I'm very sorry for the delay in responding.
"INJECT_ALLOW_THREAD flag" works !!!!
Thank you
Search found 24 matches
- Tue Jan 03, 2023 9:15 am
- Forum: madCodeHook
- Topic: Could we use the old version of CInjectLib64Func?
- Replies: 2
- Views: 5215
- Wed Jul 06, 2022 9:14 am
- Forum: madCodeHook
- Topic: Could we use the old version of CInjectLib64Func?
- Replies: 2
- Views: 5215
Could we use the old version of CInjectLib64Func?
Hello The hooking conflict problem has happened in our customer sites. After the other security software hooking some processes - for example, java.exe - , we can't hooking that. Although there is no error, our hooking dll can't be loaded to the process which is already injected by the other securit...
- Wed Jul 06, 2022 8:35 am
- Forum: madCodeHook
- Topic: [madCodeHook 4.2.0 or 4.1.3] Some excluded process are Injected
- Replies: 31
- Views: 38375
Re: [madCodeHook 4.2.0 or 4.1.3] Some excluded process are Injected
Hello~~
I'm very sorry for the late reply.
We have found the reason of this issue is our buggy-code which hooks "SetWindowsHookEx" API.
After hooking the API, our buggy-code makes the other hooking-operations slow down.
Thank you for your support.
I'm very sorry for the late reply.
We have found the reason of this issue is our buggy-code which hooks "SetWindowsHookEx" API.
After hooking the API, our buggy-code makes the other hooking-operations slow down.
Thank you for your support.
- Wed Nov 17, 2021 1:36 pm
- Forum: madCodeHook
- Topic: [madCodeHook 4.2.0 or 4.1.3] Some excluded process are Injected
- Replies: 31
- Views: 38375
Re: [madCodeHook 4.2.0 or 4.1.3] Some excluded process are Injected
.... we can rule that out after you've tested with C:\Windows\ instead *just a shot in the dark here* Also, does your system service load very early with a load order group? That might be another detail that can matter in this case potentially. Maybe you could share the exact params you're using fo...
- Tue Nov 16, 2021 11:44 am
- Forum: madCodeHook
- Topic: [madCodeHook 4.2.0 or 4.1.3] Some excluded process are Injected
- Replies: 31
- Views: 38375
Re: [madCodeHook 4.2.0 or 4.1.3] Some excluded process are Injected
Hello, I've just completed a series of EXCLUDE (not INCLUDE) tests with MCH Injection. I was not able to reproduce your issue at all, everything worked perfectly fine here. I tested in both Windows 7 x64 and Windows 10 x64. ...... --Iconic I have found how to reproduce my issue. This issue happens ...
- Mon Nov 08, 2021 10:28 am
- Forum: madCodeHook
- Topic: [madCodeHook 4.2.0 or 4.1.3] Some excluded process are Injected
- Replies: 31
- Views: 38375
Re: [madCodeHook 4.2.0 or 4.1.3] Some excluded process are Injected
LoadInjectionDriver('TestDriver', nil, 'DemoDriver64.sys'); ....... Which codes are more recommended? I'm using the B code. A. LoadInjectionDriver('TestDriver', nil, 'DemoDriver64.sys'); B. LoadInjectionDriver('TestDriver', 'DemoDriver32.sys', 'DemoDriver64.sys'); I'll check your recommending code....
- Fri Nov 05, 2021 10:26 am
- Forum: madCodeHook
- Topic: [madCodeHook 4.2.0 or 4.1.3] Some excluded process are Injected
- Replies: 31
- Views: 38375
Re: [madCodeHook 4.2.0 or 4.1.3] Some excluded process are Injected
This issue is because your DLL is not signed by Microsoft most likely, that's the policy that is very clear to me. --Iconic I'll check it right away. Thank you. Despite of my dll & sys are signed by Microsoft, chrome injection failure issue is not solved. 036.png Other Injection ( e.g. notepad....
- Fri Nov 05, 2021 2:11 am
- Forum: madCodeHook
- Topic: [madCodeHook 4.2.0 or 4.1.3] Some excluded process are Injected
- Replies: 31
- Views: 38375
- Thu Nov 04, 2021 9:51 am
- Forum: madCodeHook
- Topic: [madCodeHook 4.2.0 or 4.1.3] Some excluded process are Injected
- Replies: 31
- Views: 38375
- Thu Nov 04, 2021 9:11 am
- Forum: madCodeHook
- Topic: [madCodeHook 4.2.0 or 4.1.3] Some excluded process are Injected
- Replies: 31
- Views: 38375
Re: [madCodeHook 4.2.0 or 4.1.3] Some excluded process are Injected
I have found another serious issue. When using the "pIncludeMask" with "chrome.exe" , the partial injection failure happens always. - Win 10 x64 environment - Chrome version: 95.0.4638.54 ( latest version ) > (BOOL) InjectLibraryW( > MyDriverName, // LPCWSTR pDriverName, > MyLibF...
- Thu Nov 04, 2021 8:57 am
- Forum: madCodeHook
- Topic: [madCodeHook 4.2.0 or 4.1.3] Some excluded process are Injected
- Replies: 31
- Views: 38375
Re: [madCodeHook 4.2.0 or 4.1.3] Some excluded process are Injected
1) A. In the moment when you call InjectLibrary, madCodeHook loops through all already running processes and injects every one. B. The madCodeHook injection driver takes care of automatically injecting into any newly created processes. Can you please double check if both ways are affected by this p...
- Tue Nov 02, 2021 12:36 am
- Forum: madCodeHook
- Topic: [madCodeHook 4.2.0 or 4.1.3] Some excluded process are Injected
- Replies: 31
- Views: 38375
Re: [madCodeHook 4.2.0 or 4.1.3] Some excluded process are Injected
@lovenamu: Maybe in the meanwhile, until we can test and reproduce your issue, you might want to call GetModuleFileName(NULL, .., .., ..) inside the injected process to retrieve the process name and if it's RuntimeBroker.exe you can return FALSE in DLLMain(), that way your DLL, while still injected...
- Tue Nov 02, 2021 12:34 am
- Forum: madCodeHook
- Topic: [madCodeHook 4.2.0 or 4.1.3] Some excluded process are Injected
- Replies: 31
- Views: 38375
- Fri Oct 29, 2021 6:25 am
- Forum: madCodeHook
- Topic: [madCodeHook 4.2.0 or 4.1.3] Some excluded process are Injected
- Replies: 31
- Views: 38375
[madCodeHook 4.2.0 or 4.1.3] Some excluded process are Injected
Hello My problem is that some excluded processes are injected. - OS : Windows 10 64bit ( 1903 ) - madCodeHook: 4.2.0 or 4.1.3 My code is like as below: (BOOL) InjectLibraryW( MyDriverName, // LPCWSTR pDriverName, MyLibFileName, // LPCWSTR pLibFileName, ALL_SESSIONS, // DWORD dwSession, INJECT_SYSTEM...
- Thu Jan 17, 2019 8:38 am
- Forum: madCodeHook
- Topic: [4.1.2 Problem][RuntimeBroker.exe Process]Injection Failed
- Replies: 6
- Views: 149652
Re: [4.1.2 Problem][RuntimeBroker.exe Process]Injection Fail
Great!!! It works.
Thank you.
Thank you.