Search found 21 matches

by chaos072
Fri Feb 14, 2020 7:54 am
Forum: madCodeHook
Topic: WSL(Windows Subsystem for Linux) hooking?
Replies: 1
Views: 3246

WSL(Windows Subsystem for Linux) hooking?

Hi Can I hook the file I/O APIs in WSL(Windows Subsystem for Linux)? For example when Ubunbu is installed on Windows 10 and "ls" command is issued, I'd like to hook the file I/O APIs. According to MSDN, the system calls on Linux is converted to the native Windows API by lxss.sys and lxcore...
by chaos072
Sat Feb 03, 2018 5:05 pm
Forum: madCodeHook
Topic: Black screen issue when "Fast Startup" is enabled.
Replies: 9
Views: 8199

Re: Black screen issue when "Fast Startup" is enabled.

I moved SHGetFolderPath() from hook dll to hook application(exe). And whenever hook dll needs to call SHGetFolderPath() it sends a request to hook application via MCH IPC.

And now everything works well.

Thank you madshi and iconic.
by chaos072
Fri Feb 02, 2018 3:55 pm
Forum: madCodeHook
Topic: Black screen issue when "Fast Startup" is enabled.
Replies: 9
Views: 8199

Re: Black screen issue when "Fast Startup" is enabled.

Here's what I've found out so far. "Shell32.dll" causes dwm.exe to malfunction for some reason. If my hook dll is dependent on Shell32.dll staticlly, when dwm.exe is injected my hook dll, Shell32.dll is loaded automatically and the black screen issue I mentioned occurs. So If I change my h...
by chaos072
Thu Feb 01, 2018 7:17 am
Forum: madCodeHook
Topic: Black screen issue when "Fast Startup" is enabled.
Replies: 9
Views: 8199

Re: Black screen issue when "Fast Startup" is enabled.

After revmoing all statically linked libs(including madCodeHook lib), unused headers and c/c++ files from the dll, the black screen issue never happens.

I'll find out what caused the problem and leave the result soon.
by chaos072
Thu Feb 01, 2018 5:12 am
Forum: madCodeHook
Topic: Black screen issue when "Fast Startup" is enabled.
Replies: 9
Views: 8199

Re: Black screen issue when "Fast Startup" is enabled.

1) Yes, I mean shutting down the computer by clicking Windows start button -> shutdown menu. 2) Yes, the hooking application is restored from hibernated state to running state again. So its process ID is not changed and I'm not calling InjectLibrary() again. 3) I've not tried that. My dll(which is i...
by chaos072
Tue Jan 30, 2018 4:53 am
Forum: madCodeHook
Topic: Black screen issue when "Fast Startup" is enabled.
Replies: 9
Views: 8199

Re: Black screen issue when "Fast Startup" is enabled.

Update:

The cause was C:\Windows\System32\dwm.exe.

This process is classifed as "user process" by MCH. When I exclude this process explicitly in InjectLibrary, black screen does not appear.
by chaos072
Mon Jan 29, 2018 2:01 am
Forum: madCodeHook
Topic: Black screen issue when "Fast Startup" is enabled.
Replies: 9
Views: 8199

Black screen issue when "Fast Startup" is enabled.

I have an issue when injecting a dll into user processes. When Windows 10's fast startup is enabled, after turning on Windows, black screen is shown. 1. My hooking application(.exe) is launched by a Windows Service application. That is to say my service process(exe) launches my hooking application(e...
by chaos072
Fri Oct 21, 2016 12:32 am
Forum: madCodeHook
Topic: SendIpcMessage() issue on Windows 7(32/64bit)
Replies: 3
Views: 2716

Re: SendIpcMessage() issue on Windows 7(32/64bit)

I've figured it out. It turns out that the implementation of SendIpcMessage() in Windows 7 conflicts with NtOpenProcess() hooking.

In my NtOpenProcess() hook function I blocked opening my exe process and that was the cause.

Thank you..
by chaos072
Thu Oct 20, 2016 6:57 am
Forum: madCodeHook
Topic: SendIpcMessage() issue on Windows 7(32/64bit)
Replies: 3
Views: 2716

SendIpcMessage() issue on Windows 7(32/64bit)

I've found a SendIpeMessage() bug on Windows 7(32/64bit). I'm using madCodeHook v3.1.13 In a hook dll, I call SendIpcMessage() like this: OutputDebugString(L"IPC Start"); SendIpcMessage("MyIpcName", (void*)&requestMessage[0], requestMessage.size(), &responseBuffer[0], siz...
by chaos072
Tue Aug 25, 2015 1:59 am
Forum: madCodeHook
Topic: madConfigDrv.exe bug on Windows 10
Replies: 2
Views: 2350

Re: madConfigDrv.exe bug on Windows 10

Thank you madshi.

I've found the cause and resolved the problem.

madConfigDrv.exe was not the cause. Wrong signtool.exe was called.

Thank you..
by chaos072
Mon Aug 24, 2015 8:40 am
Forum: madCodeHook
Topic: madConfigDrv.exe bug on Windows 10
Replies: 2
Views: 2350

madConfigDrv.exe bug on Windows 10

Hi, I've found some weird bug in madConfigDrv.exe. To reproduct the bug: * Development environment: Windows 10, x64 machine, Visual Studio 2015(SP5) 1) Set up a Win32 empty project on Windows 10 and Visual Studio 2015(SP5). 2) In Post Build Event, set madConfigDrv.exe script(e.g. madConfigDrv.exe Xx...
by chaos072
Tue Sep 30, 2014 6:07 am
Forum: madCodeHook
Topic: Injecting a dll into services.exe in Win 8.1
Replies: 5
Views: 10225

Injecting a dll into services.exe in Win 8.1

Hi..

Injecting a dll into "services.exe" process in Windows 8.1 seems to be problematic.

InjectLibrary() returns true, but the dll is not loaded into services.exe.

But the same code works perfectly in Windows 7/XP.

Is there any way to work around this issue?

Thanks..
by chaos072
Thu Nov 07, 2013 8:53 am
Forum: madCodeHook
Topic: Hooking connect() api for IE11?
Replies: 1
Views: 2991

Hooking connect() api for IE11?

Hi.. I'm trying to hook connect() api for Internet Explorer 11 on Windows 8.1, but I can't figure out what API IE11 uses to connect to foreign hosts. I've tried connect(), ConnectEx(), WSAConnect(), WSAConnectByNameA(), WSAConnectByNameW() and WSAConnectByList() without any luck. I know this is not ...
by chaos072
Tue Jul 16, 2013 12:47 pm
Forum: madCodeHook
Topic: Chrome freezes after being hooked.
Replies: 3
Views: 3314

Re: Chrome freezes after being hooked.

1. The problem also occurs when the DebugOutputString() lines are removed.

2. I have reproduced the problem with your PrintMonitor demo. See the attached screenshot.
by chaos072
Tue Jul 16, 2013 9:08 am
Forum: madCodeHook
Topic: Chrome freezes after being hooked.
Replies: 3
Views: 3314

Chrome freezes after being hooked.

I found a very weird problem. Chrome web browser freezes after being hooked. Here's the source code for DLL: #define WIN32_LEAN_AND_MEAN #include <Windows.h> #include <WinSock2.h> #include "madCHook.h" static int (WINAPI *CloseSocketNext)(SOCKET s); static int WINAPI OnCloseSocketCalled1(S...