How does the detour crate work?

Follow me on Mastodon: https://hachyderm.io/@fasterthanlime Support me on Patreon or GitHub: https://fasterthanli.me/donate We want to hook a function, so that our code gets called... but we also want the original code to execute. How the heck does that work? 00:00 Where were we 02:08 Disassembling for fun and profit 05:47 Double buffering, for some reason 07:25 Why detouring isn't trivial 08:56 Control flow in assembly 10:04 Registers and the AMD64 ABI 11:18 Functions and how to call them 13:14 The JMP instruction 14:01 Simple obfuscation techniques 15:13 How it all works 17:53 Homework assignment 18:12 Outtakes