Avatar fun
Win2K ACLs
After Effects: Corner Pin
soundsfix
flmonitor
The new server
WAV-aware doorbell
Airports
Bloodlines fix
Publishing iCal
Courier IMAP and daemontools
Perl pidfiles
Sponge cake
Fake Xinerama
 
Articles

Overriding DLL imports in FlashpointServer.exe

Editing the PE header

A very nifty tool called IIDKing (which can be downloaded from Programmer's Tools) allows editing of PE headers and the addition of entries in the import list.

Using IIDKing, we can add a link to the soundsfix DLL and its exported function _furrycat_CreateFileA@28.

IIDKing conveniently writes sample assembly code to call the new function:

call dword ptr [0074e0a8]

The hex equivalent of this is:

ff15a8e07400

Disassembling an unmodified FlashpointServer.exe reveals that CreateFileA() is called viz:

call dword ptr [006990bc]

The hex equivalent for this call is as follows:

ff15bc906900

The final step, therefore, is to load FlashpointServer.exe into a hex editor and replace all occurrences of ff15bc906900 with ff15a8e07400. The file is then patched!

Jump to a section

intro | part 1: Creating the DLL | part 2: Editing the PE header

Download soundsfix 1.91 code and source.