bbbird1
20th March 2009, 04:00 PM
Hi all,
just for fun I'm trying to hook the Sleep() function (on WM6) through SystemAPISets[] array. While the hook is working fine, my "fake" Sleep() function seems to have some problems. I have cannibalized the real Sleep() function from coredll.dll but I have one problem:
.text:03FBE0A8 Sleep ; CODE
.text:03FBE0A8
.text:03FBE0A8 04 E0 2D E5 STR LR, [SP,#var_4]!
.text:03FBE0AC 04 D0 4D E2 SUB SP, SP, #4
.....
.text:03FBE0C4 2C 30 9F 15 LDRNE R3, =unk_1FFF824
.....
.text:03FBE0F0 1E FF 2F E1 BX LR
.text:03FBE0F0 ; End of function Sleep
As you can see at address 0x03FBE0C4 a value is loaded into R3 from an address (in this case 0x01FFF824) but I'm not able to retrieve the value contained there because it seems to be relocated on my phone. Do you have any suggestion on how to proceed to get the right value inside R3?
Thanx a lot in advance to everyone!
just for fun I'm trying to hook the Sleep() function (on WM6) through SystemAPISets[] array. While the hook is working fine, my "fake" Sleep() function seems to have some problems. I have cannibalized the real Sleep() function from coredll.dll but I have one problem:
.text:03FBE0A8 Sleep ; CODE
.text:03FBE0A8
.text:03FBE0A8 04 E0 2D E5 STR LR, [SP,#var_4]!
.text:03FBE0AC 04 D0 4D E2 SUB SP, SP, #4
.....
.text:03FBE0C4 2C 30 9F 15 LDRNE R3, =unk_1FFF824
.....
.text:03FBE0F0 1E FF 2F E1 BX LR
.text:03FBE0F0 ; End of function Sleep
As you can see at address 0x03FBE0C4 a value is loaded into R3 from an address (in this case 0x01FFF824) but I'm not able to retrieve the value contained there because it seems to be relocated on my phone. Do you have any suggestion on how to proceed to get the right value inside R3?
Thanx a lot in advance to everyone!