|
|
#2
04-22-2005, 00:52
|
|||
|
|||
|
Of course. It depends if you want global hook or hook only in your app context. There is plenty of tutorials around. Its somewhat easier to do hooking in WinNt systems. In 9x there is few problems. You can hook a procedure dynamicly and on another application.
Allocate memory in remote process with VirtualAllocEx. Write your code and data with WriteProcessMemory. Execute your code that will set up the hook with CreateRemoteThread. In win9x VirtualAllocEx and CreateRemoteThread procedures dont exist. Now on hooking. What you need to do is: 1. find start address of your api function 2. gain write access to it (VirtualProtectEx in NT, in 9x there is an undocumented way...) 3. write a jump to your code (jmp MyCode) Thats it. Then you can restore read bytes of hooked procedure and execute it and return value you wanted... I hope this helps... 
|
| Thread Tools | |
| Display Modes | |
|
|
Similar Threads
|
||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| .NET dll hooking | Avi_RE | General Discussion | 10 | 09-28-2023 07:09 |
| Windows Api Hooking | user1 | Source Code | 12 | 12-24-2022 09:57 |
| Hooking WMI (.NET Application) | aldente | General Discussion | 12 | 08-07-2012 01:32 |
| API-hooking | MaRKuS-DJM | General Discussion | 11 | 03-25-2005 13:27 |
Threaded Mode