Figure 4- 6 CFunction
Figure 4- 7 ShortCFunction
This approach of symbol locating applies to all kinds of symbols. In the beginning stage, we
suggest you keep in mind that a symbol and its corresponding function name are different, while
ignore the hows and whys. During your whole process of studying reverse engineering, the
concept of symbol will imperceptibly goes into your knowledge system, thus there is no need to
push it for now.
-^ The writing pattern of MSHookFunction
The 3 parameters of MSHookFunction are: the original function to be hooked/replaced, the
replacement function, and the original function saved by MobileHooker. Just like Sherlock
Holmes needs Dr. Watson’s assistance, MSHookFunction doesn’t work alone, it only functions
with a conventional writing pattern, shown as follows:
#import <substrate.h>returnType (*old_symbol)(args);returnType new_symbol(args)
{
// Whatever
}