Hi evrybdy!

I am a lil confuzd 'bout adding functionality to RASAPI32.DLL. What I'm trying to do is this;

I want to store entered username and password to a file(when 'Connect'-button at the Dialup DlgBox is clicked). Using SICE, i found out that at virtual-address 7F892D5A, ECX contains the password. Before this there is a call to GetDlgItemTextA. Similarly I found the VA where UserName is stored. I also found the cave for adding my own code at file-offset=0002158E(.text)
or at VA 7F8A158E. Now what I know is this: I know where in memory values are stored, and i know where can my add my own code. Now how can I hijack code from 7F892D5A to my own cave, and what must I do to write memory contents to a file? I think I'll have to use CreateFileA and WriteFile. But how? Can anybody guide me?

Thnx in advance.

Before you hijack and cause terror, you must be sure that your virtual address (7F892D5A) belongs to a routine which doesn't get called from other points in RASAPI32. You will do some funny damage if you start writing files on your hard disk whenever that routine gets called...

Peres

Thanx Peres!

This routine is called once only, when Connect-button is hit. So what next?
Can u tell me precisely, what am i supposed to do? I mean, my own thought post-mortem procedure was: Jumping from 7F892D5A(push ecx) to my cave,Writing ECX contents to a file, restore disturbed instructions(because of jump to cave) and jump back. Is'nt that what I'm supposed to do?

Your idea is right, but you should first determine what you need in order to support your brand-new routine. You could need room for globals as well as new import functions. Just write some code using CreateFile and such - as you said in your first post - and you'll see.

Peres