Hi guys. I'm struggling with a problem for days since now.
I have to restore a hooked function, but I don't know what it was before hooking. So I can't just store it and restore later.
Could anyone help me how could I get the original starting bytes of a function from system DLL? Probably I have to struggle with file reading & RVA/VAs, but I don't know where to start.
Thank you!
I have to restore a hooked function, but I don't know what it was before hooking. So I can't just store it and restore later.
Could anyone help me how could I get the original starting bytes of a function from system DLL? Probably I have to struggle with file reading & RVA/VAs, but I don't know where to start.
Thank you!