Reloaded Hooks NextGen
Cross Platform, Cross Architecture re-implementation of Reloaded.Hooks.
🦀 Now in Crab 🦀
About
reloaded-hooks-rs is an enhanced port of the original Reloaded.Hooks (<= 4.3.0) to Rust.
This library is written as no_std. Currently support for Windows, Linux and macOS is provided
out of the box. That said, a lot of functionality is platform & architecture agnostic, hopefully making
porting easier.
Platform Support
| Platform | x86 | x86_64 |
|---|---|---|
| Windows | ✔️ | ✔️ |
| Linux | ✔️ | ✔️ |
| macOS | N/A * | ✔️ |
- Apple dropped support for x86 platforms entirely; you can't run x86 code at all.
The reloaded-hooks-rs code is not hardwired to any platform. For other platforms you can fill the
[pending] struct and provide appropriate function pointers; which would possibly make the library work
even in bare metal or embedded environments.
Architecture Support
Lists the currently available library features for different architectures.
| Feature | x86 & x64 | ARM64 |
|---|---|---|
| Basic Function Hooking | ✅ | ✅ |
| Code Relocation | ✅* | ✅ |
| Hook Stacking | ✅ | ✅ |
| Calling Convention Wrapper Generation | ✅ | ✅ |
| Optimal Wrapper Generation | ✅ | ✅ |
| Length Disassembler | ✅ | ✅ |
Bootstrapping a new architecture is not a difficult job!!
Please see Architecture Support Overview for porting guidance.
- x86 should work in all cases, but x64 isn't tested against all 5000+ instructions.
Feature Support
- Supports common OSes/platforms.
- Easy to integrate to new operating systems.
- Calling Convention Translation (e.g.
__stdcall->__fastcall). - Strong interoperability. (incl. Hook stacking)
- Parameter Injection (inject a 'context' parameter to your hooks).
- Branch rewriting.
- Mid function x86/x64 hooks (Cheat Engine style).
- Optimal code generation.
- For Relocated Code and Wrappers.
- Improved over the common hooking libraries (Minhook, Detours), especially for ARM64.
- (The author of this library is an anal optimization freak.)
Limitations
No IP Relocation
IP relocation is a thread safety technique employed by some libraries whereby all process' threads are stopped and any threads that are executing the prolog of the function that is being detoured at the same time have their instruction pointer overwritten to the hook.
This can only be done on some OSes that expose the relevant APIs.
For the project author's use case, this is not needed, however the project would happily accept a
PR for this functionality.
In practice this is very, very rarely a problem.
Caller Saved Registers Always saved in Entirety
This applies to calling convention wrappers generated by the library.
I've never seen this requirement in the wild, ever; usually for functions with this many parameters, they use standard ABI, but it's technically possible.
When generating wrappers between different calling conventions; the library preserves entire registers,
you can't for example specify 'please only preserve the upper 32-bits of register
Technical Questions
If you have questions/bug reports/etc. feel free to Open an Issue.
Happy Documenting ❤️