Search found 109 matches

by jonny_valentine
Thu Nov 08, 2018 11:39 am
Forum: madCodeHook
Topic: Share data between C# and Delphi with madshi IPC
Replies: 28
Views: 18049

Re: Share data between C# and Delphi with madshi IPC

Hi madshi, Any progress for this issue ? Just to let you know that it is completely possible to use the IPC between (any language) c++ DLL and c# application as i use it already. Its not easy to push callbacks of this nature into c#, you need to be 3l1t3 ;) There is no bug with the MCH/SendIPC syst...
by jonny_valentine
Wed Apr 13, 2016 4:23 pm
Forum: madCodeHook
Topic: Loading Driver Failed Err193 [SOLVED: wrong madconfdrv]
Replies: 6
Views: 4299

Re: Loading Driver Failed Error 193

OK, I tried without signing the .sys file to make sure it was the certificate (I removed the requirement for drivers to be signed inside the OS).. still had error 193, bad image meaning it was not the certificate at fault.. then i realised what the problem was!!! As usual its the customers fault. I ...
by jonny_valentine
Wed Apr 13, 2016 2:37 pm
Forum: madCodeHook
Topic: Loading Driver Failed Err193 [SOLVED: wrong madconfdrv]
Replies: 6
Views: 4299

Re: Loading Driver Failed Error 193

Its SHA1. I understand, signing problems are not your problem.. I agree. I'm not actually sure its a signing problem, but its the only reason left. I have never had problems with signing since the driver was introduced. I don't see why customers have problems unless they don't understand code signin...
by jonny_valentine
Wed Apr 13, 2016 1:05 pm
Forum: madCodeHook
Topic: Loading Driver Failed Err193 [SOLVED: wrong madconfdrv]
Replies: 6
Views: 4299

Re: Loading Driver Failed Error 193

Yes, that works... but i notice your 32bit .sys file is exactly 4,096 bytes smaller than my .sys file... do you think this is the problem? I used your DLL Injector project to 'install' the driver all with default names etc, which fails to install on x32. Today we tested on physical win7 32bit sp1, a...
by jonny_valentine
Tue Apr 12, 2016 3:54 pm
Forum: madCodeHook
Topic: Loading Driver Failed Err193 [SOLVED: wrong madconfdrv]
Replies: 6
Views: 4299

Loading Driver Failed Err193 [SOLVED: wrong madconfdrv]

Driver installation and dll injection works on all machines, Windows 10, 64 and 32bit. But when testing on Hyper-V, Win7,8.1 and 10.. the driver will not install and GetLastError() returns error 193, indicating Bad Image Format. In the event logs it says "The HookProcessCreationDemoDriver faile...
by jonny_valentine
Tue Apr 12, 2016 1:53 pm
Forum: madCodeHook
Topic: Windows 10 SearchUI.exe
Replies: 23
Views: 26798

Re: Windows 10 SearchUI.exe

Just to confirm this is an issue and so far the only way to update/replace hook dll's that are trapped inside the suspended process is to destroy the process; which is ok because windows just starts the process again. Still annoying though.
by jonny_valentine
Fri Feb 12, 2016 4:28 pm
Forum: madCodeHook
Topic: Win10, VS2015 - Unresolved External Symbols (RESOLVED)
Replies: 1
Views: 7477

Win10, VS2015 - Unresolved External Symbols (RESOLVED)

For those who have the latest version of VS2015 on Windows 10, it seems a bunch of functions were deprecated that have been referenced in Madshi's Libs. This is because the madchookX.lib's were compiled using an older version of VS - they cannot be recompiled under vs2015 otherwise it may not suppor...
by jonny_valentine
Sun Sep 19, 2010 10:05 pm
Forum: madCodeHook
Topic: How to install ONLY 32 bit driver on 64 bit OS?
Replies: 1
Views: 1452

You must install the 64bit driver on a 64bit OS to inject 32bit dll into 32bit process.

You do not have to inject 64bit dll on 64bit OS though, you can choose to inject 32bit dll only - but you still have to use the 64bit driver.
by jonny_valentine
Wed Sep 01, 2010 2:36 pm
Forum: madCodeHook
Topic: Execute some process as administraor privilege under Limited
Replies: 4
Views: 2250

You cannot run an application as administrator when logged in as a limited user (well you can but it can be abused). You can either right click the shortcut to your application and 'run as' or use the runas command. You are better doing a windows service and have an application that can talk to the ...
by jonny_valentine
Mon Aug 30, 2010 10:36 pm
Forum: madCodeHook
Topic: Ansi function calls
Replies: 2
Views: 1563

Usually called by legacy applications but any application can call the ansi function i think?
The Unicode functions are normally called these days to support Wide 'word' length.. like long folder paths etc -useful for multi-language support.
by jonny_valentine
Mon Aug 30, 2010 5:35 pm
Forum: madCodeHook
Topic: About Ipc Communication
Replies: 1
Views: 1622

Add WINAPI to the IPCcallback?
Should SendIPCMessage be strlen(message) not sizeof(message)??
by jonny_valentine
Mon Aug 30, 2010 4:45 pm
Forum: madCodeHook
Topic: Execute some process as administraor privilege under Limited
Replies: 4
Views: 2250

Modify the Application Manifest:

<requestedExecutionLevel level="requireAdministrator" uiAccess="false" />
by jonny_valentine
Mon Aug 30, 2010 4:42 pm
Forum: madCodeHook
Topic: FAIL InjectLibrary 32bit DLL on WIN7 x64
Replies: 5
Views: 5018

The problem is with the driver, you must sign the driver and the dll's. Please stop the driver and uninstall first, then try again.
The driver must be signed with a chain certificate from MS.
by jonny_valentine
Mon May 24, 2010 10:30 am
Forum: madCodeHook
Topic: Madshi, elimination of kernel driver?
Replies: 8
Views: 10081

I completely agree with Madshi on this, sorry iconic... i think its much better having the kernel method. The signing of the driver is a pain for debugging, but a simple batch script makes it easy enough. The signing also means its a lot easier to identify malware... how many malware sign their file...
by jonny_valentine
Mon Jan 25, 2010 7:31 pm
Forum: madCodeHook
Topic: Using MadCodeHook in an Layered Service Provider solution?
Replies: 5
Views: 3166

DCsoft may be able to help better here, however in my opinion, Hooking with MCH is a lot easier than LSP... MCH is designed for this kind of thing, plus like David says, LSP can easily mess up and cause problems with your PC... MCH can also, but just play around with User processes only and restart ...