address, the name is the name of the exported function to call (see DEFINE_HOOK marco).
The number after the comma is the length of the instruction to be replaced. It has to be equal to or larger than 5, because the replacement instruction needs 5 bytes. If one instruction is shorter than 5 bytes, you have to add the next one, too, until their added size is higher than 5. This many bytes are saved by Syringe and executed if you do a "return 0;" in the hook function. If you return any other number, the instruction pointer is set to this value and the original code is not executed. Do not jump to the original instruction (you'd call this very hook again), or to anything within "length" (because it has been replaced).
Note that you cannot hook certain instructions and you'd get strange behavior or a crash if you do. These are CALL instructions, whose jump offset changes if they are executed from the cache and not from their original location. Mind CMP, TEST and jumps, because the hook kills the processor flags. Thus, you can't hook between CMP and JLE and friends, because the result of the CMP would be gone and the game might take the wrong path. You'd have to recreate the comparison or test in your dll and "return x;" the jumped-to instruction.
Also mind that you cannot hook across jump marks (that are reachable from outside of the replaced instructions), because the game would jump into the middle of an instruction. And most importantly, the stack pointer ESP has to contain the same value (you can change all other registers through the parameter R of DEFINE_HOOK [and only through this, MOV won't work because the registers are reset on return]). You cannot change the value of ESP, and thus every PUSH, POP, CALL, ADD you do in the hook gets ignored when control is returned to the original game. It's ok to PUSH and CALL using inline asm in the hook, though.
That's the "wisdom" part I can think of right now. The "knowledge" stuff is in the Ares source files.
Download Ares. License files for Syringe and Ares should be included. _________________ QUICK_EDIT
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum You cannot attach files in this forum You can download files in this forum