heyhey, gotta small question (as usual)
After a DLL has been injected, is it possible to hijack a function in another DLL and point the old function to another one in the DLL that has been injected ?
If I compile a DLL, which contains a function with the exact same arguments and return values as lets say for example the messagebox function from the user32.dll, can I fool the program that's being MHS'd into running my function from the injected DLL instead of the regular messagebox function ? Further then that, is it possible to only run the custom function on certain occasions (when certain condition are true for example).
Are there any LSS functions available to do this ? Would breakpointing and scripting around the GetProcAddress function allow me to send the address of my function instead of the original function ?
(and when is this GetProcAddress function called ? when the DLL is originally loaded or each time the function is called ?)