Hooking functions
in [Win32 API]
|
From: Erick Engelke on 6 Oct 2008 20:23 Years ago I used a Hooking library to hook system calls like CreateProcessW. I'd like to do that again. Does it work in modern versions of Windows or have MS killed that capability in their quest to clean up viruses? Erick Erick Engelke erick(a)uwaterloo.ca Manager of Networks and Systems Integration PHY-3013 Engineering Computing (519) 885-1211 x35893 University of Waterloo http://www.eng.uwaterloo.ca/~erick
From: Kerem Gümrükcü on 6 Oct 2008 23:51 Hi Erick, it still works, but if you operate in kernel, then you have to take care of many more things than in the past, so the same is valid for user mode functions and libraries, but "yes" it still works! See here: http://www.vista-files.org/programs/hooking-software/hook-api-sdk.html http://www.hook-api.com/ http://www.codeproject.com/KB/winsdk/0xF9EB_Hooking.aspx http://www.codeproject.com/KB/dotnet/EasyHook64.aspx In general www.codeproject.com has lots of examples for you. Check it out! Regards Kerem -- ----------------------- Beste Gr�sse / Best regards / Votre bien devoue Kerem G�mr�kc� Latest Project: http://www.codeplex.com/restarts Latest Open-Source Projects: http://entwicklung.junetz.de ----------------------- "This reply is provided as is, without warranty express or implied." "Erick Engelke" <erick(a)engmail.uwaterloo.ca> schrieb im Newsbeitrag news:20081006202203.X75094(a)engmail.uwaterloo.ca... > > Years ago I used a Hooking library to hook system calls like > CreateProcessW. > > I'd like to do that again. Does it work in modern versions of Windows or > have MS killed that capability in their quest to clean up viruses? > > Erick > > Erick Engelke erick(a)uwaterloo.ca > Manager of Networks and Systems Integration PHY-3013 > Engineering Computing (519) 885-1211 x35893 > University of Waterloo http://www.eng.uwaterloo.ca/~erick >
From: Greg on 7 Oct 2008 02:48 Erick Engelke wrote: > > Years ago I used a Hooking library to hook system calls like > CreateProcessW. > > I'd like to do that again. Does it work in modern versions of Windows > or have MS killed that capability in their quest to clean up viruses? Use Detours from MS.
From: memger on 7 Oct 2008 05:09 Greg wrote: > Erick Engelke wrote: >> >> Years ago I used a Hooking library to hook system calls like >> CreateProcessW. >> >> I'd like to do that again. Does it work in modern versions of Windows >> or have MS killed that capability in their quest to clean up viruses? > > Use Detours from MS. if you don't want to pay for the x64 version, you might want to try N-CodeHook. It's available from http://newgre.net/ncodehook
From: mikfig on 8 Oct 2008 18:54 Just a newbie win32 coder question? Are hooks what is used for programs like trainers, process managers, etc to "hook" onto a process? On Oct 7, 2:09 am, memger <Dr.Schwa...(a)evilscientists.de> wrote: > Greg wrote: > > Erick Engelke wrote: > > >> Years ago I used a Hooking library to hook system calls like > >> CreateProcessW. > > >> I'd like to do that again. Does it work in modern versions of Windows > >> or have MS killed that capability in their quest to clean up viruses? > > > Use Detours from MS. > > if you don't want to pay for the x64 version, you might want to try > N-CodeHook. It's available fromhttp://newgre.net/ncodehook
|
Next
|
Last
Pages: 1 2 Prev: OleCreatePictureIndirect doesn't like 32bpp icons?! Next: Help with SetupInstallFromInfSection |