Have any of you ever looked at the application hook code that microsoft has for download?
right now I'm going through this code and it looks like we will be able to use this to do some nifty things like get the pointer to the ReadProcessMemory function directly.
I figure we can hook this process with dummy code that just forwards the request on - what this will do however is allow us to actually call the ReadProcessMemory function from within the keyreader from the actuall function location instead of the call.
Why is this important you ask?
Well if, once you launch EQ, verant were to hook the ReadProcessMemory function they would in fact be hooking our dummy function and not the real one. As we have the 1st valid pointer to the real function this would let us continue to call the real function without fear that there is a hidden 'tattle tale' code being inserted into this API call.
Once you finish with EQ and close the app - you could then close the keysniffer which would reset the API call and viola - you have made sure that there is no way for Verant to hook the API and figure out what you are doing.
The issue I am stuck with - is I don't have documentation on the MFC API calls - and I would like to know if some kind MFC programmer could give me the actual function prototype for ReadProcessMemory....
Or point me in the right direction so I can find it myself - the code to hook the API requires that I know the API call - the .dll that it resides in - and the prototype of the function (so that when we hook it we don't screw up the way it operates).