是否有可能钩到任何时间检索功能 [英] Is it possible to Hook into any time retrieving function
问题描述
我需要挂钩试图以产生对于不同的应用的时间独立的重放检索系统时间的任何功能。像伪随机数产生一些事件取决于调用时间(),但如一些人称之为timeGetTime()或_time64()。
I need to hook any function that tries to retrieve the system time in order to generate "time independent" replays for different applications. Some events like pseudorandom number generation depend on calls to time(), but for example some others call timeGetTime() or _time64().
什么是我需要挂钩(在Windows中)来捕获所有时间检索功能功能的最小集合。它实际上是可以勾上这些功能呢?我试图做到这一点的时间(),但我的钩被忽略。我已经成功挂钩的其他功能(如RAND),但我的时间()钩似乎被忽略。
What is the minimum set of functions that I would need to hook (in Windows) to catch all time retrieving functions. Is it actually possible to hook on these functions? I am trying to do it on time(), but my hook is being ignored. I have had success hooking to other functions (like rand) but my time() hook seems to be ignored.
我用的少走弯路,但我愿意用任何其它API拦截工具。
I am using Detours, but I am open to use any other API interception tool.
推荐答案
有关游戏的speedhacks',3 API的这通常是大呼过瘾是:
For game 'speedhacks', the 3 APIs which are usually hooked are:
- timeGetTime()
- GetTickCount()
- QueryPerformanceCounter()
大多数这些函数返回自系统启动或类似的东西的时候。在你的钩子,你需要决定你想要做什么。你可以:
Most of these functions return a time since the system started or something similar. In your hook, you need to decide what you want to do. You could:
- 始终返回一个静态时间
- 请为放缓或加速的时间常用的方法:
- 当你的DLL注入,需要一个初始时间(比如
init_time) - 每个目标调用你的时间函数的时候,你可以调用它可以帮助您在
REAL_TIME的真正功能的trampolined版本 - 您返回值会是这样的
init_time + 0.5 *(REAL_TIME-init_time)这将例如延缓时间缩短了一半
- 当你的DLL注入,需要一个初始时间(比如
- Always return a static time
- Do the common approach for 'slowing down' or 'speeding up' time:
- When your DLL is injected, take an initial time (say
init_time) - Each time the target calls your time function, you can call a trampolined version of the real function which gets you a
real_time - The value you return would be something like
init_time + 0.5*(real_time-init_time)which would slow time down by half for example
- When your DLL is injected, take an initial time (say
这篇关于是否有可能钩到任何时间检索功能的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
